diff --git a/CMakeLists.txt b/CMakeLists.txt index ac28ef13..ef69682f 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -18,6 +18,8 @@ cmake_minimum_required(VERSION 3.14.0) project(crypto C) +#set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fsanitize=address") + # # CUSTOM PATH Definiton # diff --git a/include/crypto.h b/include/crypto.h index 6f94d1c1..1e5ccd51 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -49,7 +49,7 @@ ** Crypto Version */ #define CRYPTO_LIB_MAJOR_VERSION 1 -#define CRYPTO_LIB_MINOR_VERSION 3 +#define CRYPTO_LIB_MINOR_VERSION 4 #define CRYPTO_LIB_REVISION 1 #define CRYPTO_LIB_MISSION_REV 0 @@ -329,7 +329,9 @@ extern CamConfig_t *cam_config; extern GvcidManagedParameters_t *gvcid_managed_parameters; extern GvcidManagedParameters_t *current_managed_parameters; extern GvcidManagedParameters_t gvcid_managed_parameters_array[GVCID_MAX_PARAM_SIZE]; -extern GvcidManagedParameters_t current_managed_parameters_struct; +extern GvcidManagedParameters_t tc_current_managed_parameters_struct; +extern GvcidManagedParameters_t tm_current_managed_parameters_struct; +extern GvcidManagedParameters_t aos_current_managed_parameters_struct; extern int gvcid_counter; extern KeyInterface key_if; extern McInterface mc_if; diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 004fe41c..c8c523ad 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -128,12 +128,13 @@ endif() # Create the app module if(DEFINED CFE_SYSTEM_PSPNAME) - set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/cpu${TGTSYS_${SYSVAR}}/${INSTALL_SUBDIR}") + set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/${TGTSYS_${SYSVAR}}/${INSTALL_SUBDIR}") add_cfe_app(crypto ${LIB_SRC_FILES}) target_include_directories(crypto PUBLIC ../include) else() # Standalone build add_library(crypto SHARED ${LIB_SRC_FILES}) + target_include_directories(crypto PUBLIC ../include) endif() if(CRYPTO_LIBGCRYPT) @@ -159,23 +160,25 @@ endif() file(GLOB CRYPTO_INCLUDES ../include/*.h) set_target_properties(crypto PROPERTIES PUBLIC_HEADER "${CRYPTO_INCLUDES}") +file(GLOB CRYPTO_INCLUDES ../support/standalone/*.h) +set_target_properties(crypto PROPERTIES PUBLIC_HEADER "${CRYPTO_INCLUDES}") # This causes the library to be installed as libcryptolib.so while still being # referred to as crypto from CMake. Without this, the library filename would be # libcrypto.so which would conflict with openssl set_target_properties(crypto PROPERTIES OUTPUT_NAME "cryptolib") add_custom_command(TARGET crypto POST_BUILD - COMMAND ${CMAKE_COMMAND} -E copy $ ${PROJECT_BINARY_DIR}/lib/libcrypto.so - COMMENT "Created ${PROJECT_BINARY_DIR}/lib/libCrypto.so" + COMMAND ${CMAKE_COMMAND} -E copy $ ${PROJECT_BINARY_DIR}/libcryptolib.so + COMMENT "Created ${PROJECT_BINARY_DIR}/libcryptolib.so" ) if(DEFINED CFE_SYSTEM_PSPNAME) install(TARGETS crypto DESTINATION ${CMAKE_INSTALL_PREFIX}/${TGTSYS_${SYSVAR}}/${INSTALL_SUBDIR} - PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_PREFIX}/host) + PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_PREFIX}/include) else() install(TARGETS crypto - DESTINATION ${CMAKE_INSTALL_PREFIX}/lib + DESTINATION ${CMAKE_INSTALL_PREFIX}/ PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_PREFIX}/include) endif() diff --git a/src/core/crypto.c b/src/core/crypto.c index 23d10e72..68594993 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -1447,8 +1447,8 @@ int32_t Crypto_Get_Security_Trailer_Length(SecurityAssociation_t *sa_ptr) **/ void Crypto_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr) { - if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF || - current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + if (tm_current_managed_parameters_struct.has_ocf == TM_HAS_OCF || + aos_current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) { Telemetry_Frame_Ocf_Fsr_t temp_report; byte_idx += (pdu_len + sa_ptr->stmacf_len); diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index a98f0673..dc52b9d7 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -119,7 +119,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) } status = Crypto_Get_Managed_Parameters_For_Gvcid(tfvn, scid, vcid, gvcid_managed_parameters_array, - ¤t_managed_parameters_struct); + &aos_current_managed_parameters_struct); // No managed parameters found if (status != CRYPTO_LIB_SUCCESS) @@ -131,8 +131,8 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) return status; } - if ((len_ingest < current_managed_parameters_struct.max_frame_size) && (sa_ptr->ecs != CRYPTO_CIPHER_AES256_CBC) && - (sa_ptr->ecs != CRYPTO_CIPHER_AES256_CBC_MAC)) + if ((len_ingest < aos_current_managed_parameters_struct.max_frame_size) && + (sa_ptr->ecs != CRYPTO_CIPHER_AES256_CBC) && (sa_ptr->ecs != CRYPTO_CIPHER_AES256_CBC_MAC)) { status = CRYPTO_LIB_ERR_AOS_FL_LT_MAX_FRAME_SIZE; mc_if->mc_log(status); @@ -140,9 +140,9 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) } else if ((sa_ptr->ecs == CRYPTO_CIPHER_AES256_CBC) || (sa_ptr->ecs == CRYPTO_CIPHER_AES256_CBC_MAC)) { - if ((current_managed_parameters_struct.max_frame_size - len_ingest) <= 16) + if ((aos_current_managed_parameters_struct.max_frame_size - len_ingest) <= 16) { - cbc_padding = current_managed_parameters_struct.max_frame_size - len_ingest; + cbc_padding = aos_current_managed_parameters_struct.max_frame_size - len_ingest; } else { @@ -158,19 +158,19 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) ** Special case for CBC mode ciphers that require padding */ if ((sa_ptr->ecs == CRYPTO_CIPHER_AES256_CBC || sa_ptr->ecs == CRYPTO_CIPHER_AES256_CBC_MAC) && - (current_managed_parameters_struct.max_frame_size - len_ingest) <= 16) + (aos_current_managed_parameters_struct.max_frame_size - len_ingest) <= 16) { // For CBC mode, allow frames that are slightly shorter to account for padding - cbc_padding = current_managed_parameters_struct.max_frame_size - len_ingest; + cbc_padding = aos_current_managed_parameters_struct.max_frame_size - len_ingest; #ifdef AOS_DEBUG printf(KYEL "CBC padding of %d bytes will be applied\n" RESET, cbc_padding); #endif } - else if ((current_managed_parameters_struct.max_frame_size - len_ingest) != 0) + else if ((aos_current_managed_parameters_struct.max_frame_size - len_ingest) != 0) { #ifdef AOS_DEBUG printf(KRED "Frame length %d does not match required fixed length %d\n" RESET, len_ingest, - current_managed_parameters_struct.max_frame_size); + aos_current_managed_parameters_struct.max_frame_size); #endif status = CRYPTO_LIB_ERR_AOS_FL_LT_MAX_FRAME_SIZE; mc_if->mc_log(status); @@ -179,7 +179,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) #ifdef AOS_DEBUG printf(KYEL "AOS BEFORE Apply Sec:\n\t" RESET); - for (int16_t i = 0; i < current_managed_parameters_struct.max_frame_size - cbc_padding; i++) + for (int16_t i = 0; i < aos_current_managed_parameters_struct.max_frame_size - cbc_padding; i++) { printf("%02X", pTfBuffer[i]); } @@ -250,7 +250,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) idx = 6; // Detect if optional 2 byte FHEC is present - if (current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC) + if (aos_current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC) { #ifdef AOS_DEBUG printf(KYEL "Calculating FHECF...\n" RESET); @@ -263,15 +263,15 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) // Detect if optional variable length Insert Zone is present // Per CCSDS 732.0-B-4 Section 4.1.3, Insert Zone is optional but fixed length for a physical channel - if (current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ) + if (aos_current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ) { // Section 4.1.3.2 - Validate Insert Zone length - if (current_managed_parameters_struct.aos_iz_len <= 0) + if (aos_current_managed_parameters_struct.aos_iz_len <= 0) { status = CRYPTO_LIB_ERR_INVALID_AOS_IZ_LENGTH; #ifdef AOS_DEBUG printf(KRED "Error: Invalid Insert Zone length %d. Must be between 1 and 65535 octets.\n" RESET, - current_managed_parameters_struct.aos_iz_len); + aos_current_managed_parameters_struct.aos_iz_len); #endif mc_if->mc_log(status); return status; @@ -280,10 +280,11 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) // Section 4.1.3.2.3 - All bits of the Insert Zone shall be set by the sending end // Based on the managed parameter configuration, we're not modifying the Insert Zone contents #ifdef AOS_DEBUG - printf(KYEL "Insert Zone present with length %d octets\n" RESET, current_managed_parameters_struct.aos_iz_len); + printf(KYEL "Insert Zone present with length %d octets\n" RESET, + aos_current_managed_parameters_struct.aos_iz_len); #endif - idx += current_managed_parameters_struct.aos_iz_len; + idx += aos_current_managed_parameters_struct.aos_iz_len; } // Idx is now at SPI location @@ -402,9 +403,9 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) **/ data_loc = idx; // Calculate size of data to be encrypted - pdu_len = current_managed_parameters_struct.max_frame_size - idx - sa_ptr->stmacf_len; + pdu_len = aos_current_managed_parameters_struct.max_frame_size - idx - sa_ptr->stmacf_len; - if (current_managed_parameters_struct.max_frame_size < idx - sa_ptr->stmacf_len) + if (aos_current_managed_parameters_struct.max_frame_size < idx - sa_ptr->stmacf_len) { status = CRYPTO_LIB_ERR_AOS_FRAME_LENGTH_UNDERFLOW; mc_if->mc_log(status); @@ -412,16 +413,16 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) } // Check other managed parameter flags, subtract their lengths from data field if present - if (current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + if (aos_current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) { pdu_len -= 4; } - if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) + if (aos_current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { pdu_len -= 2; } - if (current_managed_parameters_struct.max_frame_size < pdu_len) + if (aos_current_managed_parameters_struct.max_frame_size < pdu_len) { status = CRYPTO_LIB_ERR_AOS_FRAME_LENGTH_UNDERFLOW; mc_if->mc_log(status); @@ -432,15 +433,15 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) printf(KYEL "Data location starts at: %d\n" RESET, idx); printf(KYEL "Data size is: %d\n" RESET, pdu_len); printf(KYEL "Index at end of SPI is: %d\n", idx); - if (current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + if (aos_current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) { // If OCF exists, comes immediately after MAC printf(KYEL "OCF Location is: %d" RESET, idx + pdu_len + sa_ptr->stmacf_len); } - if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) + if (aos_current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { // If FECF exists, comes just before end of the frame - printf(KYEL "FECF Location is: %d\n" RESET, current_managed_parameters_struct.max_frame_size - 2); + printf(KYEL "FECF Location is: %d\n" RESET, aos_current_managed_parameters_struct.max_frame_size - 2); } #endif @@ -732,7 +733,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) #endif // Handle OCF (Operational Control Field) per CCSDS 732.0-B-4 Section 4.1.4 - if (current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + if (aos_current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) { // Section 4.1.4.2 - OCF is always 4 octets uint16_t ocf_location = idx + pdu_len + sa_ptr->stmacf_len; @@ -762,28 +763,28 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) **/ // Only calculate & insert FECF if CryptoLib is configured to do so & gvcid includes FECF. - if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) + if (aos_current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { #ifdef FECF_DEBUG - printf(KCYN "Calcing FECF over %d bytes\n" RESET, current_managed_parameters_struct.max_frame_size - 2); + printf(KCYN "Calcing FECF over %d bytes\n" RESET, aos_current_managed_parameters_struct.max_frame_size - 2); #endif if (crypto_config.crypto_create_fecf == CRYPTO_AOS_CREATE_FECF_TRUE) { - new_fecf = Crypto_Calc_FECF((uint8_t *)pTfBuffer, current_managed_parameters_struct.max_frame_size - 2); - pTfBuffer[current_managed_parameters_struct.max_frame_size - 2] = (uint8_t)((new_fecf & 0xFF00) >> 8); - pTfBuffer[current_managed_parameters_struct.max_frame_size - 1] = (uint8_t)(new_fecf & 0x00FF); + new_fecf = Crypto_Calc_FECF((uint8_t *)pTfBuffer, aos_current_managed_parameters_struct.max_frame_size - 2); + pTfBuffer[aos_current_managed_parameters_struct.max_frame_size - 2] = (uint8_t)((new_fecf & 0xFF00) >> 8); + pTfBuffer[aos_current_managed_parameters_struct.max_frame_size - 1] = (uint8_t)(new_fecf & 0x00FF); } else // CRYPTO_TC_CREATE_FECF_FALSE { - pTfBuffer[current_managed_parameters_struct.max_frame_size - 2] = (uint8_t)0x00; - pTfBuffer[current_managed_parameters_struct.max_frame_size - 1] = (uint8_t)0x00; + pTfBuffer[aos_current_managed_parameters_struct.max_frame_size - 2] = (uint8_t)0x00; + pTfBuffer[aos_current_managed_parameters_struct.max_frame_size - 1] = (uint8_t)0x00; } idx += 2; } #ifdef AOS_DEBUG printf(KYEL "Printing new AOS frame:\n\t"); - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { printf("%02X", pTfBuffer[i]); } @@ -873,7 +874,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 // Lookup-retrieve managed parameters for frame via gvcid: status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); if (status != CRYPTO_LIB_SUCCESS) { @@ -886,7 +887,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 // Increment to end of Primary Header start, depends on FHECF presence byte_idx = 6; - if (current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC) + if (aos_current_managed_parameters_struct.aos_has_fhec == AOS_HAS_FHEC) { uint16_t recieved_fhecf = (((p_ingest[aos_hdr_len] << 8) & 0xFF00) | (p_ingest[aos_hdr_len + 1] & 0x00FF)); #ifdef AOS_DEBUG @@ -910,15 +911,15 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 // Detect if optional variable length Insert Zone is present // Per CCSDS 732.0-B-4 Section 4.1.3, Insert Zone is optional but fixed length for a physical channel - if (current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ) + if (aos_current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ) { // Section 4.1.3.2 - Validate Insert Zone length - if (current_managed_parameters_struct.aos_iz_len <= 0) + if (aos_current_managed_parameters_struct.aos_iz_len <= 0) { status = CRYPTO_LIB_ERR_INVALID_AOS_IZ_LENGTH; #ifdef AOS_DEBUG printf(KRED "Error: Invalid Insert Zone length %d. Must be between 1 and 65535 octets.\n" RESET, - current_managed_parameters_struct.aos_iz_len); + aos_current_managed_parameters_struct.aos_iz_len); #endif mc_if->mc_log(status); return status; @@ -927,10 +928,11 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 // Section 4.1.3.2.3 - All bits of the Insert Zone shall be set by the sending end // Based on the managed parameter configuration, we're not modifying the Insert Zone contents #ifdef AOS_DEBUG - printf(KYEL "Insert Zone present with length %d octets\n" RESET, current_managed_parameters_struct.aos_iz_len); + printf(KYEL "Insert Zone present with length %d octets\n" RESET, + aos_current_managed_parameters_struct.aos_iz_len); #endif - byte_idx += current_managed_parameters_struct.aos_iz_len; + byte_idx += aos_current_managed_parameters_struct.aos_iz_len; } /** @@ -1026,7 +1028,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 } #endif - if (len_ingest < current_managed_parameters_struct.max_frame_size) + if (len_ingest < aos_current_managed_parameters_struct.max_frame_size) { status = CRYPTO_LIB_ERR_AOS_FL_LT_MAX_FRAME_SIZE; mc_if->mc_log(status); @@ -1034,10 +1036,10 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 } // Parse & Check FECF, if present, and update fecf length - if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) + if (aos_current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { - uint16_t received_fecf = (((p_ingest[current_managed_parameters_struct.max_frame_size - 2] << 8) & 0xFF00) | - (p_ingest[current_managed_parameters_struct.max_frame_size - 1] & 0x00FF)); + uint16_t received_fecf = (((p_ingest[aos_current_managed_parameters_struct.max_frame_size - 2] << 8) & 0xFF00) | + (p_ingest[aos_current_managed_parameters_struct.max_frame_size - 1] & 0x00FF)); if (crypto_config.crypto_check_fecf == AOS_CHECK_FECF_TRUE) { @@ -1066,12 +1068,12 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 } } // Needs to be AOS_HAS_FECF (checked above, or AOS_NO_FECF) - else if (current_managed_parameters_struct.has_fecf != AOS_NO_FECF) + else if (aos_current_managed_parameters_struct.has_fecf != AOS_NO_FECF) { #ifdef AOS_DEBUG printf(KRED "AOS_Process Error...tfvn: %d scid: 0x%04X vcid: 0x%02X fecf_enum: %d\n" RESET, - current_managed_parameters_struct.tfvn, current_managed_parameters_struct.scid, - current_managed_parameters_struct.vcid, current_managed_parameters_struct.has_fecf); + aos_current_managed_parameters_struct.tfvn, aos_current_managed_parameters_struct.scid, + aos_current_managed_parameters_struct.vcid, aos_current_managed_parameters_struct.has_fecf); #endif status = CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_AOS_CONFIG; mc_if->mc_log(status); @@ -1094,12 +1096,12 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 memcpy(p_new_dec_frame, &p_ingest[0], aos_hdr_len); // Copy over insert zone data, if it exists - if (current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ) + if (aos_current_managed_parameters_struct.aos_has_iz == AOS_HAS_IZ) { - memcpy(p_new_dec_frame + aos_hdr_len, &p_ingest[aos_hdr_len], current_managed_parameters_struct.aos_iz_len); + memcpy(p_new_dec_frame + aos_hdr_len, &p_ingest[aos_hdr_len], aos_current_managed_parameters_struct.aos_iz_len); #ifdef AOS_DEBUG printf("Copied over the following:\n\t"); - for (int i = 0; i < current_managed_parameters_struct.aos_iz_len; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.aos_iz_len; i++) { printf("%02X", p_ingest[aos_hdr_len + i]); } @@ -1139,14 +1141,14 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 ** The optional Operations Control Field and the Frame Error Control Field, if present, ** are not part of the Data Field. */ - pdu_len = current_managed_parameters_struct.max_frame_size - byte_idx - sa_ptr->stmacf_len; + pdu_len = aos_current_managed_parameters_struct.max_frame_size - byte_idx - sa_ptr->stmacf_len; /* ** CCSDS 732.0-B-4 Section 4.1.5 - Operational Control Field (OCF) ** The OCF contains real-time Control Commands, reports, or status that may be required for ** the operation of the AOS Space Data Link Protocol. */ - if (current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + if (aos_current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) { pdu_len -= 4; } @@ -1155,7 +1157,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 ** CCSDS 732.0-B-4 Section 4.1.6 - Frame Error Control Field (FECF) ** The FECF shall contain a sequence of 16 parity bits for error detection. */ - if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) + if (aos_current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { pdu_len -= 2; } @@ -1170,15 +1172,15 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 #ifdef AOS_DEBUG printf(KYEL "Index / data location starts at: %d\n" RESET, byte_idx); printf(KYEL "Data size is: %d\n" RESET, pdu_len); - if (current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) + if (aos_current_managed_parameters_struct.has_ocf == AOS_HAS_OCF) { // If OCF exists, comes immediately after MAC printf(KYEL "OCF Location is: %d" RESET, byte_idx + pdu_len + sa_ptr->stmacf_len); } - if (current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) + if (aos_current_managed_parameters_struct.has_fecf == AOS_HAS_FECF) { // If FECF exists, comes just before end of the frame - printf(KYEL "FECF Location is: %d\n" RESET, current_managed_parameters_struct.max_frame_size - 2); + printf(KYEL "FECF Location is: %d\n" RESET, aos_current_managed_parameters_struct.max_frame_size - 2); } #endif @@ -1386,12 +1388,12 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 #ifdef AOS_DEBUG printf(KYEL "\nPrinting received frame:\n\t" RESET); - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { printf(KYEL "%02X", p_ingest[i]); } printf(KYEL "\nPrinting PROCESSED frame:\n\t" RESET); - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { printf(KYEL "%02X", p_new_dec_frame[i]); } @@ -1400,7 +1402,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8 *pp_processed_frame = p_new_dec_frame; // TODO maybe not just return this without doing the math ourselves - *p_decrypted_length = current_managed_parameters_struct.max_frame_size; + *p_decrypted_length = aos_current_managed_parameters_struct.max_frame_size; #ifdef DEBUG printf(KYEL "----- Crypto_AOS_ProcessSecurity END -----\n" RESET); diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index b3b976c1..1c0131be 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -45,9 +45,11 @@ CryptographyKmcCryptoServiceConfig_t *cryptography_kmc_crypto_config = NULL; CamConfig_t *cam_config = NULL; GvcidManagedParameters_t gvcid_managed_parameters_array[GVCID_MAN_PARAM_SIZE]; -int gvcid_counter = 0; -GvcidManagedParameters_t gvcid_null_struct = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; -GvcidManagedParameters_t current_managed_parameters_struct = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +int gvcid_counter = 0; +GvcidManagedParameters_t gvcid_null_struct = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +GvcidManagedParameters_t tc_current_managed_parameters_struct = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +GvcidManagedParameters_t tm_current_managed_parameters_struct = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; +GvcidManagedParameters_t aos_current_managed_parameters_struct = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0}; // GvcidManagedParameters_t* gvcid_managed_parameters = NULL; // GvcidManagedParameters_t* current_managed_parameters = NULL; @@ -72,28 +74,25 @@ int32_t Crypto_SC_Init(void) { int32_t status = CRYPTO_LIB_SUCCESS; Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TC - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TC_UT_Managed_Parameters = { 0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); - - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, - // AOS_FHEC_NA, AOS_IZ_NA, 0); TC_UT_Managed_Parameters.vcid = 2; Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); + TC_UT_Managed_Parameters.vcid = 3; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters); // TM - // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, TM_HAS_OCF, 1786, - // AOS_FHEC_NA, AOS_IZ_NA, 0); GvcidManagedParameters_t TM_UT_Managed_Parameters = { - 0, 0x0003, 1, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_HAS_OCF, 1}; + 0, 0x0003, 1, TM_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TM_SEGMENT_HDRS_NA, 1786, TM_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); + TM_UT_Managed_Parameters.vcid = 4; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); - TM_UT_Managed_Parameters.vcid = 2; + TM_UT_Managed_Parameters.vcid = 5; Crypto_Config_Add_Gvcid_Managed_Parameters(TM_UT_Managed_Parameters); status = Crypto_Init(); return status; @@ -397,7 +396,9 @@ int32_t Crypto_Shutdown(void) int32_t status = CRYPTO_LIB_SUCCESS; // current_managed_parameters = NULL; - current_managed_parameters_struct = gvcid_null_struct; + tc_current_managed_parameters_struct = gvcid_null_struct; + tm_current_managed_parameters_struct = gvcid_null_struct; + aos_current_managed_parameters_struct = gvcid_null_struct; for (int i = 0; i <= gvcid_counter; i++) { gvcid_managed_parameters_array[i] = gvcid_null_struct; diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 1344ea17..8c8621cf 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -243,10 +243,10 @@ int32_t Crypto_TC_Frame_Validation(uint16_t *p_enc_frame_len) } // Check maximum managed parameter size - if (*p_enc_frame_len > current_managed_parameters_struct.max_frame_size) + if (*p_enc_frame_len > tc_current_managed_parameters_struct.max_frame_size) { #ifdef DEBUG - printf("Managed length is: %d\n", current_managed_parameters_struct.max_frame_size); + printf("Managed length is: %d\n", tc_current_managed_parameters_struct.max_frame_size); printf("New enc frame length will be: %d\n", *p_enc_frame_len); #endif printf(KRED "Error: New frame would violate maximum tc frame managed parameter! \n" RESET); @@ -695,7 +695,7 @@ int32_t Crypto_TC_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ */ // Only calculate & insert FECF if CryptoLib is configured to do so & gvcid includes FECF. - if (current_managed_parameters_struct.has_fecf == TC_HAS_FECF) + if (tc_current_managed_parameters_struct.has_fecf == TC_HAS_FECF) { #ifdef FECF_DEBUG printf(KCYN "Calcing FECF over %d bytes\n" RESET, new_enc_frame_header_field_length - 1); @@ -818,7 +818,7 @@ int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_Fra // Lookup-retrieve managed parameters for frame via gvcid: status = Crypto_Get_Managed_Parameters_For_Gvcid(temp_tc_header.tfvn, temp_tc_header.scid, temp_tc_header.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tc_current_managed_parameters_struct); if (status != CRYPTO_LIB_SUCCESS) { @@ -826,7 +826,7 @@ int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_Fra return status; } // Unable to get necessary Managed Parameters for TC TF -- return with error. - if (current_managed_parameters_struct.has_segmentation_hdr == TC_HAS_SEGMENT_HDRS) + if (tc_current_managed_parameters_struct.has_segmentation_hdr == TC_HAS_SEGMENT_HDRS) { *segmentation_hdr = p_in_frame[5]; *map_id = *segmentation_hdr & 0x3F; @@ -1194,7 +1194,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t *p_in_frame, const uint16_t in */ uint16_t index = TC_FRAME_HEADER_SIZE; // Frame header is 5 bytes - if (current_managed_parameters_struct.has_segmentation_hdr == TC_HAS_SEGMENT_HDRS) + if (tc_current_managed_parameters_struct.has_segmentation_hdr == TC_HAS_SEGMENT_HDRS) { index++; // Add 1 byte to index because segmentation header used for this gvcid. } @@ -1321,7 +1321,7 @@ int32_t Crypto_TC_ProcessSecurity(uint8_t *ingest, int *len_ingest, TC_t *tc_sdl int32_t Crypto_TC_Parse_Check_FECF(uint8_t *ingest, int *len_ingest, TC_t *tc_sdls_processed_frame) { int32_t status = CRYPTO_LIB_SUCCESS; - if (current_managed_parameters_struct.has_fecf == TC_HAS_FECF) + if (tc_current_managed_parameters_struct.has_fecf == TC_HAS_FECF) { tc_sdls_processed_frame->tc_sec_trailer.fecf = (((ingest[tc_sdls_processed_frame->tc_header.fl - 1] << 8) & 0xFF00) | @@ -1665,7 +1665,7 @@ int32_t Crypto_TC_Prep_AAD(TC_t *tc_sdls_processed_frame, uint8_t fecf_len, uint if ((sa_service_type == SA_AUTHENTICATION) || (sa_service_type == SA_AUTHENTICATED_ENCRYPTION)) { uint16_t tc_mac_start_index = tc_sdls_processed_frame->tc_header.fl + 1 - fecf_len - sa_ptr->stmacf_len; - if (current_managed_parameters_struct.max_frame_size < tc_mac_start_index) + if (tc_current_managed_parameters_struct.max_frame_size < tc_mac_start_index) { status = CRYPTO_LIB_ERR_TC_FRAME_LENGTH_UNDERFLOW; mc_if->mc_log(status); @@ -1864,17 +1864,17 @@ void Crypto_TC_Get_Ciper_Mode_TCP(uint8_t sa_service_type, uint32_t *encryption_ **/ void Crypto_TC_Calc_Lengths(uint8_t *fecf_len, uint8_t *segment_hdr_len, uint8_t *ocf_len) { - if (current_managed_parameters_struct.has_fecf == TC_NO_FECF) + if (tc_current_managed_parameters_struct.has_fecf == TC_NO_FECF) { *fecf_len = 0; } - if (current_managed_parameters_struct.has_segmentation_hdr == TC_NO_SEGMENT_HDRS) + if (tc_current_managed_parameters_struct.has_segmentation_hdr == TC_NO_SEGMENT_HDRS) { *segment_hdr_len = 0; } - if (current_managed_parameters_struct.has_ocf == TC_OCF_NA) + if (tc_current_managed_parameters_struct.has_ocf == TC_OCF_NA) { *ocf_len = 0; } @@ -1892,7 +1892,7 @@ void Crypto_TC_Calc_Lengths(uint8_t *fecf_len, uint8_t *segment_hdr_len, uint8_t void Crypto_TC_Set_Segment_Header(TC_t *tc_sdls_processed_frame, uint8_t *ingest, int *byte_idx) { int byte_idx_tmp = *byte_idx; - if (current_managed_parameters_struct.has_segmentation_hdr == TC_HAS_SEGMENT_HDRS) + if (tc_current_managed_parameters_struct.has_segmentation_hdr == TC_HAS_SEGMENT_HDRS) { tc_sdls_processed_frame->tc_sec_header.sh = (uint8_t)ingest[*byte_idx]; byte_idx_tmp++; @@ -1960,7 +1960,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc // Lookup-retrieve managed parameters for frame via gvcid: status = Crypto_Get_Managed_Parameters_For_Gvcid( tc_sdls_processed_frame->tc_header.tfvn, tc_sdls_processed_frame->tc_header.scid, - tc_sdls_processed_frame->tc_header.vcid, gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + tc_sdls_processed_frame->tc_header.vcid, gvcid_managed_parameters_array, &tc_current_managed_parameters_struct); if (status != CRYPTO_LIB_SUCCESS) { diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 709a53e2..e8e22b26 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -245,7 +245,7 @@ uint32_t Crypto_TM_Calculate_Padding(uint32_t cipher, uint16_t data_len) void Crypto_TM_PKCS_Padding(uint32_t *pkcs_padding, SecurityAssociation_t *sa_ptr, uint8_t *pTfBuffer, uint16_t *idx_p) { uint16_t idx = *idx_p; - uint16_t data_len = current_managed_parameters_struct.max_frame_size - idx - sa_ptr->stmacf_len; + uint16_t data_len = tm_current_managed_parameters_struct.max_frame_size - idx - sa_ptr->stmacf_len; // Calculate required padding based on cipher *pkcs_padding = Crypto_TM_Calculate_Padding(sa_ptr->ecs, data_len); @@ -281,11 +281,11 @@ void Crypto_TM_PKCS_Padding(uint32_t *pkcs_padding, SecurityAssociation_t *sa_pt **/ void Crypto_TM_Handle_Managed_Parameter_Flags(uint16_t *pdu_len) { - if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + if (tm_current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { *pdu_len -= 4; } - if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (tm_current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { *pdu_len -= 2; } @@ -678,29 +678,30 @@ int32_t Crypto_TM_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ **/ // Only calculate & insert FECF if CryptoLib is configured to do so & gvcid includes FECF. - if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (tm_current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { #ifdef FECF_DEBUG - printf(KCYN "Calcing FECF over %d bytes\n" RESET, current_managed_parameters_struct.max_frame_size - 2); + printf(KCYN "Calcing FECF over %d bytes\n" RESET, tm_current_managed_parameters_struct.max_frame_size - 2); #endif if (crypto_config.crypto_create_fecf == CRYPTO_TM_CREATE_FECF_TRUE) { *new_fecf = - Crypto_Calc_FECF((uint8_t *)pTfBuffer, current_managed_parameters_struct.max_frame_size - 2); - pTfBuffer[current_managed_parameters_struct.max_frame_size - 2] = (uint8_t)((*new_fecf & 0xFF00) >> 8); - pTfBuffer[current_managed_parameters_struct.max_frame_size - 1] = (uint8_t)(*new_fecf & 0x00FF); + Crypto_Calc_FECF((uint8_t *)pTfBuffer, tm_current_managed_parameters_struct.max_frame_size - 2); + pTfBuffer[tm_current_managed_parameters_struct.max_frame_size - 2] = + (uint8_t)((*new_fecf & 0xFF00) >> 8); + pTfBuffer[tm_current_managed_parameters_struct.max_frame_size - 1] = (uint8_t)(*new_fecf & 0x00FF); } else // CRYPTO_TC_CREATE_FECF_FALSE { - pTfBuffer[current_managed_parameters_struct.max_frame_size - 2] = (uint8_t)0x00; - pTfBuffer[current_managed_parameters_struct.max_frame_size - 1] = (uint8_t)0x00; + pTfBuffer[tm_current_managed_parameters_struct.max_frame_size - 2] = (uint8_t)0x00; + pTfBuffer[tm_current_managed_parameters_struct.max_frame_size - 1] = (uint8_t)0x00; } idx += 2; } #ifdef TM_DEBUG printf(KYEL "Printing new TM frame:\n\t"); - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { printf("%02X", pTfBuffer[i]); } @@ -739,15 +740,15 @@ void Crypto_TM_ApplySecurity_Debug_Print(uint16_t idx, uint16_t pdu_len, Securit printf(KYEL "Data location starts at: %d\n" RESET, idx); printf(KYEL "Data size is: %d\n" RESET, pdu_len); printf(KYEL "Index at end of SPI is: %d\n", idx); - if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + if (tm_current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { // If OCF exists, comes immediately after MAC printf(KYEL "OCF Location is: %d\n" RESET, idx + pdu_len + sa_ptr->stmacf_len); } - if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (tm_current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { // If FECF exists, comes just before end of the frame - printf(KYEL "FECF Location is: %d\n" RESET, current_managed_parameters_struct.max_frame_size - 2); + printf(KYEL "FECF Location is: %d\n" RESET, tm_current_managed_parameters_struct.max_frame_size - 2); } #endif } @@ -833,7 +834,7 @@ int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) } status = Crypto_Get_Managed_Parameters_For_Gvcid(tfvn, scid, vcid, gvcid_managed_parameters_array, - ¤t_managed_parameters_struct); + &tm_current_managed_parameters_struct); // No managed parameters found if (status != CRYPTO_LIB_SUCCESS) @@ -845,8 +846,8 @@ int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) return status; } - if ((len_ingest < current_managed_parameters_struct.max_frame_size) && (sa_ptr->ecs != CRYPTO_CIPHER_AES256_CBC) && - (sa_ptr->ecs != CRYPTO_CIPHER_AES256_CBC_MAC)) + if ((len_ingest < tm_current_managed_parameters_struct.max_frame_size) && + (sa_ptr->ecs != CRYPTO_CIPHER_AES256_CBC) && (sa_ptr->ecs != CRYPTO_CIPHER_AES256_CBC_MAC)) { status = CRYPTO_LIB_ERR_TM_FL_LT_MAX_FRAME_SIZE; mc_if->mc_log(status); @@ -854,9 +855,9 @@ int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) } else if ((sa_ptr->ecs == CRYPTO_CIPHER_AES256_CBC) || (sa_ptr->ecs == CRYPTO_CIPHER_AES256_CBC_MAC)) { - if ((current_managed_parameters_struct.max_frame_size - len_ingest) <= 16) + if ((tm_current_managed_parameters_struct.max_frame_size - len_ingest) <= 16) { - cbc_padding = current_managed_parameters_struct.max_frame_size - len_ingest; + cbc_padding = tm_current_managed_parameters_struct.max_frame_size - len_ingest; } else { @@ -868,7 +869,7 @@ int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) #ifdef TM_DEBUG printf(KYEL "TM BEFORE Apply Sec:\n\t" RESET); - for (int16_t i = 0; i < current_managed_parameters_struct.max_frame_size - cbc_padding; i++) + for (int16_t i = 0; i < tm_current_managed_parameters_struct.max_frame_size - cbc_padding; i++) { printf("%02X", pTfBuffer[i]); } @@ -1012,7 +1013,7 @@ int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) **/ data_loc = idx; - if (current_managed_parameters_struct.max_frame_size <= idx - sa_ptr->stmacf_len) + if (tm_current_managed_parameters_struct.max_frame_size <= idx - sa_ptr->stmacf_len) { status = CRYPTO_LIB_ERR_TM_FRAME_LENGTH_UNDERFLOW; mc_if->mc_log(status); @@ -1020,11 +1021,11 @@ int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest) } // Calculate size of data to be encrypted - pdu_len = current_managed_parameters_struct.max_frame_size - idx - sa_ptr->stmacf_len; + pdu_len = tm_current_managed_parameters_struct.max_frame_size - idx - sa_ptr->stmacf_len; // Check other managed parameter flags, subtract their lengths from data field if present Crypto_TM_Handle_Managed_Parameter_Flags(&pdu_len); - if (current_managed_parameters_struct.max_frame_size < pdu_len) + if (tm_current_managed_parameters_struct.max_frame_size < pdu_len) { status = CRYPTO_LIB_ERR_AOS_FRAME_LENGTH_UNDERFLOW; mc_if->mc_log(status); @@ -1106,9 +1107,9 @@ int32_t Crypto_TM_Process_Setup(uint16_t len_ingest, uint16_t *byte_idx, uint8_t // Lookup-retrieve managed parameters for frame via gvcid: if (status == CRYPTO_LIB_SUCCESS) { - status = - Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, + tm_frame_pri_hdr.vcid, gvcid_managed_parameters_array, + &tm_current_managed_parameters_struct); } if (status != CRYPTO_LIB_SUCCESS) @@ -1246,10 +1247,10 @@ int32_t Crypto_TM_FECF_Setup(uint8_t *p_ingest, uint16_t len_ingest) { int32_t status = CRYPTO_LIB_SUCCESS; - if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (tm_current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { - uint16_t received_fecf = (((p_ingest[current_managed_parameters_struct.max_frame_size - 2] << 8) & 0xFF00) | - (p_ingest[current_managed_parameters_struct.max_frame_size - 1] & 0x00FF)); + uint16_t received_fecf = (((p_ingest[tm_current_managed_parameters_struct.max_frame_size - 2] << 8) & 0xFF00) | + (p_ingest[tm_current_managed_parameters_struct.max_frame_size - 1] & 0x00FF)); if (crypto_config.crypto_check_fecf == TM_CHECK_FECF_TRUE) { @@ -1278,12 +1279,12 @@ int32_t Crypto_TM_FECF_Setup(uint8_t *p_ingest, uint16_t len_ingest) } } // Needs to be TM_HAS_FECF (checked above_ or TM_NO_FECF) - else if (current_managed_parameters_struct.has_fecf != TM_NO_FECF) + else if (tm_current_managed_parameters_struct.has_fecf != TM_NO_FECF) { #ifdef TM_DEBUG printf(KRED "TM_Process Error...tfvn: %d scid: 0x%04X vcid: 0x%02X fecf_enum: %d\n" RESET, - current_managed_parameters_struct.tfvn, current_managed_parameters_struct.scid, - current_managed_parameters_struct.vcid, current_managed_parameters_struct.has_fecf); + tm_current_managed_parameters_struct.tfvn, tm_current_managed_parameters_struct.scid, + tm_current_managed_parameters_struct.vcid, tm_current_managed_parameters_struct.has_fecf); #endif status = CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_TM_CONFIG; mc_if->mc_log(status); @@ -1500,12 +1501,12 @@ int32_t Crypto_TM_Do_Decrypt_NONAEAD(uint8_t sa_service_type, uint16_t pdu_len, */ void Crypto_TM_Calc_PDU_MAC(uint16_t *pdu_len, uint16_t byte_idx, SecurityAssociation_t *sa_ptr, int *mac_loc) { - *pdu_len = current_managed_parameters_struct.max_frame_size - (byte_idx)-sa_ptr->stmacf_len; - if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + *pdu_len = tm_current_managed_parameters_struct.max_frame_size - (byte_idx)-sa_ptr->stmacf_len; + if (tm_current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { *pdu_len -= 4; } - if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (tm_current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { *pdu_len -= 2; } @@ -1565,12 +1566,12 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ #ifdef TM_DEBUG printf(KYEL "Printing received frame:\n\t" RESET); - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { printf(KYEL "%02X", p_ingest[i]); } printf(KYEL "\nPrinting PROCESSED frame:\n\t" RESET); - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { printf(KYEL "%02X", p_new_dec_frame[i]); } @@ -1579,7 +1580,7 @@ int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ *pp_processed_frame = p_new_dec_frame; // TODO maybe not just return this without doing the math ourselves - *p_decrypted_length = current_managed_parameters_struct.max_frame_size; + *p_decrypted_length = tm_current_managed_parameters_struct.max_frame_size; #ifdef DEBUG printf(KYEL "----- Crypto_TM_ProcessSecurity END -----\n" RESET); @@ -1609,15 +1610,15 @@ void Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, Security #ifdef TM_DEBUG printf(KYEL "Index / data location starts at: %d\n" RESET, byte_idx); printf(KYEL "Data size is: %d\n" RESET, pdu_len); - if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + if (tm_current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { // If OCF exists, comes immediately after MAC printf(KYEL "OCF Location is: %d\n" RESET, byte_idx + pdu_len + sa_ptr->stmacf_len); } - if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (tm_current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { // If FECF exists, comes just before end of the frame - printf(KYEL "FECF Location is: %d\n" RESET, current_managed_parameters_struct.max_frame_size - 2); + printf(KYEL "FECF Location is: %d\n" RESET, tm_current_managed_parameters_struct.max_frame_size - 2); } #endif } @@ -1707,7 +1708,7 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_ } #endif - if (current_managed_parameters_struct.max_frame_size <= byte_idx - sa_ptr->stmacf_len) + if (tm_current_managed_parameters_struct.max_frame_size <= byte_idx - sa_ptr->stmacf_len) { status = CRYPTO_LIB_ERR_TM_FRAME_LENGTH_UNDERFLOW; mc_if->mc_log(status); @@ -1715,7 +1716,7 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_ } // Received the wrong amount of bytes from mandated frame size - if (len_ingest < current_managed_parameters_struct.max_frame_size) + if (len_ingest < tm_current_managed_parameters_struct.max_frame_size) { status = CRYPTO_LIB_ERR_TM_FRAME_LENGTH_UNDERFLOW; mc_if->mc_log(status); @@ -1772,7 +1773,7 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_ // NOTE: This size itself is not the length for authentication Crypto_TM_Calc_PDU_MAC(&pdu_len, byte_idx, sa_ptr, &mac_loc); - if (current_managed_parameters_struct.max_frame_size < pdu_len) + if (tm_current_managed_parameters_struct.max_frame_size < pdu_len) { status = CRYPTO_LIB_ERR_TM_FRAME_LENGTH_UNDERFLOW; mc_if->mc_log(status); @@ -1820,7 +1821,7 @@ int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_ void Crypto_TM_Print_CLCW(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr) { - if (current_managed_parameters_struct.has_ocf == TM_HAS_OCF) + if (tm_current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { byte_idx += (pdu_len + sa_ptr->stmacf_len); Telemetry_Frame_Ocf_Clcw_t clcw; @@ -2026,10 +2027,10 @@ int32_t Crypto_TM_FECF_Validate(uint8_t *p_ingest, uint16_t len_ingest, Security { int32_t status = CRYPTO_LIB_SUCCESS; - if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (tm_current_managed_parameters_struct.has_fecf == TM_HAS_FECF) { - uint16_t received_fecf = (((p_ingest[current_managed_parameters_struct.max_frame_size - 2] << 8) & 0xFF00) | - (p_ingest[current_managed_parameters_struct.max_frame_size - 1] & 0x00FF)); + uint16_t received_fecf = (((p_ingest[tm_current_managed_parameters_struct.max_frame_size - 2] << 8) & 0xFF00) | + (p_ingest[tm_current_managed_parameters_struct.max_frame_size - 1] & 0x00FF)); if (crypto_config.crypto_check_fecf == TM_CHECK_FECF_TRUE) { @@ -2050,12 +2051,12 @@ int32_t Crypto_TM_FECF_Validate(uint8_t *p_ingest, uint16_t len_ingest, Security } } } - else if (current_managed_parameters_struct.has_fecf != TM_NO_FECF) + else if (tm_current_managed_parameters_struct.has_fecf != TM_NO_FECF) { #ifdef TM_DEBUG printf(KRED "TM_Process Error...tfvn: %d scid: 0x%04X vcid: 0x%02X fecf_enum: %d\n" RESET, - current_managed_parameters_struct.tfvn, current_managed_parameters_struct.scid, - current_managed_parameters_struct.vcid, current_managed_parameters_struct.has_fecf); + tm_current_managed_parameters_struct.tfvn, tm_current_managed_parameters_struct.scid, + tm_current_managed_parameters_struct.vcid, tm_current_managed_parameters_struct.has_fecf); #endif status = CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_TM_CONFIG; mc_if->mc_log(status); diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index adc65aec..bf6e0156 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -1034,7 +1034,7 @@ static int32_t sa_start(TC_t *tc_frame) gvcid.vcid = (((sdls_frame.tlv_pdu.data[count + 2] & 0x0F) << 2) | (sdls_frame.tlv_pdu.data[count + 3] & 0xC0) >> 6); - if (current_managed_parameters_struct.has_segmentation_hdr == TC_HAS_SEGMENT_HDRS) + if (tc_current_managed_parameters_struct.has_segmentation_hdr == TC_HAS_SEGMENT_HDRS) { gvcid.mapid = (sdls_frame.tlv_pdu.data[count + 3] & 0x3F); } diff --git a/support/scripts/build_support.sh b/support/scripts/build_support.sh index 76312992..80303e12 100755 --- a/support/scripts/build_support.sh +++ b/support/scripts/build_support.sh @@ -11,4 +11,4 @@ source $SCRIPT_DIR/env.sh rm $BASE_DIR/CMakeCache.txt -cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DMC_INTERNAL=1 -DTEST=1 -DSA_FILE=1 -DCRYPTO_LIBGCRYPT=1 -DKEY_INTERNAL=1 -DSA_INTERNAL=1 -DSUPPORT=1 && make && make test +cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DSUPPORT=1 -DTEST=1 -DCRYPTO_LIBGCRYPT=1 -DSA_INTERNAL=1 -DMC_INTERNAL=1 -DKEY_INTERNAL=1 && make && make test diff --git a/support/standalone/standalone.c b/support/standalone/standalone.c index 43b8f42a..c9f179b8 100644 --- a/support/standalone/standalone.c +++ b/support/standalone/standalone.c @@ -29,9 +29,11 @@ static volatile uint8_t keepRunning = CRYPTO_LIB_SUCCESS; static volatile uint8_t tc_seq_num = 0; static volatile uint8_t tc_vcid = CRYPTO_STANDALONE_FRAMING_VCID; -static volatile uint8_t tc_debug = 0; +static volatile uint8_t tc_debug = 1; static volatile uint8_t tm_debug = 0; +#define DYNAMIC_LENGTHS 1 + /* ** Functions */ @@ -65,6 +67,7 @@ void crypto_standalone_print_help(void) "help - Display help \n" "noop - No operation command to device \n" "reset - Reset CryptoLib \n" + "active - Displays all operational SAs \n" "tc - Toggle TC debug prints \n" "tm - Toggle TM debug prints \n" "vcid # - Change active TC virtual channel \n" @@ -107,6 +110,10 @@ int32_t crypto_standalone_get_command(const char *str) { status = CRYPTO_CMD_TM_DEBUG; } + else if (strcmp(lcmd, "active") == 0) + { + status = CRYPTO_CMD_ACTIVE; + } return status; } @@ -149,16 +156,15 @@ int32_t crypto_standalone_process_command(int32_t cc, int32_t num_tokens, char * { SaInterface sa_if = get_sa_interface_inmemory(); SecurityAssociation_t *test_association = NULL; - sa_if->sa_get_from_spi(vcid, &test_association); + int32_t status = CRYPTO_LIB_SUCCESS; - /* Handle special case for VCID */ - if (vcid == 1) + status = sa_if->sa_get_operational_sa_from_gvcid(0, SCID, vcid, 0, &test_association); + if (status == CRYPTO_LIB_SUCCESS) { - printf("Special case for VCID 1! \n"); - vcid = 0; + Crypto_saPrint(test_association); } - if ((test_association->sa_state == SA_OPERATIONAL) && + if ((status == CRYPTO_LIB_SUCCESS) && (test_association->sa_state == SA_OPERATIONAL) && (test_association->gvcid_blk.mapid == TYPE_TC) && (test_association->gvcid_blk.scid == SCID)) { tc_vcid = vcid; @@ -168,11 +174,12 @@ int32_t crypto_standalone_process_command(int32_t cc, int32_t num_tokens, char * { printf("Error - virtual channel (VCID) %d is invalid! Sticking with prior vcid %d \n", vcid, tc_vcid); + status = CRYPTO_LIB_SUCCESS; } } else { - printf("Error - virtual channl (VCID) %d must be less than 64! Sticking with prior vcid %d \n", + printf("Error - virtual channel (VCID) %d must be less than 64! Sticking with prior vcid %d \n", vcid, tc_vcid); } } @@ -210,6 +217,43 @@ int32_t crypto_standalone_process_command(int32_t cc, int32_t num_tokens, char * } break; + case CRYPTO_CMD_ACTIVE: + if (crypto_standalone_check_number_arguments(num_tokens, 0) == CRYPTO_LIB_SUCCESS) + { + SaInterface sa_if = get_sa_interface_inmemory(); + SecurityAssociation_t *test_association = NULL; + + printf("Active SAs: \n\t"); + for (int i = 0; i < NUM_SA; i++) + { + sa_if->sa_get_from_spi(i, &test_association); + if (test_association->sa_state == SA_OPERATIONAL) + { + if (i < 5) + { + printf("TC - "); + } + if (i > 4 && i < 9) + { + printf("TM - "); + } + if (i > 8 && i < 13) + { + printf("AOS - "); + } + if (i > 12 && i < 16) + { + printf("ExProc - "); + } + + printf("SPI %d - VCID %d - EST %d - AST %d\n\t", i, test_association->gvcid_blk.vcid, + test_association->est, test_association->ast); + } + } + printf("\n"); + } + break; + default: printf("Invalid command format, type 'help' for more info\n"); status = CRYPTO_LIB_ERROR; @@ -291,7 +335,7 @@ int32_t crypto_standalone_udp_init(udp_info_t *sock, int32_t port, uint8_t bind_ status = bind(sock->sockfd, (struct sockaddr *)&sock->saddr, sizeof(sock->saddr)); if (status != 0) { - printf(" udp_init: Socker bind error with port %d \n", sock->port); + printf(" udp_init: Socket bind error with port %d \n", sock->port); status = CRYPTO_LIB_ERROR; } } @@ -326,17 +370,31 @@ int32_t crypto_reset(void) void crypto_standalone_tc_frame(uint8_t *in_data, uint16_t in_length, uint8_t *out_data, uint16_t *out_length) { /* TC Length */ - *out_length = (uint16_t)CRYPTO_STANDALONE_FRAMING_TC_DATA_LEN + 6; + if (DYNAMIC_LENGTHS) + { + uint8_t segment_hdr_len = tc_current_managed_parameters_struct.has_segmentation_hdr ? 1 : 0; + uint8_t fecf_len = tc_current_managed_parameters_struct.has_fecf ? 2 : 0; + + SecurityAssociation_t *sa_ptr; + sa_if->sa_get_from_spi(tc_vcid, &sa_ptr); + + *out_length = TC_FRAME_HEADER_SIZE + segment_hdr_len + sa_ptr->arsn_len + sa_ptr->shivf_len + + sa_ptr->shplf_len + sa_ptr->shsnf_len + in_length + sa_ptr->stmacf_len + fecf_len; + } + else + { + *out_length = CRYPTO_STANDALONE_FRAMING_TC_DATA_LEN + 6; + } /* TC Header */ out_data[0] = 0x20; out_data[1] = CRYPTO_STANDALONE_FRAMING_SCID; - out_data[2] = ((tc_vcid << 2) & 0xFC) | (((uint16_t)CRYPTO_STANDALONE_FRAMING_TC_DATA_LEN >> 8) & 0x03); - out_data[3] = (uint16_t)CRYPTO_STANDALONE_FRAMING_TC_DATA_LEN & 0x00FF; + out_data[2] = ((tc_vcid << 2) & 0xFC) | (((*out_length - 1) >> 8) & 0x03); + out_data[3] = (*out_length - 1) & 0xFF; out_data[4] = tc_seq_num++; /* Segement Header */ - out_data[5] = 0x00; + out_data[5] = 0xC0; /* SDLS Header */ @@ -359,7 +417,7 @@ void *crypto_standalone_tc_apply(void *socks) uint16_t tc_out_len = 0; #ifdef CRYPTO_STANDALONE_HANDLE_FRAMING - uint8_t tc_framed[TC_MAX_FRAME_SIZE]; + uint8_t tc_framed[TC_MAX_FRAME_SIZE] = {0}; #endif int sockaddr_size = sizeof(struct sockaddr_in); @@ -431,6 +489,7 @@ void *crypto_standalone_tc_apply(void *socks) /* Reset */ memset(tc_apply_in, 0x00, sizeof(tc_apply_in)); + memset(tc_framed, 0x00, sizeof(tc_framed)); tc_in_len = 0; tc_out_len = 0; if (!tc_out_ptr) @@ -456,17 +515,23 @@ void crypto_standalone_tm_frame(uint8_t *in_data, uint16_t in_length, uint8_t *o { SaInterface sa_if = get_sa_interface_inmemory(); SecurityAssociation_t *sa_ptr = NULL; + int32_t status = CRYPTO_LIB_SUCCESS; - sa_if->sa_get_from_spi(spi, &sa_ptr); - if (!sa_ptr) + status = sa_if->sa_get_from_spi(spi, &sa_ptr); + if (status != CRYPTO_LIB_SUCCESS) { printf("WARNING - SA IS NULL!\n"); } // Calculate security headers and trailers - uint8_t header_length = 6 + 2 + sa_ptr->shivf_len + sa_ptr->shplf_len + sa_ptr->shsnf_len + 40; // TODO: Why +40? + uint8_t header_length = TM_PRI_HDR_LENGTH + SDLS_SPI_LENGTH + sa_ptr->shivf_len + sa_ptr->shplf_len + + sa_ptr->shsnf_len; // TODO: Why +40? uint8_t trailer_length = sa_ptr->stmacf_len; - if (current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + if (tm_current_managed_parameters_struct.has_fecf == TM_HAS_FECF) + { + trailer_length += 2; + } + if (tm_current_managed_parameters_struct.has_ocf == TM_HAS_OCF) { trailer_length += 4; } @@ -514,7 +579,8 @@ void crypto_standalone_spp_telem_or_idle(int32_t *status_p, uint8_t *tm_ptr, uin udp_info_t *tm_write_sock = &tm_socks->write; - if ((tm_ptr[0] == 0x08) || ((tm_ptr[0] == 0x03) && tm_ptr[1] == 0xff)) + if ((tm_ptr[0] == 0x08) || (tm_ptr[0] == 0x09) || ((tm_ptr[0] == 0x07) && (tm_ptr[1] == 0xff)) || + (tm_ptr[0] == 0x0F && tm_ptr[1] == 0xFD) || (tm_ptr[0] == 0x1F && tm_ptr[1] == 0xFD)) { spp_len = (((0xFFFF & tm_ptr[4]) << 8) | tm_ptr[5]) + 7; #ifdef CRYPTO_STANDALONE_TM_PROCESS_DEBUG @@ -525,8 +591,10 @@ void crypto_standalone_spp_telem_or_idle(int32_t *status_p, uint8_t *tm_ptr, uin } printf("\n"); #endif + // Send all SPP telemetry packets - if (tm_ptr[0] == 0x08) + // 0x09 for HK/Device TLM Packets (Generic Components) + if (tm_ptr[0] == 0x08 || tm_ptr[0] == 0x09 || (tm_ptr[0] == 0x0f && tm_ptr[1] == 0xfd)) { status = sendto(tm_write_sock->sockfd, tm_ptr, spp_len, 0, (struct sockaddr *)&tm_write_sock->saddr, sizeof(tm_write_sock->saddr)); @@ -552,7 +620,8 @@ void crypto_standalone_spp_telem_or_idle(int32_t *status_p, uint8_t *tm_ptr, uin tm_process_len = tm_process_len - spp_len; } else if ((tm_ptr[0] == 0xFF && tm_ptr[1] == 0x48) || (tm_ptr[0] == 0x00 && tm_ptr[1] == 0x00) || - (tm_ptr[0] == 0x02 && tm_ptr[1] == 0x00) || (tm_ptr[0] == 0xFF && tm_ptr[1] == 0xFF)) + (tm_ptr[0] == 0x02 && tm_ptr[1] == 0x00) || (tm_ptr[0] == 0xFF && tm_ptr[1] == 0xFF) || + (tm_ptr[0] == 0x1F && tm_ptr[1] == 0xFE)) { // TODO: Why 0x0200? // Idle Frame @@ -630,7 +699,7 @@ void *crypto_standalone_tm_process(void *socks) { if (tm_debug == 1) { - if (((tm_ptr[4] & 0x0F) == 0x0F) && (tm_ptr[5] == 0xFE)) + if ((tm_ptr[4] == 0x07) && (tm_ptr[5] == 0xFF)) { // OID Frame } @@ -648,10 +717,10 @@ void *crypto_standalone_tm_process(void *socks) /* Frame */ #ifdef CRYPTO_STANDALONE_HANDLE_FRAMING #ifdef TM_CADU_HAS_ASM - uint16_t spi = (0xFFFF & tm_process_in[11]) | tm_process_in[12]; + uint16_t spi = (tm_process_in[10] << 8) | tm_process_in[11]; crypto_standalone_tm_frame(tm_ptr, tm_out_len, tm_framed, &tm_framed_len, spi); #else - uint16_t spi = (0xFFFF & tm_process_in[7]) | tm_process_in[8]; + uint16_t spi = (tm_process_in[6] << 8) | tm_process_in[7]; crypto_standalone_tm_frame(tm_process_in, tm_process_len, tm_framed, &tm_framed_len, spi); #endif memcpy(tm_process_in, tm_framed, tm_framed_len); diff --git a/support/standalone/standalone.h b/support/standalone/standalone.h index ab7030f0..ca83e8b8 100644 --- a/support/standalone/standalone.h +++ b/support/standalone/standalone.h @@ -73,6 +73,10 @@ extern "C" #define CRYPTO_MAX_INPUT_TOKENS 32 #define CRYPTO_MAX_INPUT_TOKEN_SIZE 64 +#define TM_PRI_HDR_LENGTH 6 +#define TM_ASM_LENGTH 4 +#define SDLS_SPI_LENGTH 2 + #define CRYPTO_CMD_UNKNOWN (-1) #define CRYPTO_CMD_HELP 0 #define CRYPTO_CMD_EXIT 1 @@ -81,6 +85,7 @@ extern "C" #define CRYPTO_CMD_VCID 4 #define CRYPTO_CMD_TC_DEBUG 5 #define CRYPTO_CMD_TM_DEBUG 6 +#define CRYPTO_CMD_ACTIVE 7 /* ** Structures diff --git a/test/unit/ut_aos_apply.c b/test/unit/ut_aos_apply.c index 9d13477f..936541f1 100644 --- a/test/unit/ut_aos_apply.c +++ b/test/unit/ut_aos_apply.c @@ -268,7 +268,7 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FECF) char *error_enum = Crypto_Get_Error_Code_Enum_String(status); ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is what we expect (updated SPI and FECF) - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); @@ -407,7 +407,7 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); @@ -542,7 +542,7 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FHEC_FECF) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); @@ -682,7 +682,7 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FHEC_OID_FECF) ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t)truth_aos_b[i]); ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); @@ -825,7 +825,7 @@ UTEST(AOS_APPLY, AES_CMAC_256_TEST_BITMASK_1) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is what we expect (updated SPI and FECF) - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); @@ -972,7 +972,7 @@ UTEST(AOS_APPLY, AES_CMAC_256_TEST_BITMASK_0) ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is what we expect (updated SPI and FECF) - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("%d: Checking %02x against %02X\n", i, (uint8_t)test_aos_b[i], (uint8_t)truth_aos_b[i]); ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t)truth_aos_b[i]); @@ -1113,7 +1113,7 @@ UTEST(AOS_APPLY, AES_GCM) ASSERT_STREQ("CRYPTO_LIB_SUCCESS", error_enum); // Now, byte by byte verify the static frame in memory is what we expect (updated SPI and FECF) - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)test_aos_b[i], (uint8_t)*(truth_aos_b + i)); ASSERT_EQ((uint8_t)test_aos_b[i], (uint8_t) * (truth_aos_b + i)); diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index ec291095..75efdd97 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -296,9 +296,9 @@ UTEST(AOS_PROCESS, HAPPY_PATH_CLEAR_FECF) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); @@ -428,10 +428,10 @@ UTEST(AOS_PROCESS, SECONDARY_HDR_PRESENT_PLAINTEXT) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", aos_frame[i], (uint8_t)*(truth_aos_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); @@ -565,9 +565,9 @@ UTEST(AOS_PROCESS, INSERT_ZONE_PRESENT_PLAINTEXT) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t)truth_aos_b[i]); @@ -709,9 +709,9 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_0) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); @@ -860,9 +860,9 @@ UTEST(AOS_PROCESS, AES_CMAC_256_TEST_1) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); @@ -1009,9 +1009,9 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_0) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); @@ -1157,9 +1157,9 @@ UTEST(AOS_PROCESS, AES_HMAC_256_TEST_1) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); @@ -1307,9 +1307,9 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_0) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); @@ -1457,9 +1457,9 @@ UTEST(AOS_PROCESS, AES_HMAC_512_TEST_1) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); @@ -1584,7 +1584,7 @@ UTEST(AOS_PROCESS, AES_GCM_DEC_ONLY) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Expose/setup SAs for testing SecurityAssociation_t ta; @@ -1800,9 +1800,9 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(aos_frame_pri_hdr.tfvn, aos_frame_pri_hdr.scid, aos_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &aos_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < aos_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_aos_b + i)); ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_aos_b + i)); diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index 2980a1a9..d9823ea1 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -278,13 +278,13 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b, framed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { printf("Checking %02x against %02X\n", (uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); @@ -430,13 +430,13 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b, framed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); @@ -569,13 +569,13 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b, framed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); @@ -723,13 +723,13 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_MAC) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b, framed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); @@ -886,7 +886,7 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b, framed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -896,7 +896,7 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { printf("Index %d: Checking %02x against %02X\n", i, (uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); @@ -1061,7 +1061,7 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); @@ -1074,7 +1074,7 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Index %d: Checking %02x against %02X\n", i, (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); @@ -1231,7 +1231,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b, framed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1241,7 +1241,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Index %d: Checking %02x against %02X\n", i, (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); @@ -1399,7 +1399,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b, framed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1409,7 +1409,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Index %d: Checking %02x against %02X\n", i, (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); @@ -1569,7 +1569,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); @@ -1582,7 +1582,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { if (framed_tm_b[i] != truth_tm_b[i]) { @@ -1746,7 +1746,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); status = Crypto_TM_ApplySecurity((uint8_t *)framed_tm_b, framed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); @@ -1756,7 +1756,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Index %d: Checking %02x against %02X\n", i, (uint8_t)framed_tm_b[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ((uint8_t)framed_tm_b[i], (uint8_t) * (truth_tm_b + i)); diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 29876ff0..2e0aaf33 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -308,9 +308,9 @@ UTEST(TM_PROCESS_SECURITY, HAPPY_PATH_CLEAR_FECF) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", (uint8_t)ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ((uint8_t)ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); @@ -462,9 +462,9 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_PLAINTEXT) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", tm_frame[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); @@ -630,7 +630,7 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) status = Crypto_TM_ProcessSecurity((uint8_t *)framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); @@ -789,7 +789,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); @@ -805,7 +805,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); @@ -967,7 +967,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); @@ -983,7 +983,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // 2) SPI is zeroed // 3) MAC is zeroed // 4) FECF is zeroed - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); @@ -1143,7 +1143,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); @@ -1159,7 +1159,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); @@ -1319,7 +1319,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); @@ -1335,7 +1335,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); @@ -1498,7 +1498,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); @@ -1514,7 +1514,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); @@ -1677,7 +1677,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Determine managed parameters by GVCID, which nominally happens in TO status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + gvcid_managed_parameters_array, &tm_current_managed_parameters_struct); // Determine security association by GVCID, which nominally happens in TO // status = sa_if->sa_get_operational_sa_from_gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, // tm_frame_pri_hdr.vcid, map_id, &sa_ptr); @@ -1693,7 +1693,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // 2) SPI is set correctly // 3) MAC is calculated and placed correctly // 4) FECF is re-calculated and updated - for (int i = 0; i < current_managed_parameters_struct.max_frame_size; i++) + for (int i = 0; i < tm_current_managed_parameters_struct.max_frame_size; i++) { // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t) * (truth_tm_b + i)); @@ -1982,7 +1982,8 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) // Determine managed parameters by GVCID, which nominally happens in TO // status = // Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - // gvcid_managed_parameters_array, ¤t_managed_parameters_struct); + // gvcid_managed_parameters_array, + // &tm_current_managed_parameters_struct); // Expose/setup SAs for testing SecurityAssociation_t ta;