From a6eb0ce93ccdf71908567b0ce2d5c78a44c9109d Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 3 Jun 2024 17:42:12 +0000 Subject: [PATCH] [nasa/cryptolib#246] Fix GCC 13.x Compilation Issues with Null SA/IV --- src/core/crypto_aos.c | 2 +- src/core/crypto_mc.c | 4 ---- src/core/crypto_tc.c | 2 +- src/core/crypto_tm.c | 2 +- .../internal/sa_interface_inmemory.template.c | 24 ++++++++----------- 5 files changed, 13 insertions(+), 21 deletions(-) diff --git a/src/core/crypto_aos.c b/src/core/crypto_aos.c index 04d7551d..91360cb3 100644 --- a/src/core/crypto_aos.c +++ b/src/core/crypto_aos.c @@ -211,7 +211,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t* pTfBuffer) // Set initialization vector if specified #ifdef SA_DEBUG - if (sa_ptr->shivf_len > 0 && sa_ptr->iv != NULL) + if (sa_ptr->shivf_len > 0) { printf(KYEL "Using IV value:\n\t"); for (i = 0; i < sa_ptr->iv_len; i++) diff --git a/src/core/crypto_mc.c b/src/core/crypto_mc.c index 89061664..d12e358d 100644 --- a/src/core/crypto_mc.c +++ b/src/core/crypto_mc.c @@ -209,10 +209,6 @@ int32_t Crypto_SA_readARSN(uint8_t* ingest) { // Set IV - authenticated encryption for (x = 0; x < sa_ptr->shivf_len - 1; x++) { - if(sa_ptr->iv == NULL) - { - return CRYPTO_LIB_ERROR; - } ingest[count++] = *(sa_ptr->iv + x); } diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 804339e4..64328258 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -843,7 +843,7 @@ int32_t Crypto_TC_Set_IV(SecurityAssociation_t* sa_ptr, uint8_t* p_new_enc_frame { uint32_t status = CRYPTO_LIB_SUCCESS; #ifdef SA_DEBUG - if (sa_ptr->shivf_len > 0 && sa_ptr->iv != NULL) + if (sa_ptr->shivf_len > 0) { int i = 0; printf(KYEL "Using IV value:\n\t"); diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index e7598ed1..7af11edb 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -132,7 +132,7 @@ int32_t Crypto_TM_IV_Sanity_Check(uint8_t* sa_service_type, SecurityAssociation_ { int32_t status = CRYPTO_LIB_SUCCESS; #ifdef SA_DEBUG - if (sa_ptr->shivf_len > 0 && sa_ptr->iv != NULL) + if (sa_ptr->shivf_len > 0) { printf(KYEL "Using IV value:\n\t"); for (int i = 0; i < sa_ptr->iv_len; i++) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index b330bfcd..a7bda4c1 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -654,10 +654,10 @@ static int32_t sa_get_from_spi(uint16_t spi, SecurityAssociation_t** security_as { int32_t status = CRYPTO_LIB_SUCCESS; *security_association = &sa[spi]; - if ((sa[spi].iv == NULL) && (sa[spi].shivf_len > 0) && crypto_config.cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) - { - return CRYPTO_LIB_ERR_NULL_IV; - } // Must have IV if doing encryption or authentication + // if (sa[spi].shivf_len > 0 && crypto_config.cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) + // { + // return CRYPTO_LIB_ERR_NULL_IV; + // } // Must have IV if doing encryption or authentication if ((sa[spi].abm_len == 0) && sa[spi].ast) { @@ -688,13 +688,13 @@ int32_t sa_get_operational_sa_from_gvcid_find_iv(uint8_t tfvn, uint16_t scid, ui *security_association = &sa[i]; // Must have IV if using libgcrypt and auth/enc - if (sa[i].iv == NULL && (sa[i].ast == 1 || sa[i].est == 1) && crypto_config.cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) - { - status = CRYPTO_LIB_ERR_NULL_IV; - return status; - } + // if (sa[i].iv == NULL && (sa[i].ast == 1 || sa[i].est == 1) && crypto_config.cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) + // { + // //status = CRYPTO_LIB_ERR_NULL_IV; + // //return status; + // } // Must have ABM if doing authentication - if (sa[i].abm == NULL && sa[i].ast) + if (sa[i].ast && sa[i].abm_len <= 0) { status = CRYPTO_LIB_ERR_NULL_ABM; return status; @@ -875,10 +875,6 @@ static int32_t sa_get_operational_sa_from_gvcid(uint8_t tfvn, uint16_t scid, uin SecurityAssociation_t** security_association) { int32_t status = CRYPTO_LIB_ERR_NO_OPERATIONAL_SA; - if (sa == NULL) - { - return CRYPTO_LIB_ERR_NO_INIT; - } status = sa_get_operational_sa_from_gvcid_find_iv(tfvn, scid, vcid, mapid, security_association);