Merge pull request #30 from nasa/IntermediaryDeliveryFixes

Minor mariadb SADB and crypto config changes
nasa · Dec 13, 2021 · 23e091d · 23e091d
2 parents 2e2349e + 24c2234
commit 23e091d
Show file tree

Hide file tree

Showing 7 changed files with 174 additions and 131 deletions.
diff --git a/fsw/crypto_sadb/sadb_mariadb_admin_scripts/create_sadb.sql b/fsw/crypto_sadb/sadb_mariadb_admin_scripts/create_sadb.sql
@@ -10,17 +10,17 @@ CREATE TABLE security_associations
   ,ekid MEDIUMINT NOT NULL DEFAULT spi
   ,akid MEDIUMINT NOT NULL DEFAULT spi
   ,sa_state SMALLINT NOT NULL DEFAULT 0
-  ,tfvn TINYINT
-  ,scid SMALLINT
-  ,vcid TINYINT
-  ,mapid TINYINT
+  ,tfvn TINYINT NOT NULL
+  ,scid SMALLINT NOT NULL
+  ,vcid TINYINT NOT NULL
+  ,mapid TINYINT NOT NULL DEFAULT 0
   ,lpid SMALLINT
-  ,est SMALLINT
-  ,ast SMALLINT
-  ,shivf_len SMALLINT
-  ,shsnf_len SMALLINT
-  ,shplf_len SMALLINT
-  ,stmacf_len SMALLINT
+  ,est SMALLINT NOT NULL DEFAULT 0
+  ,ast SMALLINT NOT NULL DEFAULT 0
+  ,shivf_len SMALLINT NOT NULL DEFAULT 0
+  ,shsnf_len SMALLINT NOT NULL DEFAULT 0
+  ,shplf_len SMALLINT NOT NULL DEFAULT 0
+  ,stmacf_len SMALLINT NOT NULL DEFAULT 0
   ,ecs_len SMALLINT
   ,ecs BINARY(4) NOT NULL DEFAULT X'00000000' -- ECS_SIZE=4
   ,iv_len SMALLINT NOT NULL DEFAULT 12

diff --git a/...rypto_sadb/sadb_mariadb_admin_scripts/create_sadb_jpl_unit_test_security_associations.sql b/...rypto_sadb/sadb_mariadb_admin_scripts/create_sadb_jpl_unit_test_security_associations.sql
@@ -0,0 +1,22 @@
+USE sadb;
+
+-- SA 1 - CLEAR MODE
+INSERT INTO security_associations (spi,sa_state,est,ast,arc_len,arc,arcw_len,arcw,tfvn,scid,vcid,mapid)
+VALUES (1,0,0,0,1,X'0000000000000000000000000000000000000000',1,X'05',0,3,0,0);
+
+-- SA 2 - OPERATIONAL;  ARCW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 44, VC-0
+INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len,tfvn,scid,vcid,mapid)
+-- VALUES (2,130,3,1,1,12,12,X'000000000000000000000001',20,X'0000000000000000000000000000000000000000',1,X'05',11,0,44,0,0);
+VALUES (2,130,3,1,0,12,12,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',1,X'05',0,0,44,0,0);
+
+-- SA 3 - OPERATIONAL;  ARCW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 44, VC-1
+INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len,tfvn,scid,vcid,mapid)
+VALUES (3,130,3,1,0,12,12,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',1,X'05',0,0,44,1,0);
+
+-- SA 4 - OPERATIONAL;  ARCW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 44, VC-2
+INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len,tfvn,scid,vcid,mapid)
+VALUES (4,130,3,1,0,12,12,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',1,X'05',0,0,44,2,0);
+
+-- SA 5 - OPERATIONAL;  ARCW:5; AES-GCM; IV:00...01; IV-len:12; MAC-len:16; Key-ID: 130, SCID 44, VC-3
+INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len,tfvn,scid,vcid,mapid)
+VALUES (4,130,3,1,0,12,12,X'000000000000000000000001',19,X'00000000000000000000000000000000000000',1,X'05',0,0,44,3,0);
diff --git a/fsw/crypto_sadb/sadb_mariadb_admin_scripts/create_sadb_unit_test_security_associations.sql b/fsw/crypto_sadb/sadb_mariadb_admin_scripts/create_sadb_unit_test_security_associations.sql
@@ -2,32 +2,32 @@ USE sadb;
 
 -- SA 1 - CLEAR MODE
 INSERT INTO security_associations (spi,sa_state,est,ast,arc_len,arc,arcw_len,arcw,tfvn,scid,vcid,mapid)
-VALUES (1,3,0,0,1,X'0000000000000000000000000000000000000000',1,X'0101',0,3,0,0);
+VALUES (1,3,0,0,1,X'0000000000000000000000000000000000000000',1,X'05',0,3,0,0);
 
 -- SA 2 - KEYED;  ARCW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 128
 INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len)
-VALUES (2,128,2,1,1,12,12,X'000000000000000000000000',20,X'0000000000000000000000000000000000000000',1,5,11);
+VALUES (2,128,2,1,1,12,12,X'000000000000000000000000',20,X'0000000000000000000000000000000000000000',1,X'05',11);
 
 -- SA 3 - KEYED;   ARCW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 129
 INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,stmacf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len)
-VALUES (3,129,2,1,1,12,16,12,X'000000000000000000000000',20,X'0000000000000000000000000000000000000000',1,5,11);
+VALUES (3,129,2,1,1,12,16,12,X'000000000000000000000000',20,X'0000000000000000000000000000000000000000',1,X'05',11);
 
 -- SA 4 - KEYED;  ARCW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 130
 INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len,tfvn,scid,vcid,mapid)
-VALUES (4,130,2,1,1,12,12,X'000000000000000000000001',20,X'0000000000000000000000000000000000000000',1,5,11,0,3,0,0);
+VALUES (4,130,2,1,1,12,12,X'000000000000000000000001',20,X'0000000000000000000000000000000000000000',1,X'05',11,0,3,0,0);
 
 -- SA 5 - KEYED;   ARCW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 131
 INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len)
-VALUES (5,131,2,1,1,12,12,X'000000000000000000000000',20,X'0000000000000000000000000000000000000000',1,5,11);
+VALUES (5,131,2,1,1,12,12,X'000000000000000000000000',20,X'0000000000000000000000000000000000000000',1,X'05',11);
 
 -- SA 6 - UNKEYED; ARCW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: -
 INSERT INTO security_associations (spi,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len)
-VALUES (6,1,1,1,12,12,X'000000000000000000000000',20,X'0000000000000000000000000000000000000000',1,5,11);
+VALUES (6,1,1,1,12,12,X'000000000000000000000000',20,X'0000000000000000000000000000000000000000',1,X'05',11);
 
 -- SA 7 - KEYED;  ARCW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 130
 INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len,tfvn,scid,vcid,mapid)
-VALUES (7,130,2,1,1,12,12,X'000000000000000000000000',20,X'0000000000000000000000000000000000000000',1,5,11,0,3,1,0);
+VALUES (7,130,2,1,1,12,12,X'000000000000000000000000',20,X'0000000000000000000000000000000000000000',1,X'05',11,0,3,1,0);
 
 -- SA 8 - CLEAR MODE
 INSERT INTO security_associations (spi,sa_state,est,ast,arc_len,arc,arcw_len,arcw,tfvn,scid,vcid,mapid)
-VALUES (8,3,0,0,1,X'0000000000000000000000000000000000000000',1,5,0,3,1,0);
+VALUES (8,3,0,0,1,X'0000000000000000000000000000000000000000',1,X'05',0,3,1,0);
diff --git a/fsw/public_inc/crypto_config.h b/fsw/public_inc/crypto_config.h
@@ -101,6 +101,7 @@
 
 // Generic Defines
     #define NUM_SA						64
+    #define SPI_LEN                     2 /* bytes */
     #define KEY_SIZE					32
     #define KEY_ID_SIZE					8
     #define NUM_KEYS					256

diff --git a/fsw/public_inc/crypto_config_structs.h b/fsw/public_inc/crypto_config_structs.h
@@ -47,7 +47,7 @@ typedef struct
     TcProcessSdlsPdus process_sdls_pdus; //Config to process SDLS extended procedure PDUs in CryptoLib
     TcPusHdrPresent has_pus_hdr;
     TcIgnoreSaState ignore_sa_state; //TODO - add logic that uses this configuration
-    TcIgnoreAntiReplay ignore_anti_replay; //TODO - add logic that uses this configuration
+    TcIgnoreAntiReplay ignore_anti_replay;
     TcUniqueSaPerMapId unique_sa_per_mapid;
     uint8 vcid_bitmask;
 } CryptoConfig_t;