Skip to content

Commit

Permalink
Update KMC Crypto Service and SADB MariaDB Config Function Signatures
Browse files Browse the repository at this point in the history
  • Loading branch information
@iysaleh
iysaleh committed Feb 2, 2022
1 parent 20bee50 commit 68705f2
Show file tree
Hide file tree
Showing 8 changed files with 98 additions and 45 deletions.
17 changes: 10 additions & 7 deletions include/crypto.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -55,13 +55,16 @@
extern int32_t Crypto_Config_CryptoLib(uint8_t sadb_type, uint8_t cryptography_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus,
uint8_t has_pus_hdr, uint8_t ignore_sa_state, uint8_t ignore_anti_replay,
uint8_t unique_sa_per_mapid, uint8_t crypto_check_fecf, uint8_t vcid_bitmask);
extern int32_t Crypto_Config_MariaDB(char* mysql_username, char* mysql_password, char* mysql_hostname,
char* mysql_database, uint16_t mysql_port, char* mysql_mtls_cert,
char* mysql_mtls_key, char* mysql_mtls_ca, char* mysql_mtls_capath,
uint8_t mysql_tls_verify_server, char* mysql_mtls_client_key_password, uint8_t mysql_require_secure_transport);
extern int32_t Crypto_Config_Kmc_Crypto_Service(char *protocol, char *kmc_crypto_hostname, uint16_t kmc_crypto_port, char *kmc_crypto_app_uri, char *mtls_client_cert_path, char *mtls_client_cert_type,
char *mtls_client_key_path,char *mtls_client_key_pass, char *mtls_ca_bundle, char *mtls_ca_path,
char *mtls_issuer_cert, uint8_t ignore_ssl_hostname_validation);
extern int32_t Crypto_Config_MariaDB(char *mysql_hostname, char *mysql_database, uint16_t mysql_port,
uint8_t mysql_require_secure_transport, uint8_t mysql_tls_verify_server,
char *mysql_tls_ca, char *mysql_tls_capath, char *mysql_mtls_cert,
char *mysql_mtls_key,
char *mysql_mtls_client_key_password, char *mysql_username, char *mysql_password);
extern int32_t Crypto_Config_Kmc_Crypto_Service(char *protocol, char *kmc_crypto_hostname, uint16_t kmc_crypto_port,
char *kmc_crypto_app, char *kmc_tls_ca_bundle, char *kmc_tls_ca_path,
uint8_t kmc_ignore_ssl_hostname_validation, char *mtls_client_cert_path,
char *mtls_client_cert_type, char *mtls_client_key_path,
char *mtls_client_key_pass, char *mtls_issuer_cert);
extern int32_t Crypto_Config_Add_Gvcid_Managed_Parameter(uint8_t tfvn, uint16_t scid, uint8_t vcid, uint8_t has_fecf,
uint8_t has_segmentation_hdr);

Expand Down
30 changes: 16 additions & 14 deletions src/src_main/crypto_config.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -265,10 +265,10 @@ int32_t Crypto_Config_CryptoLib(uint8_t sadb_type, uint8_t cryptography_type, ui
* @return int32: Success/Failure
**/
/*set parameters for an encrypted TLS connection*/
int32_t Crypto_Config_MariaDB(char* mysql_username, char* mysql_password, char* mysql_hostname, char* mysql_database,
uint16_t mysql_port, char* mysql_mtls_cert, char* mysql_mtls_key,
char* mysql_mtls_ca, char* mysql_mtls_capath, uint8_t mysql_tls_verify_server,
char* mysql_mtls_client_key_password, uint8_t mysql_require_secure_transport)
int32_t Crypto_Config_MariaDB(char *mysql_hostname, char *mysql_database, uint16_t mysql_port,
uint8_t mysql_require_secure_transport, uint8_t mysql_tls_verify_server,
char *mysql_tls_ca, char *mysql_tls_capath, char *mysql_mtls_cert, char *mysql_mtls_key,
char *mysql_mtls_client_key_password, char *mysql_username, char *mysql_password)
{
int32_t status = CRYPTO_LIB_ERROR;
sadb_mariadb_config = (SadbMariaDBConfig_t*)calloc(1, SADB_MARIADB_CONFIG_SIZE);
Expand All @@ -282,8 +282,8 @@ int32_t Crypto_Config_MariaDB(char* mysql_username, char* mysql_password, char*
/*start - encrypted connection related parameters*/
sadb_mariadb_config->mysql_mtls_cert = mysql_mtls_cert;
sadb_mariadb_config->mysql_mtls_key = mysql_mtls_key;
sadb_mariadb_config->mysql_mtls_ca = mysql_mtls_ca;
sadb_mariadb_config->mysql_mtls_capath = mysql_mtls_capath;
sadb_mariadb_config->mysql_mtls_ca = mysql_tls_ca;
sadb_mariadb_config->mysql_mtls_capath = mysql_tls_capath;
sadb_mariadb_config->mysql_tls_verify_server = mysql_tls_verify_server;
sadb_mariadb_config->mysql_mtls_client_key_password = mysql_mtls_client_key_password;
sadb_mariadb_config->mysql_require_secure_transport = mysql_require_secure_transport;
Expand All @@ -293,17 +293,19 @@ int32_t Crypto_Config_MariaDB(char* mysql_username, char* mysql_password, char*
return status;
}

extern int32_t Crypto_Config_Kmc_Crypto_Service(char* protocol, char *kmc_crypto_hostname, uint16_t kmc_crypto_port, char *kmc_crypto_app_uri, char *mtls_client_cert_path, char *mtls_client_cert_type,
char *mtls_client_key_path,char *mtls_client_key_pass,char *mtls_ca_bundle, char *mtls_ca_path, char *mtls_issuer_cert,
uint8_t ignore_ssl_hostname_validation)
extern int32_t Crypto_Config_Kmc_Crypto_Service(char *protocol, char *kmc_crypto_hostname, uint16_t kmc_crypto_port,
char *kmc_crypto_app, char *kmc_tls_ca_bundle, char *kmc_tls_ca_path,
uint8_t kmc_ignore_ssl_hostname_validation, char *mtls_client_cert_path,
char *mtls_client_cert_type, char *mtls_client_key_path,
char *mtls_client_key_pass, char *mtls_issuer_cert)
{
int32_t status = CRYPTO_LIB_SUCCESS;
cryptography_kmc_crypto_config = (CryptographyKmcCryptoServiceConfig_t *)calloc(1, CRYPTOGRAPHY_KMC_CRYPTO_SERVICE_CONFIG_SIZE);
cryptography_kmc_crypto_config->protocol = protocol;
cryptography_kmc_crypto_config->kmc_crypto_hostname = kmc_crypto_hostname;
cryptography_kmc_crypto_config->kmc_crypto_port = kmc_crypto_port;
if(kmc_crypto_app_uri != NULL){
cryptography_kmc_crypto_config->kmc_crypto_app_uri = kmc_crypto_app_uri;
if(kmc_crypto_app != NULL){
cryptography_kmc_crypto_config->kmc_crypto_app_uri = kmc_crypto_app;
} else{
cryptography_kmc_crypto_config->kmc_crypto_app_uri = "crypto-service";
}
Expand All @@ -312,10 +314,10 @@ extern int32_t Crypto_Config_Kmc_Crypto_Service(char* protocol, char *kmc_crypto
cryptography_kmc_crypto_config->mtls_client_cert_type = mtls_client_cert_type;
cryptography_kmc_crypto_config->mtls_client_key_path = mtls_client_key_path;
cryptography_kmc_crypto_config->mtls_client_key_pass = mtls_client_key_pass;
cryptography_kmc_crypto_config->mtls_ca_bundle = mtls_ca_bundle;
cryptography_kmc_crypto_config->mtls_ca_path = mtls_ca_path;
cryptography_kmc_crypto_config->mtls_ca_bundle = kmc_tls_ca_bundle;
cryptography_kmc_crypto_config->mtls_ca_path = kmc_tls_ca_path;
cryptography_kmc_crypto_config->mtls_issuer_cert = mtls_issuer_cert;
cryptography_kmc_crypto_config->ignore_ssl_hostname_validation = ignore_ssl_hostname_validation;
cryptography_kmc_crypto_config->ignore_ssl_hostname_validation = kmc_ignore_ssl_hostname_validation;
return status;
}

Expand Down
9 changes: 6 additions & 3 deletions util/src_util/ut_crypto_config.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -160,7 +160,8 @@ UTEST(CRYPTO_CONFIG, CRYPTO_CONFIG_MDB)
char* ssl_capath = "NONE";
uint8_t verify_server = 0;
char* client_key_password = NULL;
status = Crypto_Config_MariaDB(mysql_username, mysql_password, mysql_hostname, mysql_database, mysql_port, ssl_cert, ssl_key, ssl_ca, ssl_capath, verify_server,client_key_password,CRYPTO_FALSE);
status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca,
ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password);
ASSERT_EQ(CRYPTO_LIB_SUCCESS, status);
}

Expand All @@ -184,8 +185,10 @@ UTEST(CRYPTO_CONFIG, CRYPTO_CONFIG_KMC)
char *mtls_issuer_cert = "/dev/null";
uint8_t ignore_ssl_hostname_validation = CRYPTO_TRUE;

status = Crypto_Config_Kmc_Crypto_Service(protocol,hostname,port,kmc_crypto_app_uri, mtls_client_cert_path,mtls_client_cert_type,mtls_client_key_path,
mtls_client_key_pass, mtls_ca_bundle,mtls_ca_path, mtls_issuer_cert, ignore_ssl_hostname_validation);
status = Crypto_Config_Kmc_Crypto_Service(protocol, hostname, port, kmc_crypto_app_uri, mtls_ca_bundle,
mtls_ca_path, ignore_ssl_hostname_validation, mtls_client_cert_path,
mtls_client_cert_type, mtls_client_key_path,
mtls_client_key_pass, mtls_issuer_cert);
ASSERT_EQ(CRYPTO_LIB_SUCCESS, status);
}

Expand Down
40 changes: 32 additions & 8 deletions util/src_util/ut_kmc_crypto.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -37,8 +37,14 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH)
Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR,
TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE,
TC_CHECK_FECF_TRUE, 0x3F);
Crypto_Config_MariaDB("sadb_user", "sadb_password", "localhost","sadb", 3306, NULL, NULL, NULL, NULL,0,NULL,CRYPTO_FALSE);
Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", "PEM","/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",NULL,"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, NULL, CRYPTO_FALSE);
Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user",
"sadb_password");
Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service",
"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL,
CRYPTO_FALSE,
"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem",
"PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",
NULL, NULL);
Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS);
Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS);
Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS);
Expand Down Expand Up @@ -138,8 +144,14 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_AUTH_ONLY)
Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR,
TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE,
TC_CHECK_FECF_TRUE, 0x3F);
Crypto_Config_MariaDB("sadb_user", "sadb_password", "localhost","sadb", 3306, NULL, NULL, NULL, NULL,0,NULL,CRYPTO_FALSE);
Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", "PEM","/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",NULL,"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, NULL, CRYPTO_FALSE);
Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user",
"sadb_password");
Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service",
"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL,
CRYPTO_FALSE,
"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem",
"PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",
NULL, NULL);
Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS);
Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS);
Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS);
Expand Down Expand Up @@ -189,8 +201,14 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH)
Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR,
TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE,
TC_CHECK_FECF_TRUE, 0x3F);
Crypto_Config_MariaDB("sadb_user", "sadb_password", "localhost","sadb", 3306, NULL, NULL, NULL, NULL,0,NULL,CRYPTO_FALSE);
Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", "PEM","/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",NULL,"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, NULL, CRYPTO_FALSE);
Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user",
"sadb_password");
Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service",
"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL,
CRYPTO_FALSE,
"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem",
"PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",
NULL, NULL);
Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS);
Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS);
Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS);
Expand Down Expand Up @@ -309,8 +327,14 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY)
Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR,
TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE,
TC_CHECK_FECF_TRUE, 0x3F);
Crypto_Config_MariaDB("sadb_user", "sadb_password", "localhost","sadb", 3306, NULL, NULL, NULL, NULL,0,NULL,CRYPTO_FALSE);
Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", "PEM","/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",NULL,"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, NULL, CRYPTO_FALSE);
Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user",
"sadb_password");
Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service",
"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL,
CRYPTO_FALSE,
"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem",
"PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",
NULL, NULL);
Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS);
Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS);
Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS);
Expand Down
Loading

0 comments on commit 68705f2

Please sign in to comment.