Merge pull request #161 from nasa/157-kmc-support-of-null-iv

157 kmc support of null iv

.github/workflows/mariadb.yml

@@ -1,41 +1,42 @@
-name: MDB Build
-
-on: 
-  push:
-    branches: [ main,dev ]
-  pull_request:
-
-jobs:
-  mariadb_build:
-    # The CMake configure and build commands are platform agnostic and should work equally well on Windows or Mac.
-    # You can convert this to a matrix build if you need cross-platform coverage.
-    # See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
-    runs-on: ubuntu-latest
-    container: rbrown00/cryptolib:latest
-    steps:
-      - uses: actions/checkout@v2
-      - name: Configure CMake
-        # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make.
-        # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type
-        run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DMYSQL=1 -DLIBGCRYPT=1 -DKMCCRYPTO=0
-
-      - name: Build
-        # Build your program with the given configuration
-        run: cmake --build ${{github.workspace}}/build 
-
-      - name: Initailize SADB
-        working-directory: ${{github.workspace}}/build
-        #Maybe create a variable for this SQL location
-        run: |
-          cd /__w/CryptoLib/CryptoLib/src/crypto_sadb/sadb_mariadb_sql
-          echo "----------------"
-          /etc/init.d/mysql start
-          mysql --host=localhost -uroot -pitc123! < delete_sadb.sql
-          mysql --host=localhost -uroot -pitc123! < create_sadb.sql
-          cd /__w/CryptoLib/CryptoLib/src/crypto_sadb/test_sadb_mariadb_sql
-          mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_user_grant_permissions.sql
-          mysql --host=localhost -uroot -pitc123! < create_sadb_jpl_unit_test_security_associations.sql
-          cd /__w/CryptoLib/CryptoLib/build/bin
-          ./ut_mariadb
-          
-    # mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_security_associations.sql
+# Disabling this test for now, as there is no local containerization.
+#name: MDB Build
+#
+#on: 
+#  push:
+#    branches: [ main,dev ]
+#  pull_request:
+#
+#jobs:
+#  mariadb_build:
+#    # The CMake configure and build commands are platform agnostic and should work equally well on Windows or Mac.
+#    # You can convert this to a matrix build if you need cross-platform coverage.
+#    # See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix
+#    runs-on: ubuntu-latest
+#    container: rbrown00/cryptolib:latest
+#    steps:
+#      - uses: actions/checkout@v2
+#      - name: Configure CMake
+#        # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make.
+#        # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type
+#        run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DMYSQL=1 -DLIBGCRYPT=1 -DKMCCRYPTO=0
+#
+#      - name: Build
+#        # Build your program with the given configuration
+#        run: cmake --build ${{github.workspace}}/build 
+#   
+#      - name: Initailize SADB
+#        working-directory: ${{github.workspace}}/build
+#        #Maybe create a variable for this SQL location
+#        run: |
+#          cd /__w/CryptoLib/CryptoLib/src/crypto_sadb/sadb_mariadb_sql
+#          echo "----------------"
+#          /etc/init.d/mysql start
+#          mysql --host=localhost -uroot -pitc123! < delete_sadb.sql
+#          mysql --host=localhost -uroot -pitc123! < create_sadb.sql
+#          cd /__w/CryptoLib/CryptoLib/src/crypto_sadb/test_sadb_mariadb_sql
+#          mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_user_grant_permissions.sql
+#          mysql --host=localhost -uroot -pitc123! < create_sadb_jpl_unit_test_security_associations.sql
+#          cd /__w/CryptoLib/CryptoLib/build/bin
+#          ./ut_mariadb
+#          
+#    # mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_security_associations.sql

CMakeLists.txt

@@ -28,12 +28,12 @@ OPTION(KMCCRYPTO "KmcCrypto" OFF) # Disabled by default, enable with: -DKMCCRYPT
 OPTION(ENCTEST "Encryption-Tests" OFF) # Disabled by default, enable with: -DENCTEST=ON
 OPTION(CODECOV "Code-Coverage" OFF) # Disabled by default, enable with: -DCODECOV=ON
 OPTION(SYSTEM_INSTALL "SystemInstall" OFF) #Disabled by default, enable with: -DSYSTEM_INSTALL=ON
+OPTION(KMC_MDB_RH "KMC-MDB-RedHat-Integration-Testing" OFF) #Disabled by default, enable with: -DKMC_MDB_RH=ON
+OPTION(KMC_MDB_DB "KMC-MDB-Debian-Integration-Testing" OFF) #Disabled by default, enable with: -DKMC_MDB_DB=ON
 
-IF(NOT DEFINED CFE_SYSTEM_PSPNAME)
-    # Not cFE / cFS
-    set(CMAKE_INSTALL_RPATH "$ORIGIN/../lib")
-    set(CMAKE_INSTALL_PREFIX ${PROJECT_SOURCE_DIR}/install)
-ENDIF()
+
+set(CMAKE_INSTALL_RPATH "$ORIGIN/../lib")
+set(CMAKE_INSTALL_PREFIX ${PROJECT_SOURCE_DIR}/install)
 
 IF(CRYPTO_SUBMODULE_INSTALL) #If building CryptoLib as a submodule of another build system (EG, JPL KMC, Nasa NOS3, etc...)
     set(CMAKE_INSTALL_PREFIX ${CRYPTO_SUBMODULE_INSTALL})
@@ -53,12 +53,20 @@ IF(ENCTEST)
     ADD_DEFINITIONS(-DENCTEST)
 ENDIF(ENCTEST)
 
+IF(KMC_MDB_RH)
+    ADD_DEFINITIONS(-DKMC_MDB_RH)
+ENDIF(KMC_MDB_RH)
+
+IF(KMC_MDB_DB)
+    ADD_DEFINITIONS(-DKMC_MDB_DB)
+ENDIF(KMC_MDB_DB)
+
 if(CMAKE_PROJECT_NAME STREQUAL PROJECT_NAME)
     include(CTest)
     enable_testing()
 endif()
 
-set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Werror -g -O0")
+set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -pthread -Wall -Wextra -Werror -g -O0")
 
 if(CODECOV)
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fprofile-arcs -ftest-coverage")
@@ -69,10 +77,12 @@ include_directories(include)
 # The shared OSAL and cFE include directories should always be used
 # Note that this intentionally does NOT include PSP-specific includes, just the generic
 # Only include cFS/NOS3 directories if env var is defined
-IF(DEFINED CFE_SYSTEM_PSPNAME)
+if(DEFINED ENV{CFECORE_SOURCE_DIR}) #if ${CFECORE_SOURCE_DIR} is set, expect cFS build infrastructure to be in place.
     include_directories(${CFECORE_SOURCE_DIR}/src/inc)
     include_directories(${CFEPSP_SOURCE_DIR}/fsw/inc)
     ADD_DEFINITIONS(-DNOS3)
+else()
+    #pass
 endif()
 
 if(NOT DEFINED ${PROJECT_BINARY_DIR})
@@ -85,6 +95,4 @@ if((CMAKE_PROJECT_NAME STREQUAL PROJECT_NAME OR MYPROJECT_BUILD_TESTING) AND BUI
     add_subdirectory(test)
 endif()
 
-IF(NOT DEFINED CFE_SYSTEM_PSPNAME)
-    add_subdirectory(util)
-ENDIF()
+add_subdirectory(util)

include/crypto_config_structs.h

@@ -136,7 +136,9 @@ typedef enum
 {
     CRYPTO_CIPHER_NONE,
     CRYPTO_CIPHER_AES256_GCM,
-    CRYPTO_CIPHER_AES256_CBC
+    CRYPTO_CIPHER_AES256_CBC,
+    CRYPTO_CIPHER_AES256_CBC_MAC,
+    CRYPTO_CIPHER_AES256_CCM
 } EncCipherSuite;
 
 /*

src/crypto_sadb/sadb_mariadb_sql/create_sadb.sql

@@ -17,14 +17,14 @@ CREATE TABLE IF NOT EXISTS security_associations
   ,lpid SMALLINT
   ,est SMALLINT NOT NULL DEFAULT 0
   ,ast SMALLINT NOT NULL DEFAULT 0
-  ,shivf_len SMALLINT NOT NULL DEFAULT 12
+  ,shivf_len SMALLINT NOT NULL DEFAULT 0
   ,shsnf_len SMALLINT NOT NULL DEFAULT 0
   ,shplf_len SMALLINT NOT NULL DEFAULT 0
   ,stmacf_len SMALLINT NOT NULL DEFAULT 0
   ,ecs_len SMALLINT NOT NULL DEFAULT 1
   ,ecs VARBINARY(4) NOT NULL DEFAULT X'01' -- ECS_SIZE=4
-  ,iv_len SMALLINT NOT NULL DEFAULT 12
-  ,iv VARBINARY(20) NOT NULL DEFAULT X'000000000000000000000000' -- IV_SIZE=12
+  ,iv_len SMALLINT NOT NULL DEFAULT 0
+  ,iv VARBINARY(20) DEFAULT NULL -- IV_SIZE=12
   ,acs_len SMALLINT NOT NULL DEFAULT 0
   ,acs VARBINARY(4) NOT NULL DEFAULT X'00'
   ,abm_len MEDIUMINT
@@ -34,4 +34,4 @@ CREATE TABLE IF NOT EXISTS security_associations
   ,arsnw SMALLINT NOT NULL DEFAULT 0 -- ARSNW_SIZE=1
 );
 
-create unique index if not exists main_spi on security_associations (spi,scid);
+create unique index if not exists main_spi on security_associations (spi,scid,vcid,tfvn,mapid);