diff --git a/include/crypto.h b/include/crypto.h index 720658a5..bac0c45d 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -97,7 +97,7 @@ extern int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint extern int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc_sdls_processed_frame, char* cam_cookies); // Telemetry (TM) extern int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr); -extern int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t *p_decrypted_length); +extern int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t *p_decrypted_length); // Advanced Orbiting Systems (AOS) extern int32_t Crypto_AOS_ApplySecurity(uint8_t* ingest, int *len_ingest); extern int32_t Crypto_AOS_ProcessSecurity(uint8_t* ingest, int *len_ingest); diff --git a/src/core/crypto.c b/src/core/crypto.c index b9c1ac23..92697831 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -72,10 +72,17 @@ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) // TODO - Add cipher suite mapping to which algorithms are AEAD and which are not. if((cipher_suite_id == CRYPTO_CIPHER_AES256_GCM) || (cipher_suite_id == CRYPTO_CIPHER_AES256_CBC_MAC)) { + #ifdef CRYPTO_DEBUG + printf(KYEL "CRYPTO IS AEAD? : TRUE\n" RESET); + #endif return CRYPTO_TRUE; + } else { + #ifdef CRYPTO_DEBUG + printf(KYEL "CRYPTO IS AEAD? : FALSE\n" RESET); + #endif return CRYPTO_FALSE; } } diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 45518199..b016fa97 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -49,6 +49,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) uint8_t aad[1786]; uint16_t aad_len = 0; int i = 0; + uint16_t data_loc; uint16_t idx = 0; uint8_t sa_service_type = -1; uint16_t pdu_len = -1; @@ -67,9 +68,9 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) printf(KRED "Error: Input SA NULL! \n" RESET); return status; // Just return here, nothing can be done. } - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, - tm_frame_pri_hdr.scid, - tm_frame_pri_hdr.vcid, + status = Crypto_Get_Managed_Parameters_For_Gvcid(((uint8_t)tm_frame[0] & 0xC0) >> 6, + (((uint16_t)tm_frame[0] & 0x3F) << 4) | (((uint16_t)tm_frame[1] & 0xF0) >> 4), + ((uint8_t)tm_frame[1] & 0x0E) >> 1, gvcid_managed_parameters, ¤t_managed_parameters); if (crypto_config == NULL) @@ -135,8 +136,10 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly if (sa_service_type != SA_PLAINTEXT) { - encryption_cipher = - (sa_ptr->ecs[0] << 24) | (sa_ptr->ecs[1] << 16) | (sa_ptr->ecs[2] << 8) | sa_ptr->ecs[3]; + printf(KRED "Checking AEAD status\n"); + //encryption_cipher = + // (sa_ptr->ecs[0] << 24) | (sa_ptr->ecs[1] << 16) | (sa_ptr->ecs[2] << 8) | sa_ptr->ecs[3]; + encryption_cipher = *sa_ptr->ecs; ecs_is_aead_algorithm = Crypto_Is_AEAD_Algorithm(encryption_cipher); } @@ -306,7 +309,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) /* ** ~~~Index currently at start of data field, AKA end of security header~~~ */ - + data_loc = idx; // Calculate size of data to be encrypted pdu_len = current_managed_parameters->max_frame_size - idx - sa_ptr->stmacf_len; // Check other managed parameter flags, subtract their lengths from data field if present @@ -386,44 +389,69 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) // Do the encryption if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) { - printf(KRED "NOT SUPPORTED!!!\n"); - status = CRYPTO_LIB_ERR_UNSUPPORTED_MODE; + status = cryptography_if->cryptography_encrypt(//Stub out data in/out as this is done in place and want to save cycles + (uint8_t*)(&tm_frame[data_loc]), // ciphertext output + (size_t) pdu_len, // length of data + (uint8_t*)(&tm_frame[data_loc]), // plaintext input + (size_t) pdu_len, // in data length - from start of frame to end of data + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + sa_ptr->ecs, // encryption cipher + pkcs_padding, // authentication cipher + NULL); } else if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) // Non aead algorithm { - // TODO - implement non-AEAD algorithm logic - if(sa_service_type == SA_AUTHENTICATION) - { - status = cryptography_if->cryptography_authenticate(//Stub out data in/out as this is done in place and want to save cycles - (uint8_t*)(&tm_frame[0]), // ciphertext output - (size_t) 0, // length of data - (uint8_t*)(&tm_frame[0]), // plaintext input - (size_t)0, // in data length - from start of frame to end of data - &(akp->value[0]), // Key - Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), - sa_ptr, // SA (for key reference) - sa_ptr->iv, // IV - sa_ptr->iv_len, // IV Length - &tm_frame[mac_loc], // tag output - sa_ptr->stmacf_len, // tag size - aad, // AAD Input - aad_len, // Length of AAD - *sa_ptr->ecs, // encryption cipher - *sa_ptr->acs, // authentication cipher - NULL); - } - if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) - { - printf(KRED "NOT SUPPORTED!!!\n"); - status = CRYPTO_LIB_ERR_UNSUPPORTED_MODE; - } - else if(sa_service_type == SA_PLAINTEXT) - { - // Do nothing, SDLS fields were already copied into static frame in memory - } - else{ - status = CRYPTO_LIB_ERR_UNSUPPORTED_MODE; - } + // TODO - implement non-AEAD algorithm logic + if(sa_service_type == SA_AUTHENTICATION) + { + status = cryptography_if->cryptography_authenticate(//Stub out data in/out as this is done in place and want to save cycles + (uint8_t*)(&tm_frame[0]), // ciphertext output + (size_t) 0, // length of data + (uint8_t*)(&tm_frame[0]), // plaintext input + (size_t)0, // in data length - from start of frame to end of data + &(akp->value[0]), // Key + Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + &tm_frame[mac_loc], // tag output + sa_ptr->stmacf_len, // tag size + aad, // AAD Input + aad_len, // Length of AAD + *sa_ptr->ecs, // encryption cipher + *sa_ptr->acs, // authentication cipher + NULL); + } + if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + { + if (sa_service_type == SA_ENCRYPTION) + { + status = cryptography_if->cryptography_encrypt(//Stub out data in/out as this is done in place and want to save cycles + (uint8_t*)(&tm_frame[data_loc]), // ciphertext output + (size_t) pdu_len, // length of data + (uint8_t*)(&tm_frame[data_loc]), // plaintext input + (size_t) pdu_len, // in data length - from start of frame to end of data + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + sa_ptr->ecs, // encryption cipher + pkcs_padding, // authentication cipher + NULL); + } + } + else if(sa_service_type == SA_PLAINTEXT) + { + // Do nothing, SDLS fields were already copied into static frame in memory + } + else{ + status = CRYPTO_LIB_ERR_UNSUPPORTED_MODE; + } } // Move idx to mac location @@ -733,7 +761,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) * @param len_ingest: int* * @return int32: Success/Failure **/ -int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t *p_decrypted_length) +int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t *p_decrypted_length) { // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; @@ -902,11 +930,9 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in break; case SA_AUTHENTICATION: printf(KBLU "Processing a TM - AUTHENTICATED!\n" RESET); - printf(KRED "*****NOT IMPLEMENTED!!!!!\n"); break; case SA_ENCRYPTION: printf(KBLU "Processing a TM - ENCRYPTED!\n" RESET); - printf(KRED "*****NOT IMPLEMENTED!!!!!\n"); break; case SA_AUTHENTICATED_ENCRYPTION: printf(KBLU "Processing a TM - AUTHENTICATED ENCRYPTION!\n" RESET); @@ -988,8 +1014,8 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in */ // Calculate size of the protocol data unit - // NOTE: This size itself it not the length for authentication - pdu_len = current_managed_parameters->max_frame_size - (byte_idx) - sa_ptr->stmacf_len; // - fecf_len - ocf_len; + // NOTE: This size itself is not the length for authentication + pdu_len = current_managed_parameters->max_frame_size - (byte_idx) - sa_ptr->stmacf_len; if(current_managed_parameters->has_ocf == TM_HAS_OCF) { pdu_len -= 4; @@ -1048,40 +1074,36 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in return CRYPTO_LIB_ERR_NULL_CIPHERS; } - if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) // Non aead algorithm + // Parse MAC, prepare AAD + if ((sa_service_type == SA_AUTHENTICATION) || (sa_service_type == SA_AUTHENTICATED_ENCRYPTION)) { - // Parse MAC, prepare AAD - if ((sa_service_type == SA_AUTHENTICATION) || (sa_service_type == SA_AUTHENTICATED_ENCRYPTION)) +#ifdef MAC_DEBUG + printf("MAC Parsed from Frame:\n"); + Crypto_hexprint(p_ingest+mac_loc,sa_ptr->stmacf_len); +#endif + aad_len = mac_loc; + // if ((sa_service_type == SA_AUTHENTICATED_ENCRYPTION)) + // { + // //aad_len = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + + // // sa_ptr->shplf_len; + // printf(KRED "*****NOT IMPLEMENTED!!!!!\n"); + // } + if (sa_ptr->abm_len < aad_len) { - #ifdef MAC_DEBUG - printf("MAC Parsed from Frame:\n"); - Crypto_hexprint(p_ingest+mac_loc,sa_ptr->stmacf_len); - #endif - aad_len = mac_loc; - if ((sa_service_type == SA_AUTHENTICATED_ENCRYPTION) && (ecs_is_aead_algorithm == CRYPTO_TRUE)) - { - //aad_len = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + - // sa_ptr->shplf_len; - } - if (sa_ptr->abm_len < aad_len) - { - return CRYPTO_LIB_ERR_ABM_TOO_SHORT_FOR_AAD; - } - // Use ingest and abm to create aad - Crypto_Prepare_TM_AAD(p_ingest, aad_len, sa_ptr->abm, &aad[0]); - - // Check that key length to be used is atleast as long as the algo requirement - if((int32_t) akp->key_len > Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) - { - return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; - } + return CRYPTO_LIB_ERR_ABM_TOO_SHORT_FOR_AAD; + } + // Use ingest and abm to create aad + Crypto_Prepare_TM_AAD(p_ingest, aad_len, sa_ptr->abm, &aad[0]); + } - status = cryptography_if->cryptography_validate_authentication(p_new_dec_frame+byte_idx, // plaintext output + if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) + { + status = cryptography_if->cryptography_aead_decrypt(p_new_dec_frame+byte_idx, // plaintext output pdu_len, // length of data p_ingest+byte_idx, // ciphertext input pdu_len, // in data length - &(akp->value[0]), // Key - Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), sa_ptr, // SA for key reference p_ingest+iv_loc, // IV sa_ptr->iv_len, // IV Length @@ -1089,44 +1111,64 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in sa_ptr->stmacf_len, // tag size aad, // additional authenticated data aad_len, // length of AAD - CRYPTO_CIPHER_NONE, // encryption cipher - *sa_ptr->acs, // authentication cipher - NULL); // cam cookies + (sa_ptr->est), // Decryption Bool + (sa_ptr->ast), // Authentication Bool + (sa_ptr->ast), // AAD Bool + sa_ptr->ecs, // encryption cipher + sa_ptr->acs, // authentication cipher + NULL); + + } + + else if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) + { + // TODO - implement non-AEAD algorithm logic + if(sa_service_type == SA_AUTHENTICATION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + { + status = cryptography_if->cryptography_validate_authentication(p_new_dec_frame+byte_idx, // plaintext output + pdu_len, // length of data + p_ingest+byte_idx, // ciphertext input + pdu_len, // in data length + &(akp->value[0]), // Key + Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + sa_ptr, // SA for key reference + p_ingest+iv_loc, // IV + sa_ptr->iv_len, // IV Length + p_ingest+mac_loc, // Frame Expected Tag + sa_ptr->stmacf_len, // tag size + aad, // additional authenticated data + aad_len, // length of AAD + CRYPTO_CIPHER_NONE, // encryption cipher + *sa_ptr->acs, // authentication cipher + NULL); // cam cookies + } if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { - // Check that key length to be used is atleast as long as the algo requirement - //if((int32_t) akp->key_len > Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) - //{ - // return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; - //} - - // status = cryptography_if->cryptography_decrypt(tc_sdls_processed_frame->tc_pdu, // plaintext output - // (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data - // &(ingest[tc_enc_payload_start_index]), // ciphertext input - // (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length - // &(akp->value[0]), // Key - // Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), - // sa_ptr, // SA for key reference - // tc_sdls_processed_frame->tc_sec_header.iv, // IV - // sa_ptr->iv_len, // IV Length - // sa_ptr->ecs, // encryption cipher - // sa_ptr->acs, // authentication cipher - // cam_cookies - - // ); - - // //Handle Padding Removal - // if(sa_ptr->shplf_len != 0) - // { - // int padding_location = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + - // sa_ptr->shsnf_len; - // uint16_t padding_amount = 0; - // // Get Padding Amount from ingest frame - // padding_amount = (int)ingest[padding_location]; - // // Remove Padding from final decrypted portion - // tc_sdls_processed_frame->tc_pdu_len -= padding_amount; - // } + status = cryptography_if->cryptography_decrypt(p_new_dec_frame+byte_idx, // plaintext output + pdu_len, // length of data + p_ingest+byte_idx, // ciphertext input + pdu_len, // in data length + &(ekp->value[0]), // Key + Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), + sa_ptr, // SA for key reference + p_ingest+iv_loc, // IV + sa_ptr->iv_len, // IV Length + sa_ptr->ecs, // encryption cipher + sa_ptr->acs, // authentication cipher + NULL); + + // //Handle Padding Removal + // if(sa_ptr->shplf_len != 0) + // { + // int padding_location = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + + // sa_ptr->shsnf_len; + // uint16_t padding_amount = 0; + // // Get Padding Amount from ingest frame + // padding_amount = (int)ingest[padding_location]; + // // Remove Padding from final decrypted portion + // tc_sdls_processed_frame->tc_pdu_len -= padding_amount; + // } } } diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index 84d4899e..8af01f29 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -950,4 +950,98 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) free(truth_tm_b); } +/** + * @brief Encryption Only: AES-GCM. 16-byte IV, as GCM requires. Verified with CyberChef + * https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':'FF9F9284CF599EAC3B119905A7D18851E7E374CF63AEA04358586B0F757670F9'%7D,%7B'option':'Hex','string':'deadbeefdeadbeefdeadbeefdeadbeef'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':''%7D)&input=QUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQg + **/ +UTEST(TM_APPLY_ENC_VAL, AES_GCM_BITMASK_1) +{ + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); + Crypto_Init(); + SadbRoutine sadb_routine = get_sadb_routine_inmemory(); + // crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + + // Test frame setup Header |SPI| IV | Data + char* framed_tm_h = "02C000001800000000000000000000000000000000000000AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBFFFF"; + char* framed_tm_b = NULL; + int framed_tm_len = 0; + hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); + + // Truth frame setup + char* truth_tm_h = "02c0000018000009deadbeefdeadbeefdeadbeefdeadbeef0b355a29091cc09b6434ca743273c0a1f0529d44cedd32f09b9dbb45ab35c4b607c4783aaefe7068f6924f069e335dacbf11cb0aba3268b6e1f5b12d6a9ce5e26bf249125ce02cecd90f17f642a9ed8524e73cbca4a125d16a00babca86146b264f2e36d3f81a8645b8b8a66214c473efdbf6f8faa435c9dc3b839bde4fadea2d8a5c9edfd7e1db8b1ba6c1b10e20f82d98c3959104e826c5dc4f63228f5d3fda431adcb775a2300000113e3fee4b87f2f87550b66fa001494c23357a2f095f3593790f6bbbc6eddc301422a8ab70c51b20924c02d202da34523823c8e08b7973e6eb4ab7ba5f7a78dd5513c911bc5213087091629f3600856b9d4a756337f92dd3f853d442f1f0c9966eb7d5e7954f5963ad83382ee13b20f2866ae7393e54b81e25e7598da37959b9f195aa2a9c858c867ff84af8e079baffeeb19102b22800d42938819771eb622aac490bcedaa7ea2481b0547e687ccb95e26a2922166d7cab077ef0e06ec3bf07764de160c3c0db07a9f93d41ece84521ec0e82d9a3658b502850b19cac88e6b5d0c975f850616bd3f2a950b01a38f903108a1a12f38ede3b6833b7126e2af81b719147bcda0aee5bd60e90a8dd800ef5f967400773ee79334f08480b110dfabb2946826828aca98c16004d1d78c1c18c384a19a0afb73792abfdfc55dbe7b36496114b85c28c954d8ff6d661b92e5cd1541d5843e55cfa1f48f08423301012583a7f770c3d3c0ca1a54bafaece16e35c45423474de63d98e966a6a65abaa012798562f18fde35426bea7e75f06f3e2a2538ae992e6996f2fa48f8c2ca179ed76c0f817b47b64bba561f7502b672188200c360d709de7da7443abbfe5506604a6394d3dc7914e71df54efed8dcb264e07b8b7eb50015dd33a11354fa85fcda7b225b1a89ac68827946d1c94fe6e926fda7c4ee8cbf8dafb2bb2fc3900914f04dff504ccec0a45bd78784aa43d9aaa3eff8f72eac5c2e7fbdd9c78f49dad8624dc84329ca1753840284f4dab6102ebd1da47ed9a7e7cb055318d359a5ba9e55434740731ead208457ae94a169135fd02e99e68775f5f99550be0ff79ad2bafe7d4c08fab79d101273f3cae8c6e66585248779238705a1d1d4531347eb593edf7d55e85c91c633f6185782dcb3942ddc78be75ee20bd42ad42cac5440f5579c690d3a127c0962c4d6250dbafc2622b47d1ee505d3dba523592530d78644e2ac4b2e352d584c14191599df0eb1f8e78a20fcf3be1b76e6efa374a8a9f119ae92a707e056bcc5a4b9ad27739fc7cfca27e3ed0d33a0e724089930cf5a947e9eff24c4a3bf5147150d65f4a781723b4ffe230af61e25f5e1a7d74565a52411af43700a05ac1a3e778b7d85b1570895726f394a7345aeb634c4185ff6c2603efc4f00422163b37bd5ec98bd320139ec0e3b69563e9216c236f9516cf2305fc8cc7995e7813a9dc6ada3ab6d503368103eb349199345a449e636524dfc87ece09bb2a8c5323eca50875dec26d25eedff6e3908b9086ca182cc93300008623074f1ad52f1cfe6ef32a6bcf78ad4621cdcc5ff4e6282eed12c3939e28f66faa2b47ab4c0bed328a883995f8616ffa8ee3e66905e9719e7c980d2bcbe0744fc1795956c46adca32b9d3fce5c968b65794b9b10526821f82be34d7c76ce097e5973335015b99c1d8398d0b1d17353f221f9657f90e2bbbfa0f196664edb5b22f4d352e5b1bf3734d6a95678ad5d3a5cb3a76a8938ff2058a4e0297ae9a50df6b4231ea6319db77476aedd7dcbc091d018c89a66eb8e05b42b7e2ef76776b563d432bb3b51827e73212e68d693bbbea8922c5a184394dfd7ec296324f7d91dc4ba950a9edb25f29112b843d662cebc630ca24e4b93a31e7e0b644bafad2435167fa6f9195b3b23971effb4bdbd0f65af8ef2cd1146fc533b7c83cc83fe1540294de3e16154e8fca507b2fc0154677aca2d3718a76924b9e8585bf25f14729fce656b426704293ae6a8181e3929f1352304ef0ca7747fa2db0db7dcf32d2a5b0f68933acb58f32712ef50aefc28a1b7e4315e8b8bcdcacf230200bdc4f41b320969def240c21a259ee319e69711f2c44ed08d7be40e905078534906cb2ae09e653ae3e33ece1e056512798a9525883ad5eaafc394b0c788e57d21b7d076926dd6d583fe220814f4473e67245a3fe732de8bf814baff99d3aad1ca671269bd3f84560e98398aa9f6ba625e9bc516bb88a4fb2a7ec4b3017ac74362f58653b6b7a2226fcbd484a834fe5e8f4a7432fecf8974d57088c7955eee593bd806bb84b46dc2e75c2709c37468866df97e66f49bece821aa8997ec766d6e6529cf96c18a14435ee0ded2bde56d77b2091d4ca1346830edda23d114efe1596201d80fe213b8b7dffa79fc84a2a63c77ac9fae6cb1b8bb99521b43309915da6b28316e400f10fda0f1dbdd25761de798dc894009f391fd96d2471558a2c9656251af547a43"; + char* truth_tm_b = NULL; + int truth_tm_len = 0; + hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); + + // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max + memcpy(&tm_frame, framed_tm_b, framed_tm_len); + + // Expose/setup SAs for testing + SecurityAssociation_t ta; + SecurityAssociation_t* test_association = &ta; + // Deactivate SA 1 + sadb_routine->sadb_get_sa_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + // Activate SA 9 + sadb_routine->sadb_get_sa_from_spi(9, &test_association); + test_association->arsn_len = 0; + test_association->abm_len = 1786; + test_association->abm = (uint8_t* )calloc(1, test_association->abm_len * sizeof(uint8_t)); + memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); + *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->acs_len = 1; + test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); + *test_association->acs = CRYPTO_MAC_NONE; + test_association->iv_len = 16; + test_association->iv = calloc(1, test_association->iv_len * sizeof(uint8_t)); + test_association->shivf_len = 16; + + // Set a more obvious IV for test purposes + char * iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEF"; + char* iv_b = NULL; + int iv_len = 0; + hex_conversion(iv_h, &iv_b, &iv_len); + memcpy(test_association->iv, iv_b, iv_len); + + Crypto_TM_ApplySecurity(test_association); + + // printf("Static frame contents:\n\t"); + // for (int i = 0; i < 1786; i++) + // { + // // printf("[%d]: %02x -> %02x \n", i, tm_frame[i], truth_tm_b[i]); + // printf("%02x", tm_frame[i]); + // // ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); + // // enc_data_idx++; + // } + // printf("\n Truth Contents\n\t"); + + // for (int i = 0; i < 1786; i++) + // { + // // printf("[%d]: %02x -> %02x \n", i, tm_frame[i], truth_tm_b[i]); + // printf("%02x", (uint8_t)*(truth_tm_b+i)); + // // ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); + // // enc_data_idx++; + // } + // printf("\n"); + +for (int i = 0; i < 1786; i++) + { + // printf("[%d]: %02x -> %02x \n", i, *(tm_frame+ i), (uint8_t)truth_tm_b[i]); + // printf("%02x", (uint8_t)*(truth_tm_b+i)); + ASSERT_EQ(*(tm_frame+ i), (uint8_t)truth_tm_b[i]); + } + printf("\n"); + + free(truth_tm_b); + free(framed_tm_b); + free(iv_b); +} + UTEST_MAIN(); \ No newline at end of file diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index e96ff351..5f23c00d 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -856,4 +856,110 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) free(ptr_processed_frame); } +/** + * @brief Decryption Only: AES-GCM. 16-byte IV, as GCM requires. Verified with CyberChef + * https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':'FF9F9284CF599EAC3B119905A7D18851E7E374CF63AEA04358586B0F757670F9'%7D,%7B'option':'Hex','string':'deadbeefdeadbeefdeadbeefdeadbeef'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':''%7D)&input=QUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQg + **/ +UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) +{ + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t* ptr_processed_frame = NULL; + uint16_t processed_tm_len; + // SecurityAssociation_t *sa_ptr = NULL; + + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); + Crypto_Init(); + SadbRoutine sadb_routine = get_sadb_routine_inmemory(); + + // Test frame setup Header |SPI| IV | Data + char* framed_tm_h = "02c0000018000009deadbeefdeadbeefdeadbeefdeadbeef0b355a29091cc09b6434ca743273c0a1f0529d44cedd32f09b9dbb45ab35c4b607c4783aaefe7068f6924f069e335dacbf11cb0aba3268b6e1f5b12d6a9ce5e26bf249125ce02cecd90f17f642a9ed8524e73cbca4a125d16a00babca86146b264f2e36d3f81a8645b8b8a66214c473efdbf6f8faa435c9dc3b839bde4fadea2d8a5c9edfd7e1db8b1ba6c1b10e20f82d98c3959104e826c5dc4f63228f5d3fda431adcb775a2300000113e3fee4b87f2f87550b66fa001494c23357a2f095f3593790f6bbbc6eddc301422a8ab70c51b20924c02d202da34523823c8e08b7973e6eb4ab7ba5f7a78dd5513c911bc5213087091629f3600856b9d4a756337f92dd3f853d442f1f0c9966eb7d5e7954f5963ad83382ee13b20f2866ae7393e54b81e25e7598da37959b9f195aa2a9c858c867ff84af8e079baffeeb19102b22800d42938819771eb622aac490bcedaa7ea2481b0547e687ccb95e26a2922166d7cab077ef0e06ec3bf07764de160c3c0db07a9f93d41ece84521ec0e82d9a3658b502850b19cac88e6b5d0c975f850616bd3f2a950b01a38f903108a1a12f38ede3b6833b7126e2af81b719147bcda0aee5bd60e90a8dd800ef5f967400773ee79334f08480b110dfabb2946826828aca98c16004d1d78c1c18c384a19a0afb73792abfdfc55dbe7b36496114b85c28c954d8ff6d661b92e5cd1541d5843e55cfa1f48f08423301012583a7f770c3d3c0ca1a54bafaece16e35c45423474de63d98e966a6a65abaa012798562f18fde35426bea7e75f06f3e2a2538ae992e6996f2fa48f8c2ca179ed76c0f817b47b64bba561f7502b672188200c360d709de7da7443abbfe5506604a6394d3dc7914e71df54efed8dcb264e07b8b7eb50015dd33a11354fa85fcda7b225b1a89ac68827946d1c94fe6e926fda7c4ee8cbf8dafb2bb2fc3900914f04dff504ccec0a45bd78784aa43d9aaa3eff8f72eac5c2e7fbdd9c78f49dad8624dc84329ca1753840284f4dab6102ebd1da47ed9a7e7cb055318d359a5ba9e55434740731ead208457ae94a169135fd02e99e68775f5f99550be0ff79ad2bafe7d4c08fab79d101273f3cae8c6e66585248779238705a1d1d4531347eb593edf7d55e85c91c633f6185782dcb3942ddc78be75ee20bd42ad42cac5440f5579c690d3a127c0962c4d6250dbafc2622b47d1ee505d3dba523592530d78644e2ac4b2e352d584c14191599df0eb1f8e78a20fcf3be1b76e6efa374a8a9f119ae92a707e056bcc5a4b9ad27739fc7cfca27e3ed0d33a0e724089930cf5a947e9eff24c4a3bf5147150d65f4a781723b4ffe230af61e25f5e1a7d74565a52411af43700a05ac1a3e778b7d85b1570895726f394a7345aeb634c4185ff6c2603efc4f00422163b37bd5ec98bd320139ec0e3b69563e9216c236f9516cf2305fc8cc7995e7813a9dc6ada3ab6d503368103eb349199345a449e636524dfc87ece09bb2a8c5323eca50875dec26d25eedff6e3908b9086ca182cc93300008623074f1ad52f1cfe6ef32a6bcf78ad4621cdcc5ff4e6282eed12c3939e28f66faa2b47ab4c0bed328a883995f8616ffa8ee3e66905e9719e7c980d2bcbe0744fc1795956c46adca32b9d3fce5c968b65794b9b10526821f82be34d7c76ce097e5973335015b99c1d8398d0b1d17353f221f9657f90e2bbbfa0f196664edb5b22f4d352e5b1bf3734d6a95678ad5d3a5cb3a76a8938ff2058a4e0297ae9a50df6b4231ea6319db77476aedd7dcbc091d018c89a66eb8e05b42b7e2ef76776b563d432bb3b51827e73212e68d693bbbea8922c5a184394dfd7ec296324f7d91dc4ba950a9edb25f29112b843d662cebc630ca24e4b93a31e7e0b644bafad2435167fa6f9195b3b23971effb4bdbd0f65af8ef2cd1146fc533b7c83cc83fe1540294de3e16154e8fca507b2fc0154677aca2d3718a76924b9e8585bf25f14729fce656b426704293ae6a8181e3929f1352304ef0ca7747fa2db0db7dcf32d2a5b0f68933acb58f32712ef50aefc28a1b7e4315e8b8bcdcacf230200bdc4f41b320969def240c21a259ee319e69711f2c44ed08d7be40e905078534906cb2ae09e653ae3e33ece1e056512798a9525883ad5eaafc394b0c788e57d21b7d076926dd6d583fe220814f4473e67245a3fe732de8bf814baff99d3aad1ca671269bd3f84560e98398aa9f6ba625e9bc516bb88a4fb2a7ec4b3017ac74362f58653b6b7a2226fcbd484a834fe5e8f4a7432fecf8974d57088c7955eee593bd806bb84b46dc2e75c2709c37468866df97e66f49bece821aa8997ec766d6e6529cf96c18a14435ee0ded2bde56d77b2091d4ca1346830edda23d114efe1596201d80fe213b8b7dffa79fc84a2a63c77ac9fae6cb1b8bb99521b43309915da6b28316e400f10fda0f1dbdd25761de798dc894009f391fd96d2471558a2c9656251af547a43"; + char* framed_tm_b = NULL; + int framed_tm_len = 0; + hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); + + // Truth frame setup + char* truth_tm_h = "02C000001800000000000000000000000000000000000000AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB0000"; + char* truth_tm_b = NULL; + int truth_tm_len = 0; + hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); + + + // Bit math to give concise access to values already set in the static transfer frame + tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; + tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); + tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; + + // Determine managed parameters by GVCID, which nominally happens in TO + status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters, ¤t_managed_parameters); + + // Expose/setup SAs for testing + SecurityAssociation_t ta; + SecurityAssociation_t* test_association = &ta; + // Deactivate SA 1 + sadb_routine->sadb_get_sa_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + // Activate SA 9 + sadb_routine->sadb_get_sa_from_spi(9, &test_association); + test_association->arsn_len = 0; + test_association->abm_len = 1786; + test_association->abm = (uint8_t* )calloc(1, test_association->abm_len * sizeof(uint8_t)); + memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs_len = 1; + test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); + *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->acs_len = 1; + test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); + *test_association->acs = CRYPTO_MAC_NONE; + test_association->iv_len = 16; + test_association->iv = calloc(1, test_association->iv_len * sizeof(uint8_t)); + test_association->shivf_len = 16; + + // Set a more obvious IV for test purposes + char * iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; + char* iv_b = NULL; + int iv_len = 0; + hex_conversion(iv_h, &iv_b, &iv_len); + memcpy(test_association->iv, iv_b, iv_len); + + status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("Decrypted frame contents:\n\t"); + for (int i = 0; i < 1786; i++) + { + printf("%02x", ptr_processed_frame[i]); + // ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + } + // printf("\n Truth Contents\n\t"); + + // for (int i = 0; i < 1786; i++) + // { + // // printf("[%d]: %02x -> %02x \n", i, tm_frame[i], truth_tm_b[i]); + // printf("%02x", (uint8_t)*(truth_tm_b+i)); + // // ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); + // // enc_data_idx++; + // } + // printf("\n"); + + printf("\nDoing final checks:\n\t"); + for (int i = 0; i < 1786; i++) + { + printf("%02x", ptr_processed_frame[i]); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + } + + printf("\n"); + + free(truth_tm_b); + free(framed_tm_b); + free(iv_b); +} + UTEST_MAIN(); \ No newline at end of file