From 4b6533f6a806bef8f64a0c05d7d3ba436d09b9ab Mon Sep 17 00:00:00 2001 From: Ibraheem Saleh Date: Wed, 8 Jun 2022 15:45:40 -0700 Subject: [PATCH 01/46] MMCSCTTL-70: Update cmake include logic to automatically grab all include files --- src/CMakeLists.txt | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index e3b197c0..a39df099 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -72,7 +72,8 @@ if(MYSQL) target_link_libraries(Crypto ${MYSQL_LIBS}) endif() -set_target_properties(Crypto PROPERTIES PUBLIC_HEADER "../include/crypto.h;../include/crypto_config_structs.h;../include/crypto_error.h;../include/crypto_print.h;../include/crypto_structs.h;") +file(GLOB CRYPTO_INCLUDES ../include/*.h) +set_target_properties(Crypto PROPERTIES PUBLIC_HEADER "${CRYPTO_INCLUDES}") add_custom_command(TARGET Crypto POST_BUILD COMMAND ${CMAKE_COMMAND} -E copy $ ${PROJECT_BINARY_DIR}/lib/libCrypto.so From 49848f0f57afcbce196b561d11cd6a4ada733259 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Tue, 25 Apr 2023 09:32:32 -0400 Subject: [PATCH 02/46] [nasa/cryptolib#145] Moved crypto modules into single source folder; --- src/CMakeLists.txt | 16 ++++++++-------- .../kmc}/base64.c | 0 .../kmc}/base64.h | 0 .../kmc}/base64url.c | 0 .../kmc}/base64url.h | 0 ...raphy_interface_kmc_crypto_service.template.c | 0 .../src_kmc_crypto_service => crypto/kmc}/jsmn.h | 0 .../kmc_stub}/cryptography_interface_kmc.stub.c | 0 .../cryptography_interface_libgcrypt.template.c | 0 .../cryptography_interface_libgcrypt.stub.c | 0 10 files changed, 8 insertions(+), 8 deletions(-) rename src/{src_cryptography/src_kmc_crypto_service => crypto/kmc}/base64.c (100%) rename src/{src_cryptography/src_kmc_crypto_service => crypto/kmc}/base64.h (100%) rename src/{src_cryptography/src_kmc_crypto_service => crypto/kmc}/base64url.c (100%) rename src/{src_cryptography/src_kmc_crypto_service => crypto/kmc}/base64url.h (100%) rename src/{src_cryptography/src_kmc_crypto_service => crypto/kmc}/cryptography_interface_kmc_crypto_service.template.c (100%) rename src/{src_cryptography/src_kmc_crypto_service => crypto/kmc}/jsmn.h (100%) rename src/{src_feature_stubs/cryptography_kmc_stub => crypto/kmc_stub}/cryptography_interface_kmc.stub.c (100%) rename src/{src_cryptography/src_libgcrypt => crypto/libgcrypt}/cryptography_interface_libgcrypt.template.c (100%) rename src/{src_feature_stubs/cryptography_libgcrypt_stub => crypto/libgcrypt_stub}/cryptography_interface_libgcrypt.stub.c (100%) diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index f1044340..da3f4297 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -27,19 +27,19 @@ else() endif() if(LIBGCRYPT) - aux_source_directory(src_cryptography/src_libgcrypt LIB_SRC_LIBGCRYPT_FILES) - list(APPEND LIB_SRC_FILES ${LIB_SRC_LIBGCRYPT_FILES}) + aux_source_directory(crypto/libgcrypt LIBGCRYPT_FILES) + list(APPEND LIB_SRC_FILES ${LIBGCRYPT_FILES}) else() - aux_source_directory(src_feature_stubs/cryptography_libgcrypt_stub LIB_SRC_LIBGCRYPT_FILES) - list(APPEND LIB_SRC_FILES ${LIB_SRC_LIBGCRYPT_FILES}) + aux_source_directory(crypto/libgcrypt_stub LIBGCRYPT_FILES) + list(APPEND LIB_SRC_FILES ${LIBGCRYPT_FILES}) endif() if(KMCCRYPTO) - aux_source_directory(src_cryptography/src_kmc_crypto_service LIB_SRC_KMC_CRYPTO_FILES) - list(APPEND LIB_SRC_FILES ${LIB_SRC_KMC_CRYPTO_FILES}) + aux_source_directory(crypto/kmc KMC_FILES) + list(APPEND LIB_SRC_FILES ${KMC_FILES}) else() - aux_source_directory(src_feature_stubs/cryptography_kmc_stub LIB_SRC_KMC_CRYPTO_FILES) - list(APPEND LIB_SRC_FILES ${LIB_SRC_KMC_CRYPTO_FILES}) + aux_source_directory(crypto/kmc_stub KMC_FILES) + list(APPEND LIB_SRC_FILES ${KMC_FILES}) endif() if(CMAKE_PROJECT_NAME STREQUAL PROJECT_NAME) diff --git a/src/src_cryptography/src_kmc_crypto_service/base64.c b/src/crypto/kmc/base64.c similarity index 100% rename from src/src_cryptography/src_kmc_crypto_service/base64.c rename to src/crypto/kmc/base64.c diff --git a/src/src_cryptography/src_kmc_crypto_service/base64.h b/src/crypto/kmc/base64.h similarity index 100% rename from src/src_cryptography/src_kmc_crypto_service/base64.h rename to src/crypto/kmc/base64.h diff --git a/src/src_cryptography/src_kmc_crypto_service/base64url.c b/src/crypto/kmc/base64url.c similarity index 100% rename from src/src_cryptography/src_kmc_crypto_service/base64url.c rename to src/crypto/kmc/base64url.c diff --git a/src/src_cryptography/src_kmc_crypto_service/base64url.h b/src/crypto/kmc/base64url.h similarity index 100% rename from src/src_cryptography/src_kmc_crypto_service/base64url.h rename to src/crypto/kmc/base64url.h diff --git a/src/src_cryptography/src_kmc_crypto_service/cryptography_interface_kmc_crypto_service.template.c b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c similarity index 100% rename from src/src_cryptography/src_kmc_crypto_service/cryptography_interface_kmc_crypto_service.template.c rename to src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c diff --git a/src/src_cryptography/src_kmc_crypto_service/jsmn.h b/src/crypto/kmc/jsmn.h similarity index 100% rename from src/src_cryptography/src_kmc_crypto_service/jsmn.h rename to src/crypto/kmc/jsmn.h diff --git a/src/src_feature_stubs/cryptography_kmc_stub/cryptography_interface_kmc.stub.c b/src/crypto/kmc_stub/cryptography_interface_kmc.stub.c similarity index 100% rename from src/src_feature_stubs/cryptography_kmc_stub/cryptography_interface_kmc.stub.c rename to src/crypto/kmc_stub/cryptography_interface_kmc.stub.c diff --git a/src/src_cryptography/src_libgcrypt/cryptography_interface_libgcrypt.template.c b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c similarity index 100% rename from src/src_cryptography/src_libgcrypt/cryptography_interface_libgcrypt.template.c rename to src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c diff --git a/src/src_feature_stubs/cryptography_libgcrypt_stub/cryptography_interface_libgcrypt.stub.c b/src/crypto/libgcrypt_stub/cryptography_interface_libgcrypt.stub.c similarity index 100% rename from src/src_feature_stubs/cryptography_libgcrypt_stub/cryptography_interface_libgcrypt.stub.c rename to src/crypto/libgcrypt_stub/cryptography_interface_libgcrypt.stub.c From 296b02007d443f037c8c9229a8a366db05942735 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Tue, 25 Apr 2023 09:52:32 -0400 Subject: [PATCH 03/46] [nasa/cryptolib#145] Created sa folder with both internal and mariadb options; --- .github/workflows/mariadb.yml | 4 +- CMakeLists.txt | 2 + src/CMakeLists.txt | 20 +- .../sadb_routine_inmemory.template.c | 0 .../sadb_routine_inmemory.stub.c} | 16 +- .../mariadb}/sadb_routine_mariadb.template.c | 1142 ++++++++--------- .../mariadb_stub}/sadb_routine_mariadb.stub.c | 0 .../sadb_mariadb_sql/create_sadb.sql | 0 .../sadb_mariadb_sql/delete_sadb.sql | 0 .../sadb_mariadb_sql/empty_sadb.sql | 0 .../sadb_mariadb_sql/list_sadb.sql | 0 ...r_path_unit_test_security_associations.sql | 0 .../create_sadb_ivv_unit_tests.sql | 0 ...db_jpl_unit_test_security_associations.sql | 0 ...e_sadb_unit_test_security_associations.sql | 0 ..._sadb_unit_test_user_grant_permissions.sql | 0 util/src_util/ut_mariadb.c | 4 +- 17 files changed, 597 insertions(+), 591 deletions(-) rename src/{src_main => sa/internal}/sadb_routine_inmemory.template.c (100%) rename src/{src_main/sadb_routine.c => sa/internal_stub/sadb_routine_inmemory.stub.c} (73%) rename src/{src_mysql => sa/mariadb}/sadb_routine_mariadb.template.c (97%) rename src/{src_feature_stubs/mysql_stub => sa/mariadb_stub}/sadb_routine_mariadb.stub.c (100%) rename src/{crypto_sadb => sa}/sadb_mariadb_sql/create_sadb.sql (100%) rename src/{crypto_sadb => sa}/sadb_mariadb_sql/delete_sadb.sql (100%) rename src/{crypto_sadb => sa}/sadb_mariadb_sql/empty_sadb.sql (100%) rename src/{crypto_sadb => sa}/sadb_mariadb_sql/list_sadb.sql (100%) rename src/{crypto_sadb => sa}/test_sadb_mariadb_sql/create_sadb_error_path_unit_test_security_associations.sql (100%) rename src/{crypto_sadb => sa}/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql (100%) rename src/{crypto_sadb => sa}/test_sadb_mariadb_sql/create_sadb_jpl_unit_test_security_associations.sql (100%) rename src/{crypto_sadb => sa}/test_sadb_mariadb_sql/create_sadb_unit_test_security_associations.sql (100%) rename src/{crypto_sadb => sa}/test_sadb_mariadb_sql/create_sadb_unit_test_user_grant_permissions.sql (100%) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index e5f5bf2c..2c6df13d 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -27,12 +27,12 @@ jobs: working-directory: ${{github.workspace}}/build #Maybe create a variable for this SQL location run: | - cd /__w/CryptoLib/CryptoLib/src/crypto_sadb/sadb_mariadb_sql + cd /__w/CryptoLib/CryptoLib/src/sa/sadb_mariadb_sql echo "----------------" /etc/init.d/mysql start mysql --host=localhost -uroot -pitc123! < delete_sadb.sql mysql --host=localhost -uroot -pitc123! < create_sadb.sql - cd /__w/CryptoLib/CryptoLib/src/crypto_sadb/test_sadb_mariadb_sql + cd /__w/CryptoLib/CryptoLib/src/sa/test_sadb_mariadb_sql mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_user_grant_permissions.sql mysql --host=localhost -uroot -pitc123! < create_sadb_jpl_unit_test_security_associations.sql cd /__w/CryptoLib/CryptoLib/build/bin diff --git a/CMakeLists.txt b/CMakeLists.txt index 777fc9c0..ffd5a966 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -29,6 +29,8 @@ OPTION(ENCTEST "Encryption-Tests" OFF) # Disabled by default, enable with: -DENC OPTION(CODECOV "Code-Coverage" OFF) # Disabled by default, enable with: -DCODECOV=ON OPTION(SYSTEM_INSTALL "SystemInstall" OFF) #Disabled by default, enable with: -DSYSTEM_INSTALL=ON +OPTION(SA_INTERNAL "SA Internal" ON) # Enabled by default, disable with: -DSA_INTERNAL=OFF + IF(NOT DEFINED CFE_SYSTEM_PSPNAME) # Not cFE / cFS set(CMAKE_INSTALL_RPATH "$ORIGIN/../lib") diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index da3f4297..ce2937d1 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -19,11 +19,19 @@ include_directories(../include) aux_source_directory(src_main LIB_SRC_FILES) if(MYSQL) - aux_source_directory(src_mysql LIB_SRC_MYSQL_FILES) - list(APPEND LIB_SRC_FILES ${LIB_SRC_MYSQL_FILES}) + aux_source_directory(sa/mariadb MARIADB_FILES) + list(APPEND LIB_SRC_FILES ${MARIADB_FILES}) else() - aux_source_directory(src_feature_stubs/mysql_stub LIB_SRC_MYSQL_FILES) - list(APPEND LIB_SRC_FILES ${LIB_SRC_MYSQL_FILES}) + aux_source_directory(sa/mariadb_stub MARIADB_FILES) + list(APPEND LIB_SRC_FILES ${MARIADB_FILES}) +endif() + +if(SA_INTERNAL) + aux_source_directory(sa/internal SA_INTERNAL_FILES) + list(APPEND LIB_SRC_FILES ${SA_INTERNAL_FILES}) +else() + aux_source_directory(sa/internal_stub SA_INTERNAL_FILES) + list(APPEND LIB_SRC_FILES ${SA_INTERNAL_FILES}) endif() if(LIBGCRYPT) @@ -92,8 +100,8 @@ ELSE() ENDIF() IF(MYSQL) - file(GLOB MYSQL_SCRIPTS crypto_sadb/sadb_mariadb_sql/*.sql) - file(GLOB MYSQL_TEST_SCRIPTS crypto_sadb/test_sadb_mariadb_sql/*.sql) + file(GLOB MYSQL_SCRIPTS sa/sadb_mariadb_sql/*.sql) + file(GLOB MYSQL_TEST_SCRIPTS sa/test_sadb_mariadb_sql/*.sql) install(FILES ${MYSQL_SCRIPTS} DESTINATION ${CMAKE_INSTALL_PREFIX}/etc/sadb_mariadb_sql) install(FILES ${MYSQL_TEST_SCRIPTS} diff --git a/src/src_main/sadb_routine_inmemory.template.c b/src/sa/internal/sadb_routine_inmemory.template.c similarity index 100% rename from src/src_main/sadb_routine_inmemory.template.c rename to src/sa/internal/sadb_routine_inmemory.template.c diff --git a/src/src_main/sadb_routine.c b/src/sa/internal_stub/sadb_routine_inmemory.stub.c similarity index 73% rename from src/src_main/sadb_routine.c rename to src/sa/internal_stub/sadb_routine_inmemory.stub.c index 9679c000..b079bf55 100644 --- a/src/src_main/sadb_routine.c +++ b/src/sa/internal_stub/sadb_routine_inmemory.stub.c @@ -13,15 +13,11 @@ */ #include "sadb_routine.h" -/** - * @brief Function: init_parse_sadb_routine - * @param config: uint8_t* - * @return SadbRoutine - **/ -/* -SadbRoutine init_parse_sadb_routine(uint8_t* config) + +static SadbRoutineStruct sadb_routine; + +SadbRoutine get_sadb_routine_inmemory(void) { - SadbRoutine sadb_routine; - return sadb_routine; + fprintf(stderr,"ERROR: Loading internal stub source code. Rebuild CryptoLib with -DMYSQL=OFF to use proper internal implementation.\n"); + return &sadb_routine; } -*/ \ No newline at end of file diff --git a/src/src_mysql/sadb_routine_mariadb.template.c b/src/sa/mariadb/sadb_routine_mariadb.template.c similarity index 97% rename from src/src_mysql/sadb_routine_mariadb.template.c rename to src/sa/mariadb/sadb_routine_mariadb.template.c index 2d0e6640..e68d2072 100644 --- a/src/src_mysql/sadb_routine_mariadb.template.c +++ b/src/sa/mariadb/sadb_routine_mariadb.template.c @@ -1,572 +1,572 @@ -/* - * Copyright 2021, by the California Institute of Technology. - * ALL RIGHTS RESERVED. United States Government Sponsorship acknowledged. - * Any commercial use must be negotiated with the Office of Technology - * Transfer at the California Institute of Technology. - * - * This software may be subject to U.S. export control laws. By accepting - * this software, the user agrees to comply with all applicable U.S. - * export laws and regulations. User has the responsibility to obtain - * export licenses, or other export authority as may be required before - * exporting such information to foreign countries or providing access to - * foreign persons. - */ - -#include "crypto_config.h" -#include "crypto_error.h" -#include "crypto_print.h" -#include "crypto_structs.h" -#include "sadb_routine.h" - -#include -#include -#include -#include - -// Security Association Initialization Functions -static int32_t sadb_config(void); -static int32_t sadb_init(void); -static int32_t sadb_close(void); -// Security Association Interaction Functions -static int32_t sadb_get_sa_from_spi(uint16_t, SecurityAssociation_t**); -static int32_t sadb_get_operational_sa_from_gvcid(uint8_t, uint16_t, uint16_t, uint8_t, SecurityAssociation_t**); -static int32_t sadb_save_sa(SecurityAssociation_t* sa); -// Security Association Utility Functions -static int32_t sadb_sa_stop(void); -static int32_t sadb_sa_start(TC_t* tc_frame); -static int32_t sadb_sa_expire(void); -static int32_t sadb_sa_rekey(void); -static int32_t sadb_sa_status(uint8_t* ); -static int32_t sadb_sa_create(void); -static int32_t sadb_sa_setARSN(void); -static int32_t sadb_sa_setARSNW(void); -static int32_t sadb_sa_delete(void); -// MySQL local functions -static int32_t finish_with_error(MYSQL **con_loc, int err); -// MySQL Queries -static const char* SQL_SADB_GET_SA_BY_SPI = - "SELECT " - "spi,ekid,akid,sa_state,tfvn,scid,vcid,mapid,lpid,est,ast,shivf_len,shsnf_len,shplf_len,stmacf_len,ecs_len,HEX(ecs)" - ",HEX(iv),iv_len,acs_len,HEX(acs),abm_len,HEX(abm),arsn_len,HEX(arsn),arsnw" - " FROM security_associations WHERE spi='%d'"; -static const char* SQL_SADB_GET_SA_BY_GVCID = - "SELECT " - "spi,ekid,akid,sa_state,tfvn,scid,vcid,mapid,lpid,est,ast,shivf_len,shsnf_len,shplf_len,stmacf_len,ecs_len,HEX(ecs)" - ",HEX(iv),iv_len,acs_len,HEX(acs),abm_len,HEX(abm),arsn_len,HEX(arsn),arsnw" - " FROM security_associations WHERE tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d' AND sa_state='%d'"; -static const char* SQL_SADB_UPDATE_IV_ARC_BY_SPI = - "UPDATE security_associations" - " SET iv=X'%s', arsn=X'%s'" - " WHERE spi='%d' AND tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d'"; - -// sadb_routine mariaDB private helper functions -static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** security_association); -static int32_t convert_hexstring_to_byte_array(char* hexstr, uint8_t* byte_array); -static void convert_byte_array_to_hexstring(void* src_buffer, size_t buffer_length, char* dest_str); - -/* -** Global Variables -*/ -// Security -static SadbRoutineStruct sadb_routine_struct; -static MYSQL *con; - -SadbRoutine get_sadb_routine_mariadb(void) -{ - sadb_routine_struct.sadb_config = sadb_config; - sadb_routine_struct.sadb_init = sadb_init; - sadb_routine_struct.sadb_close = sadb_close; - sadb_routine_struct.sadb_get_sa_from_spi = sadb_get_sa_from_spi; - sadb_routine_struct.sadb_get_operational_sa_from_gvcid = sadb_get_operational_sa_from_gvcid; - sadb_routine_struct.sadb_sa_stop = sadb_sa_stop; - sadb_routine_struct.sadb_save_sa = sadb_save_sa; - sadb_routine_struct.sadb_sa_start = sadb_sa_start; - sadb_routine_struct.sadb_sa_expire = sadb_sa_expire; - sadb_routine_struct.sadb_sa_rekey = sadb_sa_rekey; - sadb_routine_struct.sadb_sa_status = sadb_sa_status; - sadb_routine_struct.sadb_sa_create = sadb_sa_create; - sadb_routine_struct.sadb_sa_setARSN = sadb_sa_setARSN; - sadb_routine_struct.sadb_sa_setARSNW = sadb_sa_setARSNW; - sadb_routine_struct.sadb_sa_delete = sadb_sa_delete; - return &sadb_routine_struct; -} - -static int32_t sadb_config(void) -{ - return CRYPTO_LIB_SUCCESS; -} - -static int32_t sadb_init(void) -{ - int32_t status = CRYPTO_LIB_ERROR; - if (sadb_mariadb_config != NULL) - { - con = mysql_init(con); - if (con != NULL) - { - //mysql_options is removed in MariaDB C connector v3, using mysql_optionsv - // Lots of small configuration differences between MySQL connector & MariaDB Connector - // Only MariaDB Connector is implemented here: - // https://wikidev.in/wiki/C/mysql_mysql_h/mysql_options | https://mariadb.com/kb/en/mysql_optionsv/ - if(sadb_mariadb_config->mysql_mtls_key != NULL) - { - mysql_optionsv(con, MYSQL_OPT_SSL_KEY, sadb_mariadb_config->mysql_mtls_key); - } - if(sadb_mariadb_config->mysql_mtls_cert != NULL) - { - mysql_optionsv(con, MYSQL_OPT_SSL_CERT, sadb_mariadb_config->mysql_mtls_cert); - } - if(sadb_mariadb_config->mysql_mtls_ca != NULL) - { - mysql_optionsv(con, MYSQL_OPT_SSL_CA, sadb_mariadb_config->mysql_mtls_ca); - } - if(sadb_mariadb_config->mysql_mtls_capath != NULL) - { - mysql_optionsv(con, MYSQL_OPT_SSL_CAPATH, sadb_mariadb_config->mysql_mtls_capath); - } - if (sadb_mariadb_config->mysql_tls_verify_server != CRYPTO_FALSE) - { - mysql_optionsv(con, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, &(sadb_mariadb_config->mysql_tls_verify_server)); - } - if (sadb_mariadb_config->mysql_mtls_client_key_password != NULL) - { - mysql_optionsv(con, MARIADB_OPT_TLS_PASSPHRASE, sadb_mariadb_config->mysql_mtls_client_key_password); - } - if (sadb_mariadb_config->mysql_require_secure_transport == CRYPTO_TRUE) - { - mysql_optionsv(con, MYSQL_OPT_SSL_ENFORCE,&(sadb_mariadb_config->mysql_require_secure_transport)); - } - //if encrypted connection (TLS) connection. No need for SSL Key - if (mysql_real_connect(con, sadb_mariadb_config->mysql_hostname, - sadb_mariadb_config->mysql_username, - sadb_mariadb_config->mysql_password, - sadb_mariadb_config->mysql_database, - sadb_mariadb_config->mysql_port, NULL, 0) == NULL) - { - //0,NULL,0 are port number, unix socket, client flag - finish_with_error(&con, SADB_MARIADB_CONNECTION_FAILED); - status = CRYPTO_LIB_ERROR; - } else { - status = CRYPTO_LIB_SUCCESS; - if (status == CRYPTO_LIB_SUCCESS) { -#ifdef DEBUG - printf("sadb_init created mysql connection successfully. \n"); -#endif - } - } - } - else - { - //error - fprintf(stderr, "Error: sadb_init() MySQL API function mysql_init() returned a connection object that is NULL\n"); - } - - } - return status; -}//end int32_t sadb_init() - -static int32_t sadb_close(void) -{ - if(con) - { - mysql_close(con); - con = NULL; - } - - return CRYPTO_LIB_SUCCESS; -} - -// Security Association Interaction Functions -static int32_t sadb_get_sa_from_spi(uint16_t spi, SecurityAssociation_t** security_association) -{ - int32_t status = CRYPTO_LIB_SUCCESS; - - char spi_query[2048]; - snprintf(spi_query, sizeof(spi_query), SQL_SADB_GET_SA_BY_SPI, spi); - - status = parse_sa_from_mysql_query(&spi_query[0], security_association); - - return status; -} -static int32_t sadb_get_operational_sa_from_gvcid(uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid, - SecurityAssociation_t** security_association) -{ - int32_t status = CRYPTO_LIB_SUCCESS; - - char gvcid_query[2048]; - snprintf(gvcid_query, sizeof(gvcid_query), SQL_SADB_GET_SA_BY_GVCID, tfvn, scid, vcid, mapid, SA_OPERATIONAL); - - status = parse_sa_from_mysql_query(&gvcid_query[0], security_association); - - return status; -} -static int32_t sadb_save_sa(SecurityAssociation_t* sa) -{ - int32_t status = CRYPTO_LIB_SUCCESS; - if (sa == NULL) - { - return SADB_NULL_SA_USED; - } - - char update_sa_query[2048]; - - char* iv_h = malloc(sa->iv_len * 2 + 1); - convert_byte_array_to_hexstring(sa->iv, sa->iv_len, iv_h); - char* arsn_h = malloc(sa->arsn_len * 2 + 1); - convert_byte_array_to_hexstring(sa->arsn, sa->arsn_len, arsn_h); - - snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI, - iv_h, - arsn_h, sa->spi, sa->gvcid_blk.tfvn, - sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); - free(iv_h); - free(arsn_h); -#ifdef SA_DEBUG - fprintf(stderr, "MySQL Insert SA Query: %s \n", update_sa_query); -#endif - - // Crypto_saPrint(sa); - if (mysql_query(con, update_sa_query)) - { - status = finish_with_error(&con, SADB_QUERY_FAILED); - } - // todo - if query fails, need to push failure message to error stack instead of just return code. - - // We free the allocated SA memory in the save function. - if (sa->iv != NULL) - free(sa->iv); - if (sa->abm != NULL) - free(sa->abm); - if (sa->arsn != NULL) - free(sa->arsn); - if (sa->ek_ref != NULL) - free(sa->ek_ref); - if (sa->ecs != NULL) - free(sa->ecs); - if (sa->acs != NULL) - free(sa->acs); - if (sa->ak_ref != NULL) - free(sa->ak_ref); - free(sa); - return status; -} -// Security Association Utility Functions -static int32_t sadb_sa_stop(void) -{ - return CRYPTO_LIB_SUCCESS; -} -static int32_t sadb_sa_start(TC_t* tc_frame) -{ - tc_frame = tc_frame; - return CRYPTO_LIB_SUCCESS; -} -static int32_t sadb_sa_expire(void) -{ - return CRYPTO_LIB_SUCCESS; -} -static int32_t sadb_sa_rekey(void) -{ - return CRYPTO_LIB_SUCCESS; -} -static int32_t sadb_sa_status(uint8_t* ingest) -{ - ingest = ingest; - return CRYPTO_LIB_SUCCESS; -} -static int32_t sadb_sa_create(void) -{ - return CRYPTO_LIB_SUCCESS; -} -static int32_t sadb_sa_setARSN(void) -{ - return CRYPTO_LIB_SUCCESS; -} -static int32_t sadb_sa_setARSNW(void) -{ - return CRYPTO_LIB_SUCCESS; -} -static int32_t sadb_sa_delete(void) -{ - return CRYPTO_LIB_SUCCESS; -} - -// sadb_routine private helper functions -static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** security_association) -{ - int32_t status = CRYPTO_LIB_SUCCESS; - SecurityAssociation_t* sa = calloc(1,sizeof(SecurityAssociation_t)); - -#ifdef SA_DEBUG - fprintf(stderr, "MySQL Query: %s \n", query); -#endif - - if (mysql_real_query(con, query, strlen(query))) - { // query should be NUL terminated! - status = finish_with_error(&con, SADB_QUERY_FAILED); - return status; - } - // todo - if query fails, need to push failure message to error stack instead of just return code. - - MYSQL_RES *result = mysql_store_result(con); - if (result == NULL) - { - status = finish_with_error(&con, SADB_QUERY_EMPTY_RESULTS); - return status; - } - - int num_rows = mysql_num_rows(result); - if(num_rows == 0) // No rows returned in query!! - { - status = finish_with_error(&con, SADB_QUERY_EMPTY_RESULTS); - return status; - } - - int num_fields = mysql_num_fields(result); - - MYSQL_ROW row; - MYSQL_FIELD *field; - - char* field_names[num_fields]; //[64]; 64 == max length of column name in MySQL - - // TODO -- Need to store mysql query hex string and then malloc sa->iv according to size. - // TODO -- IV && arsn && abm as uint8_t* instead of uint8[]!!! - char* iv_byte_str; - char* arc_byte_str; - char* abm_byte_str; - char* ecs_byte_str; - char* acs_byte_str; - while ((row = mysql_fetch_row(result))) - { - for (int i = 0; i < num_fields; i++) - { - // Parse out all the field names. - if (i == 0) - { - int field_idx = 0; - while ((field = mysql_fetch_field(result))) - { - field_names[field_idx] = field->name; - field_idx++; - } - } - // Handle query results - if (row[i] == NULL) - { - continue; - } // Don't do anything with NULL fields from MySQL query. - if (strcmp(field_names[i], "spi") == 0) - { - sa->spi = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "ekid") == 0) - { - if(crypto_config->cryptography_type==CRYPTOGRAPHY_TYPE_LIBGCRYPT) - { - sa->ekid = atoi(row[i]); - } else // Cryptography Type KMC Crypto Service with PKCS12 String Key References - { - sa->ekid = 0; - sa->ek_ref = malloc((strlen(row[i])+1) * sizeof(char)); - memcpy(sa->ek_ref, row[i], strlen(row[i])+1); - } - continue; - } - if (strcmp(field_names[i], "akid") == 0) - { - if(crypto_config->cryptography_type==CRYPTOGRAPHY_TYPE_LIBGCRYPT) - { - sa->akid = atoi(row[i]); - } else // Cryptography Type KMC Crypto Service with PKCS12 String Key References - { - sa->ak_ref = malloc((strlen(row[i])+1) * sizeof(char)); - memcpy(sa->ak_ref, row[i], strlen(row[i])+1); - } - continue; - } - if (strcmp(field_names[i], "sa_state") == 0) - { - sa->sa_state = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "tfvn") == 0) - { - sa->gvcid_blk.tfvn = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "scid") == 0) - { - sa->gvcid_blk.scid = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "vcid") == 0) - { - sa->gvcid_blk.vcid = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "mapid") == 0) - { - sa->gvcid_blk.mapid = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "lpid") == 0) - { - sa->lpid = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "est") == 0) - { - sa->est = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "ast") == 0) - { - sa->ast = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "shivf_len") == 0) - { - sa->shivf_len = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "iv_len") == 0) - { - sa->iv_len = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "shsnf_len") == 0) - { - sa->shsnf_len = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "shplf_len") == 0) - { - sa->shplf_len = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "stmacf_len") == 0) - { - sa->stmacf_len = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "ecs_len") == 0) - { - sa->ecs_len = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "HEX(ecs)") == 0) - { - ecs_byte_str = row[i]; - continue; - } - // if(strcmp(field_names[i],"HEX(iv)")==0){memcpy(&(sa->iv),&row[i],IV_SIZE);continue;} - if (strcmp(field_names[i], "HEX(iv)") == 0) - { - iv_byte_str = row[i]; - continue; - } - if (strcmp(field_names[i], "acs_len") == 0) - { - sa->acs_len = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "HEX(acs)") == 0) - { - acs_byte_str = row[i]; - continue; - } - if (strcmp(field_names[i], "abm_len") == 0) - { - sa->abm_len = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "HEX(abm)") == 0) - { - abm_byte_str = row[i]; - continue; - } - // if(strcmp(field_names[i],"HEX(abm)")==0){convert_hexstring_to_byte_array(row[i],sa->abm);continue;} - if (strcmp(field_names[i], "arsn_len") == 0) - { - sa->arsn_len = atoi(row[i]); - continue; - } - if (strcmp(field_names[i], "HEX(arsn)") == 0) - { - arc_byte_str = row[i]; - continue; - } - // if(strcmp(field_names[i],"HEX(arsn)")==0){convert_hexstring_to_byte_array(row[i],sa->arsn);continue;} - if (strcmp(field_names[i], "arsnw") == 0) - { - sa->arsnw = atoi(row[i]); - continue; - } - // printf("%s:%s ",field_names[i], row[i] ? row[i] : "NULL"); - } - // printf("\n"); - } - sa->iv = (uint8_t* )calloc(1, sa->iv_len * sizeof(uint8_t)); - sa->arsn = (uint8_t* )calloc(1, sa->arsn_len * sizeof(uint8_t)); - sa->abm = (uint8_t* )calloc(1, sa->abm_len * sizeof(uint8_t)); - sa->ecs = (uint8_t* )calloc(1, sa->ecs_len * sizeof(uint8_t)); - sa->acs = (uint8_t* )calloc(1, sa->acs_len * sizeof(uint8_t)); - if(sa->iv_len > 0) convert_hexstring_to_byte_array(iv_byte_str, sa->iv); - if(sa->arsn_len > 0) convert_hexstring_to_byte_array(arc_byte_str, sa->arsn); - if(sa->abm_len > 0) convert_hexstring_to_byte_array(abm_byte_str, sa->abm); - if(sa->ecs_len > 0) convert_hexstring_to_byte_array(ecs_byte_str, sa->ecs); - if(sa->acs_len > 0) convert_hexstring_to_byte_array(acs_byte_str, sa->acs); - - //arsnw_len is not necessary for mariadb interface, putty dummy/default value for prints. - sa->arsnw_len = 1; - -#ifdef DEBUG - printf("Parsed SA from SQL Query:\n"); - Crypto_saPrint(sa); -#endif - - *security_association = sa; - mysql_free_result(result); - - return status; -} -static int32_t convert_hexstring_to_byte_array(char* source_str, uint8_t* dest_buffer) -{ // https://stackoverflow.com/questions/3408706/hexadecimal-string-to-byte-array-in-c/56247335#56247335 - char* line = source_str; - char* data = line; - int offset; - unsigned int read_byte; - uint32_t data_len = 0; - - while (sscanf(data, " %02x%n", &read_byte, &offset) == 1) - { - dest_buffer[data_len++] = read_byte; - data += offset; - } - return data_len; -} - -static void convert_byte_array_to_hexstring(void* src_buffer, size_t buffer_length, char* dest_str) -{ - unsigned char* bytes = src_buffer; - - if (src_buffer != NULL) - { - for (size_t i = 0; i < buffer_length; i++) - { - uint8_t nib1 = (bytes[i] >> 4) & 0x0F; - uint8_t nib2 = (bytes[i]) & 0x0F; - dest_str[i * 2 + 0] = nib1 < 0xA ? '0' + nib1 : 'A' + nib1 - 0xA; - dest_str[i * 2 + 1] = nib2 < 0xA ? '0' + nib2 : 'A' + nib2 - 0xA; - } - dest_str[buffer_length * 2] = '\0'; - } -} - -static int32_t finish_with_error(MYSQL **con_loc, int err) -{ - fprintf(stderr, "%s\n", mysql_error(*con_loc)); // todo - if query fails, need to push failure message to error stack - mysql_close(*con_loc); - *con_loc = NULL; - return err; +/* + * Copyright 2021, by the California Institute of Technology. + * ALL RIGHTS RESERVED. United States Government Sponsorship acknowledged. + * Any commercial use must be negotiated with the Office of Technology + * Transfer at the California Institute of Technology. + * + * This software may be subject to U.S. export control laws. By accepting + * this software, the user agrees to comply with all applicable U.S. + * export laws and regulations. User has the responsibility to obtain + * export licenses, or other export authority as may be required before + * exporting such information to foreign countries or providing access to + * foreign persons. + */ + +#include "crypto_config.h" +#include "crypto_error.h" +#include "crypto_print.h" +#include "crypto_structs.h" +#include "sadb_routine.h" + +#include +#include +#include +#include + +// Security Association Initialization Functions +static int32_t sadb_config(void); +static int32_t sadb_init(void); +static int32_t sadb_close(void); +// Security Association Interaction Functions +static int32_t sadb_get_sa_from_spi(uint16_t, SecurityAssociation_t**); +static int32_t sadb_get_operational_sa_from_gvcid(uint8_t, uint16_t, uint16_t, uint8_t, SecurityAssociation_t**); +static int32_t sadb_save_sa(SecurityAssociation_t* sa); +// Security Association Utility Functions +static int32_t sadb_sa_stop(void); +static int32_t sadb_sa_start(TC_t* tc_frame); +static int32_t sadb_sa_expire(void); +static int32_t sadb_sa_rekey(void); +static int32_t sadb_sa_status(uint8_t* ); +static int32_t sadb_sa_create(void); +static int32_t sadb_sa_setARSN(void); +static int32_t sadb_sa_setARSNW(void); +static int32_t sadb_sa_delete(void); +// MySQL local functions +static int32_t finish_with_error(MYSQL **con_loc, int err); +// MySQL Queries +static const char* SQL_SADB_GET_SA_BY_SPI = + "SELECT " + "spi,ekid,akid,sa_state,tfvn,scid,vcid,mapid,lpid,est,ast,shivf_len,shsnf_len,shplf_len,stmacf_len,ecs_len,HEX(ecs)" + ",HEX(iv),iv_len,acs_len,HEX(acs),abm_len,HEX(abm),arsn_len,HEX(arsn),arsnw" + " FROM security_associations WHERE spi='%d'"; +static const char* SQL_SADB_GET_SA_BY_GVCID = + "SELECT " + "spi,ekid,akid,sa_state,tfvn,scid,vcid,mapid,lpid,est,ast,shivf_len,shsnf_len,shplf_len,stmacf_len,ecs_len,HEX(ecs)" + ",HEX(iv),iv_len,acs_len,HEX(acs),abm_len,HEX(abm),arsn_len,HEX(arsn),arsnw" + " FROM security_associations WHERE tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d' AND sa_state='%d'"; +static const char* SQL_SADB_UPDATE_IV_ARC_BY_SPI = + "UPDATE security_associations" + " SET iv=X'%s', arsn=X'%s'" + " WHERE spi='%d' AND tfvn='%d' AND scid='%d' AND vcid='%d' AND mapid='%d'"; + +// sadb_routine mariaDB private helper functions +static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** security_association); +static int32_t convert_hexstring_to_byte_array(char* hexstr, uint8_t* byte_array); +static void convert_byte_array_to_hexstring(void* src_buffer, size_t buffer_length, char* dest_str); + +/* +** Global Variables +*/ +// Security +static SadbRoutineStruct sadb_routine_struct; +static MYSQL *con; + +SadbRoutine get_sadb_routine_mariadb(void) +{ + sadb_routine_struct.sadb_config = sadb_config; + sadb_routine_struct.sadb_init = sadb_init; + sadb_routine_struct.sadb_close = sadb_close; + sadb_routine_struct.sadb_get_sa_from_spi = sadb_get_sa_from_spi; + sadb_routine_struct.sadb_get_operational_sa_from_gvcid = sadb_get_operational_sa_from_gvcid; + sadb_routine_struct.sadb_sa_stop = sadb_sa_stop; + sadb_routine_struct.sadb_save_sa = sadb_save_sa; + sadb_routine_struct.sadb_sa_start = sadb_sa_start; + sadb_routine_struct.sadb_sa_expire = sadb_sa_expire; + sadb_routine_struct.sadb_sa_rekey = sadb_sa_rekey; + sadb_routine_struct.sadb_sa_status = sadb_sa_status; + sadb_routine_struct.sadb_sa_create = sadb_sa_create; + sadb_routine_struct.sadb_sa_setARSN = sadb_sa_setARSN; + sadb_routine_struct.sadb_sa_setARSNW = sadb_sa_setARSNW; + sadb_routine_struct.sadb_sa_delete = sadb_sa_delete; + return &sadb_routine_struct; +} + +static int32_t sadb_config(void) +{ + return CRYPTO_LIB_SUCCESS; +} + +static int32_t sadb_init(void) +{ + int32_t status = CRYPTO_LIB_ERROR; + if (sadb_mariadb_config != NULL) + { + con = mysql_init(con); + if (con != NULL) + { + //mysql_options is removed in MariaDB C connector v3, using mysql_optionsv + // Lots of small configuration differences between MySQL connector & MariaDB Connector + // Only MariaDB Connector is implemented here: + // https://wikidev.in/wiki/C/mysql_mysql_h/mysql_options | https://mariadb.com/kb/en/mysql_optionsv/ + if(sadb_mariadb_config->mysql_mtls_key != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_KEY, sadb_mariadb_config->mysql_mtls_key); + } + if(sadb_mariadb_config->mysql_mtls_cert != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_CERT, sadb_mariadb_config->mysql_mtls_cert); + } + if(sadb_mariadb_config->mysql_mtls_ca != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_CA, sadb_mariadb_config->mysql_mtls_ca); + } + if(sadb_mariadb_config->mysql_mtls_capath != NULL) + { + mysql_optionsv(con, MYSQL_OPT_SSL_CAPATH, sadb_mariadb_config->mysql_mtls_capath); + } + if (sadb_mariadb_config->mysql_tls_verify_server != CRYPTO_FALSE) + { + mysql_optionsv(con, MYSQL_OPT_SSL_VERIFY_SERVER_CERT, &(sadb_mariadb_config->mysql_tls_verify_server)); + } + if (sadb_mariadb_config->mysql_mtls_client_key_password != NULL) + { + mysql_optionsv(con, MARIADB_OPT_TLS_PASSPHRASE, sadb_mariadb_config->mysql_mtls_client_key_password); + } + if (sadb_mariadb_config->mysql_require_secure_transport == CRYPTO_TRUE) + { + mysql_optionsv(con, MYSQL_OPT_SSL_ENFORCE,&(sadb_mariadb_config->mysql_require_secure_transport)); + } + //if encrypted connection (TLS) connection. No need for SSL Key + if (mysql_real_connect(con, sadb_mariadb_config->mysql_hostname, + sadb_mariadb_config->mysql_username, + sadb_mariadb_config->mysql_password, + sadb_mariadb_config->mysql_database, + sadb_mariadb_config->mysql_port, NULL, 0) == NULL) + { + //0,NULL,0 are port number, unix socket, client flag + finish_with_error(&con, SADB_MARIADB_CONNECTION_FAILED); + status = CRYPTO_LIB_ERROR; + } else { + status = CRYPTO_LIB_SUCCESS; + if (status == CRYPTO_LIB_SUCCESS) { +#ifdef DEBUG + printf("sadb_init created mysql connection successfully. \n"); +#endif + } + } + } + else + { + //error + fprintf(stderr, "Error: sadb_init() MySQL API function mysql_init() returned a connection object that is NULL\n"); + } + + } + return status; +}//end int32_t sadb_init() + +static int32_t sadb_close(void) +{ + if(con) + { + mysql_close(con); + con = NULL; + } + + return CRYPTO_LIB_SUCCESS; +} + +// Security Association Interaction Functions +static int32_t sadb_get_sa_from_spi(uint16_t spi, SecurityAssociation_t** security_association) +{ + int32_t status = CRYPTO_LIB_SUCCESS; + + char spi_query[2048]; + snprintf(spi_query, sizeof(spi_query), SQL_SADB_GET_SA_BY_SPI, spi); + + status = parse_sa_from_mysql_query(&spi_query[0], security_association); + + return status; +} +static int32_t sadb_get_operational_sa_from_gvcid(uint8_t tfvn, uint16_t scid, uint16_t vcid, uint8_t mapid, + SecurityAssociation_t** security_association) +{ + int32_t status = CRYPTO_LIB_SUCCESS; + + char gvcid_query[2048]; + snprintf(gvcid_query, sizeof(gvcid_query), SQL_SADB_GET_SA_BY_GVCID, tfvn, scid, vcid, mapid, SA_OPERATIONAL); + + status = parse_sa_from_mysql_query(&gvcid_query[0], security_association); + + return status; +} +static int32_t sadb_save_sa(SecurityAssociation_t* sa) +{ + int32_t status = CRYPTO_LIB_SUCCESS; + if (sa == NULL) + { + return SADB_NULL_SA_USED; + } + + char update_sa_query[2048]; + + char* iv_h = malloc(sa->iv_len * 2 + 1); + convert_byte_array_to_hexstring(sa->iv, sa->iv_len, iv_h); + char* arsn_h = malloc(sa->arsn_len * 2 + 1); + convert_byte_array_to_hexstring(sa->arsn, sa->arsn_len, arsn_h); + + snprintf(update_sa_query, sizeof(update_sa_query), SQL_SADB_UPDATE_IV_ARC_BY_SPI, + iv_h, + arsn_h, sa->spi, sa->gvcid_blk.tfvn, + sa->gvcid_blk.scid, sa->gvcid_blk.vcid, sa->gvcid_blk.mapid); + free(iv_h); + free(arsn_h); +#ifdef SA_DEBUG + fprintf(stderr, "MySQL Insert SA Query: %s \n", update_sa_query); +#endif + + // Crypto_saPrint(sa); + if (mysql_query(con, update_sa_query)) + { + status = finish_with_error(&con, SADB_QUERY_FAILED); + } + // todo - if query fails, need to push failure message to error stack instead of just return code. + + // We free the allocated SA memory in the save function. + if (sa->iv != NULL) + free(sa->iv); + if (sa->abm != NULL) + free(sa->abm); + if (sa->arsn != NULL) + free(sa->arsn); + if (sa->ek_ref != NULL) + free(sa->ek_ref); + if (sa->ecs != NULL) + free(sa->ecs); + if (sa->acs != NULL) + free(sa->acs); + if (sa->ak_ref != NULL) + free(sa->ak_ref); + free(sa); + return status; +} +// Security Association Utility Functions +static int32_t sadb_sa_stop(void) +{ + return CRYPTO_LIB_SUCCESS; +} +static int32_t sadb_sa_start(TC_t* tc_frame) +{ + tc_frame = tc_frame; + return CRYPTO_LIB_SUCCESS; +} +static int32_t sadb_sa_expire(void) +{ + return CRYPTO_LIB_SUCCESS; +} +static int32_t sadb_sa_rekey(void) +{ + return CRYPTO_LIB_SUCCESS; +} +static int32_t sadb_sa_status(uint8_t* ingest) +{ + ingest = ingest; + return CRYPTO_LIB_SUCCESS; +} +static int32_t sadb_sa_create(void) +{ + return CRYPTO_LIB_SUCCESS; +} +static int32_t sadb_sa_setARSN(void) +{ + return CRYPTO_LIB_SUCCESS; +} +static int32_t sadb_sa_setARSNW(void) +{ + return CRYPTO_LIB_SUCCESS; +} +static int32_t sadb_sa_delete(void) +{ + return CRYPTO_LIB_SUCCESS; +} + +// sadb_routine private helper functions +static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** security_association) +{ + int32_t status = CRYPTO_LIB_SUCCESS; + SecurityAssociation_t* sa = calloc(1,sizeof(SecurityAssociation_t)); + +#ifdef SA_DEBUG + fprintf(stderr, "MySQL Query: %s \n", query); +#endif + + if (mysql_real_query(con, query, strlen(query))) + { // query should be NUL terminated! + status = finish_with_error(&con, SADB_QUERY_FAILED); + return status; + } + // todo - if query fails, need to push failure message to error stack instead of just return code. + + MYSQL_RES *result = mysql_store_result(con); + if (result == NULL) + { + status = finish_with_error(&con, SADB_QUERY_EMPTY_RESULTS); + return status; + } + + int num_rows = mysql_num_rows(result); + if(num_rows == 0) // No rows returned in query!! + { + status = finish_with_error(&con, SADB_QUERY_EMPTY_RESULTS); + return status; + } + + int num_fields = mysql_num_fields(result); + + MYSQL_ROW row; + MYSQL_FIELD *field; + + char* field_names[num_fields]; //[64]; 64 == max length of column name in MySQL + + // TODO -- Need to store mysql query hex string and then malloc sa->iv according to size. + // TODO -- IV && arsn && abm as uint8_t* instead of uint8[]!!! + char* iv_byte_str; + char* arc_byte_str; + char* abm_byte_str; + char* ecs_byte_str; + char* acs_byte_str; + while ((row = mysql_fetch_row(result))) + { + for (int i = 0; i < num_fields; i++) + { + // Parse out all the field names. + if (i == 0) + { + int field_idx = 0; + while ((field = mysql_fetch_field(result))) + { + field_names[field_idx] = field->name; + field_idx++; + } + } + // Handle query results + if (row[i] == NULL) + { + continue; + } // Don't do anything with NULL fields from MySQL query. + if (strcmp(field_names[i], "spi") == 0) + { + sa->spi = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "ekid") == 0) + { + if(crypto_config->cryptography_type==CRYPTOGRAPHY_TYPE_LIBGCRYPT) + { + sa->ekid = atoi(row[i]); + } else // Cryptography Type KMC Crypto Service with PKCS12 String Key References + { + sa->ekid = 0; + sa->ek_ref = malloc((strlen(row[i])+1) * sizeof(char)); + memcpy(sa->ek_ref, row[i], strlen(row[i])+1); + } + continue; + } + if (strcmp(field_names[i], "akid") == 0) + { + if(crypto_config->cryptography_type==CRYPTOGRAPHY_TYPE_LIBGCRYPT) + { + sa->akid = atoi(row[i]); + } else // Cryptography Type KMC Crypto Service with PKCS12 String Key References + { + sa->ak_ref = malloc((strlen(row[i])+1) * sizeof(char)); + memcpy(sa->ak_ref, row[i], strlen(row[i])+1); + } + continue; + } + if (strcmp(field_names[i], "sa_state") == 0) + { + sa->sa_state = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "tfvn") == 0) + { + sa->gvcid_blk.tfvn = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "scid") == 0) + { + sa->gvcid_blk.scid = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "vcid") == 0) + { + sa->gvcid_blk.vcid = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "mapid") == 0) + { + sa->gvcid_blk.mapid = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "lpid") == 0) + { + sa->lpid = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "est") == 0) + { + sa->est = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "ast") == 0) + { + sa->ast = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "shivf_len") == 0) + { + sa->shivf_len = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "iv_len") == 0) + { + sa->iv_len = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "shsnf_len") == 0) + { + sa->shsnf_len = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "shplf_len") == 0) + { + sa->shplf_len = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "stmacf_len") == 0) + { + sa->stmacf_len = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "ecs_len") == 0) + { + sa->ecs_len = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "HEX(ecs)") == 0) + { + ecs_byte_str = row[i]; + continue; + } + // if(strcmp(field_names[i],"HEX(iv)")==0){memcpy(&(sa->iv),&row[i],IV_SIZE);continue;} + if (strcmp(field_names[i], "HEX(iv)") == 0) + { + iv_byte_str = row[i]; + continue; + } + if (strcmp(field_names[i], "acs_len") == 0) + { + sa->acs_len = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "HEX(acs)") == 0) + { + acs_byte_str = row[i]; + continue; + } + if (strcmp(field_names[i], "abm_len") == 0) + { + sa->abm_len = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "HEX(abm)") == 0) + { + abm_byte_str = row[i]; + continue; + } + // if(strcmp(field_names[i],"HEX(abm)")==0){convert_hexstring_to_byte_array(row[i],sa->abm);continue;} + if (strcmp(field_names[i], "arsn_len") == 0) + { + sa->arsn_len = atoi(row[i]); + continue; + } + if (strcmp(field_names[i], "HEX(arsn)") == 0) + { + arc_byte_str = row[i]; + continue; + } + // if(strcmp(field_names[i],"HEX(arsn)")==0){convert_hexstring_to_byte_array(row[i],sa->arsn);continue;} + if (strcmp(field_names[i], "arsnw") == 0) + { + sa->arsnw = atoi(row[i]); + continue; + } + // printf("%s:%s ",field_names[i], row[i] ? row[i] : "NULL"); + } + // printf("\n"); + } + sa->iv = (uint8_t* )calloc(1, sa->iv_len * sizeof(uint8_t)); + sa->arsn = (uint8_t* )calloc(1, sa->arsn_len * sizeof(uint8_t)); + sa->abm = (uint8_t* )calloc(1, sa->abm_len * sizeof(uint8_t)); + sa->ecs = (uint8_t* )calloc(1, sa->ecs_len * sizeof(uint8_t)); + sa->acs = (uint8_t* )calloc(1, sa->acs_len * sizeof(uint8_t)); + if(sa->iv_len > 0) convert_hexstring_to_byte_array(iv_byte_str, sa->iv); + if(sa->arsn_len > 0) convert_hexstring_to_byte_array(arc_byte_str, sa->arsn); + if(sa->abm_len > 0) convert_hexstring_to_byte_array(abm_byte_str, sa->abm); + if(sa->ecs_len > 0) convert_hexstring_to_byte_array(ecs_byte_str, sa->ecs); + if(sa->acs_len > 0) convert_hexstring_to_byte_array(acs_byte_str, sa->acs); + + //arsnw_len is not necessary for mariadb interface, putty dummy/default value for prints. + sa->arsnw_len = 1; + +#ifdef DEBUG + printf("Parsed SA from SQL Query:\n"); + Crypto_saPrint(sa); +#endif + + *security_association = sa; + mysql_free_result(result); + + return status; +} +static int32_t convert_hexstring_to_byte_array(char* source_str, uint8_t* dest_buffer) +{ // https://stackoverflow.com/questions/3408706/hexadecimal-string-to-byte-array-in-c/56247335#56247335 + char* line = source_str; + char* data = line; + int offset; + unsigned int read_byte; + uint32_t data_len = 0; + + while (sscanf(data, " %02x%n", &read_byte, &offset) == 1) + { + dest_buffer[data_len++] = read_byte; + data += offset; + } + return data_len; +} + +static void convert_byte_array_to_hexstring(void* src_buffer, size_t buffer_length, char* dest_str) +{ + unsigned char* bytes = src_buffer; + + if (src_buffer != NULL) + { + for (size_t i = 0; i < buffer_length; i++) + { + uint8_t nib1 = (bytes[i] >> 4) & 0x0F; + uint8_t nib2 = (bytes[i]) & 0x0F; + dest_str[i * 2 + 0] = nib1 < 0xA ? '0' + nib1 : 'A' + nib1 - 0xA; + dest_str[i * 2 + 1] = nib2 < 0xA ? '0' + nib2 : 'A' + nib2 - 0xA; + } + dest_str[buffer_length * 2] = '\0'; + } +} + +static int32_t finish_with_error(MYSQL **con_loc, int err) +{ + fprintf(stderr, "%s\n", mysql_error(*con_loc)); // todo - if query fails, need to push failure message to error stack + mysql_close(*con_loc); + *con_loc = NULL; + return err; } \ No newline at end of file diff --git a/src/src_feature_stubs/mysql_stub/sadb_routine_mariadb.stub.c b/src/sa/mariadb_stub/sadb_routine_mariadb.stub.c similarity index 100% rename from src/src_feature_stubs/mysql_stub/sadb_routine_mariadb.stub.c rename to src/sa/mariadb_stub/sadb_routine_mariadb.stub.c diff --git a/src/crypto_sadb/sadb_mariadb_sql/create_sadb.sql b/src/sa/sadb_mariadb_sql/create_sadb.sql similarity index 100% rename from src/crypto_sadb/sadb_mariadb_sql/create_sadb.sql rename to src/sa/sadb_mariadb_sql/create_sadb.sql diff --git a/src/crypto_sadb/sadb_mariadb_sql/delete_sadb.sql b/src/sa/sadb_mariadb_sql/delete_sadb.sql similarity index 100% rename from src/crypto_sadb/sadb_mariadb_sql/delete_sadb.sql rename to src/sa/sadb_mariadb_sql/delete_sadb.sql diff --git a/src/crypto_sadb/sadb_mariadb_sql/empty_sadb.sql b/src/sa/sadb_mariadb_sql/empty_sadb.sql similarity index 100% rename from src/crypto_sadb/sadb_mariadb_sql/empty_sadb.sql rename to src/sa/sadb_mariadb_sql/empty_sadb.sql diff --git a/src/crypto_sadb/sadb_mariadb_sql/list_sadb.sql b/src/sa/sadb_mariadb_sql/list_sadb.sql similarity index 100% rename from src/crypto_sadb/sadb_mariadb_sql/list_sadb.sql rename to src/sa/sadb_mariadb_sql/list_sadb.sql diff --git a/src/crypto_sadb/test_sadb_mariadb_sql/create_sadb_error_path_unit_test_security_associations.sql b/src/sa/test_sadb_mariadb_sql/create_sadb_error_path_unit_test_security_associations.sql similarity index 100% rename from src/crypto_sadb/test_sadb_mariadb_sql/create_sadb_error_path_unit_test_security_associations.sql rename to src/sa/test_sadb_mariadb_sql/create_sadb_error_path_unit_test_security_associations.sql diff --git a/src/crypto_sadb/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql b/src/sa/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql similarity index 100% rename from src/crypto_sadb/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql rename to src/sa/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql diff --git a/src/crypto_sadb/test_sadb_mariadb_sql/create_sadb_jpl_unit_test_security_associations.sql b/src/sa/test_sadb_mariadb_sql/create_sadb_jpl_unit_test_security_associations.sql similarity index 100% rename from src/crypto_sadb/test_sadb_mariadb_sql/create_sadb_jpl_unit_test_security_associations.sql rename to src/sa/test_sadb_mariadb_sql/create_sadb_jpl_unit_test_security_associations.sql diff --git a/src/crypto_sadb/test_sadb_mariadb_sql/create_sadb_unit_test_security_associations.sql b/src/sa/test_sadb_mariadb_sql/create_sadb_unit_test_security_associations.sql similarity index 100% rename from src/crypto_sadb/test_sadb_mariadb_sql/create_sadb_unit_test_security_associations.sql rename to src/sa/test_sadb_mariadb_sql/create_sadb_unit_test_security_associations.sql diff --git a/src/crypto_sadb/test_sadb_mariadb_sql/create_sadb_unit_test_user_grant_permissions.sql b/src/sa/test_sadb_mariadb_sql/create_sadb_unit_test_user_grant_permissions.sql similarity index 100% rename from src/crypto_sadb/test_sadb_mariadb_sql/create_sadb_unit_test_user_grant_permissions.sql rename to src/sa/test_sadb_mariadb_sql/create_sadb_unit_test_user_grant_permissions.sql diff --git a/util/src_util/ut_mariadb.c b/util/src_util/ut_mariadb.c index f3575ca5..4e90090a 100644 --- a/util/src_util/ut_mariadb.c +++ b/util/src_util/ut_mariadb.c @@ -52,8 +52,8 @@ void cleanup_sa(SecurityAssociation_t* test_association) void reload_db(void) { printf("Resetting Database\n"); - system("mysql --host=localhost -uroot -pitc123! < ../../src/crypto_sadb/sadb_mariadb_sql/empty_sadb.sql"); - system("mysql --host=localhost -uroot -pitc123! < ../../src/crypto_sadb/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql"); + system("mysql --host=localhost -uroot -pitc123! < ../../src/sa/sadb_mariadb_sql/empty_sadb.sql"); + system("mysql --host=localhost -uroot -pitc123! < ../../src/sa/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql"); } From 61fa4823b57b7142c523632f3bef2b72eaaae419 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Tue, 25 Apr 2023 14:45:01 -0400 Subject: [PATCH 04/46] [nasa/cryptolib#145] Renamed src_main to core and updated .gitignore; --- .gitignore | 36 ++++++++---------------- codecov.yml | 2 +- src/CMakeLists.txt | 2 +- src/{src_main => core}/crypto.c | 0 src/{src_main => core}/crypto_aos.c | 0 src/{src_main => core}/crypto_config.c | 0 src/{src_main => core}/crypto_error.c | 0 src/{src_main => core}/crypto_key_mgmt.c | 0 src/{src_main => core}/crypto_mc.c | 0 src/{src_main => core}/crypto_print.c | 0 src/{src_main => core}/crypto_tc.c | 0 src/{src_main => core}/crypto_tm.c | 0 src/{src_main => core}/crypto_user.c | 0 util/CMakeLists.txt | 2 +- 14 files changed, 15 insertions(+), 27 deletions(-) rename src/{src_main => core}/crypto.c (100%) rename src/{src_main => core}/crypto_aos.c (100%) rename src/{src_main => core}/crypto_config.c (100%) rename src/{src_main => core}/crypto_error.c (100%) rename src/{src_main => core}/crypto_key_mgmt.c (100%) rename src/{src_main => core}/crypto_mc.c (100%) rename src/{src_main => core}/crypto_print.c (100%) rename src/{src_main => core}/crypto_tc.c (100%) rename src/{src_main => core}/crypto_tm.c (100%) rename src/{src_main => core}/crypto_user.c (100%) diff --git a/.gitignore b/.gitignore index bd2709d5..15422467 100644 --- a/.gitignore +++ b/.gitignore @@ -1,28 +1,16 @@ +# +# Metadata +# +.vagrant +.vscode .idea -vgcore* -**core + +# +# Packages and Build Files +# +__pycache__ +*.dat *.so build venv -*.dat -.vscode -__pycache__ - -#CMake.gitignore -CMakeLists.txt.user -CMakeCache.txt -CMakeFiles -CMakeScripts -Testing -Makefile -cmake_install.cmake -install_manifest.txt -compile_commands.json -CTestTestfile.cmake -cmake-build-debug -**.cbp -_deps - -DartConfiguration.tcl - -install +vgcore* diff --git a/codecov.yml b/codecov.yml index a6ae2133..788ce279 100644 --- a/codecov.yml +++ b/codecov.yml @@ -8,6 +8,6 @@ ignore: - "util/src_util/crypto_sequence.c" - "util/include/utest.h" - "util/core/shared_util.c" - - "src/src_main/crypto_print.c" + - "src/core/crypto_print.c" - "src/src_feature_stubs/cryptography_kmc_stub/cryptography_interface_kmc.stub.c" - "src/src_feature_stubs/mysql_stub/sadb_routine_mariadb.stub.c" diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index ce2937d1..590307dd 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -17,7 +17,7 @@ include_directories(../include) -aux_source_directory(src_main LIB_SRC_FILES) +aux_source_directory(core LIB_SRC_FILES) if(MYSQL) aux_source_directory(sa/mariadb MARIADB_FILES) list(APPEND LIB_SRC_FILES ${MARIADB_FILES}) diff --git a/src/src_main/crypto.c b/src/core/crypto.c similarity index 100% rename from src/src_main/crypto.c rename to src/core/crypto.c diff --git a/src/src_main/crypto_aos.c b/src/core/crypto_aos.c similarity index 100% rename from src/src_main/crypto_aos.c rename to src/core/crypto_aos.c diff --git a/src/src_main/crypto_config.c b/src/core/crypto_config.c similarity index 100% rename from src/src_main/crypto_config.c rename to src/core/crypto_config.c diff --git a/src/src_main/crypto_error.c b/src/core/crypto_error.c similarity index 100% rename from src/src_main/crypto_error.c rename to src/core/crypto_error.c diff --git a/src/src_main/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c similarity index 100% rename from src/src_main/crypto_key_mgmt.c rename to src/core/crypto_key_mgmt.c diff --git a/src/src_main/crypto_mc.c b/src/core/crypto_mc.c similarity index 100% rename from src/src_main/crypto_mc.c rename to src/core/crypto_mc.c diff --git a/src/src_main/crypto_print.c b/src/core/crypto_print.c similarity index 100% rename from src/src_main/crypto_print.c rename to src/core/crypto_print.c diff --git a/src/src_main/crypto_tc.c b/src/core/crypto_tc.c similarity index 100% rename from src/src_main/crypto_tc.c rename to src/core/crypto_tc.c diff --git a/src/src_main/crypto_tm.c b/src/core/crypto_tm.c similarity index 100% rename from src/src_main/crypto_tm.c rename to src/core/crypto_tm.c diff --git a/src/src_main/crypto_user.c b/src/core/crypto_user.c similarity index 100% rename from src/src_main/crypto_user.c rename to src/core/crypto_user.c diff --git a/util/CMakeLists.txt b/util/CMakeLists.txt index 09f6bdb3..caa1358d 100644 --- a/util/CMakeLists.txt +++ b/util/CMakeLists.txt @@ -59,7 +59,7 @@ endforeach(SOURCE_PATH ${SOURCE_FILES}) target_include_directories (Crypto PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}) -set(OBJECT_DIR ${PROJECT_BINARY_DIR}/src/CMakeFiles/Crypto.dir/src_main) +set(OBJECT_DIR ${PROJECT_BINARY_DIR}/src/CMakeFiles/Crypto.dir/core) if(${CODECOV}) # Create the gcov target. Run coverage tests with 'make gcov' From cc546d51753d2b788ad051b27122b630bfc5d0c5 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Thu, 27 Apr 2023 10:44:42 -0400 Subject: [PATCH 05/46] [nasa/cryptolib#145] Removed unused and no longer functioning sdls_ep_interop test files; --- test/crypto_test.py | 119 ------------------------- test/sdls_ep_interop/tc4.txt | 163 ----------------------------------- test/sdls_ep_interop/tc5.txt | 117 ------------------------- test/sdls_ep_interop/tc6.txt | 93 -------------------- 4 files changed, 492 deletions(-) delete mode 100644 test/crypto_test.py delete mode 100644 test/sdls_ep_interop/tc4.txt delete mode 100644 test/sdls_ep_interop/tc5.txt delete mode 100644 test/sdls_ep_interop/tc6.txt diff --git a/test/crypto_test.py b/test/crypto_test.py deleted file mode 100644 index 1d67ac47..00000000 --- a/test/crypto_test.py +++ /dev/null @@ -1,119 +0,0 @@ -# Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. -# All Foreign Rights are Reserved to the U.S. Government. -# -# This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, -# including, but not limited to, any warranty that the software will conform to specifications, any implied warranties -# of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the -# documentation will conform to the program, or any warranty that the software will be error free. -# -# In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or -# consequential damages, arising out of, resulting from, or in any way connected with the software or its -# documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained -# from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. -# -# ITC Team -# NASA IV&V -# jstar-development-team@mail.nasa.gov - -# -# Connect to cFS via UDP to CI_Lab and TO_Lab to send and receive messages -# used to verify the SDLS-EP protocol via Interoperability Testing -# - -import binascii -import os -import signal -import socket -import struct -import sys - -def signal_term_handler(signale,frame): - print '\nExiting gracefully...\n' - ci.close() - to.close() - sys.exit(0) - -class color: - PURPLE = '\033[95m' - CYAN = '\033[96m' - DARKCYAN = '\033[36m' - BLUE = '\033[94m' - GREEN = '\033[92m' - YELLOW = '\033[93m' - RED = '\033[91m' - BOLD = '\033[1m' - UNDERLINE = '\033[4m' - END = '\033[0m' - -signal.signal(signal.SIGINT, signal_term_handler) - -# Get PWD -pwd = os.getcwd() + "/" - -# Setup CI UDP -UDP_IP_CI = "127.0.0.1" -UDP_PORT_CI = 1234 -ci = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) - -# Setup TO UDP -UDP_IP_TO = "127.0.0.1" -UDP_PORT_TO = 1235 -to = socket.socket(socket.AF_INET, socket.SOCK_DGRAM) -to.bind((UDP_IP_TO, UDP_PORT_TO)) -to.settimeout(5.0) - -python_files = [ - pwd+"sdls_ep_interop/tc4.txt", - pwd+"sdls_ep_interop/tc5.txt", - pwd+"sdls_ep_interop/tc6.txt", - ] - -print color.BOLD + '\nBegin Testing the Cryptography Library...' + color.END - -for file_name in python_files: - with open(file_name) as f: - print file_name + " has been loaded!" - print color.YELLOW + "Typically flight software must be rebooted now!\n" + color.END - for line in f: - # Determine line - if line.startswith("Number = "): - number = line[9:] - #sys.stdout.write(line[9:len(line)] + ") ") - #print line[9:] + " " - if line.startswith("Description = "): - description = line[14:] - #sys.stdout.write(line[14:len(line)]) - #print line[14:] + " " - if line.startswith("TC = "): - tc = line[5:] - if line.startswith("TM = "): - tm = line[5:] - print number.replace("\n","\t") + description - raw_input("Press ENTER to proceed...\n") - if len(tc) > 2: - # Send TC to CI_Lab - print tc - ci.sendto(binascii.unhexlify(tc[0:len(tc)-1]), (UDP_IP_CI,UDP_PORT_CI)) - if len(tm) > 2: - # Receive TM from TO_Lab - #print tm - try: - data, addr = to.recvfrom(10000); - except socket.timeout: - print color.RED + 'ERROR: TO_Lab timeout exceeded!' + color.END - os.kill(os.getpid(), signal.SIGINT) - if len(data) == 0: - print color.RED + 'ERROR: received no data from TO_Lab when response expected!' + color.END - os.kill(os.getpid(), signal.SIGINT) - else: - if tm[0:len(tm)-1] != binascii.hexlify(data[0:len(tm)-1]): - print color.RED + 'ERROR: received TM data did not match expected!' + color.END - print len(binascii.hexlify(data)) - print '\t received TM: ' + binascii.hexlify(data) - print len(tm) - print '\t expected TM: ' + tm - os.kill(os.getpid(), signal.SIGINT) - -print >> sys.stderr, "Out of data, exiting gracefully..." -ci.close() -to.close() \ No newline at end of file diff --git a/test/sdls_ep_interop/tc4.txt b/test/sdls_ep_interop/tc4.txt deleted file mode 100644 index 0cffad10..00000000 --- a/test/sdls_ep_interop/tc4.txt +++ /dev/null @@ -1,163 +0,0 @@ -Number = 0 -Description = Exercise the key lifecycle using the SDLS-EP key management procedures and to test the Over The Air Rekeying (OTAR) procedures with the key management service parameters and PDU formats specified for the SDLS-EP. Must reboot FSW to run test! -TC = -TM = - - -Number = 1 -Description = OTAR(0) 140-142 -TC = 2003009e00ff000100001880d037008c197f0b000100840000344892bbc54f5395297d4c37172f2a3c46f6a81c1349e9e26ac80985d8bbd55a5814c662e49fba52f99ba09558cd21cf268b8e50b2184137e80f76122034c580464e2f06d2659a50508bdfe9e9a55990ba4148af896d8a6eebe8b5d2258685d4ce217a20174fdd4f0efac62758c51b04e55710a47209c923b641d19a39001f9e986166f5ffd95555 -TM = - - -Number = 2 -Description = Activate 141, 142 -TC = 2003001e00ff000100001880d038000c197f0b00020004008d008e82ebe4fc55555555 -TM = - - -Number = 3 -Description = Deactivate 142 -TC = 2003001c00ff000100001880d039000a197f0b00030002008e1f6d21c4555555555555 -TM = - - -Number = 4 -Description = Verify 132, 134 -TC = 2003003e00ff000100001880d03a002c197f0b00040024008471fc3ad5b1c36ad56bd5a5432315cdab008675c06302465bc6d5091a29957eebed35c00a6ed8 -TM = - -Number = 4.resp -Description = Verify 132, 134 -TC = -TM = 0031020218000001001a0080ffff006084005c0084000000000000000000000001d8eaa795affaa0e951bb6cf0116192e16b1977d6723e92e01123ccef548e2885008600000000000000000000000275c47f30ca26e64af30c19ebffe0b314849133e138ac65bc2806e520a90c96a8216607ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff0000003900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000f844 - - -Number = 5 -Description = Verify 140, 141 -TC = 2003003e00ff000100001880d03b002c197f0b00040024008c1014b4d1f1d832e90f250289a64e641f008dc43813b784f3da70b9d9b6397464b1e9ccbe6ed8 -TM = - -Number = 5.resp -Description = Verify 140, 141 -TC = -TM = 00310303183e0001001a000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080ffff006084005c008c0000000000000000000000012fcf9ec2a0c44401c749344f6519f9b914162833e7893f32c3ca06572d4c91ac008d0000000000000000000000020fd3ae4cd8aa798d5872d152fe1dd0e6a70cc17ef4e3b3a21ca7053352fda2c18d6507ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff00000039000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00001008b27 - - -Number = 6 -Description = OTAR(1) 145-148 -TC = 200300c000ff000100001880d03c00ae197f0b000100a60001d920aeb912ed2c79690583e398e26d111d6d6de6cf13b2dedd268848d387494c834b85288a9e608a4b089d772a35ce8f7bfd4110fdcc22cd7cccf4ba45e63746f56d281d68850d6817d93d0066d6484e9a3c9e3f5e4f2aee86a035cd215ae6fe89f2f4d7855c6966952425e5e27fa3aaec98e272c1c871cdadaf5f52f9cc33d7097d564a39d75c61edf7b6ecd7dfa7b3f78e6086a49ff8321836e614667f94a4d1b5b5cdfeed05de555555 -TM = - - -Number = 7 -Description = Activate 146, 147 -TC = 2003001e00ff000100001880d03d000c197f0b0002000400920093a8e1e4fc55555555 -TM = - - -Number = 8 -Description = Deactivate 147 -TC = 2003001c00ff000100001880d03e000a197f0b000300020093d4ba21c4555555555555 -TM = - - -Number = 9 -Description = Verify 145, 146 -TC = 2003003e00ff000100001880d03f002c197f0b000400240091b863da1a6ad7f71291570adc1675dfa80092419319c71e0fd243374a4a5643c119308c156ed8 -TM = - -Number = 9.resp -Description = Verify 145, 146 -TC = -TM = 0031040418380001001a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080ffff006084005c0091000000000000000000000001095dd36a5c4a3e92bda5b0cfa668efe8f73b4dc959f4c1b723f00099afdb6d030092000000000000000000000002ee333ad04d4063cdf5f7139440f001c21ba097201aeeaa580a50b96e88ba727244f607ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000007300 - - -Number = 10 -Description = Verify 147, 148 -TC = 2003003e00ff000100001880d040002c197f0b000400240093ada7b7137f61300912abb49b45d931470094253cb5cdaa4b3d044db12737bc0f221106bb6ed8 -TM = - -Number = 10.resp -Description = Verify 147, 148 -TC = -TM = 0031050518360001001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080ffff006084005c0093000000000000000000000001acae8feba6b45eece52a7f1de280f56ed3a0ae6de63d317a387e726c0094460a009400000000000000000000000252927b593ab5cadcc38662ace78dfaeb6a3df4c3472b4f2ac9a982aecf2a0e25753907ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff0000003900000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c000010012fd - - -Number = 11 -Description = OTAR(2) 150-153 -TC = 200300c000ff000100001880d04100ae197f0b000100a60002f1e37102f68dcbbba2dce280c9ac4ad7d47803d1c50573054523cdb033e4f9b3149178e8bc34bbd318ee1b82c865b40b195b833389d50a6a64485a3e3f1abf4ec824432b765ce3d82c84a62d98a699a47a3efb37fa04cd982ce0eea11bd6bfc4e5b2300d478da25246961ed4087635d9695155e3a71089d87d2f2df052202700b949d2635823a78bd50bf19145afeb875ea1f995f3d1d3a171d5a61bc92a2060a6f94f05787f05de555555 -TM = - - -Number = 12 -Description = Activate 151-153 -TC = 2003002000ff000100001880d042000e197f0b00020006009700980099bee3a61a5555 -TM = - - -Number = 13 -Description = Deactivate 152, 153 -TC = 2003001e00ff000100001880d043000c197f0b0003000400980099e680e4fc55555555 -TM = - - -Number = 14 -Description = Verify 150, 151 -TC = 2003003e00ff000100001880d044002c197f0b000400240096a785a1801728d57ea5d7da6d4db309730097db2e5b1fb393a402d9c8b3a6edcc562d33b66ed8 -TM = - -Number = 14.resp -Description = Verify 150, 151 -TC = -TM = 0031060618340001001a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080ffff006084005c009600000000000000000000000176316dbb8260d96a20b37b57620e28915f56906a68ef8a8cb0b1a9d9adec816800970000000000000000000000028eb7575fb226ad4699ab2cc3f82a3ee62ab5e45825ee9913df10b46abd680834296a07ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff00000039000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000010000005fdb - - -Number = 15 -Description = Verify 152, 153 -TC = 2003003e00ff000100001880d045002c197f0b00040024009894a2b915a3154520df52edad8ac1acc00099dc09bd6bf7e43f1dc0d44c08bc8b63084f526ed8 -TM = - -Number = 15.resp -Description = Verify 150, 151 -TC = -TM = 0031070718320001001a00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080ffff006084005c0098000000000000000000000001f637d1ea1932e98c1e02ecb2f17310b75552aabf78cc8507785ff28aadc6678d0099000000000000000000000002367f0df5816231ae79b7b7f4281edec346410c7bc9dfed3291b96e5ba55c123d97ff07ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0000100ec09 - - -Number = 16 -Description = USER MODIFY KEY 152 - INVALID -TC = 2003001d00ff000100001880c000000a197f0b004500030098018dc782a5fecf -TM = - - -Number = 17 -Description = Verify 152, 153 -TC = 2003003e00ff000100001880d046002c197f0b000400240098765de8e4d2f1833e80907f7012d2e8300099d4a84e8e561752baa24f86f17b59b477f91e6ed8 -TM = - -Number = 17.resp -Description = Verify 152, 153 -TC = -TM = 0031080818300001001a0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080ffff006084005c009800000000000000000000000118af57f93ea5a9afa49c6024255acd0a270fb74852f43f135711885a0194130900990000000000000000000000023edefe1020915c091b2c7d0defcc09bcee47bf3ee527cb3138afb25985b8362de77907ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff0000000000000000000000000000000001000000f1a0 - - -Number = 18 -Description = USER MODIFY KEY 150 - INVALID -TC = 2003001d00ff000100001880c000000a197f0b004500030096018dc782a5fecf -TM = - -Number = 18 -Description = USER MODIFY KEY 151 - INVALID -TC = 2003001d00ff000100001880c000000a197f0b004500030097018dc782a5fecf -TM = - -Number = 20 -Description = Verify 150, 151 -TC = 2003003e00ff000100001880d047002c197f0b0004002400969964112b3621b6b136b51b1dc01da23b0097cdf1bb3b4d10fffcae9fac40caefae52fee56ed8 -TM = - - -Number = 20.resp -Description = Verify 150, 151 -TC = -TM = 00310909182e0001001a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080ffff006084005c009600000000000000000000000119d2aff46ff28b194ddcc67d6c0126f794ddf80120517fad23c2040aace7754d00970000000000000000000000028b90f89f963b6bc79123cc54fca7772d0cbf1c670bfadd54adbe34b268e40fd1d89c07ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000000000000000000000000000000000c00001007e98 diff --git a/test/sdls_ep_interop/tc5.txt b/test/sdls_ep_interop/tc5.txt deleted file mode 100644 index 444872f2..00000000 --- a/test/sdls_ep_interop/tc5.txt +++ /dev/null @@ -1,117 +0,0 @@ -Number = 0 -Description = Exercises the complete SA lifecycle using all the SDLS-EP SA management procedures. Must reboot FSW to run test! -TC = -TM = - - -Number = 1 -Description = SA(6) Rekey 133 -TC = 2003002a00ff000100001880d0ac0018197f0b0016000c00060085000000000000000000000000da959fc8555555555555 -TM = - - -Number = 2 -Description = Start SA(6) -TC = 2003002000ff000100001880d0ad000e197f0b001b0004000600003040f6f7a61a5555 -TM = - - -Number = 3 -Description = Encrypted Ping -TC = 2003043400ff000600000000000000000000000121e8cb55734ac14b895b5145793ab5dd25ab112b4c5f7b99d905051102a9e132c3555555 -TM = - - -Number = 3.resp -Description = Encrypted Ping -TC = -TM = 0031020218000001001a0080ffff0004b10000404307ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff00000039000000000000000000000000000000000000000000000000010000009d6d - - -Number = 4 -Description = Encrypted Ping -TC = 2003043400ff0006000000000000000000000002b3105fd60b1fdb72496c8ce203ce9b2eabb8bfc4527c479319b7cad9899d15b5ed555555 -TM = - - -Number = 4.resp -Description = Encrypted Ping -TC = -TM = 0031030318220001001a000000000000000000000000000000000000000000000000000000000000000000000080ffff0004b10000404307ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff00000039000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00006023aa7 - - -Number = 5 -Description = Read ARSN(6) -TC = 2003001c00ff000100001880d0b0000a197f0b001000020006571921c4555555555555 -TM = - - -Number = 5.resp -Description = Read ARSN(6) -TC = -TM = 0031040418040001001a000000000080ffff001290000e00060000000000000000000000021ae507ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff00000039000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000100000082da - - -Number = 6 -Description = Set ARSN(6) to 0x64 -TC = 2003002800ff000100001880d0b10016197f0b001a000a000600000000000000000000006413b5983e55 -TM = - - -Number = 7 -Description = Read ARSN(6) -TC = 2003001c00ff000100001880d0b2000a197f0b00100002000651f321c4555555555555 -TM = - - -Number = 7.resp -Description = Read ARSN(6) -TC = -TM = 0031050518340001001a000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000080ffff001290000e0006000000000000000000000064168507ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff0000003900000000000000000000000000000000000000000000c0000102d685 - - -Number = 8 -Description = Encrypted Ping -TC = 2003043400ff00060000000000000000000000656cbe97c866d9015ab1f747510b19ccef0376ca22becfeb3968179af7dc364f6ded555555 -TM = - -Number = 8.resp -Description = Encrypted Ping -TC = -TM = 0031060618240001001a0000000000000000000000000000000000000000000000000000000000000000000000000080ffff0004b10000404307ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000001000000f46a - - -Number = 9 -Description = Encrypted Ping -TC = 2003043400ff0006000000000000000000000066fa191521e27cb4d95b5c2b5f43ebe7a0ee0c400f1af632186bfb26a6900bedae4a555555 -TM = - -Number = 9.resp -Description = Encrypted Ping -TC = -TM = 0031070718060001001a0000000000000080ffff0004b10000404307ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff00000039000000000000000000000000000000000000c00006669b93 - - -Number = 10 -Description = Read ARSN(6) -TC = 2003001c00ff000100001880d0b5000a197f0b00100002000659b821c4555555555555 -TM = - - -Number = 10.resp -Description = Read ARSN(6) -TC = -TM = 0031080818280001001a000000000000000000000000000000000000000000000000000000000000000000000000000000000080ffff001290000e000600000000000000000000006636c707ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff0000003900000000000000000000000000000000000000000000000000000000000000000000010000000542 - - -Number = 11 -Description = Stop SA(6) -TC = 2003001c00ff000100001880d0b6000a197f0b001e00020006938f21c4555555555555 -TM = - - -Number = 12 -Description = Expire SA(6) -TC = 2003001c00ff000100001880d0b7000a197f0b001900020006f72e21c4555555555555 -TM = - diff --git a/test/sdls_ep_interop/tc6.txt b/test/sdls_ep_interop/tc6.txt deleted file mode 100644 index f2d8529e..00000000 --- a/test/sdls_ep_interop/tc6.txt +++ /dev/null @@ -1,93 +0,0 @@ -Number = 0 -Description = Execute all the Monitoring & Control procedures and their specified PDU formats as well as testing the FSR functionality. Must reboot FSW to run test! -TC = -TM = - - -Number = 1 -Description = Ping -TC = 2003001a00ff000100001880d2c70008197f0b00310000b1fe312855 -TM = - -Number = 1.resp -Description = Ping -TC = -TM = 0031020218000001001a0080ffff0004b10000404307ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff00000039000000000000000000000000000000000000000000000000010000009d6d - - -Number = 2 -Description = Ping -TC = 2003001a00ff000100001880d2c80008197f0b00310000e74f312855 -TM = - -Number = 2.resp -Description = Ping -TC = -TM = 0031030318220001001a000000000000000000000000000000000000000000000000000000000000000000000080ffff0004b10000404307ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff00000039000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c0000100d955 - - -Number = 3 -Description = Start SA(4) -TC = 2003002000ff000100001880d2c9000e197f0b001b0004000400003040d95ea61a5555 -TM = - - -Number = 4 -Description = Ping -TC = 2003043400ff00040000000000000000000000017e1d8eea8d45ceba17888e0cdcd74797f2db4e6521fbbe3e8738b72bcdea797c7a555555 -TM = - - -Number = 4.resp -Description = Ping -TC = -TM = 0031040418040001001a000000000080ffff0004b10000404307ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff00000039000000000000000000000000000000000000000001000000c435 - - -Number = 5 -Description = Ping -TC = 2003043400ff000400000000000000000000000219c6efd6cd012f28eb9f38c49e7669bb6af19abfb95b6627f7bafb4596a3e178a2555555 -TM = - - -Number = 5.resp -Description = Ping -TC = -TM = 0031050518260001001a00000000000000000000000000000000000000000000000000000000000000000000000000000080ffff0004b10000404307ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000007ff000000390000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000c00004023951 - - -Number = 6 -Description = Replay Error Ping -TC = 2003043400ff000400000000000000000000000219c6efd1cd012f28eb9f38c49e6a93c47958d3525b0aec899dd33fe1d0a7b97435555555 -TM = - - -Number = 7 -Description = Reset Alarm -TC = 2003043400ff00040000000000000000000000035f07569e58aa0ca2ee993146a467b8e242d504a647ce56d0a3e4c0c613bdc7c588555555 -TM = - - -Number = 8 -Description = Bad MAC Encrypted Ping -TC = 2003043400ff000400000000000000000000000435d72650fa856512540e82a00668d8c68c90f418166c6693c95f3e370a1bd875ff555555 -TM = - - -Number = 9 -Description = Reset Alarm -TC = 2003043400ff0004000000000000000000000006ba5b389a7bb28e0fca8aea45e6a74b5f2dd79d8e9bd585e53ebed302f14e6d154c555555 -TM = - - -Number = 10 -Description = Out of window Encrypted Ping -TC = 2003043400ff000400000000000000000000000c79ebc6ca752b40c56ecef6cda30c7ca0b1968c3bfd28b786f754b0420be7d5ef6b555555 -TM = - - -Number = 11 -Description = Invalid SPI Encrypted Ping -TC = 2003043400ff00040000000600000000000000079776af36c8eb72afa1c53b7d19d1a486d0cf5df09b6bbad0c2f5e208e45090b13e555555 -TM = - From 0ef40276b3c3cdfc506a9ff984646392ae924b8c Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Thu, 27 Apr 2023 11:06:34 -0400 Subject: [PATCH 06/46] [nasa/cryptolib#145] Consolidated utils into test folder; --- CMakeLists.txt | 4 - codecov.yml | 18 +- test/CMakeLists.txt | 80 +++++ {util/src_util => test/core}/apply_security.c | 0 .../src_util => test/core}/crypto_sequence.c | 0 .../src_util => test/core}/process_security.c | 0 {util => test}/core/shared_util.c | 0 {util => test}/include/apply_security.h | 0 {util => test}/include/crypto_sequence.h | 0 {util => test}/include/et_dt_validation.h | 0 {util => test}/include/process_security.h | 0 {util => test}/include/shared_util.h | 0 {util => test}/include/standalone.h | 0 {util => test}/include/ut_crypto.h | 0 {util => test}/include/ut_crypto_aos.h | 0 {util => test}/include/ut_crypto_config.h | 0 {util => test}/include/ut_crypto_mc.h | 0 {util => test}/include/ut_mariadb.h | 0 {util => test}/include/ut_tc_apply.h | 0 {util => test}/include/ut_tc_process.h | 0 {util => test}/include/ut_tm_apply.h | 0 {util => test}/include/ut_tm_process.h | 0 {util => test}/include/utest.h | 0 .../tests}/et_dt_validation.c | 0 {util/src_util => test/tests}/pt_auth_as.c | 0 .../src_util => test/tests}/pt_auth_enc_as.c | 0 .../src_util => test/tests}/pt_auth_enc_ps.c | 0 {util/src_util => test/tests}/pt_gcry_base.c | 0 {util/src_util => test/tests}/standalone.c | 0 {util/src_util => test/tests}/ut_crypto.c | 0 {util/src_util => test/tests}/ut_crypto_aos.c | 0 .../tests}/ut_crypto_config.c | 0 {util/src_util => test/tests}/ut_crypto_mc.c | 0 {util/src_util => test/tests}/ut_kmc_crypto.c | 0 .../tests}/ut_kmc_crypto_auth_only.c | 0 .../tests}/ut_kmc_crypto_cam.c | 0 .../tests}/ut_kmc_crypto_with_mtls_sadb.c | 338 +++++++++--------- {util/src_util => test/tests}/ut_mariadb.c | 0 .../tests}/ut_mysql_m_tls_connection.c | 0 .../tests}/ut_mysql_tls_connection.c | 0 .../tests}/ut_sadb_err_cases_kmc_crypto.c | 0 {util/src_util => test/tests}/ut_tc_apply.c | 0 {util/src_util => test/tests}/ut_tc_kmc.c | 0 {util/src_util => test/tests}/ut_tc_process.c | 0 {util/src_util => test/tests}/ut_tm_apply.c | 0 {util/src_util => test/tests}/ut_tm_process.c | 0 util/CMakeLists.txt | 96 ----- 47 files changed, 258 insertions(+), 278 deletions(-) rename {util/src_util => test/core}/apply_security.c (100%) mode change 100755 => 100644 rename {util/src_util => test/core}/crypto_sequence.c (100%) rename {util/src_util => test/core}/process_security.c (100%) rename {util => test}/core/shared_util.c (100%) rename {util => test}/include/apply_security.h (100%) rename {util => test}/include/crypto_sequence.h (100%) rename {util => test}/include/et_dt_validation.h (100%) rename {util => test}/include/process_security.h (100%) rename {util => test}/include/shared_util.h (100%) rename {util => test}/include/standalone.h (100%) rename {util => test}/include/ut_crypto.h (100%) rename {util => test}/include/ut_crypto_aos.h (100%) rename {util => test}/include/ut_crypto_config.h (100%) rename {util => test}/include/ut_crypto_mc.h (100%) rename {util => test}/include/ut_mariadb.h (100%) rename {util => test}/include/ut_tc_apply.h (100%) rename {util => test}/include/ut_tc_process.h (100%) rename {util => test}/include/ut_tm_apply.h (100%) rename {util => test}/include/ut_tm_process.h (100%) rename {util => test}/include/utest.h (100%) rename {util/src_util => test/tests}/et_dt_validation.c (100%) rename {util/src_util => test/tests}/pt_auth_as.c (100%) rename {util/src_util => test/tests}/pt_auth_enc_as.c (100%) rename {util/src_util => test/tests}/pt_auth_enc_ps.c (100%) rename {util/src_util => test/tests}/pt_gcry_base.c (100%) rename {util/src_util => test/tests}/standalone.c (100%) rename {util/src_util => test/tests}/ut_crypto.c (100%) rename {util/src_util => test/tests}/ut_crypto_aos.c (100%) rename {util/src_util => test/tests}/ut_crypto_config.c (100%) rename {util/src_util => test/tests}/ut_crypto_mc.c (100%) rename {util/src_util => test/tests}/ut_kmc_crypto.c (100%) rename {util/src_util => test/tests}/ut_kmc_crypto_auth_only.c (100%) rename {util/src_util => test/tests}/ut_kmc_crypto_cam.c (100%) rename {util/src_util => test/tests}/ut_kmc_crypto_with_mtls_sadb.c (98%) rename {util/src_util => test/tests}/ut_mariadb.c (100%) rename {util/src_util => test/tests}/ut_mysql_m_tls_connection.c (100%) rename {util/src_util => test/tests}/ut_mysql_tls_connection.c (100%) rename {util/src_util => test/tests}/ut_sadb_err_cases_kmc_crypto.c (100%) rename {util/src_util => test/tests}/ut_tc_apply.c (100%) rename {util/src_util => test/tests}/ut_tc_kmc.c (100%) rename {util/src_util => test/tests}/ut_tc_process.c (100%) rename {util/src_util => test/tests}/ut_tm_apply.c (100%) rename {util/src_util => test/tests}/ut_tm_process.c (100%) delete mode 100644 util/CMakeLists.txt diff --git a/CMakeLists.txt b/CMakeLists.txt index ffd5a966..82d2b39b 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -86,7 +86,3 @@ add_subdirectory(src) if((CMAKE_PROJECT_NAME STREQUAL PROJECT_NAME OR MYPROJECT_BUILD_TESTING) AND BUILD_TESTING) add_subdirectory(test) endif() - -IF(NOT DEFINED CFE_SYSTEM_PSPNAME) - add_subdirectory(util) -ENDIF() diff --git a/codecov.yml b/codecov.yml index 788ce279..afbc7d9b 100644 --- a/codecov.yml +++ b/codecov.yml @@ -1,13 +1,13 @@ ignore: - - "util/src_util/process_security.c" - - "util/src_util/ut_mysql_tls_connection.c" - - "util/src_util/ut_mysql_m_tls_connection.c" - - "util/src_util/ut_kmc_crypto.c" - - "util/src_util/ut_kmc_crypto_aes_cmac.c" - - "util/src_util/apply_security.c" - - "util/src_util/crypto_sequence.c" - - "util/include/utest.h" - - "util/core/shared_util.c" + - "test/tests/process_security.c" + - "test/tests/ut_mysql_tls_connection.c" + - "test/tests/ut_mysql_m_tls_connection.c" + - "test/tests/ut_kmc_crypto.c" + - "test/tests/ut_kmc_crypto_aes_cmac.c" + - "test/tests/apply_security.c" + - "test/tests/crypto_sequence.c" + - "test/include/utest.h" + - "test/core/shared_util.c" - "src/core/crypto_print.c" - "src/src_feature_stubs/cryptography_kmc_stub/cryptography_interface_kmc.stub.c" - "src/src_feature_stubs/mysql_stub/sadb_routine_mariadb.stub.c" diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index c8e9fd6b..20ff9899 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -62,3 +62,83 @@ if(${ENCTEST}) COMMAND ${PROJECT_BINARY_DIR}/bin/et_dt_validation WORKING_DIRECTORY ${PROJECT_TEST_DIR}) endif() + +include_directories(include) +include_directories(../include) + +if(${ENCTEST}) + find_package (Python3 REQUIRED COMPONENTS Interpreter Development) + execute_process(COMMAND pip3 show pycryptodome RESULT_VARIABLE EXIT_CODE OUTPUT_QUIET) + if(NOT ${EXIT_CODE} EQUAL 0) + message(FATAL_ERROR "The \"pycryptodome\" Python3 package is not installed, and is required for ENCTEST.") + endif() +endif(${ENCTEST}) + +aux_source_directory(core UTIL_SRC_FILES) +aux_source_directory(tests APP_SRC_FILES) + +find_package(Threads REQUIRED) + +file( GLOB SOURCE_FILES tests/*.c ) +foreach(SOURCE_PATH ${SOURCE_FILES}) + get_filename_component(EXECUTABLE_NAME ${SOURCE_PATH} NAME_WE) + + if((NOT ${ENCTEST}) AND ${EXECUTABLE_NAME} STREQUAL et_dt_validation) + continue() + else() + add_executable(${EXECUTABLE_NAME} ${SOURCE_PATH}) + target_sources(${EXECUTABLE_NAME} PRIVATE core/shared_util.c) + target_link_libraries(${EXECUTABLE_NAME} LINK_PUBLIC Crypto pthread) + endif() + + if(${ENCTEST} AND ${EXECUTABLE_NAME} STREQUAL et_dt_validation) + target_link_libraries(${EXECUTABLE_NAME} PUBLIC ${Python3_LIBRARIES}) + target_include_directories(${EXECUTABLE_NAME} PUBLIC ${Python3_INCLUDE_DIRS}) + find_library(${Python3_LIBRARIES} pycryptodome) + + endif() + + add_custom_command(TARGET ${EXECUTABLE_NAME} POST_BUILD + COMMAND ${CMAKE_COMMAND} -E copy $ ${PROJECT_BINARY_DIR}/bin/${EXECUTABLE_NAME} + COMMAND ${CMAKE_COMMAND} -E remove $ + COMMENT "Created ${PROJECT_BINARY_DIR}/bin/${EXECUTABLE_NAME}" + ) +endforeach(SOURCE_PATH ${SOURCE_FILES}) + +target_include_directories (Crypto PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}) + +set(OBJECT_DIR ${PROJECT_BINARY_DIR}/src/CMakeFiles/Crypto.dir/core) + +if(${CODECOV}) + # Create the gcov target. Run coverage tests with 'make gcov' + add_custom_target(gcov + COMMAND mkdir -p coverage + COMMAND ${CMAKE_MAKE_PROGRAM} test + WORKING_DIRECTORY ${PROJECT_BINARY_DIR} + ) + add_custom_command(TARGET gcov + COMMAND echo "=================== GCOV ====================" + #COMMAND gcov -b -o ${OBJECT_DIR} crypto_aos.c.gnco crypto_config.c.gnco crypto_key_mgmt.c.gnco crypto_mc.c.gnco crypto_print.c.gnco crypto_tc.c.gnco crypto_tm.c.gnco crypto_user.c.gnco crypto.c.gnco sadb_routine_inmemory.template.c.gnco sadb_routine.c.gnco + COMMAND gcov -b -o ${OBJECT_DIR} crypto_aos.c.gnco crypto_config.c.gnco crypto_key_mgmt.c.gnco crypto_mc.c.gnco crypto_tc.c.gnco crypto_tm.c.gnco crypto_user.c.gnco crypto.c.gnco sadb_routine_inmemory.template.c.gnco + # | grep -A 5 "Adder.cpp" > CoverageSummary.tmp + #COMMAND cat CoverageSummary.tmp + #COMMAND echo "-- Coverage files have been output to ${PROJECT_BINARY_DIR}/coverage" + COMMAND lcov -c --directory ${OBJECT_DIR} --output-file ${PROJECT_BINARY_DIR}/coverage/results.info + COMMAND genhtml ${PROJECT_BINARY_DIR}/coverage/results.info --output-directory ${PROJECT_BINARY_DIR}/coverage/results + WORKING_DIRECTORY ${PROJECT_BINARY_DIR}/coverage + ) + add_dependencies(gcov ut_tc_apply) + # Make sure to clean up the coverage folder + set_property(DIRECTORY APPEND PROPERTY ADDITIONAL_MAKE_CLEAN_FILES coverage) + + + + # Create the gcov-clean target. This cleans the build as well as generated + # .gcda and .gcno files. + add_custom_target(scrub + COMMAND ${CMAKE_MAKE_PROGRAM} clean + COMMAND rm -f ${OBJECT_DIR}/*.gcno + COMMAND rm -f ${OBJECT_DIR}/*.gcda + WORKING_DIRECTORY ${PROJECT_BINARY_DIR} + ) +endif(${CODECOV}) diff --git a/util/src_util/apply_security.c b/test/core/apply_security.c old mode 100755 new mode 100644 similarity index 100% rename from util/src_util/apply_security.c rename to test/core/apply_security.c diff --git a/util/src_util/crypto_sequence.c b/test/core/crypto_sequence.c similarity index 100% rename from util/src_util/crypto_sequence.c rename to test/core/crypto_sequence.c diff --git a/util/src_util/process_security.c b/test/core/process_security.c similarity index 100% rename from util/src_util/process_security.c rename to test/core/process_security.c diff --git a/util/core/shared_util.c b/test/core/shared_util.c similarity index 100% rename from util/core/shared_util.c rename to test/core/shared_util.c diff --git a/util/include/apply_security.h b/test/include/apply_security.h similarity index 100% rename from util/include/apply_security.h rename to test/include/apply_security.h diff --git a/util/include/crypto_sequence.h b/test/include/crypto_sequence.h similarity index 100% rename from util/include/crypto_sequence.h rename to test/include/crypto_sequence.h diff --git a/util/include/et_dt_validation.h b/test/include/et_dt_validation.h similarity index 100% rename from util/include/et_dt_validation.h rename to test/include/et_dt_validation.h diff --git a/util/include/process_security.h b/test/include/process_security.h similarity index 100% rename from util/include/process_security.h rename to test/include/process_security.h diff --git a/util/include/shared_util.h b/test/include/shared_util.h similarity index 100% rename from util/include/shared_util.h rename to test/include/shared_util.h diff --git a/util/include/standalone.h b/test/include/standalone.h similarity index 100% rename from util/include/standalone.h rename to test/include/standalone.h diff --git a/util/include/ut_crypto.h b/test/include/ut_crypto.h similarity index 100% rename from util/include/ut_crypto.h rename to test/include/ut_crypto.h diff --git a/util/include/ut_crypto_aos.h b/test/include/ut_crypto_aos.h similarity index 100% rename from util/include/ut_crypto_aos.h rename to test/include/ut_crypto_aos.h diff --git a/util/include/ut_crypto_config.h b/test/include/ut_crypto_config.h similarity index 100% rename from util/include/ut_crypto_config.h rename to test/include/ut_crypto_config.h diff --git a/util/include/ut_crypto_mc.h b/test/include/ut_crypto_mc.h similarity index 100% rename from util/include/ut_crypto_mc.h rename to test/include/ut_crypto_mc.h diff --git a/util/include/ut_mariadb.h b/test/include/ut_mariadb.h similarity index 100% rename from util/include/ut_mariadb.h rename to test/include/ut_mariadb.h diff --git a/util/include/ut_tc_apply.h b/test/include/ut_tc_apply.h similarity index 100% rename from util/include/ut_tc_apply.h rename to test/include/ut_tc_apply.h diff --git a/util/include/ut_tc_process.h b/test/include/ut_tc_process.h similarity index 100% rename from util/include/ut_tc_process.h rename to test/include/ut_tc_process.h diff --git a/util/include/ut_tm_apply.h b/test/include/ut_tm_apply.h similarity index 100% rename from util/include/ut_tm_apply.h rename to test/include/ut_tm_apply.h diff --git a/util/include/ut_tm_process.h b/test/include/ut_tm_process.h similarity index 100% rename from util/include/ut_tm_process.h rename to test/include/ut_tm_process.h diff --git a/util/include/utest.h b/test/include/utest.h similarity index 100% rename from util/include/utest.h rename to test/include/utest.h diff --git a/util/src_util/et_dt_validation.c b/test/tests/et_dt_validation.c similarity index 100% rename from util/src_util/et_dt_validation.c rename to test/tests/et_dt_validation.c diff --git a/util/src_util/pt_auth_as.c b/test/tests/pt_auth_as.c similarity index 100% rename from util/src_util/pt_auth_as.c rename to test/tests/pt_auth_as.c diff --git a/util/src_util/pt_auth_enc_as.c b/test/tests/pt_auth_enc_as.c similarity index 100% rename from util/src_util/pt_auth_enc_as.c rename to test/tests/pt_auth_enc_as.c diff --git a/util/src_util/pt_auth_enc_ps.c b/test/tests/pt_auth_enc_ps.c similarity index 100% rename from util/src_util/pt_auth_enc_ps.c rename to test/tests/pt_auth_enc_ps.c diff --git a/util/src_util/pt_gcry_base.c b/test/tests/pt_gcry_base.c similarity index 100% rename from util/src_util/pt_gcry_base.c rename to test/tests/pt_gcry_base.c diff --git a/util/src_util/standalone.c b/test/tests/standalone.c similarity index 100% rename from util/src_util/standalone.c rename to test/tests/standalone.c diff --git a/util/src_util/ut_crypto.c b/test/tests/ut_crypto.c similarity index 100% rename from util/src_util/ut_crypto.c rename to test/tests/ut_crypto.c diff --git a/util/src_util/ut_crypto_aos.c b/test/tests/ut_crypto_aos.c similarity index 100% rename from util/src_util/ut_crypto_aos.c rename to test/tests/ut_crypto_aos.c diff --git a/util/src_util/ut_crypto_config.c b/test/tests/ut_crypto_config.c similarity index 100% rename from util/src_util/ut_crypto_config.c rename to test/tests/ut_crypto_config.c diff --git a/util/src_util/ut_crypto_mc.c b/test/tests/ut_crypto_mc.c similarity index 100% rename from util/src_util/ut_crypto_mc.c rename to test/tests/ut_crypto_mc.c diff --git a/util/src_util/ut_kmc_crypto.c b/test/tests/ut_kmc_crypto.c similarity index 100% rename from util/src_util/ut_kmc_crypto.c rename to test/tests/ut_kmc_crypto.c diff --git a/util/src_util/ut_kmc_crypto_auth_only.c b/test/tests/ut_kmc_crypto_auth_only.c similarity index 100% rename from util/src_util/ut_kmc_crypto_auth_only.c rename to test/tests/ut_kmc_crypto_auth_only.c diff --git a/util/src_util/ut_kmc_crypto_cam.c b/test/tests/ut_kmc_crypto_cam.c similarity index 100% rename from util/src_util/ut_kmc_crypto_cam.c rename to test/tests/ut_kmc_crypto_cam.c diff --git a/util/src_util/ut_kmc_crypto_with_mtls_sadb.c b/test/tests/ut_kmc_crypto_with_mtls_sadb.c similarity index 98% rename from util/src_util/ut_kmc_crypto_with_mtls_sadb.c rename to test/tests/ut_kmc_crypto_with_mtls_sadb.c index 18d50443..3b4bb720 100644 --- a/util/src_util/ut_kmc_crypto_with_mtls_sadb.c +++ b/test/tests/ut_kmc_crypto_with_mtls_sadb.c @@ -1,169 +1,169 @@ -/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. - All Foreign Rights are Reserved to the U.S. Government. - - This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, - including, but not limited to, any warranty that the software will conform to specifications, any implied warranties - of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the - documentation will conform to the program, or any warranty that the software will be error free. - - In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or - consequential damages, arising out of, resulting from, or in any way connected with the software or its - documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained - from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. - - ITC Team - NASA IV&V - jstar-development-team@mail.nasa.gov -*/ - -/** - * Unit Tests that make use of TC_ApplySecurity/TC_ProcessSecurity function on the data with KMC Crypto Service/MariaDB Functionality Enabled. - **/ -#include "crypto.h" -#include "crypto_error.h" -#include "sadb_routine.h" -#include "utest.h" - -#include "crypto.h" -#include "shared_util.h" -#include - -/** - * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB - **/ -UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_MTLS) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("asec-cmdenc-dev2.jpl.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",NULL,"testuser2", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service","/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt",NULL, CRYPTO_FALSE, "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", "PEM","/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); - int32_t status = Crypto_Init(); - - char* raw_tc_jpl_mmt_scid44_vcid1= "202c0408000001bd37"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("Frame before encryption:\n"); - for (int i=0; i + +/** + * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB + **/ +UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_MTLS) +{ + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_MariaDB("asec-cmdenc-dev2.jpl.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",NULL,"testuser2", NULL); + Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service","/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt",NULL, CRYPTO_FALSE, "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", "PEM","/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", NULL, NULL); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); + int32_t status = Crypto_Init(); + + char* raw_tc_jpl_mmt_scid44_vcid1= "202c0408000001bd37"; + char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; + int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + + hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + + uint8_t* ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("Frame before encryption:\n"); + for (int i=0; i ${PROJECT_BINARY_DIR}/bin/${EXECUTABLE_NAME} - COMMAND ${CMAKE_COMMAND} -E remove $ - COMMENT "Created ${PROJECT_BINARY_DIR}/bin/${EXECUTABLE_NAME}" - ) -endforeach(SOURCE_PATH ${SOURCE_FILES}) - -target_include_directories (Crypto PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}) - -set(OBJECT_DIR ${PROJECT_BINARY_DIR}/src/CMakeFiles/Crypto.dir/core) - -if(${CODECOV}) - # Create the gcov target. Run coverage tests with 'make gcov' - add_custom_target(gcov - COMMAND mkdir -p coverage - COMMAND ${CMAKE_MAKE_PROGRAM} test - WORKING_DIRECTORY ${PROJECT_BINARY_DIR} - ) - add_custom_command(TARGET gcov - COMMAND echo "=================== GCOV ====================" - #COMMAND gcov -b -o ${OBJECT_DIR} crypto_aos.c.gnco crypto_config.c.gnco crypto_key_mgmt.c.gnco crypto_mc.c.gnco crypto_print.c.gnco crypto_tc.c.gnco crypto_tm.c.gnco crypto_user.c.gnco crypto.c.gnco sadb_routine_inmemory.template.c.gnco sadb_routine.c.gnco - COMMAND gcov -b -o ${OBJECT_DIR} crypto_aos.c.gnco crypto_config.c.gnco crypto_key_mgmt.c.gnco crypto_mc.c.gnco crypto_tc.c.gnco crypto_tm.c.gnco crypto_user.c.gnco crypto.c.gnco sadb_routine_inmemory.template.c.gnco - # | grep -A 5 "Adder.cpp" > CoverageSummary.tmp - #COMMAND cat CoverageSummary.tmp - #COMMAND echo "-- Coverage files have been output to ${PROJECT_BINARY_DIR}/coverage" - COMMAND lcov -c --directory ${OBJECT_DIR} --output-file ${PROJECT_BINARY_DIR}/coverage/results.info - COMMAND genhtml ${PROJECT_BINARY_DIR}/coverage/results.info --output-directory ${PROJECT_BINARY_DIR}/coverage/results - WORKING_DIRECTORY ${PROJECT_BINARY_DIR}/coverage - ) - add_dependencies(gcov ut_tc_apply) - # Make sure to clean up the coverage folder - set_property(DIRECTORY APPEND PROPERTY ADDITIONAL_MAKE_CLEAN_FILES coverage) - - - - # Create the gcov-clean target. This cleans the build as well as generated - # .gcda and .gcno files. - add_custom_target(scrub - COMMAND ${CMAKE_MAKE_PROGRAM} clean - COMMAND rm -f ${OBJECT_DIR}/*.gcno - COMMAND rm -f ${OBJECT_DIR}/*.gcda - WORKING_DIRECTORY ${PROJECT_BINARY_DIR} - ) -endif(${CODECOV}) From d89d3155470f14d796cec4561854ea96cc124047 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Thu, 27 Apr 2023 11:08:44 -0400 Subject: [PATCH 07/46] [nasa/cryptolib#145] Updated readme codecov badge to look at main branch; --- README.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 52eeef79..2a5d6b7a 100644 --- a/README.md +++ b/README.md @@ -1,4 +1,8 @@ -![Build](https://github.com/nasa/CryptoLib/actions/workflows/build.yml/badge.svg) ![Unit Tests](https://github.com/nasa/CryptoLib/actions/workflows/utest.yml/badge.svg) ![Validation Tests](https://github.com/nasa/CryptoLib/actions/workflows/validation.yml/badge.svg) ![MariaDB Tests](https://github.com/nasa/CryptoLib/actions/workflows/mariadb.yml/badge.svg) [![CodeCov](https://codecov.io/gh/nasa/CryptoLib/branch/collab_main/graph/badge.svg?token=KCOMCQO0ZU)](https://codecov.io/gh/nasa/CryptoLib) +![Build](https://github.com/nasa/CryptoLib/actions/workflows/build.yml/badge.svg) +![Unit Tests](https://github.com/nasa/CryptoLib/actions/workflows/utest.yml/badge.svg) +![Validation Tests](https://github.com/nasa/CryptoLib/actions/workflows/validation.yml/badge.svg) +![MariaDB Tests](https://github.com/nasa/CryptoLib/actions/workflows/mariadb.yml/badge.svg) +[![CodeCov](https://codecov.io/gh/nasa/CryptoLib/branch/main/graph/badge.svg?token=KCOMCQO0ZU)](https://codecov.io/gh/nasa/CryptoLib) # CryptoLib From d4a40b43abc8c12a3c28ddfc80330d26b2e98bd4 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Thu, 27 Apr 2023 12:31:40 -0400 Subject: [PATCH 08/46] [nasa/cryptolib#145] Created a SUPPORT build flag and moved standalone build; --- CMakeLists.txt | 10 ++++++-- support/CMakeLists.txt | 24 +++++++++++++++++++ .../tests => support/standalone}/standalone.c | 0 .../standalone}/standalone.h | 1 - test/CMakeLists.txt | 7 +----- 5 files changed, 33 insertions(+), 9 deletions(-) create mode 100644 support/CMakeLists.txt rename {test/tests => support/standalone}/standalone.c (100%) rename {test/include => support/standalone}/standalone.h (99%) diff --git a/CMakeLists.txt b/CMakeLists.txt index 82d2b39b..f44536d9 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -20,7 +20,9 @@ cmake_minimum_required(VERSION 3.14.0) project(CRYPTO C) - +# +# Define Build Flags +# OPTION(DEBUG "Debug" OFF) # Disabled by default, enable with: -DDEBUG=ON OPTION(MYSQL "Mysql" OFF) # Disabled by default, enable with: -DMYSQL=ON OPTION(LIBGCRYPT "Libgcrypt" ON) # Enabled by default, disable with: -DLIBGCRYPT=OFF @@ -28,8 +30,8 @@ OPTION(KMCCRYPTO "KmcCrypto" OFF) # Disabled by default, enable with: -DKMCCRYPT OPTION(ENCTEST "Encryption-Tests" OFF) # Disabled by default, enable with: -DENCTEST=ON OPTION(CODECOV "Code-Coverage" OFF) # Disabled by default, enable with: -DCODECOV=ON OPTION(SYSTEM_INSTALL "SystemInstall" OFF) #Disabled by default, enable with: -DSYSTEM_INSTALL=ON - OPTION(SA_INTERNAL "SA Internal" ON) # Enabled by default, disable with: -DSA_INTERNAL=OFF +OPTION(SUPPORT "Support" OFF) # Disabled by default, enable with: --DSUPPORT=ON IF(NOT DEFINED CFE_SYSTEM_PSPNAME) # Not cFE / cFS @@ -81,6 +83,10 @@ if(NOT DEFINED ${PROJECT_BINARY_DIR}) set(PROJECT_BINARY_DIR ${CMAKE_CURRENT_SOURCE_DIR}/build) endif() +IF(SUPPORT) + add_subdirectory(support) +ENDIF() + add_subdirectory(src) if((CMAKE_PROJECT_NAME STREQUAL PROJECT_NAME OR MYPROJECT_BUILD_TESTING) AND BUILD_TESTING) diff --git a/support/CMakeLists.txt b/support/CMakeLists.txt new file mode 100644 index 00000000..9e55900e --- /dev/null +++ b/support/CMakeLists.txt @@ -0,0 +1,24 @@ +# Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. +# All Foreign Rights are Reserved to the U.S. Government. +# +# This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, +# including, but not limited to, any warranty that the software will conform to specifications, any implied warranties +# of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the +# documentation will conform to the program, or any warranty that the software will be error free. +# +# In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or +# consequential damages, arising out of, resulting from, or in any way connected with the software or its +# documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained +# from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. +# +# ITC Team +# NASA IV&V +# jstar-development-team@mail.nasa.gov + +find_package(Threads REQUIRED) + +# Standalone +include_directories("./standalone") +add_executable(standalone + ./standalone/standalone.c) +target_link_libraries(standalone Crypto pthread) diff --git a/test/tests/standalone.c b/support/standalone/standalone.c similarity index 100% rename from test/tests/standalone.c rename to support/standalone/standalone.c diff --git a/test/include/standalone.h b/support/standalone/standalone.h similarity index 99% rename from test/include/standalone.h rename to support/standalone/standalone.h index 9bc7924e..36a719f1 100644 --- a/test/include/standalone.h +++ b/support/standalone/standalone.h @@ -39,7 +39,6 @@ extern "C" #include #include "crypto.h" -#include "shared_util.h" /* diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 20ff9899..99d18185 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -77,9 +77,7 @@ endif(${ENCTEST}) aux_source_directory(core UTIL_SRC_FILES) aux_source_directory(tests APP_SRC_FILES) -find_package(Threads REQUIRED) - -file( GLOB SOURCE_FILES tests/*.c ) +file( GLOB SOURCE_FILES tests/*.c) foreach(SOURCE_PATH ${SOURCE_FILES}) get_filename_component(EXECUTABLE_NAME ${SOURCE_PATH} NAME_WE) @@ -95,7 +93,6 @@ foreach(SOURCE_PATH ${SOURCE_FILES}) target_link_libraries(${EXECUTABLE_NAME} PUBLIC ${Python3_LIBRARIES}) target_include_directories(${EXECUTABLE_NAME} PUBLIC ${Python3_INCLUDE_DIRS}) find_library(${Python3_LIBRARIES} pycryptodome) - endif() add_custom_command(TARGET ${EXECUTABLE_NAME} POST_BUILD @@ -131,8 +128,6 @@ if(${CODECOV}) # Make sure to clean up the coverage folder set_property(DIRECTORY APPEND PROPERTY ADDITIONAL_MAKE_CLEAN_FILES coverage) - - # Create the gcov-clean target. This cleans the build as well as generated # .gcda and .gcno files. add_custom_target(scrub From bb71561286aafa2c1a9f219d67f550d9bd2fb24a Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Thu, 27 Apr 2023 14:39:48 -0400 Subject: [PATCH 09/46] [nasa/cryptolib#145] Updated build flags and CMakeLists; --- .github/workflows/build.yml | 12 +-- .github/workflows/mariadb.yml | 2 +- .github/workflows/utest.yml | 3 - .github/workflows/validation.yml | 2 +- CMakeLists.txt | 93 ++++++++----------- src/CMakeLists.txt | 60 ++++++------ .../cryptography_interface_libgcrypt.stub.c | 2 +- .../sadb_routine_inmemory.stub.c | 2 +- .../mariadb_stub/sadb_routine_mariadb.stub.c | 2 +- test/CMakeLists.txt | 12 +-- test/tests/ut_mysql_m_tls_connection.c | 2 +- test/tests/ut_mysql_tls_connection.c | 2 +- 12 files changed, 86 insertions(+), 108 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 1c31e228..e771482d 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -24,7 +24,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DMYSQL=0 -DLIBGCRYPT=1 -DKMCCRYPTO=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 - name: Build # Build your program with the given configuration @@ -49,7 +49,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DMYSQL=0 -DLIBGCRYPT=1 -DKMCCRYPTO=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 - name: Build # Build your program with the given configuration @@ -75,7 +75,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DMYSQL=1 -DLIBGCRYPT=1 -DKMCCRYPTO=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 - name: Build # Build your program with the given configuration @@ -101,7 +101,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DMYSQL=1 -DLIBGCRYPT=1 -DKMCCRYPTO=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 - name: Build # Build your program with the given configuration @@ -127,7 +127,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DMYSQL=1 -DLIBGCRYPT=1 -DKMCCRYPTO=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 - name: Build # Build your program with the given configuration @@ -153,7 +153,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DMYSQL=1 -DLIBGCRYPT=1 -DKMCCRYPTO=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 - name: Build # Build your program with the given configuration diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 2c6df13d..8f3a1da2 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -17,7 +17,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DMYSQL=1 -DLIBGCRYPT=1 -DKMCCRYPTO=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 - name: Build # Build your program with the given configuration diff --git a/.github/workflows/utest.yml b/.github/workflows/utest.yml index d36e4da9..59032b81 100644 --- a/.github/workflows/utest.yml +++ b/.github/workflows/utest.yml @@ -81,6 +81,3 @@ jobs: # Execute tests defined by the CMake configuration. # See https://cmake.org/cmake/help/latest/manual/ctest.1.html for more detail run: ${{github.workspace}}/build/bin/ut_crypto_mc - - - diff --git a/.github/workflows/validation.yml b/.github/workflows/validation.yml index a62e6330..e46e8def 100644 --- a/.github/workflows/validation.yml +++ b/.github/workflows/validation.yml @@ -31,7 +31,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} -DENCTEST=1 -DDEBUG=1 -DCODECOV=1 + run: cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} --DTEST_ENC=1 -DDEBUG=1 -DCODECOV=1 - name: Build # Build your program with the given configuration diff --git a/CMakeLists.txt b/CMakeLists.txt index f44536d9..90a6ff0a 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -15,80 +15,67 @@ # NASA IV&V # jstar-development-team@mail.nasa.gov - -#cmake_minimum_required(VERSION 2.6.4) cmake_minimum_required(VERSION 3.14.0) project(CRYPTO C) # # Define Build Flags +# The default value is captured in line, change with flag `-DXYZ=1` +# For flags with the same prefix, one or more may be enabled # -OPTION(DEBUG "Debug" OFF) # Disabled by default, enable with: -DDEBUG=ON -OPTION(MYSQL "Mysql" OFF) # Disabled by default, enable with: -DMYSQL=ON -OPTION(LIBGCRYPT "Libgcrypt" ON) # Enabled by default, disable with: -DLIBGCRYPT=OFF -OPTION(KMCCRYPTO "KmcCrypto" OFF) # Disabled by default, enable with: -DKMCCRYPTO=ON -OPTION(ENCTEST "Encryption-Tests" OFF) # Disabled by default, enable with: -DENCTEST=ON -OPTION(CODECOV "Code-Coverage" OFF) # Disabled by default, enable with: -DCODECOV=ON -OPTION(SYSTEM_INSTALL "SystemInstall" OFF) #Disabled by default, enable with: -DSYSTEM_INSTALL=ON -OPTION(SA_INTERNAL "SA Internal" ON) # Enabled by default, disable with: -DSA_INTERNAL=OFF -OPTION(SUPPORT "Support" OFF) # Disabled by default, enable with: --DSUPPORT=ON +option(CODECOV "Code Coverage" OFF) +option(CRYPTO_LIBGCRYPT "Cryptography Module - Libgcrypt" ON) +option(CRYPTO_KMC "Cryptography Module - KMC" OFF) +option(DEBUG "Debug" OFF) +option(SA_INTERNAL "Security Association - Internal" ON) +option(SA_MARIADB "Security Association - MariaDB" OFF) +option(SUPPORT "Support" OFF) +option(SYSTEM_INSTALL "SystemInstall" OFF) +option(TEST "Test" OFF) +option(TEST_ENC "Tests - Encryption" OFF) -IF(NOT DEFINED CFE_SYSTEM_PSPNAME) - # Not cFE / cFS - set(CMAKE_INSTALL_RPATH "$ORIGIN/../lib") - set(CMAKE_INSTALL_PREFIX ${PROJECT_SOURCE_DIR}/install) -ENDIF() +# +# Build Flag Logic +# +if(CODECOV) + set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fprofile-arcs -ftest-coverage") +endif() -IF(CRYPTO_SUBMODULE_INSTALL) #If building CryptoLib as a submodule of another build system (EG, JPL KMC, Nasa NOS3, etc...) - set(CMAKE_INSTALL_PREFIX ${CRYPTO_SUBMODULE_INSTALL}) -ENDIF() +if(DEBUG) + add_definitions(-DDEBUG -DOCF_DEBUG -DFECF_DEBUG -DSA_DEBUG -DPDU_DEBUG -DCCSDS_DEBUG -DTC_DEBUG -DMAC_DEBUG -DTM_DEBUG) + add_compile_options(-ggdb) +endif() -IF(SYSTEM_INSTALL) +if(SYSTEM_INSTALL) set(CMAKE_INSTALL_PREFIX /usr/local) -ENDIF() - - -IF(DEBUG) - ADD_DEFINITIONS(-DDEBUG -DOCF_DEBUG -DFECF_DEBUG -DSA_DEBUG -DPDU_DEBUG -DCCSDS_DEBUG -DTC_DEBUG -DMAC_DEBUG -DTM_DEBUG) - add_compile_options(-ggdb) -ENDIF(DEBUG) +elseif(NOT DEFINED CFE_SYSTEM_PSPNAME) + # Not cFE / cFS + set(CMAKE_INSTALL_RPATH "$ORIGIN/../lib") + set(CMAKE_INSTALL_PREFIX ${PROJECT_SOURCE_DIR}/install) +endif() -IF(ENCTEST) - ADD_DEFINITIONS(-DENCTEST) -ENDIF(ENCTEST) +if(TEST_ENC) + # Can't run an additional set of tests without `TEST` enabled + set(TEST ON) +endif() -if(CMAKE_PROJECT_NAME STREQUAL PROJECT_NAME) +if(TEST) include(CTest) enable_testing() endif() +# +# Project Specifics +# set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -Wall -Wextra -Werror -g -O0") -if(CODECOV) - set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fprofile-arcs -ftest-coverage") -endif() - include_directories(include) +add_subdirectory(src) -# The shared OSAL and cFE include directories should always be used -# Note that this intentionally does NOT include PSP-specific includes, just the generic -# Only include cFS/NOS3 directories if env var is defined -IF(DEFINED CFE_SYSTEM_PSPNAME) - include_directories(${CFECORE_SOURCE_DIR}/src/inc) - include_directories(${CFEPSP_SOURCE_DIR}/fsw/inc) - ADD_DEFINITIONS(-DNOS3) -endif() - -if(NOT DEFINED ${PROJECT_BINARY_DIR}) - set(PROJECT_BINARY_DIR ${CMAKE_CURRENT_SOURCE_DIR}/build) -endif() - -IF(SUPPORT) +if(SUPPORT) add_subdirectory(support) -ENDIF() - -add_subdirectory(src) +endif() -if((CMAKE_PROJECT_NAME STREQUAL PROJECT_NAME OR MYPROJECT_BUILD_TESTING) AND BUILD_TESTING) +if(TEST) add_subdirectory(test) endif() diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 590307dd..334031ef 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -18,23 +18,8 @@ include_directories(../include) aux_source_directory(core LIB_SRC_FILES) -if(MYSQL) - aux_source_directory(sa/mariadb MARIADB_FILES) - list(APPEND LIB_SRC_FILES ${MARIADB_FILES}) -else() - aux_source_directory(sa/mariadb_stub MARIADB_FILES) - list(APPEND LIB_SRC_FILES ${MARIADB_FILES}) -endif() - -if(SA_INTERNAL) - aux_source_directory(sa/internal SA_INTERNAL_FILES) - list(APPEND LIB_SRC_FILES ${SA_INTERNAL_FILES}) -else() - aux_source_directory(sa/internal_stub SA_INTERNAL_FILES) - list(APPEND LIB_SRC_FILES ${SA_INTERNAL_FILES}) -endif() -if(LIBGCRYPT) +if(CRYPTO_LIBGCRYPT) aux_source_directory(crypto/libgcrypt LIBGCRYPT_FILES) list(APPEND LIB_SRC_FILES ${LIBGCRYPT_FILES}) else() @@ -42,7 +27,7 @@ else() list(APPEND LIB_SRC_FILES ${LIBGCRYPT_FILES}) endif() -if(KMCCRYPTO) +if(CRYPTO_KMC) aux_source_directory(crypto/kmc KMC_FILES) list(APPEND LIB_SRC_FILES ${KMC_FILES}) else() @@ -50,34 +35,44 @@ else() list(APPEND LIB_SRC_FILES ${KMC_FILES}) endif() -if(CMAKE_PROJECT_NAME STREQUAL PROJECT_NAME) - include(CTest) - enable_testing() +if(SA_INTERNAL) + aux_source_directory(sa/internal SA_INTERNAL_FILES) + list(APPEND LIB_SRC_FILES ${SA_INTERNAL_FILES}) +else() + aux_source_directory(sa/internal_stub SA_INTERNAL_FILES) + list(APPEND LIB_SRC_FILES ${SA_INTERNAL_FILES}) +endif() + +if(SA_MARIADB) + aux_source_directory(sa/mariadb MARIADB_FILES) + list(APPEND LIB_SRC_FILES ${MARIADB_FILES}) +else() + aux_source_directory(sa/mariadb_stub MARIADB_FILES) + list(APPEND LIB_SRC_FILES ${MARIADB_FILES}) endif() # Create the app module -IF(DEFINED CFE_SYSTEM_PSPNAME) +if(DEFINED CFE_SYSTEM_PSPNAME) set(CMAKE_INSTALL_RPATH "${CMAKE_INSTALL_PREFIX}/cpu${TGTSYS_${SYSVAR}}/${INSTALL_SUBDIR}") add_cfe_app(Crypto ${LIB_SRC_FILES}) -ELSE() +else() # Standalone build add_library(Crypto SHARED ${LIB_SRC_FILES}) -ENDIF() +endif() -if(LIBGCRYPT) +if(CRYPTO_LIBGCRYPT) target_link_libraries(Crypto gcrypt) endif() -if(KMCCRYPTO) +if(CRYPTO_KMC) target_link_libraries(Crypto curl) endif() -if(MYSQL) +if(SA_MARIADB) execute_process(COMMAND mysql_config --cflags OUTPUT_VARIABLE MYSQL_CFLAGS OUTPUT_STRIP_TRAILING_WHITESPACE) execute_process(COMMAND mysql_config --libs OUTPUT_VARIABLE MYSQL_LIBS OUTPUT_STRIP_TRAILING_WHITESPACE) - target_compile_options(Crypto PUBLIC ${MYSQL_CFLAGS}) target_link_libraries(Crypto ${MYSQL_LIBS}) endif() @@ -89,21 +84,20 @@ add_custom_command(TARGET Crypto POST_BUILD COMMENT "Created ${PROJECT_BINARY_DIR}/lib/libCrypto.so" ) - -IF(DEFINED CFE_SYSTEM_PSPNAME) +if(DEFINED CFE_SYSTEM_PSPNAME) install(TARGETS Crypto DESTINATION ${CMAKE_INSTALL_PREFIX}/cpu${TGTSYS_${SYSVAR}}/${INSTALL_SUBDIR}) -ELSE() +else() install(TARGETS Crypto DESTINATION ${CMAKE_INSTALL_PREFIX}/lib PUBLIC_HEADER DESTINATION ${CMAKE_INSTALL_PREFIX}/include) -ENDIF() +endif() -IF(MYSQL) +if(SA_MARIADB) file(GLOB MYSQL_SCRIPTS sa/sadb_mariadb_sql/*.sql) file(GLOB MYSQL_TEST_SCRIPTS sa/test_sadb_mariadb_sql/*.sql) install(FILES ${MYSQL_SCRIPTS} DESTINATION ${CMAKE_INSTALL_PREFIX}/etc/sadb_mariadb_sql) install(FILES ${MYSQL_TEST_SCRIPTS} DESTINATION ${CMAKE_INSTALL_PREFIX}/test/test_sadb_mariadb_sql) -endif() \ No newline at end of file +endif() diff --git a/src/crypto/libgcrypt_stub/cryptography_interface_libgcrypt.stub.c b/src/crypto/libgcrypt_stub/cryptography_interface_libgcrypt.stub.c index e4c67d6b..c51b2b71 100644 --- a/src/crypto/libgcrypt_stub/cryptography_interface_libgcrypt.stub.c +++ b/src/crypto/libgcrypt_stub/cryptography_interface_libgcrypt.stub.c @@ -18,6 +18,6 @@ static CryptographyInterfaceStruct cryptography_if; CryptographyInterface get_cryptography_interface_libgcrypt(void) { - fprintf(stderr,"ERROR: Loading libgcrypt cryptography interface stub source code. Rebuild CryptoLib with -DLIBGCRYPT=ON to use proper libgcrypt implementation.\n"); + fprintf(stderr,"ERROR: Loading libgcrypt cryptography interface stub source code. Rebuild CryptoLib with -DCRYPTO_LIBGCRYPT=ON to use proper libgcrypt implementation.\n"); return &cryptography_if; } \ No newline at end of file diff --git a/src/sa/internal_stub/sadb_routine_inmemory.stub.c b/src/sa/internal_stub/sadb_routine_inmemory.stub.c index b079bf55..ec623199 100644 --- a/src/sa/internal_stub/sadb_routine_inmemory.stub.c +++ b/src/sa/internal_stub/sadb_routine_inmemory.stub.c @@ -18,6 +18,6 @@ static SadbRoutineStruct sadb_routine; SadbRoutine get_sadb_routine_inmemory(void) { - fprintf(stderr,"ERROR: Loading internal stub source code. Rebuild CryptoLib with -DMYSQL=OFF to use proper internal implementation.\n"); + fprintf(stderr,"ERROR: Loading internal stub source code. Rebuild CryptoLib with -DSA_MARIADB=OFF to use proper internal implementation.\n"); return &sadb_routine; } diff --git a/src/sa/mariadb_stub/sadb_routine_mariadb.stub.c b/src/sa/mariadb_stub/sadb_routine_mariadb.stub.c index fb81ff64..b95a7653 100644 --- a/src/sa/mariadb_stub/sadb_routine_mariadb.stub.c +++ b/src/sa/mariadb_stub/sadb_routine_mariadb.stub.c @@ -18,6 +18,6 @@ static SadbRoutineStruct sadb_routine; SadbRoutine get_sadb_routine_mariadb(void) { - fprintf(stderr,"ERROR: Loading mariadb stub source code. Rebuild CryptoLib with -DMYSQL=ON to use proper MariaDB implementation.\n"); + fprintf(stderr,"ERROR: Loading mariadb stub source code. Rebuild CryptoLib with -DSA_MARIADB=ON to use proper MariaDB implementation.\n"); return &sadb_routine; } \ No newline at end of file diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 99d18185..0e38242f 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -57,7 +57,7 @@ add_test(NAME UT_TM_PROCESS # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_mariadb # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) -if(${ENCTEST}) +if(TEST_ENC) add_test(NAME ET_DT_VALIDATION COMMAND ${PROJECT_BINARY_DIR}/bin/et_dt_validation WORKING_DIRECTORY ${PROJECT_TEST_DIR}) @@ -66,13 +66,13 @@ endif() include_directories(include) include_directories(../include) -if(${ENCTEST}) +if(TEST_ENC) find_package (Python3 REQUIRED COMPONENTS Interpreter Development) execute_process(COMMAND pip3 show pycryptodome RESULT_VARIABLE EXIT_CODE OUTPUT_QUIET) if(NOT ${EXIT_CODE} EQUAL 0) - message(FATAL_ERROR "The \"pycryptodome\" Python3 package is not installed, and is required for ENCTEST.") + message(FATAL_ERROR "The \"pycryptodome\" Python3 package is not installed, and is required for TEST_ENC.") endif() -endif(${ENCTEST}) +endif() aux_source_directory(core UTIL_SRC_FILES) aux_source_directory(tests APP_SRC_FILES) @@ -81,7 +81,7 @@ file( GLOB SOURCE_FILES tests/*.c) foreach(SOURCE_PATH ${SOURCE_FILES}) get_filename_component(EXECUTABLE_NAME ${SOURCE_PATH} NAME_WE) - if((NOT ${ENCTEST}) AND ${EXECUTABLE_NAME} STREQUAL et_dt_validation) + if((NOT TEST_ENC) AND ${EXECUTABLE_NAME} STREQUAL et_dt_validation) continue() else() add_executable(${EXECUTABLE_NAME} ${SOURCE_PATH}) @@ -89,7 +89,7 @@ foreach(SOURCE_PATH ${SOURCE_FILES}) target_link_libraries(${EXECUTABLE_NAME} LINK_PUBLIC Crypto pthread) endif() - if(${ENCTEST} AND ${EXECUTABLE_NAME} STREQUAL et_dt_validation) + if(TEST_ENC AND ${EXECUTABLE_NAME} STREQUAL et_dt_validation) target_link_libraries(${EXECUTABLE_NAME} PUBLIC ${Python3_LIBRARIES}) target_include_directories(${EXECUTABLE_NAME} PUBLIC ${Python3_INCLUDE_DIRS}) find_library(${Python3_LIBRARIES} pycryptodome) diff --git a/test/tests/ut_mysql_m_tls_connection.c b/test/tests/ut_mysql_m_tls_connection.c index bef9b75a..824f67b2 100644 --- a/test/tests/ut_mysql_m_tls_connection.c +++ b/test/tests/ut_mysql_m_tls_connection.c @@ -25,7 +25,7 @@ i) ssl_cert=/etc/pki/tls/certs/local-test-cert.pem ii) ssl_key=/etc/pki/tls/private/local-test-key.pem iii) ssl_ca=/etc/pki/tls/certs/ammos-ca-bundle.crt - 3)IMPORTANT:Build with "cmake -DMYSQL=ON ." + 3)IMPORTANT:Build with "cmake -DSA_MARIADB=ON ." * IMPORTANT:The database must have similar configuration for this test to succeed: MariaDB server to use the standard host-based . diff --git a/test/tests/ut_mysql_tls_connection.c b/test/tests/ut_mysql_tls_connection.c index bf7d0f1e..962413a2 100644 --- a/test/tests/ut_mysql_tls_connection.c +++ b/test/tests/ut_mysql_tls_connection.c @@ -25,7 +25,7 @@ i) ssl_cert=/etc/pki/tls/certs/ammos-server-cert.pem ii) ssl_key=/etc/pki/tls/private/ammos-server-key.pem iii) ssl_ca=/etc/pki/tls/certs/ammos-ca-bundle.crt - 3)IMPORTANT:Build with "cmake -DMYSQL=ON ." + 3)IMPORTANT:Build with "cmake -DSA_MARIADB=ON ." * IMPORTANT:The database must have similar configuration for this test to succeed: MariaDB server to use the standard host-based . From 8851670b04deed9379d71df7cd9c286aef77d335 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Fri, 28 Apr 2023 08:08:28 -0400 Subject: [PATCH 10/46] [nasa/cryptolib#145] Updates to github workflows to for PR#158; --- .github/workflows/mariadb.yml | 2 +- .github/workflows/utest.yml | 2 +- .github/workflows/validation.yml | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 8f3a1da2..0671b427 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -17,7 +17,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - name: Build # Build your program with the given configuration diff --git a/.github/workflows/utest.yml b/.github/workflows/utest.yml index 59032b81..a90523f3 100644 --- a/.github/workflows/utest.yml +++ b/.github/workflows/utest.yml @@ -28,7 +28,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} + run: cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} -DTEST=1 - name: Build # Build your program with the given configuration diff --git a/.github/workflows/validation.yml b/.github/workflows/validation.yml index e46e8def..b6ab9d8b 100644 --- a/.github/workflows/validation.yml +++ b/.github/workflows/validation.yml @@ -31,7 +31,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} --DTEST_ENC=1 -DDEBUG=1 -DCODECOV=1 + run: cmake -B ${{github.workspace}}/build -DCMAKE_BUILD_TYPE=${{env.BUILD_TYPE}} -DTEST=1 -DTEST_ENC=1 -DDEBUG=1 -DCODECOV=1 - name: Build # Build your program with the given configuration From 788b67e6f32b8189a303171d39c4f5240a9e8203 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Fri, 28 Apr 2023 08:28:05 -0400 Subject: [PATCH 11/46] [nasa/cryptolib#145] Attempt to fix failing mariadb build for PR#158; --- .github/workflows/mariadb.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 0671b427..5065ec79 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -27,15 +27,15 @@ jobs: working-directory: ${{github.workspace}}/build #Maybe create a variable for this SQL location run: | - cd /__w/CryptoLib/CryptoLib/src/sa/sadb_mariadb_sql + cd ${{github.workspace}}/src/sa/sadb_mariadb_sql echo "----------------" /etc/init.d/mysql start mysql --host=localhost -uroot -pitc123! < delete_sadb.sql mysql --host=localhost -uroot -pitc123! < create_sadb.sql - cd /__w/CryptoLib/CryptoLib/src/sa/test_sadb_mariadb_sql + cd ${{github.workspace}}/src/sa/test_sadb_mariadb_sql mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_user_grant_permissions.sql mysql --host=localhost -uroot -pitc123! < create_sadb_jpl_unit_test_security_associations.sql - cd /__w/CryptoLib/CryptoLib/build/bin + cd ${{github.workspace}}/build/bin ./ut_mariadb # mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_security_associations.sql From 01118d2405068435dd7dbdcc951f4e5ed70733ae Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 11:51:10 -0400 Subject: [PATCH 12/46] Workflow, testing fixes --- .github/workflows/mariadb.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 5065ec79..8f5e8e42 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -35,7 +35,10 @@ jobs: cd ${{github.workspace}}/src/sa/test_sadb_mariadb_sql mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_user_grant_permissions.sql mysql --host=localhost -uroot -pitc123! < create_sadb_jpl_unit_test_security_associations.sql - cd ${{github.workspace}}/build/bin + cd ${{github.workspace}} + ls + cd ${{github.workspace}}/build + ls ./ut_mariadb # mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_security_associations.sql From 20d3b8b22de19a2d780a5442f07b314772d130f4 Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 11:54:23 -0400 Subject: [PATCH 13/46] Workflow Test Fixes --- .github/workflows/mariadb.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 8f5e8e42..cdd9a2bd 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -27,6 +27,7 @@ jobs: working-directory: ${{github.workspace}}/build #Maybe create a variable for this SQL location run: | + cmake --build ${{github.workspace}}/build cd ${{github.workspace}}/src/sa/sadb_mariadb_sql echo "----------------" /etc/init.d/mysql start @@ -39,6 +40,7 @@ jobs: ls cd ${{github.workspace}}/build ls + cd ${{github.workspace}}/build ./ut_mariadb # mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_security_associations.sql From eac31cfbf3a79a4c88fb8d51b14182da3815823f Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 11:58:47 -0400 Subject: [PATCH 14/46] MDB Workflow Testing --- .github/workflows/mariadb.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index cdd9a2bd..816a23f9 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -24,7 +24,7 @@ jobs: run: cmake --build ${{github.workspace}}/build - name: Initailize SADB - working-directory: ${{github.workspace}}/build + #working-directory: ${{github.workspace}}/build #Maybe create a variable for this SQL location run: | cmake --build ${{github.workspace}}/build @@ -40,7 +40,7 @@ jobs: ls cd ${{github.workspace}}/build ls - cd ${{github.workspace}}/build + cd ${{github.workspace}}/bin ./ut_mariadb # mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_security_associations.sql From 1f6e6ef7fa11e1dc8cecb3484afd59abce6992d7 Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 12:04:21 -0400 Subject: [PATCH 15/46] Workflow MDB Testing --- .github/workflows/mariadb.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 816a23f9..f361f74a 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -24,9 +24,10 @@ jobs: run: cmake --build ${{github.workspace}}/build - name: Initailize SADB - #working-directory: ${{github.workspace}}/build + working-directory: ${{github.workspace}} #Maybe create a variable for this SQL location run: | + ls cmake --build ${{github.workspace}}/build cd ${{github.workspace}}/src/sa/sadb_mariadb_sql echo "----------------" From b32107c607f5a34e8e65b1b6f26a801101352d7f Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 12:09:54 -0400 Subject: [PATCH 16/46] MDB Workflow Updates --- .github/workflows/mariadb.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index f361f74a..54293f5e 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -28,7 +28,9 @@ jobs: #Maybe create a variable for this SQL location run: | ls + cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 cmake --build ${{github.workspace}}/build + ls cd ${{github.workspace}}/src/sa/sadb_mariadb_sql echo "----------------" /etc/init.d/mysql start From 39ee1d112d6f6c2992880b60818e00cf4a95efea Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 12:13:32 -0400 Subject: [PATCH 17/46] MDB CI Workflow Testing --- .github/workflows/mariadb.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 54293f5e..134eb1b3 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -17,33 +17,33 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 + run: cmake -B /home/runner/work/CryptoLib/CryptoLib//build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - name: Build # Build your program with the given configuration - run: cmake --build ${{github.workspace}}/build + run: cmake --build /home/runner/work/CryptoLib/CryptoLib/build - name: Initailize SADB - working-directory: ${{github.workspace}} + working-directory: /home/runner/work/CryptoLib/CryptoLib/build #Maybe create a variable for this SQL location run: | ls - cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - cmake --build ${{github.workspace}}/build + cmake -B /home/runner/work/CryptoLib/CryptoLib/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 + cmake --build /home/runner/work/CryptoLib/CryptoLib//build ls - cd ${{github.workspace}}/src/sa/sadb_mariadb_sql + cd /home/runner/work/CryptoLib/CryptoLib//src/sa/sadb_mariadb_sql echo "----------------" /etc/init.d/mysql start mysql --host=localhost -uroot -pitc123! < delete_sadb.sql mysql --host=localhost -uroot -pitc123! < create_sadb.sql - cd ${{github.workspace}}/src/sa/test_sadb_mariadb_sql + cd /home/runner/work/CryptoLib/CryptoLib//src/sa/test_sadb_mariadb_sql mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_user_grant_permissions.sql mysql --host=localhost -uroot -pitc123! < create_sadb_jpl_unit_test_security_associations.sql - cd ${{github.workspace}} + cd /home/runner/work/CryptoLib/CryptoLib/ ls - cd ${{github.workspace}}/build + cd /home/runner/work/CryptoLib/CryptoLib/build ls - cd ${{github.workspace}}/bin + cd /home/runner/work/CryptoLib/CryptoLib/bin ./ut_mariadb # mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_security_associations.sql From a4023f54317391563a84dbe2f4722efce3d947ed Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 12:15:02 -0400 Subject: [PATCH 18/46] MDB CI Workflow Test --- .github/workflows/mariadb.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 134eb1b3..25692577 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -24,7 +24,7 @@ jobs: run: cmake --build /home/runner/work/CryptoLib/CryptoLib/build - name: Initailize SADB - working-directory: /home/runner/work/CryptoLib/CryptoLib/build + #working-directory: /home/runner/work/CryptoLib/CryptoLib/build #Maybe create a variable for this SQL location run: | ls From 17f85371d1e93abd27fd6261d6967d21dccc7ddb Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 12:19:18 -0400 Subject: [PATCH 19/46] MDB CI Testing --- .github/workflows/mariadb.yml | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 25692577..f91e6d90 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -17,7 +17,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B /home/runner/work/CryptoLib/CryptoLib//build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 + run: cmake -B /home/runner/work/CryptoLib/CryptoLib/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - name: Build # Build your program with the given configuration @@ -28,22 +28,22 @@ jobs: #Maybe create a variable for this SQL location run: | ls - cmake -B /home/runner/work/CryptoLib/CryptoLib/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - cmake --build /home/runner/work/CryptoLib/CryptoLib//build + cmake -B build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 + cmake --build build ls - cd /home/runner/work/CryptoLib/CryptoLib//src/sa/sadb_mariadb_sql + cd /src/sa/sadb_mariadb_sql echo "----------------" /etc/init.d/mysql start mysql --host=localhost -uroot -pitc123! < delete_sadb.sql mysql --host=localhost -uroot -pitc123! < create_sadb.sql - cd /home/runner/work/CryptoLib/CryptoLib//src/sa/test_sadb_mariadb_sql + cd /src/sa/test_sadb_mariadb_sql mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_user_grant_permissions.sql mysql --host=localhost -uroot -pitc123! < create_sadb_jpl_unit_test_security_associations.sql - cd /home/runner/work/CryptoLib/CryptoLib/ + pwd ls - cd /home/runner/work/CryptoLib/CryptoLib/build - ls - cd /home/runner/work/CryptoLib/CryptoLib/bin - ./ut_mariadb + #cd /home/runner/work/CryptoLib/CryptoLib/build + #ls + #cd /home/runner/work/CryptoLib/CryptoLib/bin + #./ut_mariadb # mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_security_associations.sql From 0d3d5d7f5b2982936b1ade11f1a1ecfdcc995947 Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 12:21:47 -0400 Subject: [PATCH 20/46] Update mariadb.yml --- .github/workflows/mariadb.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index f91e6d90..1c4052b5 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -36,14 +36,15 @@ jobs: /etc/init.d/mysql start mysql --host=localhost -uroot -pitc123! < delete_sadb.sql mysql --host=localhost -uroot -pitc123! < create_sadb.sql - cd /src/sa/test_sadb_mariadb_sql + cd ./src/sa/test_sadb_mariadb_sql mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_user_grant_permissions.sql mysql --host=localhost -uroot -pitc123! < create_sadb_jpl_unit_test_security_associations.sql pwd ls + #cd /home/runner/work/CryptoLib/CryptoLib/build #ls #cd /home/runner/work/CryptoLib/CryptoLib/bin - #./ut_mariadb + # mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_security_associations.sql From 3092483adf61e82c26ed3dda91fb14896cf61189 Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 12:23:29 -0400 Subject: [PATCH 21/46] Update mariadb.yml --- .github/workflows/mariadb.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 1c4052b5..0bbd147c 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -31,7 +31,7 @@ jobs: cmake -B build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 cmake --build build ls - cd /src/sa/sadb_mariadb_sql + cd ./src/sa/sadb_mariadb_sql echo "----------------" /etc/init.d/mysql start mysql --host=localhost -uroot -pitc123! < delete_sadb.sql From 9194d1985e8d6825e6ae60fa2c21a8602ab823e7 Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 12:28:01 -0400 Subject: [PATCH 22/46] Update mariadb.yml --- .github/workflows/mariadb.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 0bbd147c..434d56a5 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -31,6 +31,8 @@ jobs: cmake -B build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 cmake --build build ls + echo "------***------" + pwd cd ./src/sa/sadb_mariadb_sql echo "----------------" /etc/init.d/mysql start @@ -42,9 +44,10 @@ jobs: pwd ls - #cd /home/runner/work/CryptoLib/CryptoLib/build + cd /__w/CryptoLib/CryptoLib/build/ #ls - #cd /home/runner/work/CryptoLib/CryptoLib/bin + cd /__w/CryptoLib/CryptoLib/build/bin/ + ./ut_mariadb # mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_security_associations.sql From 6136f01223c476bcd5f67b263df67b7ce50fa1fb Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 12:35:07 -0400 Subject: [PATCH 23/46] Update mariadb.yml --- .github/workflows/mariadb.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 434d56a5..4773f40c 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -38,14 +38,14 @@ jobs: /etc/init.d/mysql start mysql --host=localhost -uroot -pitc123! < delete_sadb.sql mysql --host=localhost -uroot -pitc123! < create_sadb.sql - cd ./src/sa/test_sadb_mariadb_sql + cd /__w/CryptoLib/CryptoLib/src/sa/test_sadb_mariadb_sql mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_user_grant_permissions.sql mysql --host=localhost -uroot -pitc123! < create_sadb_jpl_unit_test_security_associations.sql pwd ls cd /__w/CryptoLib/CryptoLib/build/ - #ls + ls cd /__w/CryptoLib/CryptoLib/build/bin/ ./ut_mariadb From ea719c21cea80fce7773267191b6205eb14319ab Mon Sep 17 00:00:00 2001 From: Robert Brown <91291114+rjbrown2@users.noreply.github.com> Date: Fri, 28 Apr 2023 12:38:17 -0400 Subject: [PATCH 24/46] MDB CI Workflow Update Gitlab ENV Variables do not seem to be passing to this container. --- .github/workflows/mariadb.yml | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml index 4773f40c..7572085c 100644 --- a/.github/workflows/mariadb.yml +++ b/.github/workflows/mariadb.yml @@ -27,25 +27,15 @@ jobs: #working-directory: /home/runner/work/CryptoLib/CryptoLib/build #Maybe create a variable for this SQL location run: | - ls cmake -B build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 cmake --build build - ls - echo "------***------" - pwd - cd ./src/sa/sadb_mariadb_sql - echo "----------------" + cd /__w/CryptoLib/CryptoLib/src/sa/sadb_mariadb_sql /etc/init.d/mysql start mysql --host=localhost -uroot -pitc123! < delete_sadb.sql mysql --host=localhost -uroot -pitc123! < create_sadb.sql cd /__w/CryptoLib/CryptoLib/src/sa/test_sadb_mariadb_sql mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_user_grant_permissions.sql mysql --host=localhost -uroot -pitc123! < create_sadb_jpl_unit_test_security_associations.sql - pwd - ls - - cd /__w/CryptoLib/CryptoLib/build/ - ls cd /__w/CryptoLib/CryptoLib/build/bin/ ./ut_mariadb From 9711b8832ece2e7807bee50fe12f2abf3960330a Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Wed, 24 May 2023 15:23:14 -0400 Subject: [PATCH 25/46] Initial add of TM Encrypt call --- src/src_main/crypto_tm.c | 20 +++++++++++++++++--- 1 file changed, 17 insertions(+), 3 deletions(-) diff --git a/src/src_main/crypto_tm.c b/src/src_main/crypto_tm.c index b98d07fd..17782f98 100644 --- a/src/src_main/crypto_tm.c +++ b/src/src_main/crypto_tm.c @@ -397,10 +397,24 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) *sa_ptr->acs, // authentication cipher NULL); } - if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + else if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { - printf(KRED "NOT SUPPORTED!!!\n"); - status = CRYPTO_LIB_ERR_UNSUPPORTED_MODE; + if (sa_service_type == SA_ENCRYPTION) + { + status = cryptography_if->cryptography_encrypt(//Stub out data in/out as this is done in place and want to save cycles + (uint8_t*)(&tm_frame[0]), // ciphertext output + (size_t) 0, // length of data + (uint8_t*)(&tm_frame[0]), // plaintext input + (size_t)0, // in data length - from start of frame to end of data + NULL, // Using SA key reference, key is null + Crypto_Get_ACS_Algo_Keylen(*sa_ptr->ecs), + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + sa_ptr->ecs, // encryption cipher + pkcs_padding, // authentication cipher + NULL); + } } else if(sa_service_type == SA_PLAINTEXT) { From acd84e0b01c59314e65a31bbc4060af4bafe3634 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Fri, 26 May 2023 06:45:34 -0400 Subject: [PATCH 26/46] [nasa/cryptolib#145] Moved tests to seperate folders to allow easy inclusion depending on build type; --- test/CMakeLists.txt | 26 ++++++++++++++----- test/{tests => kmc}/ut_kmc_crypto.c | 0 test/{tests => kmc}/ut_kmc_crypto_auth_only.c | 0 test/{tests => kmc}/ut_kmc_crypto_cam.c | 0 .../ut_kmc_crypto_with_mtls_sadb.c | 0 test/{tests => kmc}/ut_mariadb.c | 0 test/{tests => kmc}/ut_tc_kmc.c | 0 test/{tests => performance}/pt_auth_as.c | 0 test/{tests => performance}/pt_auth_enc_as.c | 0 test/{tests => performance}/pt_auth_enc_ps.c | 0 test/{tests => performance}/pt_gcry_base.c | 0 test/{tests => unit}/et_dt_validation.c | 0 test/{tests => unit}/ut_crypto.c | 0 test/{tests => unit}/ut_crypto_aos.c | 0 test/{tests => unit}/ut_crypto_config.c | 0 test/{tests => unit}/ut_crypto_mc.c | 0 .../ut_mysql_m_tls_connection.c | 0 .../{tests => unit}/ut_mysql_tls_connection.c | 0 .../ut_sadb_err_cases_kmc_crypto.c | 0 test/{tests => unit}/ut_tc_apply.c | 0 test/{tests => unit}/ut_tc_process.c | 0 test/{tests => unit}/ut_tm_apply.c | 0 test/{tests => unit}/ut_tm_process.c | 0 23 files changed, 20 insertions(+), 6 deletions(-) rename test/{tests => kmc}/ut_kmc_crypto.c (100%) rename test/{tests => kmc}/ut_kmc_crypto_auth_only.c (100%) rename test/{tests => kmc}/ut_kmc_crypto_cam.c (100%) rename test/{tests => kmc}/ut_kmc_crypto_with_mtls_sadb.c (100%) rename test/{tests => kmc}/ut_mariadb.c (100%) rename test/{tests => kmc}/ut_tc_kmc.c (100%) rename test/{tests => performance}/pt_auth_as.c (100%) rename test/{tests => performance}/pt_auth_enc_as.c (100%) rename test/{tests => performance}/pt_auth_enc_ps.c (100%) rename test/{tests => performance}/pt_gcry_base.c (100%) rename test/{tests => unit}/et_dt_validation.c (100%) rename test/{tests => unit}/ut_crypto.c (100%) rename test/{tests => unit}/ut_crypto_aos.c (100%) rename test/{tests => unit}/ut_crypto_config.c (100%) rename test/{tests => unit}/ut_crypto_mc.c (100%) rename test/{tests => unit}/ut_mysql_m_tls_connection.c (100%) rename test/{tests => unit}/ut_mysql_tls_connection.c (100%) rename test/{tests => unit}/ut_sadb_err_cases_kmc_crypto.c (100%) rename test/{tests => unit}/ut_tc_apply.c (100%) rename test/{tests => unit}/ut_tc_process.c (100%) rename test/{tests => unit}/ut_tm_apply.c (100%) rename test/{tests => unit}/ut_tm_process.c (100%) diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index 599a99c5..fb03f36a 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -113,11 +113,8 @@ if(TEST_ENC) endif() endif() -aux_source_directory(core UTIL_SRC_FILES) -aux_source_directory(tests APP_SRC_FILES) - -file( GLOB SOURCE_FILES tests/*.c) -foreach(SOURCE_PATH ${SOURCE_FILES}) +file( GLOB UNIT_FILES unit/*.c) +foreach(SOURCE_PATH ${UNIT_FILES}) get_filename_component(EXECUTABLE_NAME ${SOURCE_PATH} NAME_WE) if((NOT TEST_ENC) AND ${EXECUTABLE_NAME} STREQUAL et_dt_validation) @@ -139,7 +136,24 @@ foreach(SOURCE_PATH ${SOURCE_FILES}) COMMAND ${CMAKE_COMMAND} -E remove $ COMMENT "Created ${PROJECT_BINARY_DIR}/bin/${EXECUTABLE_NAME}" ) -endforeach(SOURCE_PATH ${SOURCE_FILES}) +endforeach(SOURCE_PATH ${UNIT_FILES}) + +if(${KMC_MDB_RH} OR ${KMC_MDB_DB}) + file( GLOB KMC_FILES kmc/*.c) + foreach(SOURCE_PATH ${KMC_FILES}) + get_filename_component(EXECUTABLE_NAME ${SOURCE_PATH} NAME_WE) + + add_executable(${EXECUTABLE_NAME} ${SOURCE_PATH}) + target_sources(${EXECUTABLE_NAME} PRIVATE core/shared_util.c) + target_link_libraries(${EXECUTABLE_NAME} LINK_PUBLIC Crypto pthread) + + add_custom_command(TARGET ${EXECUTABLE_NAME} POST_BUILD + COMMAND ${CMAKE_COMMAND} -E copy $ ${PROJECT_BINARY_DIR}/bin/${EXECUTABLE_NAME} + COMMAND ${CMAKE_COMMAND} -E remove $ + COMMENT "Created ${PROJECT_BINARY_DIR}/bin/${EXECUTABLE_NAME}" + ) + endforeach(SOURCE_PATH ${KMC_FILES}) +endif() target_include_directories (Crypto PUBLIC ${CMAKE_CURRENT_SOURCE_DIR}) diff --git a/test/tests/ut_kmc_crypto.c b/test/kmc/ut_kmc_crypto.c similarity index 100% rename from test/tests/ut_kmc_crypto.c rename to test/kmc/ut_kmc_crypto.c diff --git a/test/tests/ut_kmc_crypto_auth_only.c b/test/kmc/ut_kmc_crypto_auth_only.c similarity index 100% rename from test/tests/ut_kmc_crypto_auth_only.c rename to test/kmc/ut_kmc_crypto_auth_only.c diff --git a/test/tests/ut_kmc_crypto_cam.c b/test/kmc/ut_kmc_crypto_cam.c similarity index 100% rename from test/tests/ut_kmc_crypto_cam.c rename to test/kmc/ut_kmc_crypto_cam.c diff --git a/test/tests/ut_kmc_crypto_with_mtls_sadb.c b/test/kmc/ut_kmc_crypto_with_mtls_sadb.c similarity index 100% rename from test/tests/ut_kmc_crypto_with_mtls_sadb.c rename to test/kmc/ut_kmc_crypto_with_mtls_sadb.c diff --git a/test/tests/ut_mariadb.c b/test/kmc/ut_mariadb.c similarity index 100% rename from test/tests/ut_mariadb.c rename to test/kmc/ut_mariadb.c diff --git a/test/tests/ut_tc_kmc.c b/test/kmc/ut_tc_kmc.c similarity index 100% rename from test/tests/ut_tc_kmc.c rename to test/kmc/ut_tc_kmc.c diff --git a/test/tests/pt_auth_as.c b/test/performance/pt_auth_as.c similarity index 100% rename from test/tests/pt_auth_as.c rename to test/performance/pt_auth_as.c diff --git a/test/tests/pt_auth_enc_as.c b/test/performance/pt_auth_enc_as.c similarity index 100% rename from test/tests/pt_auth_enc_as.c rename to test/performance/pt_auth_enc_as.c diff --git a/test/tests/pt_auth_enc_ps.c b/test/performance/pt_auth_enc_ps.c similarity index 100% rename from test/tests/pt_auth_enc_ps.c rename to test/performance/pt_auth_enc_ps.c diff --git a/test/tests/pt_gcry_base.c b/test/performance/pt_gcry_base.c similarity index 100% rename from test/tests/pt_gcry_base.c rename to test/performance/pt_gcry_base.c diff --git a/test/tests/et_dt_validation.c b/test/unit/et_dt_validation.c similarity index 100% rename from test/tests/et_dt_validation.c rename to test/unit/et_dt_validation.c diff --git a/test/tests/ut_crypto.c b/test/unit/ut_crypto.c similarity index 100% rename from test/tests/ut_crypto.c rename to test/unit/ut_crypto.c diff --git a/test/tests/ut_crypto_aos.c b/test/unit/ut_crypto_aos.c similarity index 100% rename from test/tests/ut_crypto_aos.c rename to test/unit/ut_crypto_aos.c diff --git a/test/tests/ut_crypto_config.c b/test/unit/ut_crypto_config.c similarity index 100% rename from test/tests/ut_crypto_config.c rename to test/unit/ut_crypto_config.c diff --git a/test/tests/ut_crypto_mc.c b/test/unit/ut_crypto_mc.c similarity index 100% rename from test/tests/ut_crypto_mc.c rename to test/unit/ut_crypto_mc.c diff --git a/test/tests/ut_mysql_m_tls_connection.c b/test/unit/ut_mysql_m_tls_connection.c similarity index 100% rename from test/tests/ut_mysql_m_tls_connection.c rename to test/unit/ut_mysql_m_tls_connection.c diff --git a/test/tests/ut_mysql_tls_connection.c b/test/unit/ut_mysql_tls_connection.c similarity index 100% rename from test/tests/ut_mysql_tls_connection.c rename to test/unit/ut_mysql_tls_connection.c diff --git a/test/tests/ut_sadb_err_cases_kmc_crypto.c b/test/unit/ut_sadb_err_cases_kmc_crypto.c similarity index 100% rename from test/tests/ut_sadb_err_cases_kmc_crypto.c rename to test/unit/ut_sadb_err_cases_kmc_crypto.c diff --git a/test/tests/ut_tc_apply.c b/test/unit/ut_tc_apply.c similarity index 100% rename from test/tests/ut_tc_apply.c rename to test/unit/ut_tc_apply.c diff --git a/test/tests/ut_tc_process.c b/test/unit/ut_tc_process.c similarity index 100% rename from test/tests/ut_tc_process.c rename to test/unit/ut_tc_process.c diff --git a/test/tests/ut_tm_apply.c b/test/unit/ut_tm_apply.c similarity index 100% rename from test/tests/ut_tm_apply.c rename to test/unit/ut_tm_apply.c diff --git a/test/tests/ut_tm_process.c b/test/unit/ut_tm_process.c similarity index 100% rename from test/tests/ut_tm_process.c rename to test/unit/ut_tm_process.c From b1196ca56db262a86edfe35c261d264b2d99288d Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Fri, 26 May 2023 08:15:56 -0400 Subject: [PATCH 27/46] [nasa/cryptolib#145] Update codecov.yml to ignore the non-default confguration options as well as the support and test folders entirely; --- codecov.yml | 22 ++++++++++------------ 1 file changed, 10 insertions(+), 12 deletions(-) diff --git a/codecov.yml b/codecov.yml index afbc7d9b..366cec85 100644 --- a/codecov.yml +++ b/codecov.yml @@ -1,13 +1,11 @@ ignore: - - "test/tests/process_security.c" - - "test/tests/ut_mysql_tls_connection.c" - - "test/tests/ut_mysql_m_tls_connection.c" - - "test/tests/ut_kmc_crypto.c" - - "test/tests/ut_kmc_crypto_aes_cmac.c" - - "test/tests/apply_security.c" - - "test/tests/crypto_sequence.c" - - "test/include/utest.h" - - "test/core/shared_util.c" - - "src/core/crypto_print.c" - - "src/src_feature_stubs/cryptography_kmc_stub/cryptography_interface_kmc.stub.c" - - "src/src_feature_stubs/mysql_stub/sadb_routine_mariadb.stub.c" + - "src/crypto/kmc/*" + - "src/crypto/kmc_stub/*" + - "src/crypto/libgcrypt_stub/*" + - "src/sa/internal_stub/*" + - "src/sa/mariadb/*" + - "src/sa/mariadb_stub/*" + - "src/sa/sadb_mariadb_sql/*" + - "src/sa/test_sadb_mariadb_sql/*" + - "support/*" + - "test/*" \ No newline at end of file From 06babb9edc0c66048f9cef42cc3157b50c39bff4 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Tue, 30 May 2023 10:46:59 -0400 Subject: [PATCH 28/46] [nasa/cryptolib#145] Removed mariadb workflow; --- .github/workflows/mariadb.yml | 42 ----------------------------------- 1 file changed, 42 deletions(-) delete mode 100644 .github/workflows/mariadb.yml diff --git a/.github/workflows/mariadb.yml b/.github/workflows/mariadb.yml deleted file mode 100644 index c64259d3..00000000 --- a/.github/workflows/mariadb.yml +++ /dev/null @@ -1,42 +0,0 @@ -# Disabling this test for now, as there is no local containerization. -#name: MDB Build -# -#on: -# push: -# branches: [ main,dev ] -# pull_request: -# -#jobs: -# mariadb_build: -# # The CMake configure and build commands are platform agnostic and should work equally well on Windows or Mac. -# # You can convert this to a matrix build if you need cross-platform coverage. -# # See: https://docs.github.com/en/free-pro-team@latest/actions/learn-github-actions/managing-complex-workflows#using-a-build-matrix -# runs-on: ubuntu-latest -# container: rbrown00/cryptolib:latest -# steps: -# - uses: actions/checkout@v2 -# - name: Configure CMake -# # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. -# # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type -# run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DMYSQL=1 -DLIBGCRYPT=1 -DKMCCRYPTO=0 -# -# - name: Build -# # Build your program with the given configuration -# run: cmake --build ${{github.workspace}}/build -# -# - name: Initailize SADB -# working-directory: ${{github.workspace}}/build -# #Maybe create a variable for this SQL location -# run: | -# cd /__w/CryptoLib/CryptoLib/src/crypto_sadb/sadb_mariadb_sql -# echo "----------------" -# /etc/init.d/mysql start -# mysql --host=localhost -uroot -pitc123! < delete_sadb.sql -# mysql --host=localhost -uroot -pitc123! < create_sadb.sql -# cd /__w/CryptoLib/CryptoLib/src/crypto_sadb/test_sadb_mariadb_sql -# mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_user_grant_permissions.sql -# mysql --host=localhost -uroot -pitc123! < create_sadb_jpl_unit_test_security_associations.sql -# cd /__w/CryptoLib/CryptoLib/build/bin -# ./ut_mariadb -# -# # mysql --host=localhost -uroot -pitc123! < create_sadb_unit_test_security_associations.sql From 9236fcfa5d9a17f8439d835fb6229f66d4ce7a9c Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Tue, 30 May 2023 15:49:29 -0400 Subject: [PATCH 29/46] TM_Apply - Working Encryption test --- src/src_main/crypto_tm.c | 17 +++---- util/src_util/ut_tm_apply.c | 88 +++++++++++++++++++++++++++++++++++++ 2 files changed, 97 insertions(+), 8 deletions(-) diff --git a/src/src_main/crypto_tm.c b/src/src_main/crypto_tm.c index 17782f98..fdcacdc0 100644 --- a/src/src_main/crypto_tm.c +++ b/src/src_main/crypto_tm.c @@ -49,6 +49,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) uint8_t aad[1786]; uint16_t aad_len = 0; int i = 0; + uint16_t data_loc; uint16_t idx = 0; uint8_t sa_service_type = -1; uint16_t pdu_len = -1; @@ -67,9 +68,9 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) printf(KRED "Error: Input SA NULL! \n" RESET); return status; // Just return here, nothing can be done. } - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, - tm_frame_pri_hdr.scid, - tm_frame_pri_hdr.vcid, + status = Crypto_Get_Managed_Parameters_For_Gvcid(((uint8_t)tm_frame[0] & 0xC0) >> 6, + (((uint16_t)tm_frame[0] & 0x3F) << 4) | (((uint16_t)tm_frame[1] & 0xF0) >> 4), + ((uint8_t)tm_frame[1] & 0x0E) >> 1, gvcid_managed_parameters, ¤t_managed_parameters); if (crypto_config == NULL) @@ -306,7 +307,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) /* ** ~~~Index currently at start of data field, AKA end of security header~~~ */ - + data_loc = idx; // Calculate size of data to be encrypted pdu_len = current_managed_parameters->max_frame_size - idx - sa_ptr->stmacf_len; // Check other managed parameter flags, subtract their lengths from data field if present @@ -402,10 +403,10 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) if (sa_service_type == SA_ENCRYPTION) { status = cryptography_if->cryptography_encrypt(//Stub out data in/out as this is done in place and want to save cycles - (uint8_t*)(&tm_frame[0]), // ciphertext output - (size_t) 0, // length of data - (uint8_t*)(&tm_frame[0]), // plaintext input - (size_t)0, // in data length - from start of frame to end of data + (uint8_t*)(&tm_frame[data_loc]), // ciphertext output + (size_t) pdu_len, // length of data + (uint8_t*)(&tm_frame[data_loc]), // plaintext input + (size_t) pdu_len, // in data length - from start of frame to end of data NULL, // Using SA key reference, key is null Crypto_Get_ACS_Algo_Keylen(*sa_ptr->ecs), sa_ptr, // SA (for key reference) diff --git a/util/src_util/ut_tm_apply.c b/util/src_util/ut_tm_apply.c index cc5b3254..4e326faa 100644 --- a/util/src_util/ut_tm_apply.c +++ b/util/src_util/ut_tm_apply.c @@ -948,4 +948,92 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) free(truth_tm_b); } +/** + * @brief Encryption Only: AES-GCM. 16-byte IV, as GCM requires. Verified with CyberChef + * https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':'FF9F9284CF599EAC3B119905A7D18851E7E374CF63AEA04358586B0F757670F9'%7D,%7B'option':'Hex','string':'deadbeefdeadbeefdeadbeefdeadbeef'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':''%7D)&input=QUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQg + **/ +UTEST(TM_APPLY_ENC_VAL, AES_GCM_BITMASK_1) +{ + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); + Crypto_Init(); + SadbRoutine sadb_routine = get_sadb_routine_inmemory(); + // crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + + // Test frame setup Header |SPI| IV | Data + char* framed_tm_h = "02C000001800000000000000000000000000000000000000AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBFFFF"; + char* framed_tm_b = NULL; + int framed_tm_len = 0; + hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); + + // Truth frame setup + char* truth_tm_h = "02c0000018000009deadbeefdeadbeefdeadbeefdeadbeef0b355a29091cc09b6434ca743273c0a1f0529d44cedd32f09b9dbb45ab35c4b607c4783aaefe7068f6924f069e335dacbf11cb0aba3268b6e1f5b12d6a9ce5e26bf249125ce02cecd90f17f642a9ed8524e73cbca4a125d16a00babca86146b264f2e36d3f81a8645b8b8a66214c473efdbf6f8faa435c9dc3b839bde4fadea2d8a5c9edfd7e1db8b1ba6c1b10e20f82d98c3959104e826c5dc4f63228f5d3fda431adcb775a2300000113e3fee4b87f2f87550b66fa001494c23357a2f095f3593790f6bbbc6eddc301422a8ab70c51b20924c02d202da34523823c8e08b7973e6eb4ab7ba5f7a78dd5513c911bc5213087091629f3600856b9d4a756337f92dd3f853d442f1f0c9966eb7d5e7954f5963ad83382ee13b20f2866ae7393e54b81e25e7598da37959b9f195aa2a9c858c867ff84af8e079baffeeb19102b22800d42938819771eb622aac490bcedaa7ea2481b0547e687ccb95e26a2922166d7cab077ef0e06ec3bf07764de160c3c0db07a9f93d41ece84521ec0e82d9a3658b502850b19cac88e6b5d0c975f850616bd3f2a950b01a38f903108a1a12f38ede3b6833b7126e2af81b719147bcda0aee5bd60e90a8dd800ef5f967400773ee79334f08480b110dfabb2946826828aca98c16004d1d78c1c18c384a19a0afb73792abfdfc55dbe7b36496114b85c28c954d8ff6d661b92e5cd1541d5843e55cfa1f48f08423301012583a7f770c3d3c0ca1a54bafaece16e35c45423474de63d98e966a6a65abaa012798562f18fde35426bea7e75f06f3e2a2538ae992e6996f2fa48f8c2ca179ed76c0f817b47b64bba561f7502b672188200c360d709de7da7443abbfe5506604a6394d3dc7914e71df54efed8dcb264e07b8b7eb50015dd33a11354fa85fcda7b225b1a89ac68827946d1c94fe6e926fda7c4ee8cbf8dafb2bb2fc3900914f04dff504ccec0a45bd78784aa43d9aaa3eff8f72eac5c2e7fbdd9c78f49dad8624dc84329ca1753840284f4dab6102ebd1da47ed9a7e7cb055318d359a5ba9e55434740731ead208457ae94a169135fd02e99e68775f5f99550be0ff79ad2bafe7d4c08fab79d101273f3cae8c6e66585248779238705a1d1d4531347eb593edf7d55e85c91c633f6185782dcb3942ddc78be75ee20bd42ad42cac5440f5579c690d3a127c0962c4d6250dbafc2622b47d1ee505d3dba523592530d78644e2ac4b2e352d584c14191599df0eb1f8e78a20fcf3be1b76e6efa374a8a9f119ae92a707e056bcc5a4b9ad27739fc7cfca27e3ed0d33a0e724089930cf5a947e9eff24c4a3bf5147150d65f4a781723b4ffe230af61e25f5e1a7d74565a52411af43700a05ac1a3e778b7d85b1570895726f394a7345aeb634c4185ff6c2603efc4f00422163b37bd5ec98bd320139ec0e3b69563e9216c236f9516cf2305fc8cc7995e7813a9dc6ada3ab6d503368103eb349199345a449e636524dfc87ece09bb2a8c5323eca50875dec26d25eedff6e3908b9086ca182cc93300008623074f1ad52f1cfe6ef32a6bcf78ad4621cdcc5ff4e6282eed12c3939e28f66faa2b47ab4c0bed328a883995f8616ffa8ee3e66905e9719e7c980d2bcbe0744fc1795956c46adca32b9d3fce5c968b65794b9b10526821f82be34d7c76ce097e5973335015b99c1d8398d0b1d17353f221f9657f90e2bbbfa0f196664edb5b22f4d352e5b1bf3734d6a95678ad5d3a5cb3a76a8938ff2058a4e0297ae9a50df6b4231ea6319db77476aedd7dcbc091d018c89a66eb8e05b42b7e2ef76776b563d432bb3b51827e73212e68d693bbbea8922c5a184394dfd7ec296324f7d91dc4ba950a9edb25f29112b843d662cebc630ca24e4b93a31e7e0b644bafad2435167fa6f9195b3b23971effb4bdbd0f65af8ef2cd1146fc533b7c83cc83fe1540294de3e16154e8fca507b2fc0154677aca2d3718a76924b9e8585bf25f14729fce656b426704293ae6a8181e3929f1352304ef0ca7747fa2db0db7dcf32d2a5b0f68933acb58f32712ef50aefc28a1b7e4315e8b8bcdcacf230200bdc4f41b320969def240c21a259ee319e69711f2c44ed08d7be40e905078534906cb2ae09e653ae3e33ece1e056512798a9525883ad5eaafc394b0c788e57d21b7d076926dd6d583fe220814f4473e67245a3fe732de8bf814baff99d3aad1ca671269bd3f84560e98398aa9f6ba625e9bc516bb88a4fb2a7ec4b3017ac74362f58653b6b7a2226fcbd484a834fe5e8f4a7432fecf8974d57088c7955eee593bd806bb84b46dc2e75c2709c37468866df97e66f49bece821aa8997ec766d6e6529cf96c18a14435ee0ded2bde56d77b2091d4ca1346830edda23d114efe1596201d80fe213b8b7dffa79fc84a2a63c77ac9fae6cb1b8bb99521b43309915da6b28316e400f10fda0f1dbdd25761de798dc894009f391fd96d2471558a2c9656251af547a43"; + char* truth_tm_b = NULL; + int truth_tm_len = 0; + hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); + + // Memcpy test frame into static TM - Make STATIC BLOCK size of standard max + memcpy(&tm_frame, framed_tm_b, framed_tm_len); + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + // Deactivate SA 1 + sadb_routine->sadb_get_sa_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + // Activate SA 9 + sadb_routine->sadb_get_sa_from_spi(9, &test_association); + test_association->arsn_len = 0; + test_association->abm_len = 1786; + test_association->abm = (uint8_t* )calloc(1, test_association->abm_len * sizeof(uint8_t)); + memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); + *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->iv_len = 16; + test_association->shivf_len = 16; + + // Set a more obvious IV for test purposes + char * iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEF"; + char* iv_b = NULL; + int iv_len = 0; + hex_conversion(iv_h, &iv_b, &iv_len); + memcpy(test_association->iv, iv_b, iv_len); + + Crypto_TM_ApplySecurity(test_association); + + // printf("Static frame contents:\n\t"); + // for (int i = 0; i < 1786; i++) + // { + // // printf("[%d]: %02x -> %02x \n", i, tm_frame[i], truth_tm_b[i]); + // printf("%02x", tm_frame[i]); + // // ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); + // // enc_data_idx++; + // } + // printf("\n Truth Contents\n\t"); + + // for (int i = 0; i < 1786; i++) + // { + // // printf("[%d]: %02x -> %02x \n", i, tm_frame[i], truth_tm_b[i]); + // printf("%02x", (uint8_t)*(truth_tm_b+i)); + // // ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); + // // enc_data_idx++; + // } + // printf("\n"); + +for (int i = 0; i < 1786; i++) + { + // printf("[%d]: %02x -> %02x \n", i, *(tm_frame+ i), (uint8_t)truth_tm_b[i]); + // printf("%02x", (uint8_t)*(truth_tm_b+i)); + ASSERT_EQ(*(tm_frame+ i), (uint8_t)truth_tm_b[i]); + } + printf("\n"); + + free(truth_tm_b); + free(framed_tm_b); + free(iv_b); +} UTEST_MAIN(); \ No newline at end of file From c64091cbb105a7bf272e5100a1ff0cea4b1c5c25 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Tue, 30 May 2023 16:58:26 -0400 Subject: [PATCH 30/46] [nasa/cryptolib#145] Added initial version of Key Interface; --- .gitignore | 2 +- CMakeLists.txt | 3 + include/crypto.h | 9 +- include/crypto_config_structs.h | 7 + include/crypto_structs.h | 12 +- include/cryptography_interface.h | 1 - include/key_interface.h | 49 ++ src/CMakeLists.txt | 25 + src/core/crypto_config.c | 31 +- src/core/crypto_key_mgmt.c | 8 +- src/core/crypto_user.c | 2 +- ...hy_interface_kmc_crypto_service.template.c | 7 - ...ryptography_interface_libgcrypt.template.c | 467 +---------------- .../key_interface_custom_stub.template.c | 29 ++ .../key_interface_internal.template.c | 481 ++++++++++++++++++ .../key_interface_internal_stub.template.c | 29 ++ src/key/kmc/key_interface_kmc.template.c | 53 ++ .../key_interface_kmc_stub.template.c | 29 ++ test/kmc/ut_kmc_crypto.c | 20 +- test/kmc/ut_kmc_crypto_auth_only.c | 18 +- test/kmc/ut_kmc_crypto_cam.c | 20 +- test/kmc/ut_kmc_crypto_with_mtls_sadb.c | 8 +- test/kmc/ut_mariadb.c | 16 +- test/kmc/ut_tc_kmc.c | 20 +- test/performance/pt_auth_as.c | 48 +- test/performance/pt_auth_enc_as.c | 36 +- test/performance/pt_auth_enc_ps.c | 48 +- test/unit/et_dt_validation.c | 118 ++--- test/unit/ut_crypto.c | 6 +- test/unit/ut_mysql_m_tls_connection.c | 2 +- test/unit/ut_mysql_tls_connection.c | 2 +- test/unit/ut_sadb_err_cases_kmc_crypto.c | 8 +- test/unit/ut_tc_apply.c | 32 +- test/unit/ut_tc_process.c | 28 +- test/unit/ut_tm_apply.c | 20 +- test/unit/ut_tm_process.c | 18 +- 36 files changed, 1007 insertions(+), 705 deletions(-) create mode 100644 include/key_interface.h create mode 100644 src/key/custom_stub/key_interface_custom_stub.template.c create mode 100644 src/key/internal/key_interface_internal.template.c create mode 100644 src/key/internal_stub/key_interface_internal_stub.template.c create mode 100644 src/key/kmc/key_interface_kmc.template.c create mode 100644 src/key/kmc_stub/key_interface_kmc_stub.template.c diff --git a/.gitignore b/.gitignore index 15422467..621fa503 100644 --- a/.gitignore +++ b/.gitignore @@ -11,6 +11,6 @@ __pycache__ *.dat *.so -build +build* venv vgcore* diff --git a/CMakeLists.txt b/CMakeLists.txt index 8f3438b8..0e18166e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -27,6 +27,9 @@ option(CODECOV "Code Coverage" OFF) option(CRYPTO_LIBGCRYPT "Cryptography Module - Libgcrypt" ON) option(CRYPTO_KMC "Cryptography Module - KMC" OFF) option(DEBUG "Debug" OFF) +option(KEY_CUSTOM "Key Module - Custom" OFF) +option(KEY_INTERNAL "Key Module - Internal" ON) +option(KEY_KMC "Key Module - KMC OFF") option(SA_INTERNAL "Security Association - Internal" ON) option(SA_MARIADB "Security Association - MariaDB" OFF) option(SUPPORT "Support" OFF) diff --git a/include/crypto.h b/include/crypto.h index b5d7527b..720658a5 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -38,6 +38,7 @@ #include "crypto_structs.h" #include "sadb_routine.h" #include "cryptography_interface.h" +#include "key_interface.h" /* ** Crypto Version @@ -57,9 +58,10 @@ */ // Crypto Library Configuration functions -extern int32_t Crypto_Config_CryptoLib(uint8_t sadb_type, uint8_t cryptography_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus, - uint8_t has_pus_hdr, uint8_t ignore_sa_state, uint8_t ignore_anti_replay, - uint8_t unique_sa_per_mapid, uint8_t crypto_check_fecf, uint8_t vcid_bitmask, uint8_t crypto_increment_nontransmitted_iv); +extern int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t sadb_type, uint8_t cryptography_type, uint8_t crypto_create_fecf, + uint8_t process_sdls_pdus, uint8_t has_pus_hdr, uint8_t ignore_sa_state, uint8_t ignore_anti_replay, + uint8_t unique_sa_per_mapid, uint8_t crypto_check_fecf, uint8_t vcid_bitmask, + uint8_t crypto_increment_nontransmitted_iv); extern int32_t Crypto_Config_MariaDB(char* mysql_hostname, char* mysql_database, uint16_t mysql_port, uint8_t mysql_require_secure_transport, uint8_t mysql_tls_verify_server, char* mysql_tls_ca, char* mysql_tls_capath, char* mysql_mtls_cert, @@ -187,6 +189,7 @@ extern CryptographyKmcCryptoServiceConfig_t* cryptography_kmc_crypto_config; extern CamConfig_t* cam_config; extern GvcidManagedParameters_t* gvcid_managed_parameters; extern GvcidManagedParameters_t* current_managed_parameters; +extern KeyInterface key_if; extern SadbRoutine sadb_routine; extern CryptographyInterface cryptography_if; diff --git a/include/crypto_config_structs.h b/include/crypto_config_structs.h index 23b18d76..0fc5d691 100644 --- a/include/crypto_config_structs.h +++ b/include/crypto_config_structs.h @@ -28,6 +28,12 @@ ivv-itc@lists.nasa.gov // main config enums typedef enum +{ + KEY_TYPE_CUSTOM, + KEY_TYPE_INTERNAL, + KEY_TYPE_KMC +} KeyType; +typedef enum { SADB_TYPE_INMEMORY, SADB_TYPE_MARIADB @@ -146,6 +152,7 @@ typedef enum */ typedef struct { + KeyType key_type; SadbType sadb_type; CryptographyType cryptography_type; CreateFecfBool crypto_create_fecf; // Whether or not CryptoLib is expected to calculate TC FECFs and return diff --git a/include/crypto_structs.h b/include/crypto_structs.h index a978988a..eb49807f 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -25,19 +25,13 @@ #include "common_types.h" #else // Assume build outside of NOS3/cFS infrastructure #include +#include +#include #endif /* -** Key Definitions +** Definitions */ -typedef struct -{ - uint8_t value[KEY_SIZE]; - uint32_t key_len; - uint8_t key_state : 4; -} crypto_key_t; -#define CRYPTO_KEY_SIZE (sizeof(crypto_key_t)) - typedef struct { // Global Virtual Channel ID / Global MAP ID uint8_t tfvn : 4; // Transfer Frame Version Number diff --git a/include/cryptography_interface.h b/include/cryptography_interface.h index 1661ca2f..8171ceb1 100644 --- a/include/cryptography_interface.h +++ b/include/cryptography_interface.h @@ -31,7 +31,6 @@ typedef struct // Cryptography Interface Initialization & Management Functions int32_t (*cryptography_config)(void); int32_t (*cryptography_init)(void); - crypto_key_t* (*get_ek_ring)(void); int32_t (*cryptography_shutdown)(void); // Cryptography Interface Functions int32_t (*cryptography_encrypt)(uint8_t* data_out, size_t len_data_out, diff --git a/include/key_interface.h b/include/key_interface.h new file mode 100644 index 00000000..43ce1dae --- /dev/null +++ b/include/key_interface.h @@ -0,0 +1,49 @@ +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. + All Foreign Rights are Reserved to the U.S. Government. + + This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, + including, but not limited to, any warranty that the software will conform to specifications, any implied warranties + of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the + documentation will conform to the program, or any warranty that the software will be error free. + + In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or + consequential damages, arising out of, resulting from, or in any way connected with the software or its + documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained + from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. + + ITC Team + NASA IV&V + jstar-development-team@mail.nasa.gov +*/ +#ifndef _key_interface_h_ +#define _key_interface_h_ + +#include "crypto_error.h" +#include "crypto_structs.h" + +/* Structures */ +typedef struct +{ + uint8_t value[KEY_SIZE]; + uint32_t key_len; + uint8_t key_state : 4; +} crypto_key_t; +#define CRYPTO_KEY_SIZE (sizeof(crypto_key_t)) + +typedef struct +{ + /* Key Interface, SDLS */ + int32_t (*key_init)(void); + int32_t (*key_shutdown)(void); + crypto_key_t* (*get_ek_ring)(void); + + /* Key Interface, SDLS-EP */ + +} KeyInterfaceStruct, *KeyInterface; + +/* Prototypes */ +KeyInterface get_key_interface_custom(void); +KeyInterface get_key_interface_internal(void); +KeyInterface get_key_interface_kmc(void); + +#endif /* _key_interface_h_ */ diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt index 691d39a8..e5899dd0 100644 --- a/src/CMakeLists.txt +++ b/src/CMakeLists.txt @@ -35,6 +35,31 @@ else() list(APPEND LIB_SRC_FILES ${KMC_FILES}) endif() +if(KEY_CUSTOM) + # Assumes CryptoLib is a Git submodule to project and custom directories and definitions exist at top level + aux_source_directory(../../key/custom KEY_CUSTOM_FILES) + list(APPEND LIB_SRC_FILES ${KEY_CUSTOM_FILES}) +else() + aux_source_directory(key/custom_stub KEY_CUSTOM_FILES) + list(APPEND LIB_SRC_FILES ${KEY_CUSTOM_FILES}) +endif() + +if(KEY_INTERNAL) + aux_source_directory(key/internal KEY_INTERNAL_FILES) + list(APPEND LIB_SRC_FILES ${KEY_INTERNAL_FILES}) +else() + aux_source_directory(key/internal_stub KEY_INTERNAL_FILES) + list(APPEND LIB_SRC_FILES ${KEY_INTERNAL_FILES}) +endif() + +if(KEY_KMC) + aux_source_directory(key/kmc KEY_KMC_FILES) + list(APPEND LIB_SRC_FILES ${KEY_KMC_FILES}) +else() + aux_source_directory(key/kmc_stub KEY_KMC_FILES) + list(APPEND LIB_SRC_FILES ${KEY_KMC_FILES}) +endif() + if(SA_INTERNAL) aux_source_directory(sa/internal SA_INTERNAL_FILES) list(APPEND LIB_SRC_FILES ${SA_INTERNAL_FILES}) diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index b2ca6c36..5a088c86 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -25,12 +25,17 @@ /* ** Global Variables */ +KeyInterface key_if = NULL; + SadbRoutine sadb_routine = NULL; +SadbMariaDBConfig_t* sadb_mariadb_config = NULL; + CryptographyInterface cryptography_if = NULL; CryptoConfig_t* crypto_config = NULL; -SadbMariaDBConfig_t* sadb_mariadb_config = NULL; + CryptographyKmcCryptoServiceConfig_t* cryptography_kmc_crypto_config = NULL; CamConfig_t* cam_config = NULL; + GvcidManagedParameters_t* gvcid_managed_parameters = NULL; GvcidManagedParameters_t* current_managed_parameters = NULL; @@ -48,7 +53,7 @@ int32_t crypto_free_config_structs(void); int32_t Crypto_Init_TC_Unit_Test(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TC Tests @@ -66,7 +71,7 @@ int32_t Crypto_Init_TC_Unit_Test(void) int32_t Crypto_Init_TM_Unit_Test(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TM_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TM Tests @@ -119,6 +124,21 @@ int32_t Crypto_Init(void) // Crypto_mpPrint(gvcid_managed_parameters, 1); // #endif + /* Key Interface */ + if (crypto_config->key_type == KEY_TYPE_CUSTOM) + { + key_if = get_key_interface_custom(); + } + else if (crypto_config->key_type == KEY_TYPE_INTERNAL) + { + key_if = get_key_interface_internal(); + } + else // KEY_TYPE_KMC + { + key_if = get_key_interface_kmc(); + } + + /* SA Interface */ // Prepare SADB type from config if (crypto_config->sadb_type == SADB_TYPE_INMEMORY) { @@ -140,6 +160,7 @@ int32_t Crypto_Init(void) return status; } // TODO: Error stack + /* Crypto Interface */ // Prepare Cryptographic Library from config if(crypto_config->cryptography_type == CRYPTOGRAPHY_TYPE_LIBGCRYPT) { @@ -241,6 +262,7 @@ int32_t Crypto_Shutdown(void) /** * @brief Function: Crypto_Config_CryptoLib + * @param key_type: uint8 * @param sadb_type: uint8 * @param crypto_create_fecf: uint8 * @param process_sdls_pdus: uint8 @@ -252,12 +274,13 @@ int32_t Crypto_Shutdown(void) * @param vcid_bitmask: uint8 * @return int32: Success/Failure **/ -int32_t Crypto_Config_CryptoLib(uint8_t sadb_type, uint8_t cryptography_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus, +int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t sadb_type, uint8_t cryptography_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus, uint8_t has_pus_hdr, uint8_t ignore_sa_state, uint8_t ignore_anti_replay, uint8_t unique_sa_per_mapid, uint8_t crypto_check_fecf, uint8_t vcid_bitmask, uint8_t crypto_increment_nontransmitted_iv) { int32_t status = CRYPTO_LIB_SUCCESS; crypto_config = (CryptoConfig_t* )calloc(1, CRYPTO_CONFIG_SIZE); + crypto_config->key_type = key_type; crypto_config->sadb_type = sadb_type; crypto_config->cryptography_type = cryptography_type; crypto_config->crypto_create_fecf = crypto_create_fecf; diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 556fd308..63df952f 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -45,7 +45,7 @@ int32_t Crypto_Key_OTAR(void) int y; int32_t status = CRYPTO_LIB_SUCCESS; int pdu_keys = (sdls_frame.pdu.pdu_len - 30) / (2 + KEY_SIZE); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); int w; if ( ek_ring == NULL ) @@ -179,7 +179,7 @@ int32_t Crypto_Key_update(uint8_t state) SDLS_KEY_BLK_t packet; int count = 0; int pdu_keys = sdls_frame.pdu.pdu_len / 2; - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); int x; if ( ek_ring == NULL ) @@ -287,7 +287,7 @@ int32_t Crypto_Key_inventory(uint8_t* ingest) SDLS_KEY_INVENTORY_t packet; int count = 0; uint16_t range = 0; - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); uint16_t x; if ( ek_ring == NULL || ingest == NULL) @@ -363,7 +363,7 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) sdls_frame.pdu.pdu_len = pdu_keys * (2 + IV_SIZE + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE); sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); if ( ek_ring == NULL ) // Can't verify key without a key ring, action supported for this cryptography interface! { return CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; diff --git a/src/core/crypto_user.c b/src/core/crypto_user.c index a9e510ef..fc463079 100644 --- a/src/core/crypto_user.c +++ b/src/core/crypto_user.c @@ -123,7 +123,7 @@ int32_t Crypto_User_ModifyKey(void) // Local variables uint16_t kid = ((uint8_t)sdls_frame.pdu.data[0] << 8) | ((uint8_t)sdls_frame.pdu.data[1]); uint8_t mod = (uint8_t)sdls_frame.pdu.data[2]; - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); if ( ek_ring == NULL ) { diff --git a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c index f4730430..94bb8b0a 100644 --- a/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c +++ b/src/crypto/kmc/cryptography_interface_kmc_crypto_service.template.c @@ -44,7 +44,6 @@ typedef struct { // Cryptography Interface Initialization & Management Functions static int32_t cryptography_config(void); static int32_t cryptography_init(void); -static crypto_key_t* get_ek_ring(void); static int32_t cryptography_shutdown(void); // Cryptography Interface Functions static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, @@ -148,7 +147,6 @@ CryptographyInterface get_cryptography_interface_kmc_crypto_service(void) { cryptography_if_struct.cryptography_config = cryptography_config; cryptography_if_struct.cryptography_init = cryptography_init; - cryptography_if_struct.get_ek_ring = get_ek_ring; cryptography_if_struct.cryptography_shutdown = cryptography_shutdown; cryptography_if_struct.cryptography_encrypt = cryptography_encrypt; cryptography_if_struct.cryptography_decrypt = cryptography_decrypt; @@ -267,11 +265,6 @@ static int32_t cryptography_init(void) kmc_root_uri = NULL; return status; } -static crypto_key_t* get_ek_ring(void) -{ - fprintf(stderr, "Attempting to access key ring with KMC Crypto Service. This shouldn't happen!\n "); - return NULL; -} static int32_t cryptography_shutdown(void) { if(curl){ diff --git a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c index b1e7e0b3..22701933 100644 --- a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c +++ b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c @@ -23,7 +23,6 @@ // Cryptography Interface Initialization & Management Functions static int32_t cryptography_config(void); static int32_t cryptography_init(void); -static crypto_key_t* get_ek_ring(void); static int32_t cryptography_shutdown(void); // Cryptography Interface Functions static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, @@ -78,8 +77,6 @@ static int32_t cryptography_get_ecs_mode(int8_t algo_enum); /* ** Module Variables */ -// Security -static crypto_key_t ek_ring[NUM_KEYS] = {0}; // Cryptography Interface static CryptographyInterfaceStruct cryptography_if_struct; @@ -87,7 +84,6 @@ CryptographyInterface get_cryptography_interface_libgcrypt(void) { cryptography_if_struct.cryptography_config = cryptography_config; cryptography_if_struct.cryptography_init = cryptography_init; - cryptography_if_struct.get_ek_ring = get_ek_ring; cryptography_if_struct.cryptography_shutdown = cryptography_shutdown; cryptography_if_struct.cryptography_encrypt = cryptography_encrypt; cryptography_if_struct.cryptography_decrypt = cryptography_decrypt; @@ -102,444 +98,9 @@ CryptographyInterface get_cryptography_interface_libgcrypt(void) static int32_t cryptography_config(void) { - int32_t status = CRYPTO_LIB_SUCCESS; - - // Master Keys - // 0 - 000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F -> ACTIVE - ek_ring[0].value[0] = 0x00; - ek_ring[0].value[1] = 0x01; - ek_ring[0].value[2] = 0x02; - ek_ring[0].value[3] = 0x03; - ek_ring[0].value[4] = 0x04; - ek_ring[0].value[5] = 0x05; - ek_ring[0].value[6] = 0x06; - ek_ring[0].value[7] = 0x07; - ek_ring[0].value[8] = 0x08; - ek_ring[0].value[9] = 0x09; - ek_ring[0].value[10] = 0x0A; - ek_ring[0].value[11] = 0x0B; - ek_ring[0].value[12] = 0x0C; - ek_ring[0].value[13] = 0x0D; - ek_ring[0].value[14] = 0x0E; - ek_ring[0].value[15] = 0x0F; - ek_ring[0].value[16] = 0x00; - ek_ring[0].value[17] = 0x01; - ek_ring[0].value[18] = 0x02; - ek_ring[0].value[19] = 0x03; - ek_ring[0].value[20] = 0x04; - ek_ring[0].value[21] = 0x05; - ek_ring[0].value[22] = 0x06; - ek_ring[0].value[23] = 0x07; - ek_ring[0].value[24] = 0x08; - ek_ring[0].value[25] = 0x09; - ek_ring[0].value[26] = 0x0A; - ek_ring[0].value[27] = 0x0B; - ek_ring[0].value[28] = 0x0C; - ek_ring[0].value[29] = 0x0D; - ek_ring[0].value[30] = 0x0E; - ek_ring[0].value[31] = 0x0F; - ek_ring[0].key_len = 32; - ek_ring[0].key_state = KEY_ACTIVE; - // 1 - 101112131415161718191A1B1C1D1E1F101112131415161718191A1B1C1D1E1F -> ACTIVE - ek_ring[1].value[0] = 0x10; - ek_ring[1].value[1] = 0x11; - ek_ring[1].value[2] = 0x12; - ek_ring[1].value[3] = 0x13; - ek_ring[1].value[4] = 0x14; - ek_ring[1].value[5] = 0x15; - ek_ring[1].value[6] = 0x16; - ek_ring[1].value[7] = 0x17; - ek_ring[1].value[8] = 0x18; - ek_ring[1].value[9] = 0x19; - ek_ring[1].value[10] = 0x1A; - ek_ring[1].value[11] = 0x1B; - ek_ring[1].value[12] = 0x1C; - ek_ring[1].value[13] = 0x1D; - ek_ring[1].value[14] = 0x1E; - ek_ring[1].value[15] = 0x1F; - ek_ring[1].value[16] = 0x10; - ek_ring[1].value[17] = 0x11; - ek_ring[1].value[18] = 0x12; - ek_ring[1].value[19] = 0x13; - ek_ring[1].value[20] = 0x14; - ek_ring[1].value[21] = 0x15; - ek_ring[1].value[22] = 0x16; - ek_ring[1].value[23] = 0x17; - ek_ring[1].value[24] = 0x18; - ek_ring[1].value[25] = 0x19; - ek_ring[1].value[26] = 0x1A; - ek_ring[1].value[27] = 0x1B; - ek_ring[1].value[28] = 0x1C; - ek_ring[1].value[29] = 0x1D; - ek_ring[1].value[30] = 0x1E; - ek_ring[1].value[31] = 0x1F; - ek_ring[1].key_len = 32; - ek_ring[1].key_state = KEY_ACTIVE; - // 2 - 202122232425262728292A2B2C2D2E2F202122232425262728292A2B2C2D2E2F -> ACTIVE - ek_ring[2].value[0] = 0x20; - ek_ring[2].value[1] = 0x21; - ek_ring[2].value[2] = 0x22; - ek_ring[2].value[3] = 0x23; - ek_ring[2].value[4] = 0x24; - ek_ring[2].value[5] = 0x25; - ek_ring[2].value[6] = 0x26; - ek_ring[2].value[7] = 0x27; - ek_ring[2].value[8] = 0x28; - ek_ring[2].value[9] = 0x29; - ek_ring[2].value[10] = 0x2A; - ek_ring[2].value[11] = 0x2B; - ek_ring[2].value[12] = 0x2C; - ek_ring[2].value[13] = 0x2D; - ek_ring[2].value[14] = 0x2E; - ek_ring[2].value[15] = 0x2F; - ek_ring[2].value[16] = 0x20; - ek_ring[2].value[17] = 0x21; - ek_ring[2].value[18] = 0x22; - ek_ring[2].value[19] = 0x23; - ek_ring[2].value[20] = 0x24; - ek_ring[2].value[21] = 0x25; - ek_ring[2].value[22] = 0x26; - ek_ring[2].value[23] = 0x27; - ek_ring[2].value[24] = 0x28; - ek_ring[2].value[25] = 0x29; - ek_ring[2].value[26] = 0x2A; - ek_ring[2].value[27] = 0x2B; - ek_ring[2].value[28] = 0x2C; - ek_ring[2].value[29] = 0x2D; - ek_ring[2].value[30] = 0x2E; - ek_ring[2].value[31] = 0x2F; - ek_ring[2].key_len = 32; - ek_ring[2].key_state = KEY_ACTIVE; - - // Session Keys - // 128 - 0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -> ACTIVE - ek_ring[128].value[0] = 0x01; - ek_ring[128].value[1] = 0x23; - ek_ring[128].value[2] = 0x45; - ek_ring[128].value[3] = 0x67; - ek_ring[128].value[4] = 0x89; - ek_ring[128].value[5] = 0xAB; - ek_ring[128].value[6] = 0xCD; - ek_ring[128].value[7] = 0xEF; - ek_ring[128].value[8] = 0x01; - ek_ring[128].value[9] = 0x23; - ek_ring[128].value[10] = 0x45; - ek_ring[128].value[11] = 0x67; - ek_ring[128].value[12] = 0x89; - ek_ring[128].value[13] = 0xAB; - ek_ring[128].value[14] = 0xCD; - ek_ring[128].value[15] = 0xEF; - ek_ring[128].value[16] = 0x01; - ek_ring[128].value[17] = 0x23; - ek_ring[128].value[18] = 0x45; - ek_ring[128].value[19] = 0x67; - ek_ring[128].value[20] = 0x89; - ek_ring[128].value[21] = 0xAB; - ek_ring[128].value[22] = 0xCD; - ek_ring[128].value[23] = 0xEF; - ek_ring[128].value[24] = 0x01; - ek_ring[128].value[25] = 0x23; - ek_ring[128].value[26] = 0x45; - ek_ring[128].value[27] = 0x67; - ek_ring[128].value[28] = 0x89; - ek_ring[128].value[29] = 0xAB; - ek_ring[128].value[30] = 0xCD; - ek_ring[128].value[31] = 0xEF; - ek_ring[128].key_len = 32; - ek_ring[128].key_state = KEY_ACTIVE; - // 129 - ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789 -> ACTIVE - ek_ring[129].value[0] = 0xAB; - ek_ring[129].value[1] = 0xCD; - ek_ring[129].value[2] = 0xEF; - ek_ring[129].value[3] = 0x01; - ek_ring[129].value[4] = 0x23; - ek_ring[129].value[5] = 0x45; - ek_ring[129].value[6] = 0x67; - ek_ring[129].value[7] = 0x89; - ek_ring[129].value[8] = 0xAB; - ek_ring[129].value[9] = 0xCD; - ek_ring[129].value[10] = 0xEF; - ek_ring[129].value[11] = 0x01; - ek_ring[129].value[12] = 0x23; - ek_ring[129].value[13] = 0x45; - ek_ring[129].value[14] = 0x67; - ek_ring[129].value[15] = 0x89; - ek_ring[129].value[16] = 0xAB; - ek_ring[129].value[17] = 0xCD; - ek_ring[129].value[18] = 0xEF; - ek_ring[129].value[19] = 0x01; - ek_ring[129].value[20] = 0x23; - ek_ring[129].value[21] = 0x45; - ek_ring[129].value[22] = 0x67; - ek_ring[129].value[23] = 0x89; - ek_ring[129].value[24] = 0xAB; - ek_ring[129].value[25] = 0xCD; - ek_ring[129].value[26] = 0xEF; - ek_ring[129].value[27] = 0x01; - ek_ring[129].value[28] = 0x23; - ek_ring[129].value[29] = 0x45; - ek_ring[129].value[30] = 0x67; - ek_ring[129].value[31] = 0x89; - ek_ring[129].key_len = 32; - ek_ring[129].key_state = KEY_ACTIVE; - // 130 - FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210 -> ACTIVE - ek_ring[130].value[0] = 0xFE; - ek_ring[130].value[1] = 0xDC; - ek_ring[130].value[2] = 0xBA; - ek_ring[130].value[3] = 0x98; - ek_ring[130].value[4] = 0x76; - ek_ring[130].value[5] = 0x54; - ek_ring[130].value[6] = 0x32; - ek_ring[130].value[7] = 0x10; - ek_ring[130].value[8] = 0xFE; - ek_ring[130].value[9] = 0xDC; - ek_ring[130].value[10] = 0xBA; - ek_ring[130].value[11] = 0x98; - ek_ring[130].value[12] = 0x76; - ek_ring[130].value[13] = 0x54; - ek_ring[130].value[14] = 0x32; - ek_ring[130].value[15] = 0x10; - ek_ring[130].value[16] = 0xFE; - ek_ring[130].value[17] = 0xDC; - ek_ring[130].value[18] = 0xBA; - ek_ring[130].value[19] = 0x98; - ek_ring[130].value[20] = 0x76; - ek_ring[130].value[21] = 0x54; - ek_ring[130].value[22] = 0x32; - ek_ring[130].value[23] = 0x10; - ek_ring[130].value[24] = 0xFE; - ek_ring[130].value[25] = 0xDC; - ek_ring[130].value[26] = 0xBA; - ek_ring[130].value[27] = 0x98; - ek_ring[130].value[28] = 0x76; - ek_ring[130].value[29] = 0x54; - ek_ring[130].value[30] = 0x32; - ek_ring[130].value[31] = 0x10; - ek_ring[130].key_len = 32; - ek_ring[130].key_state = KEY_ACTIVE; - // 131 - 9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA -> ACTIVE - ek_ring[131].value[0] = 0x98; - ek_ring[131].value[1] = 0x76; - ek_ring[131].value[2] = 0x54; - ek_ring[131].value[3] = 0x32; - ek_ring[131].value[4] = 0x10; - ek_ring[131].value[5] = 0xFE; - ek_ring[131].value[6] = 0xDC; - ek_ring[131].value[7] = 0xBA; - ek_ring[131].value[8] = 0x98; - ek_ring[131].value[9] = 0x76; - ek_ring[131].value[10] = 0x54; - ek_ring[131].value[11] = 0x32; - ek_ring[131].value[12] = 0x10; - ek_ring[131].value[13] = 0xFE; - ek_ring[131].value[14] = 0xDC; - ek_ring[131].value[15] = 0xBA; - ek_ring[131].value[16] = 0x98; - ek_ring[131].value[17] = 0x76; - ek_ring[131].value[18] = 0x54; - ek_ring[131].value[19] = 0x32; - ek_ring[131].value[20] = 0x10; - ek_ring[131].value[21] = 0xFE; - ek_ring[131].value[22] = 0xDC; - ek_ring[131].value[23] = 0xBA; - ek_ring[131].value[24] = 0x98; - ek_ring[131].value[25] = 0x76; - ek_ring[131].value[26] = 0x54; - ek_ring[131].value[27] = 0x32; - ek_ring[131].value[28] = 0x10; - ek_ring[131].value[29] = 0xFE; - ek_ring[131].value[30] = 0xDC; - ek_ring[131].value[31] = 0xBA; - ek_ring[131].key_len = 32; - ek_ring[131].key_state = KEY_ACTIVE; - // 132 - 0123456789ABCDEFABCDEF01234567890123456789ABCDEFABCDEF0123456789 -> PRE_ACTIVATION - ek_ring[132].value[0] = 0x01; - ek_ring[132].value[1] = 0x23; - ek_ring[132].value[2] = 0x45; - ek_ring[132].value[3] = 0x67; - ek_ring[132].value[4] = 0x89; - ek_ring[132].value[5] = 0xAB; - ek_ring[132].value[6] = 0xCD; - ek_ring[132].value[7] = 0xEF; - ek_ring[132].value[8] = 0xAB; - ek_ring[132].value[9] = 0xCD; - ek_ring[132].value[10] = 0xEF; - ek_ring[132].value[11] = 0x01; - ek_ring[132].value[12] = 0x23; - ek_ring[132].value[13] = 0x45; - ek_ring[132].value[14] = 0x67; - ek_ring[132].value[15] = 0x89; - ek_ring[132].value[16] = 0x01; - ek_ring[132].value[17] = 0x23; - ek_ring[132].value[18] = 0x45; - ek_ring[132].value[19] = 0x67; - ek_ring[132].value[20] = 0x89; - ek_ring[132].value[21] = 0xAB; - ek_ring[132].value[22] = 0xCD; - ek_ring[132].value[23] = 0xEF; - ek_ring[132].value[24] = 0xAB; - ek_ring[132].value[25] = 0xCD; - ek_ring[132].value[26] = 0xEF; - ek_ring[132].value[27] = 0x01; - ek_ring[132].value[28] = 0x23; - ek_ring[132].value[29] = 0x45; - ek_ring[132].value[30] = 0x67; - ek_ring[132].value[31] = 0x89; - ek_ring[132].key_len = 32; - ek_ring[132].key_state = KEY_PREACTIVE; - // 133 - ABCDEF01234567890123456789ABCDEFABCDEF01234567890123456789ABCDEF -> ACTIVE - ek_ring[133].value[0] = 0xAB; - ek_ring[133].value[1] = 0xCD; - ek_ring[133].value[2] = 0xEF; - ek_ring[133].value[3] = 0x01; - ek_ring[133].value[4] = 0x23; - ek_ring[133].value[5] = 0x45; - ek_ring[133].value[6] = 0x67; - ek_ring[133].value[7] = 0x89; - ek_ring[133].value[8] = 0x01; - ek_ring[133].value[9] = 0x23; - ek_ring[133].value[10] = 0x45; - ek_ring[133].value[11] = 0x67; - ek_ring[133].value[12] = 0x89; - ek_ring[133].value[13] = 0xAB; - ek_ring[133].value[14] = 0xCD; - ek_ring[133].value[15] = 0xEF; - ek_ring[133].value[16] = 0xAB; - ek_ring[133].value[17] = 0xCD; - ek_ring[133].value[18] = 0xEF; - ek_ring[133].value[19] = 0x01; - ek_ring[133].value[20] = 0x23; - ek_ring[133].value[21] = 0x45; - ek_ring[133].value[22] = 0x67; - ek_ring[133].value[23] = 0x89; - ek_ring[133].value[24] = 0x01; - ek_ring[133].value[25] = 0x23; - ek_ring[133].value[26] = 0x45; - ek_ring[133].value[27] = 0x67; - ek_ring[133].value[28] = 0x89; - ek_ring[133].value[29] = 0xAB; - ek_ring[133].value[30] = 0xCD; - ek_ring[133].value[31] = 0xEF; - ek_ring[133].key_len = 32; - ek_ring[133].key_state = KEY_ACTIVE; - // 134 - ABCDEF0123456789FEDCBA9876543210ABCDEF0123456789FEDCBA9876543210 -> DEACTIVE - ek_ring[134].value[0] = 0xAB; - ek_ring[134].value[1] = 0xCD; - ek_ring[134].value[2] = 0xEF; - ek_ring[134].value[3] = 0x01; - ek_ring[134].value[4] = 0x23; - ek_ring[134].value[5] = 0x45; - ek_ring[134].value[6] = 0x67; - ek_ring[134].value[7] = 0x89; - ek_ring[134].value[8] = 0xFE; - ek_ring[134].value[9] = 0xDC; - ek_ring[134].value[10] = 0xBA; - ek_ring[134].value[11] = 0x98; - ek_ring[134].value[12] = 0x76; - ek_ring[134].value[13] = 0x54; - ek_ring[134].value[14] = 0x32; - ek_ring[134].value[15] = 0x10; - ek_ring[134].value[16] = 0xAB; - ek_ring[134].value[17] = 0xCD; - ek_ring[134].value[18] = 0xEF; - ek_ring[134].value[19] = 0x01; - ek_ring[134].value[20] = 0x23; - ek_ring[134].value[21] = 0x45; - ek_ring[134].value[22] = 0x67; - ek_ring[134].value[23] = 0x89; - ek_ring[134].value[24] = 0xFE; - ek_ring[134].value[25] = 0xDC; - ek_ring[134].value[26] = 0xBA; - ek_ring[134].value[27] = 0x98; - ek_ring[134].value[28] = 0x76; - ek_ring[134].value[29] = 0x54; - ek_ring[134].value[30] = 0x32; - ek_ring[134].value[31] = 0x10; - ek_ring[134].key_len = 32; - ek_ring[134].key_state = KEY_DEACTIVATED; - - // 135 - ABCDEF0123456789FEDCBA9876543210ABCDEF0123456789FEDCBA9876543210 -> DEACTIVE - ek_ring[135].value[0] = 0x00; - ek_ring[135].value[1] = 0x00; - ek_ring[135].value[2] = 0x00; - ek_ring[135].value[3] = 0x00; - ek_ring[135].value[4] = 0x00; - ek_ring[135].value[5] = 0x00; - ek_ring[135].value[6] = 0x00; - ek_ring[135].value[7] = 0x00; - ek_ring[135].value[8] = 0x00; - ek_ring[135].value[9] = 0x00; - ek_ring[135].value[10] = 0x00; - ek_ring[135].value[11] = 0x00; - ek_ring[135].value[12] = 0x00; - ek_ring[135].value[13] = 0x00; - ek_ring[135].value[14] = 0x00; - ek_ring[135].value[15] = 0x00; - ek_ring[135].value[16] = 0x00; - ek_ring[135].value[17] = 0x00; - ek_ring[135].value[18] = 0x00; - ek_ring[135].value[19] = 0x00; - ek_ring[135].value[20] = 0x00; - ek_ring[135].value[21] = 0x00; - ek_ring[135].value[22] = 0x00; - ek_ring[135].value[23] = 0x00; - ek_ring[135].value[24] = 0x00; - ek_ring[135].value[25] = 0x00; - ek_ring[135].value[26] = 0x00; - ek_ring[135].value[27] = 0x00; - ek_ring[135].value[28] = 0x00; - ek_ring[135].value[29] = 0x00; - ek_ring[135].value[30] = 0x00; - ek_ring[135].value[31] = 0x00; - ek_ring[135].key_len = 32; - ek_ring[135].key_state = KEY_DEACTIVATED; - - // 136 - ff9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f9 - // Reference: - // https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - ek_ring[136].value[0] = 0xff; - ek_ring[136].value[1] = 0x9f; - ek_ring[136].value[2] = 0x92; - ek_ring[136].value[3] = 0x84; - ek_ring[136].value[4] = 0xcf; - ek_ring[136].value[5] = 0x59; - ek_ring[136].value[6] = 0x9e; - ek_ring[136].value[7] = 0xac; - ek_ring[136].value[8] = 0x3b; - ek_ring[136].value[9] = 0x11; - ek_ring[136].value[10] = 0x99; - ek_ring[136].value[11] = 0x05; - ek_ring[136].value[12] = 0xa7; - ek_ring[136].value[13] = 0xd1; - ek_ring[136].value[14] = 0x88; - ek_ring[136].value[15] = 0x51; - ek_ring[136].value[16] = 0xe7; - ek_ring[136].value[17] = 0xe3; - ek_ring[136].value[18] = 0x74; - ek_ring[136].value[19] = 0xcf; - ek_ring[136].value[20] = 0x63; - ek_ring[136].value[21] = 0xae; - ek_ring[136].value[22] = 0xa0; - ek_ring[136].value[23] = 0x43; - ek_ring[136].value[24] = 0x58; - ek_ring[136].value[25] = 0x58; - ek_ring[136].value[26] = 0x6b; - ek_ring[136].value[27] = 0x0f; - ek_ring[136].value[28] = 0x75; - ek_ring[136].value[29] = 0x76; - ek_ring[136].value[30] = 0x70; - ek_ring[136].value[31] = 0xf9; - ek_ring[136].key_len = 32; - ek_ring[136].key_state = KEY_DEACTIVATED; - - return status; -} -static crypto_key_t* get_ek_ring(void) -{ - return &ek_ring[0]; + return CRYPTO_LIB_SUCCESS; } - static int32_t cryptography_init(void) { int32_t status = CRYPTO_LIB_SUCCESS; @@ -574,10 +135,12 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, int32_t status = CRYPTO_LIB_SUCCESS; uint8_t* key_ptr = key; + /* if(sa_ptr != NULL) //Using SA key pointer { key_ptr = &(ek_ring[sa_ptr->akid].value[0]); } + */ // Need to copy the data over, since authentication won't change/move the data directly if(data_out != NULL) { @@ -600,10 +163,12 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, } // Check that key length to be used is atleast as long as the algo requirement + /* if (sa_ptr != NULL && len_key > ek_ring[sa_ptr->akid].key_len) { return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; } + */ gcry_error = gcry_mac_open(&(tmp_mac_hd), algo, GCRY_MAC_FLAG_SECURE, NULL); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) @@ -694,10 +259,12 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le uint8_t* key_ptr = key; size_t len_in = len_data_in; // Unused len_in = len_in; + /* if(sa_ptr != NULL) //Using SA key pointer { key_ptr = &(ek_ring[sa_ptr->akid].value[0]); } + */ // Need to copy the data over, since authentication won't change/move the data directly // If you don't want data out, don't set a data out length @@ -721,10 +288,12 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le } // Check that key length to be used is atleast as long as the algo requirement + /* if (sa_ptr != NULL && len_key > ek_ring[sa_ptr->akid].key_len) { return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; } + */ gcry_error = gcry_mac_open(&(tmp_mac_hd), algo, GCRY_MAC_FLAG_SECURE, NULL); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) @@ -854,10 +423,12 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, padding = padding; cam_cookies = cam_cookies; + /* if(sa_ptr != NULL) //Using SA key pointer { key_ptr = &(ek_ring[sa_ptr->ekid].value[0]); } + */ // Select correct libgcrypt algorith enum int32_t algo = -1; @@ -879,11 +450,13 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, mode = cryptography_get_ecs_mode(*ecs); if (mode == CRYPTO_LIB_ERR_UNSUPPORTED_MODE) return CRYPTO_LIB_ERR_UNSUPPORTED_MODE; - // Check that key length to be used is atleast as long as the algo requirement + // Check that key length to be used is atleast as long as the algo requirement + /* if (sa_ptr != NULL && len_key > ek_ring[sa_ptr->ekid].key_len) { return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; } + */ gcry_error = gcry_cipher_open(&(tmp_hd), algo, mode, GCRY_CIPHER_NONE); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) @@ -988,10 +561,12 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, acs = acs; cam_cookies = cam_cookies; + /* if(sa_ptr != NULL) //Using SA key pointer { key_ptr = &(ek_ring[sa_ptr->ekid].value[0]); } + */ // Select correct libgcrypt ecs enum int32_t algo = -1; @@ -1014,10 +589,12 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, if (mode == CRYPTO_LIB_ERR_UNSUPPORTED_ECS_MODE) return CRYPTO_LIB_ERR_UNSUPPORTED_ECS_MODE; // Check that key length to be used is atleast as long as the algo requirement + /* if (sa_ptr != NULL && len_key > ek_ring[sa_ptr->ekid].key_len) { return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; } + */ // TODO: Get Flag Functionality if(mode == CRYPTO_CIPHER_AES256_CBC_MAC) @@ -1178,10 +755,12 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, acs = acs; cam_cookies = cam_cookies; + /* if(sa_ptr != NULL) //Using SA key pointer { key_ptr = &(ek_ring[sa_ptr->ekid].value[0]); } + */ // Select correct libgcrypt ecs enum int32_t algo = -1; @@ -1204,10 +783,12 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, if (mode == CRYPTO_LIB_ERR_UNSUPPORTED_MODE) return CRYPTO_LIB_ERR_UNSUPPORTED_MODE; // Check that key length to be used is atleast as long as the algo requirement + /* if (sa_ptr != NULL && len_key > ek_ring[sa_ptr->ekid].key_len) { return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; } + */ gcry_error = gcry_cipher_open(&(tmp_hd), algo, mode, GCRY_CIPHER_NONE); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) @@ -1276,10 +857,12 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, acs = acs; cam_cookies = cam_cookies; + /* if(sa_ptr != NULL) //Using SA key pointer { key_ptr = &(ek_ring[sa_ptr->ekid].value[0]); } + */ // Select correct libgcrypt ecs enum int32_t algo = -1; @@ -1297,10 +880,12 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, } // Check that key length to be used is atleast as long as the algo requirement + /* if (sa_ptr != NULL && len_key > ek_ring[sa_ptr->ekid].key_len) { return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; } + */ gcry_error = gcry_cipher_open(&(tmp_hd), GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_CIPHER_NONE); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) diff --git a/src/key/custom_stub/key_interface_custom_stub.template.c b/src/key/custom_stub/key_interface_custom_stub.template.c new file mode 100644 index 00000000..b14257a0 --- /dev/null +++ b/src/key/custom_stub/key_interface_custom_stub.template.c @@ -0,0 +1,29 @@ +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. + All Foreign Rights are Reserved to the U.S. Government. + + This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, + including, but not limited to, any warranty that the software will conform to specifications, any implied warranties + of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the + documentation will conform to the program, or any warranty that the software will be error free. + + In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or + consequential damages, arising out of, resulting from, or in any way connected with the software or its + documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained + from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. + + ITC Team + NASA IV&V + jstar-development-team@mail.nasa.gov +*/ + +#include "key_interface.h" + +/* Variables */ +static KeyInterfaceStruct key_if_struct; + +/* Functions */ +KeyInterface get_key_interface_custom(void) +{ + fprintf(stderr,"ERROR: Loading custom key interface stub source code. Rebuild CryptoLib with -DKEY_CUSTOM=ON to use implementation.\n"); + return &key_if_struct; +} diff --git a/src/key/internal/key_interface_internal.template.c b/src/key/internal/key_interface_internal.template.c new file mode 100644 index 00000000..33dc26d3 --- /dev/null +++ b/src/key/internal/key_interface_internal.template.c @@ -0,0 +1,481 @@ +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. + All Foreign Rights are Reserved to the U.S. Government. + + This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, + including, but not limited to, any warranty that the software will conform to specifications, any implied warranties + of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the + documentation will conform to the program, or any warranty that the software will be error free. + + In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or + consequential damages, arising out of, resulting from, or in any way connected with the software or its + documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained + from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. + + ITC Team + NASA IV&V + jstar-development-team@mail.nasa.gov +*/ +#include "key_interface.h" + +/* Variables */ +static crypto_key_t ek_ring[NUM_KEYS] = {0}; +static KeyInterfaceStruct key_if_struct; + +/* Prototypes */ +static int32_t key_init(void); +static int32_t key_shutdown(void); +static crypto_key_t* get_ek_ring(void); + +/* Functions */ +KeyInterface get_key_interface_internal(void) +{ + key_if_struct.key_init = key_init; + key_if_struct.key_shutdown = key_shutdown; + key_if_struct.get_ek_ring = get_ek_ring; + return &key_if_struct; +} + +static int32_t key_init(void) +{ + int32_t status = CRYPTO_LIB_SUCCESS; + + // Master Keys + // 0 - 000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F -> ACTIVE + ek_ring[0].value[0] = 0x00; + ek_ring[0].value[1] = 0x01; + ek_ring[0].value[2] = 0x02; + ek_ring[0].value[3] = 0x03; + ek_ring[0].value[4] = 0x04; + ek_ring[0].value[5] = 0x05; + ek_ring[0].value[6] = 0x06; + ek_ring[0].value[7] = 0x07; + ek_ring[0].value[8] = 0x08; + ek_ring[0].value[9] = 0x09; + ek_ring[0].value[10] = 0x0A; + ek_ring[0].value[11] = 0x0B; + ek_ring[0].value[12] = 0x0C; + ek_ring[0].value[13] = 0x0D; + ek_ring[0].value[14] = 0x0E; + ek_ring[0].value[15] = 0x0F; + ek_ring[0].value[16] = 0x00; + ek_ring[0].value[17] = 0x01; + ek_ring[0].value[18] = 0x02; + ek_ring[0].value[19] = 0x03; + ek_ring[0].value[20] = 0x04; + ek_ring[0].value[21] = 0x05; + ek_ring[0].value[22] = 0x06; + ek_ring[0].value[23] = 0x07; + ek_ring[0].value[24] = 0x08; + ek_ring[0].value[25] = 0x09; + ek_ring[0].value[26] = 0x0A; + ek_ring[0].value[27] = 0x0B; + ek_ring[0].value[28] = 0x0C; + ek_ring[0].value[29] = 0x0D; + ek_ring[0].value[30] = 0x0E; + ek_ring[0].value[31] = 0x0F; + ek_ring[0].key_len = 32; + ek_ring[0].key_state = KEY_ACTIVE; + // 1 - 101112131415161718191A1B1C1D1E1F101112131415161718191A1B1C1D1E1F -> ACTIVE + ek_ring[1].value[0] = 0x10; + ek_ring[1].value[1] = 0x11; + ek_ring[1].value[2] = 0x12; + ek_ring[1].value[3] = 0x13; + ek_ring[1].value[4] = 0x14; + ek_ring[1].value[5] = 0x15; + ek_ring[1].value[6] = 0x16; + ek_ring[1].value[7] = 0x17; + ek_ring[1].value[8] = 0x18; + ek_ring[1].value[9] = 0x19; + ek_ring[1].value[10] = 0x1A; + ek_ring[1].value[11] = 0x1B; + ek_ring[1].value[12] = 0x1C; + ek_ring[1].value[13] = 0x1D; + ek_ring[1].value[14] = 0x1E; + ek_ring[1].value[15] = 0x1F; + ek_ring[1].value[16] = 0x10; + ek_ring[1].value[17] = 0x11; + ek_ring[1].value[18] = 0x12; + ek_ring[1].value[19] = 0x13; + ek_ring[1].value[20] = 0x14; + ek_ring[1].value[21] = 0x15; + ek_ring[1].value[22] = 0x16; + ek_ring[1].value[23] = 0x17; + ek_ring[1].value[24] = 0x18; + ek_ring[1].value[25] = 0x19; + ek_ring[1].value[26] = 0x1A; + ek_ring[1].value[27] = 0x1B; + ek_ring[1].value[28] = 0x1C; + ek_ring[1].value[29] = 0x1D; + ek_ring[1].value[30] = 0x1E; + ek_ring[1].value[31] = 0x1F; + ek_ring[1].key_len = 32; + ek_ring[1].key_state = KEY_ACTIVE; + // 2 - 202122232425262728292A2B2C2D2E2F202122232425262728292A2B2C2D2E2F -> ACTIVE + ek_ring[2].value[0] = 0x20; + ek_ring[2].value[1] = 0x21; + ek_ring[2].value[2] = 0x22; + ek_ring[2].value[3] = 0x23; + ek_ring[2].value[4] = 0x24; + ek_ring[2].value[5] = 0x25; + ek_ring[2].value[6] = 0x26; + ek_ring[2].value[7] = 0x27; + ek_ring[2].value[8] = 0x28; + ek_ring[2].value[9] = 0x29; + ek_ring[2].value[10] = 0x2A; + ek_ring[2].value[11] = 0x2B; + ek_ring[2].value[12] = 0x2C; + ek_ring[2].value[13] = 0x2D; + ek_ring[2].value[14] = 0x2E; + ek_ring[2].value[15] = 0x2F; + ek_ring[2].value[16] = 0x20; + ek_ring[2].value[17] = 0x21; + ek_ring[2].value[18] = 0x22; + ek_ring[2].value[19] = 0x23; + ek_ring[2].value[20] = 0x24; + ek_ring[2].value[21] = 0x25; + ek_ring[2].value[22] = 0x26; + ek_ring[2].value[23] = 0x27; + ek_ring[2].value[24] = 0x28; + ek_ring[2].value[25] = 0x29; + ek_ring[2].value[26] = 0x2A; + ek_ring[2].value[27] = 0x2B; + ek_ring[2].value[28] = 0x2C; + ek_ring[2].value[29] = 0x2D; + ek_ring[2].value[30] = 0x2E; + ek_ring[2].value[31] = 0x2F; + ek_ring[2].key_len = 32; + ek_ring[2].key_state = KEY_ACTIVE; + + // Session Keys + // 128 - 0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -> ACTIVE + ek_ring[128].value[0] = 0x01; + ek_ring[128].value[1] = 0x23; + ek_ring[128].value[2] = 0x45; + ek_ring[128].value[3] = 0x67; + ek_ring[128].value[4] = 0x89; + ek_ring[128].value[5] = 0xAB; + ek_ring[128].value[6] = 0xCD; + ek_ring[128].value[7] = 0xEF; + ek_ring[128].value[8] = 0x01; + ek_ring[128].value[9] = 0x23; + ek_ring[128].value[10] = 0x45; + ek_ring[128].value[11] = 0x67; + ek_ring[128].value[12] = 0x89; + ek_ring[128].value[13] = 0xAB; + ek_ring[128].value[14] = 0xCD; + ek_ring[128].value[15] = 0xEF; + ek_ring[128].value[16] = 0x01; + ek_ring[128].value[17] = 0x23; + ek_ring[128].value[18] = 0x45; + ek_ring[128].value[19] = 0x67; + ek_ring[128].value[20] = 0x89; + ek_ring[128].value[21] = 0xAB; + ek_ring[128].value[22] = 0xCD; + ek_ring[128].value[23] = 0xEF; + ek_ring[128].value[24] = 0x01; + ek_ring[128].value[25] = 0x23; + ek_ring[128].value[26] = 0x45; + ek_ring[128].value[27] = 0x67; + ek_ring[128].value[28] = 0x89; + ek_ring[128].value[29] = 0xAB; + ek_ring[128].value[30] = 0xCD; + ek_ring[128].value[31] = 0xEF; + ek_ring[128].key_len = 32; + ek_ring[128].key_state = KEY_ACTIVE; + // 129 - ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789 -> ACTIVE + ek_ring[129].value[0] = 0xAB; + ek_ring[129].value[1] = 0xCD; + ek_ring[129].value[2] = 0xEF; + ek_ring[129].value[3] = 0x01; + ek_ring[129].value[4] = 0x23; + ek_ring[129].value[5] = 0x45; + ek_ring[129].value[6] = 0x67; + ek_ring[129].value[7] = 0x89; + ek_ring[129].value[8] = 0xAB; + ek_ring[129].value[9] = 0xCD; + ek_ring[129].value[10] = 0xEF; + ek_ring[129].value[11] = 0x01; + ek_ring[129].value[12] = 0x23; + ek_ring[129].value[13] = 0x45; + ek_ring[129].value[14] = 0x67; + ek_ring[129].value[15] = 0x89; + ek_ring[129].value[16] = 0xAB; + ek_ring[129].value[17] = 0xCD; + ek_ring[129].value[18] = 0xEF; + ek_ring[129].value[19] = 0x01; + ek_ring[129].value[20] = 0x23; + ek_ring[129].value[21] = 0x45; + ek_ring[129].value[22] = 0x67; + ek_ring[129].value[23] = 0x89; + ek_ring[129].value[24] = 0xAB; + ek_ring[129].value[25] = 0xCD; + ek_ring[129].value[26] = 0xEF; + ek_ring[129].value[27] = 0x01; + ek_ring[129].value[28] = 0x23; + ek_ring[129].value[29] = 0x45; + ek_ring[129].value[30] = 0x67; + ek_ring[129].value[31] = 0x89; + ek_ring[129].key_len = 32; + ek_ring[129].key_state = KEY_ACTIVE; + // 130 - FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210 -> ACTIVE + ek_ring[130].value[0] = 0xFE; + ek_ring[130].value[1] = 0xDC; + ek_ring[130].value[2] = 0xBA; + ek_ring[130].value[3] = 0x98; + ek_ring[130].value[4] = 0x76; + ek_ring[130].value[5] = 0x54; + ek_ring[130].value[6] = 0x32; + ek_ring[130].value[7] = 0x10; + ek_ring[130].value[8] = 0xFE; + ek_ring[130].value[9] = 0xDC; + ek_ring[130].value[10] = 0xBA; + ek_ring[130].value[11] = 0x98; + ek_ring[130].value[12] = 0x76; + ek_ring[130].value[13] = 0x54; + ek_ring[130].value[14] = 0x32; + ek_ring[130].value[15] = 0x10; + ek_ring[130].value[16] = 0xFE; + ek_ring[130].value[17] = 0xDC; + ek_ring[130].value[18] = 0xBA; + ek_ring[130].value[19] = 0x98; + ek_ring[130].value[20] = 0x76; + ek_ring[130].value[21] = 0x54; + ek_ring[130].value[22] = 0x32; + ek_ring[130].value[23] = 0x10; + ek_ring[130].value[24] = 0xFE; + ek_ring[130].value[25] = 0xDC; + ek_ring[130].value[26] = 0xBA; + ek_ring[130].value[27] = 0x98; + ek_ring[130].value[28] = 0x76; + ek_ring[130].value[29] = 0x54; + ek_ring[130].value[30] = 0x32; + ek_ring[130].value[31] = 0x10; + ek_ring[130].key_len = 32; + ek_ring[130].key_state = KEY_ACTIVE; + // 131 - 9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA -> ACTIVE + ek_ring[131].value[0] = 0x98; + ek_ring[131].value[1] = 0x76; + ek_ring[131].value[2] = 0x54; + ek_ring[131].value[3] = 0x32; + ek_ring[131].value[4] = 0x10; + ek_ring[131].value[5] = 0xFE; + ek_ring[131].value[6] = 0xDC; + ek_ring[131].value[7] = 0xBA; + ek_ring[131].value[8] = 0x98; + ek_ring[131].value[9] = 0x76; + ek_ring[131].value[10] = 0x54; + ek_ring[131].value[11] = 0x32; + ek_ring[131].value[12] = 0x10; + ek_ring[131].value[13] = 0xFE; + ek_ring[131].value[14] = 0xDC; + ek_ring[131].value[15] = 0xBA; + ek_ring[131].value[16] = 0x98; + ek_ring[131].value[17] = 0x76; + ek_ring[131].value[18] = 0x54; + ek_ring[131].value[19] = 0x32; + ek_ring[131].value[20] = 0x10; + ek_ring[131].value[21] = 0xFE; + ek_ring[131].value[22] = 0xDC; + ek_ring[131].value[23] = 0xBA; + ek_ring[131].value[24] = 0x98; + ek_ring[131].value[25] = 0x76; + ek_ring[131].value[26] = 0x54; + ek_ring[131].value[27] = 0x32; + ek_ring[131].value[28] = 0x10; + ek_ring[131].value[29] = 0xFE; + ek_ring[131].value[30] = 0xDC; + ek_ring[131].value[31] = 0xBA; + ek_ring[131].key_len = 32; + ek_ring[131].key_state = KEY_ACTIVE; + // 132 - 0123456789ABCDEFABCDEF01234567890123456789ABCDEFABCDEF0123456789 -> PRE_ACTIVATION + ek_ring[132].value[0] = 0x01; + ek_ring[132].value[1] = 0x23; + ek_ring[132].value[2] = 0x45; + ek_ring[132].value[3] = 0x67; + ek_ring[132].value[4] = 0x89; + ek_ring[132].value[5] = 0xAB; + ek_ring[132].value[6] = 0xCD; + ek_ring[132].value[7] = 0xEF; + ek_ring[132].value[8] = 0xAB; + ek_ring[132].value[9] = 0xCD; + ek_ring[132].value[10] = 0xEF; + ek_ring[132].value[11] = 0x01; + ek_ring[132].value[12] = 0x23; + ek_ring[132].value[13] = 0x45; + ek_ring[132].value[14] = 0x67; + ek_ring[132].value[15] = 0x89; + ek_ring[132].value[16] = 0x01; + ek_ring[132].value[17] = 0x23; + ek_ring[132].value[18] = 0x45; + ek_ring[132].value[19] = 0x67; + ek_ring[132].value[20] = 0x89; + ek_ring[132].value[21] = 0xAB; + ek_ring[132].value[22] = 0xCD; + ek_ring[132].value[23] = 0xEF; + ek_ring[132].value[24] = 0xAB; + ek_ring[132].value[25] = 0xCD; + ek_ring[132].value[26] = 0xEF; + ek_ring[132].value[27] = 0x01; + ek_ring[132].value[28] = 0x23; + ek_ring[132].value[29] = 0x45; + ek_ring[132].value[30] = 0x67; + ek_ring[132].value[31] = 0x89; + ek_ring[132].key_len = 32; + ek_ring[132].key_state = KEY_PREACTIVE; + // 133 - ABCDEF01234567890123456789ABCDEFABCDEF01234567890123456789ABCDEF -> ACTIVE + ek_ring[133].value[0] = 0xAB; + ek_ring[133].value[1] = 0xCD; + ek_ring[133].value[2] = 0xEF; + ek_ring[133].value[3] = 0x01; + ek_ring[133].value[4] = 0x23; + ek_ring[133].value[5] = 0x45; + ek_ring[133].value[6] = 0x67; + ek_ring[133].value[7] = 0x89; + ek_ring[133].value[8] = 0x01; + ek_ring[133].value[9] = 0x23; + ek_ring[133].value[10] = 0x45; + ek_ring[133].value[11] = 0x67; + ek_ring[133].value[12] = 0x89; + ek_ring[133].value[13] = 0xAB; + ek_ring[133].value[14] = 0xCD; + ek_ring[133].value[15] = 0xEF; + ek_ring[133].value[16] = 0xAB; + ek_ring[133].value[17] = 0xCD; + ek_ring[133].value[18] = 0xEF; + ek_ring[133].value[19] = 0x01; + ek_ring[133].value[20] = 0x23; + ek_ring[133].value[21] = 0x45; + ek_ring[133].value[22] = 0x67; + ek_ring[133].value[23] = 0x89; + ek_ring[133].value[24] = 0x01; + ek_ring[133].value[25] = 0x23; + ek_ring[133].value[26] = 0x45; + ek_ring[133].value[27] = 0x67; + ek_ring[133].value[28] = 0x89; + ek_ring[133].value[29] = 0xAB; + ek_ring[133].value[30] = 0xCD; + ek_ring[133].value[31] = 0xEF; + ek_ring[133].key_len = 32; + ek_ring[133].key_state = KEY_ACTIVE; + // 134 - ABCDEF0123456789FEDCBA9876543210ABCDEF0123456789FEDCBA9876543210 -> DEACTIVE + ek_ring[134].value[0] = 0xAB; + ek_ring[134].value[1] = 0xCD; + ek_ring[134].value[2] = 0xEF; + ek_ring[134].value[3] = 0x01; + ek_ring[134].value[4] = 0x23; + ek_ring[134].value[5] = 0x45; + ek_ring[134].value[6] = 0x67; + ek_ring[134].value[7] = 0x89; + ek_ring[134].value[8] = 0xFE; + ek_ring[134].value[9] = 0xDC; + ek_ring[134].value[10] = 0xBA; + ek_ring[134].value[11] = 0x98; + ek_ring[134].value[12] = 0x76; + ek_ring[134].value[13] = 0x54; + ek_ring[134].value[14] = 0x32; + ek_ring[134].value[15] = 0x10; + ek_ring[134].value[16] = 0xAB; + ek_ring[134].value[17] = 0xCD; + ek_ring[134].value[18] = 0xEF; + ek_ring[134].value[19] = 0x01; + ek_ring[134].value[20] = 0x23; + ek_ring[134].value[21] = 0x45; + ek_ring[134].value[22] = 0x67; + ek_ring[134].value[23] = 0x89; + ek_ring[134].value[24] = 0xFE; + ek_ring[134].value[25] = 0xDC; + ek_ring[134].value[26] = 0xBA; + ek_ring[134].value[27] = 0x98; + ek_ring[134].value[28] = 0x76; + ek_ring[134].value[29] = 0x54; + ek_ring[134].value[30] = 0x32; + ek_ring[134].value[31] = 0x10; + ek_ring[134].key_len = 32; + ek_ring[134].key_state = KEY_DEACTIVATED; + + // 135 - ABCDEF0123456789FEDCBA9876543210ABCDEF0123456789FEDCBA9876543210 -> DEACTIVE + ek_ring[135].value[0] = 0x00; + ek_ring[135].value[1] = 0x00; + ek_ring[135].value[2] = 0x00; + ek_ring[135].value[3] = 0x00; + ek_ring[135].value[4] = 0x00; + ek_ring[135].value[5] = 0x00; + ek_ring[135].value[6] = 0x00; + ek_ring[135].value[7] = 0x00; + ek_ring[135].value[8] = 0x00; + ek_ring[135].value[9] = 0x00; + ek_ring[135].value[10] = 0x00; + ek_ring[135].value[11] = 0x00; + ek_ring[135].value[12] = 0x00; + ek_ring[135].value[13] = 0x00; + ek_ring[135].value[14] = 0x00; + ek_ring[135].value[15] = 0x00; + ek_ring[135].value[16] = 0x00; + ek_ring[135].value[17] = 0x00; + ek_ring[135].value[18] = 0x00; + ek_ring[135].value[19] = 0x00; + ek_ring[135].value[20] = 0x00; + ek_ring[135].value[21] = 0x00; + ek_ring[135].value[22] = 0x00; + ek_ring[135].value[23] = 0x00; + ek_ring[135].value[24] = 0x00; + ek_ring[135].value[25] = 0x00; + ek_ring[135].value[26] = 0x00; + ek_ring[135].value[27] = 0x00; + ek_ring[135].value[28] = 0x00; + ek_ring[135].value[29] = 0x00; + ek_ring[135].value[30] = 0x00; + ek_ring[135].value[31] = 0x00; + ek_ring[135].key_len = 32; + ek_ring[135].key_state = KEY_DEACTIVATED; + + // 136 - ff9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f9 + // Reference: + // https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip + ek_ring[136].value[0] = 0xff; + ek_ring[136].value[1] = 0x9f; + ek_ring[136].value[2] = 0x92; + ek_ring[136].value[3] = 0x84; + ek_ring[136].value[4] = 0xcf; + ek_ring[136].value[5] = 0x59; + ek_ring[136].value[6] = 0x9e; + ek_ring[136].value[7] = 0xac; + ek_ring[136].value[8] = 0x3b; + ek_ring[136].value[9] = 0x11; + ek_ring[136].value[10] = 0x99; + ek_ring[136].value[11] = 0x05; + ek_ring[136].value[12] = 0xa7; + ek_ring[136].value[13] = 0xd1; + ek_ring[136].value[14] = 0x88; + ek_ring[136].value[15] = 0x51; + ek_ring[136].value[16] = 0xe7; + ek_ring[136].value[17] = 0xe3; + ek_ring[136].value[18] = 0x74; + ek_ring[136].value[19] = 0xcf; + ek_ring[136].value[20] = 0x63; + ek_ring[136].value[21] = 0xae; + ek_ring[136].value[22] = 0xa0; + ek_ring[136].value[23] = 0x43; + ek_ring[136].value[24] = 0x58; + ek_ring[136].value[25] = 0x58; + ek_ring[136].value[26] = 0x6b; + ek_ring[136].value[27] = 0x0f; + ek_ring[136].value[28] = 0x75; + ek_ring[136].value[29] = 0x76; + ek_ring[136].value[30] = 0x70; + ek_ring[136].value[31] = 0xf9; + ek_ring[136].key_len = 32; + ek_ring[136].key_state = KEY_DEACTIVATED; + + return status; +} + +static int32_t key_shutdown(void) +{ + return CRYPTO_LIB_SUCCESS; +} + +static crypto_key_t* get_ek_ring(void) +{ + return &ek_ring[0]; +} diff --git a/src/key/internal_stub/key_interface_internal_stub.template.c b/src/key/internal_stub/key_interface_internal_stub.template.c new file mode 100644 index 00000000..fdb4b81e --- /dev/null +++ b/src/key/internal_stub/key_interface_internal_stub.template.c @@ -0,0 +1,29 @@ +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. + All Foreign Rights are Reserved to the U.S. Government. + + This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, + including, but not limited to, any warranty that the software will conform to specifications, any implied warranties + of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the + documentation will conform to the program, or any warranty that the software will be error free. + + In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or + consequential damages, arising out of, resulting from, or in any way connected with the software or its + documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained + from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. + + ITC Team + NASA IV&V + jstar-development-team@mail.nasa.gov +*/ + +#include "key_interface.h" + +/* Variables */ +static KeyInterfaceStruct key_if_struct; + +/* Functions */ +KeyInterface get_key_interface_internal(void) +{ + fprintf(stderr,"ERROR: Loading internal key interface stub source code. Rebuild CryptoLib with -DKEY_INTERNAL=ON to use implementation.\n"); + return &key_if_struct; +} diff --git a/src/key/kmc/key_interface_kmc.template.c b/src/key/kmc/key_interface_kmc.template.c new file mode 100644 index 00000000..ee42a1b8 --- /dev/null +++ b/src/key/kmc/key_interface_kmc.template.c @@ -0,0 +1,53 @@ +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. + All Foreign Rights are Reserved to the U.S. Government. + + This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, + including, but not limited to, any warranty that the software will conform to specifications, any implied warranties + of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the + documentation will conform to the program, or any warranty that the software will be error free. + + In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or + consequential damages, arising out of, resulting from, or in any way connected with the software or its + documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained + from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. + + ITC Team + NASA IV&V + jstar-development-team@mail.nasa.gov +*/ + +#include "key_interface.h" + +/* Variables */ +static crypto_key_t ek_ring[NUM_KEYS] = {0}; +static KeyInterfaceStruct key_if_struct; + +/* Prototypes */ +static int32_t key_init(void); +static int32_t key_shutdown(void); +static crypto_key_t* get_ek_ring(void); + +/* Functions */ +KeyInterface get_key_interface_kmc(void) +{ + key_if_struct.key_init = key_init; + key_if_struct.get_ek_ring = get_ek_ring; + key_if_struct.key_shutdown = key_shutdown; + return &key_if_struct; +} + +static int32_t key_init(void) +{ + return CRYPTO_LIB_SUCCESS; +} + +static int32_t key_shutdown(void) +{ + return CRYPTO_LIB_SUCCESS; +} + +static crypto_key_t* get_ek_ring(void) +{ + fprintf(stderr, "Attempting to access key ring with KMC Crypto Service. This shouldn't happen!\n "); + return NULL; +} diff --git a/src/key/kmc_stub/key_interface_kmc_stub.template.c b/src/key/kmc_stub/key_interface_kmc_stub.template.c new file mode 100644 index 00000000..fd318910 --- /dev/null +++ b/src/key/kmc_stub/key_interface_kmc_stub.template.c @@ -0,0 +1,29 @@ +/* Copyright (C) 2009 - 2022 National Aeronautics and Space Administration. + All Foreign Rights are Reserved to the U.S. Government. + + This software is provided "as is" without any warranty of any kind, either expressed, implied, or statutory, + including, but not limited to, any warranty that the software will conform to specifications, any implied warranties + of merchantability, fitness for a particular purpose, and freedom from infringement, and any warranty that the + documentation will conform to the program, or any warranty that the software will be error free. + + In no event shall NASA be liable for any damages, including, but not limited to direct, indirect, special or + consequential damages, arising out of, resulting from, or in any way connected with the software or its + documentation, whether or not based upon warranty, contract, tort or otherwise, and whether or not loss was sustained + from, or arose out of the results of, or use of, the software, documentation or services provided hereunder. + + ITC Team + NASA IV&V + jstar-development-team@mail.nasa.gov +*/ + +#include "key_interface.h" + +/* Variables */ +static KeyInterfaceStruct key_if_struct; + +/* Functions */ +KeyInterface get_key_interface_kmc(void) +{ + fprintf(stderr,"ERROR: Loading KMC key interface stub source code. Rebuild CryptoLib with -DKEY_KMC=ON to use implementation.\n"); + return &key_if_struct; +} diff --git a/test/kmc/ut_kmc_crypto.c b/test/kmc/ut_kmc_crypto.c index b3f7eccd..3655609e 100644 --- a/test/kmc/ut_kmc_crypto.c +++ b/test/kmc/ut_kmc_crypto.c @@ -45,7 +45,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -94,7 +94,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) //UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_ONLY) //{ // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("sadb_user", "sadb_password", "localhost","sadb", 3306, CRYPTO_FALSE, NULL, NULL, NULL, NULL, 0, NULL); @@ -144,7 +144,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -196,7 +196,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -255,7 +255,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) //UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_ONLY) //{ // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("sadb_user", "sadb_password", "localhost","sadb", 3306, CRYPTO_FALSE, NULL, NULL, NULL, NULL, 0, NULL); @@ -315,7 +315,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -376,7 +376,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -425,7 +425,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -483,7 +483,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // UTEST(KMC_CRYPTO, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -533,7 +533,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // UTEST(KMC_CRYPTO, UNHAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_32BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); diff --git a/test/kmc/ut_kmc_crypto_auth_only.c b/test/kmc/ut_kmc_crypto_auth_only.c index 8faf8d98..f9d35260 100644 --- a/test/kmc/ut_kmc_crypto_auth_only.c +++ b/test/kmc/ut_kmc_crypto_auth_only.c @@ -45,7 +45,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -94,7 +94,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_CMAC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -151,7 +151,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_CMAC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_LARGE_FRM_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -197,7 +197,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_LARGE_FRM_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC256_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -247,7 +247,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC256_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC256_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -302,7 +302,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC256_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -351,7 +351,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC512_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -407,7 +407,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC512_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -457,7 +457,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); diff --git a/test/kmc/ut_kmc_crypto_cam.c b/test/kmc/ut_kmc_crypto_cam.c index 81097991..fb2e8f70 100644 --- a/test/kmc/ut_kmc_crypto_cam.c +++ b/test/kmc/ut_kmc_crypto_cam.c @@ -33,7 +33,7 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS_KEYTAB_FILE) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -92,7 +92,7 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS_KEYTAB_FILE) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -154,7 +154,7 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -215,7 +215,7 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -277,7 +277,7 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -348,7 +348,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -419,7 +419,7 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -475,7 +475,7 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -540,7 +540,7 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -597,7 +597,7 @@ UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8 UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_32BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", diff --git a/test/kmc/ut_kmc_crypto_with_mtls_sadb.c b/test/kmc/ut_kmc_crypto_with_mtls_sadb.c index fde8daf6..36325fb6 100644 --- a/test/kmc/ut_kmc_crypto_with_mtls_sadb.c +++ b/test/kmc/ut_kmc_crypto_with_mtls_sadb.c @@ -44,7 +44,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_MTLS) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -93,7 +93,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_MTLS) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_TLS) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -141,7 +141,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_TLS) UTEST(KMC_CRYPTO, SADB_BAD_USER_NAME) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "bad_user_name", NULL); @@ -160,7 +160,7 @@ UTEST(KMC_CRYPTO, SADB_BAD_USER_NAME) UTEST(KMC_CRYPTO, SADB_BAD_PASSWORD) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", "bad_password"); diff --git a/test/kmc/ut_mariadb.c b/test/kmc/ut_mariadb.c index c09bf8ec..29daa895 100644 --- a/test/kmc/ut_mariadb.c +++ b/test/kmc/ut_mariadb.c @@ -93,7 +93,7 @@ UTEST(MARIA_DB, DB_CONNECT) ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -131,7 +131,7 @@ UTEST(MARIA_DB, HAPPY_PATH_ENC) ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -182,7 +182,7 @@ UTEST(MARIA_DB, HAPPY_PATH_AUTH_ENC) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -242,7 +242,7 @@ UTEST(MARIA_DB, AUTH_DECRYPTION_TEST) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -294,7 +294,7 @@ UTEST(MARIA_DB, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -377,7 +377,7 @@ UTEST(MARIA_DB, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -461,7 +461,7 @@ UTEST(MARIA_DB, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -567,7 +567,7 @@ UTEST(MARIA_DB, BAD_SPACE_CRAFT_ID) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); diff --git a/test/kmc/ut_tc_kmc.c b/test/kmc/ut_tc_kmc.c index 31f4cfa1..b5597976 100644 --- a/test/kmc/ut_tc_kmc.c +++ b/test/kmc/ut_tc_kmc.c @@ -501,7 +501,7 @@ UTEST(TC_APPLY_SECURITY, ENC_GCM_KMC_NULL_IV) UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_MDB_KMC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -537,7 +537,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_MDB_KMC) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_1BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -584,7 +584,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_1BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_16BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -632,7 +632,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_16BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_MAX) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -677,7 +677,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_MAX) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_TOO_BIG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -723,7 +723,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_TOO_BIG) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -1027,7 +1027,7 @@ UTEST(TC_PROCESS, DECRYPT_GCM_KMC_NULL_IV) **/ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_MDB_KMC) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -1075,7 +1075,7 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_MDB_KMC) **/ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_1B) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -1121,7 +1121,7 @@ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_1B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_16B) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -1168,7 +1168,7 @@ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_16B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_NULL_IV) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); diff --git a/test/performance/pt_auth_as.c b/test/performance/pt_auth_as.c index 1d929648..9049519a 100644 --- a/test/performance/pt_auth_as.c +++ b/test/performance/pt_auth_as.c @@ -105,7 +105,7 @@ double Apply_Security_Loop(uint8_t *frame, int frame_length, uint8_t *enc_frame, UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -153,7 +153,7 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -201,7 +201,7 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_100) UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -248,7 +248,7 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_100) UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -290,7 +290,7 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_100) UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -338,7 +338,7 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -386,7 +386,7 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_100) UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -433,7 +433,7 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_100) UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -475,7 +475,7 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_100) UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -523,7 +523,7 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -571,7 +571,7 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_100) UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -618,7 +618,7 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_100) UTEST(PERFORMANCE, MDB_KMC_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -660,7 +660,7 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_LONG_100) UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -708,7 +708,7 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -756,7 +756,7 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_1K) UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -803,7 +803,7 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_1K) UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -845,7 +845,7 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_1K) UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -893,7 +893,7 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -941,7 +941,7 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_1K) UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -988,7 +988,7 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_1K) UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -1030,7 +1030,7 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_1K) UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -1078,7 +1078,7 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -1126,7 +1126,7 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_1K) UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -1173,7 +1173,7 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_1K) UTEST(PERFORMANCE, MDB_KMC_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); diff --git a/test/performance/pt_auth_enc_as.c b/test/performance/pt_auth_enc_as.c index 3fb568e7..75f9ecac 100644 --- a/test/performance/pt_auth_enc_as.c +++ b/test/performance/pt_auth_enc_as.c @@ -148,7 +148,7 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -186,7 +186,7 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) UTEST(PERFORMANCE, LSA_KMC_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -223,7 +223,7 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_100) UTEST(PERFORMANCE, MDB_KMC_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -305,7 +305,7 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_100) UTEST(PERFORMANCE, MDB_LIBG_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -343,7 +343,7 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_100) UTEST(PERFORMANCE, LSA_KMC_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -379,7 +379,7 @@ UTEST(PERFORMANCE, LSA_KMC_MED_100) UTEST(PERFORMANCE, MDB_KMC_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -463,7 +463,7 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -500,7 +500,7 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_100) UTEST(PERFORMANCE, LSA_KMC_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -539,7 +539,7 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_100) UTEST(PERFORMANCE, MDB_KMC_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -624,7 +624,7 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_1000) UTEST(PERFORMANCE, MDB_LIBG_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -662,7 +662,7 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_1000) UTEST(PERFORMANCE, LSA_KMC_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -699,7 +699,7 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_1000) UTEST(PERFORMANCE, MDB_KMC_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -781,7 +781,7 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_1000) UTEST(PERFORMANCE, MDB_LIBG_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -819,7 +819,7 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_1000) UTEST(PERFORMANCE, LSA_KMC_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -855,7 +855,7 @@ UTEST(PERFORMANCE, LSA_KMC_MED_1000) UTEST(PERFORMANCE, MDB_KMC_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -939,7 +939,7 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_1000) UTEST(PERFORMANCE, MDB_LIBG_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -976,7 +976,7 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_1000) UTEST(PERFORMANCE, LSA_KMC_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -1016,7 +1016,7 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_1000) UTEST(PERFORMANCE, MDB_KMC_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); diff --git a/test/performance/pt_auth_enc_ps.c b/test/performance/pt_auth_enc_ps.c index ded652bf..6699b4a5 100644 --- a/test/performance/pt_auth_enc_ps.c +++ b/test/performance/pt_auth_enc_ps.c @@ -105,7 +105,7 @@ double Process_Security_Loop(char *data_b, int* data_l, TC_t* processed_frame, i UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -149,7 +149,7 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -181,7 +181,7 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) UTEST(PERFORMANCE, LSA_KMC_SHORT_100) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -225,7 +225,7 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_100) UTEST(PERFORMANCE, MDB_KMC_SHORT_100) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -262,7 +262,7 @@ UTEST(PERFORMANCE, MDB_KMC_SHORT_100) UTEST(PERFORMANCE, LSA_LIBG_MED_100) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -306,7 +306,7 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_100) UTEST(PERFORMANCE, MDB_LIBG_MED_100) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -340,7 +340,7 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_100) UTEST(PERFORMANCE, LSA_KMC_MED_100) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -384,7 +384,7 @@ UTEST(PERFORMANCE, LSA_KMC_MED_100) UTEST(PERFORMANCE, MDB_KMC_MED_100) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -421,7 +421,7 @@ UTEST(PERFORMANCE, MDB_KMC_MED_100) UTEST(PERFORMANCE, LSA_LIBG_LONG_100) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -465,7 +465,7 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_LONG_100) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -499,7 +499,7 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_100) UTEST(PERFORMANCE, LSA_KMC_LONG_100) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -543,7 +543,7 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_100) UTEST(PERFORMANCE, MDB_KMC_LONG_100) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -580,7 +580,7 @@ UTEST(PERFORMANCE, MDB_KMC_LONG_100) UTEST(PERFORMANCE, LSA_LIBG_SHORT_1K) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -624,7 +624,7 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_1K) UTEST(PERFORMANCE, MDB_LIBG_SHORT_1K) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -656,7 +656,7 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_1K) UTEST(PERFORMANCE, LSA_KMC_SHORT_1K) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -700,7 +700,7 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_1K) UTEST(PERFORMANCE, MDB_KMC_SHORT_1K) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -737,7 +737,7 @@ UTEST(PERFORMANCE, MDB_KMC_SHORT_1K) UTEST(PERFORMANCE, LSA_LIBG_MED_1K) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -781,7 +781,7 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_1K) UTEST(PERFORMANCE, MDB_LIBG_MED_1K) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -815,7 +815,7 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_1K) UTEST(PERFORMANCE, LSA_KMC_MED_1K) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -859,7 +859,7 @@ UTEST(PERFORMANCE, LSA_KMC_MED_1K) UTEST(PERFORMANCE, MDB_KMC_MED_1K) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -896,7 +896,7 @@ UTEST(PERFORMANCE, MDB_KMC_MED_1K) UTEST(PERFORMANCE, LSA_LIBG_LONG_1K) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -940,7 +940,7 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_1K) UTEST(PERFORMANCE, MDB_LIBG_LONG_1K) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -974,7 +974,7 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_1K) UTEST(PERFORMANCE, LSA_KMC_LONG_1K) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -1017,7 +1017,7 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_1K) UTEST(PERFORMANCE, MDB_KMC_LONG_1K) { - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); diff --git a/test/unit/et_dt_validation.c b/test/unit/et_dt_validation.c index 613a5b8d..280402dd 100644 --- a/test/unit/et_dt_validation.c +++ b/test/unit/et_dt_validation.c @@ -330,14 +330,14 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib // Crypto_Init_TC_Unit_Test(); - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -404,14 +404,14 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -483,14 +483,14 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "e9ccd6eef27f740d1d5c70b187734e11e76a8ac0ad1702ff02180c5c1c9e5399"; @@ -554,14 +554,14 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "e9ccd6eef27f740d1d5c70b187734e11e76a8ac0ad1702ff02180c5c1c9e5399"; @@ -631,14 +631,14 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -703,14 +703,14 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -778,14 +778,14 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -850,14 +850,14 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -925,14 +925,14 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -997,14 +997,14 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1083,14 +1083,14 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1170,14 +1170,14 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1252,14 +1252,14 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) { // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; @@ -1376,14 +1376,14 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_DATA) { // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; @@ -1477,14 +1477,14 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_MAC) { // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; @@ -1579,14 +1579,14 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1671,14 +1671,14 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1760,14 +1760,14 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) { uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1856,14 +1856,14 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) { uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1949,14 +1949,14 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2039,14 +2039,14 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2128,14 +2128,14 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) uint16_t enc_frame_len = 0; int32_t status; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2221,14 +2221,14 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) uint16_t enc_frame_len = 0; int32_t status; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2313,14 +2313,14 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2406,14 +2406,14 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2496,14 +2496,14 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) { int32_t status = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2586,14 +2586,14 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) { int32_t status = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2678,7 +2678,7 @@ UTEST(PLAINTEXT, ENCRYPT_DECRYPT) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_TRUE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2715,14 +2715,14 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_SHORT_KEY) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2796,14 +2796,14 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_SHORT_KEY) int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 90bb51b5..81d7666a 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -53,7 +53,7 @@ UTEST(CRYPTO_C, CALC_CRC16) UTEST(CRYPTO_C, BAD_CC_FLAG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -86,7 +86,7 @@ UTEST(CRYPTO_C, PDU_SWITCH) { int32_t status = CRYPTO_LIB_ERROR; - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -273,7 +273,7 @@ UTEST(INVALID_SA_CONFIGS, INVALID_IV_ARSN) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_TRUE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_mysql_m_tls_connection.c b/test/unit/ut_mysql_m_tls_connection.c index 824f67b2..812c3bb0 100644 --- a/test/unit/ut_mysql_m_tls_connection.c +++ b/test/unit/ut_mysql_m_tls_connection.c @@ -129,7 +129,7 @@ UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) { int32_t Crypto_Init_TC_Unit_Test_For_DB(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_mysql_tls_connection.c b/test/unit/ut_mysql_tls_connection.c index 3d27e75e..c72e2795 100644 --- a/test/unit/ut_mysql_tls_connection.c +++ b/test/unit/ut_mysql_tls_connection.c @@ -113,7 +113,7 @@ UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) { int32_t Crypto_Init_TC_Unit_Test_For_DB(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_sadb_err_cases_kmc_crypto.c b/test/unit/ut_sadb_err_cases_kmc_crypto.c index 169bcc33..6adc5dda 100644 --- a/test/unit/ut_sadb_err_cases_kmc_crypto.c +++ b/test/unit/ut_sadb_err_cases_kmc_crypto.c @@ -45,7 +45,7 @@ UTEST(KMC_CRYPTO, ONLY_KEYED_SA_AVAILABLE_FOR_GVCID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -96,7 +96,7 @@ UTEST(KMC_CRYPTO, ONLY_KEYED_SA_AVAILABLE_FOR_GVCID) UTEST(KMC_CRYPTO, ONLY_UNKEYED_SA_AVAILABLE_FOR_GVCID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -147,7 +147,7 @@ UTEST(KMC_CRYPTO, ONLY_UNKEYED_SA_AVAILABLE_FOR_GVCID) UTEST(KMC_CRYPTO, NULL_EKID_BLANK_ECS_ERROR) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -198,7 +198,7 @@ UTEST(KMC_CRYPTO, NULL_EKID_BLANK_ECS_ERROR) UTEST(KMC_CRYPTO, INVALID_ABM_LENGTH_FOR_FRAME_WITH_SEG_HEADERS) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); diff --git a/test/unit/ut_tc_apply.c b/test/unit/ut_tc_apply.c index 0130f123..67bf2a03 100644 --- a/test/unit/ut_tc_apply.c +++ b/test/unit/ut_tc_apply.c @@ -38,7 +38,7 @@ UTEST(TC_APPLY_SECURITY, NO_CRYPTO_INIT) int raw_tc_sdls_ping_len = 0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -300,7 +300,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_IV_ROLLOVE UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -379,7 +379,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -484,7 +484,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLO UTEST(TC_APPLY_SECURITY, BAD_SPACE_CRAFT_ID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -515,7 +515,7 @@ UTEST(TC_APPLY_SECURITY, BAD_SPACE_CRAFT_ID) UTEST(TC_APPLY_SECURITY, BAD_VIRTUAL_CHANNEL_ID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -547,7 +547,7 @@ UTEST(TC_APPLY_SECURITY, BAD_VIRTUAL_CHANNEL_ID) UTEST(TC_APPLY_SECURITY, NULL_BUFFER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -582,7 +582,7 @@ UTEST(TC_APPLY_SECURITY, INVALID_FRAME_SIZE) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -629,7 +629,7 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -662,7 +662,7 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENG uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -695,7 +695,7 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENG UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -756,7 +756,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_16BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -819,7 +819,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_16BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_MAX) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -866,7 +866,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_MAX) UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_TOO_BIG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -909,7 +909,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_TOO_BIG) UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP_1) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -981,7 +981,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP_1) UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -1051,7 +1051,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index f548d306..95aba912 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -34,14 +34,14 @@ UTEST(TC_PROCESS, EXERCISE_IV) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); int status = 0; // NIST supplied vectors @@ -149,14 +149,14 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); int status = 0; // NIST supplied vectors @@ -279,7 +279,7 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -389,7 +389,7 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -506,7 +506,7 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -614,7 +614,7 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) { int32_t status = CRYPTO_LIB_SUCCESS; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -655,7 +655,7 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENGTH_HEAD { int32_t status = CRYPTO_LIB_SUCCESS; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -694,7 +694,7 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENGTH_HEAD UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -755,7 +755,7 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC) **/ UTEST(TC_PROCESS, DECRYPT_CBC_1B) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -818,7 +818,7 @@ UTEST(TC_PROCESS, DECRYPT_CBC_1B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_16B) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -883,14 +883,14 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); int status = 0; // NIST supplied vectors diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index cc5b3254..94be1ff6 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -43,7 +43,7 @@ UTEST(TM_APPLY_SECURITY, NO_CRYPTO_INIT) hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_HAS_SECONDARY_HDR , 1786); @@ -191,7 +191,7 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_NO_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -397,7 +397,7 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -490,7 +490,7 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -583,7 +583,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -675,7 +675,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -767,14 +767,14 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); status = Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // Test frame setup char* framed_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB00000000000000000000000000000000415B"; char* framed_tm_b = NULL; @@ -863,14 +863,14 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); status = Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // Test frame setup char* framed_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB00000000000000000000000000000000415B"; char* framed_tm_b = NULL; diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 10e0a346..77612aaa 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -42,7 +42,7 @@ UTEST(TM_PROCESS_SECURITY, NO_CRYPTO_INIT) char* framed_tm_b = NULL; hex_conversion(framed_tm_h, &framed_tm_b, (int *)&framed_tm_len); - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_HAS_SECONDARY_HDR , 1786); @@ -287,7 +287,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -383,7 +383,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -479,7 +479,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -574,7 +574,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -669,14 +669,14 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); status = Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // Test frame setup char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB554bac80d1fdcff21fd6996bf1d91327bff1"; char* framed_tm_b = NULL; @@ -768,14 +768,14 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); status = Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + crypto_key_t* ek_ring = key_if->get_ek_ring(); // Test frame setup char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB9933b46131d0ff5f4b0ab4295ca3ae9df6c2"; char* framed_tm_b = NULL; From bac16745cf16475ffae4ef1480eb39c74d5f2ee3 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Tue, 30 May 2023 19:25:27 -0400 Subject: [PATCH 31/46] [nasa/cryptolib#145] Cmake update to run tests from build directory instead of source; --- test/CMakeLists.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index fb03f36a..bad9ef1d 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -15,7 +15,7 @@ # NASA IV&V # jstar-development-team@mail.nasa.gov -set(PROJECT_TEST_DIR ${CMAKE_CURRENT_SOURCE_DIR}) +set(PROJECT_TEST_DIR ${CMAKE_BINARY_DIR}) # add_test(NAME Process_Security # COMMAND ${PROJECT_BINARY_DIR}/bin/process_security tc ${PROJECT_TEST_DIR}/data/tc4.1.dat From e0b8ff4dc4e2b3f74c5059805135d70c29dd9b59 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Tue, 30 May 2023 22:02:01 -0400 Subject: [PATCH 32/46] [nasa/cryptolib#159] Building but tests failing; --- src/core/crypto_config.c | 7 +++ src/core/crypto_tc.c | 20 ++++--- src/core/crypto_tm.c | 14 +++-- ...ryptography_interface_libgcrypt.template.c | 7 +++ test/kmc/ut_mariadb.c | 16 ++--- test/performance/pt_auth_as.c | 12 ++-- test/performance/pt_auth_enc_as.c | 12 ++-- test/performance/pt_auth_enc_ps.c | 12 ++-- test/unit/et_dt_validation.c | 60 +++++++++---------- test/unit/ut_crypto.c | 6 +- test/unit/ut_crypto_config.c | 5 ++ test/unit/ut_mysql_m_tls_connection.c | 2 +- test/unit/ut_mysql_tls_connection.c | 2 +- test/unit/ut_tc_apply.c | 32 +++++----- test/unit/ut_tc_process.c | 22 +++---- test/unit/ut_tm_apply.c | 16 ++--- test/unit/ut_tm_process.c | 14 ++--- 17 files changed, 145 insertions(+), 114 deletions(-) diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 5a088c86..9864fc58 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -137,6 +137,8 @@ int32_t Crypto_Init(void) { key_if = get_key_interface_kmc(); } + key_if->key_init(); + // TODO: Check and return status on error /* SA Interface */ // Prepare SADB type from config @@ -245,6 +247,11 @@ int32_t Crypto_Shutdown(void) gvcid_managed_parameters = NULL; } + if(key_if != NULL) + { + key_if->key_shutdown(); + } + if (sadb_routine != NULL) { sadb_routine->sadb_close(); diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 6c243d51..fc7bcfc8 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -551,6 +551,9 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in index -= tf_payload_len; tf_payload_len += pkcs_padding; + /* Get Key Ring */ + crypto_key_t* local_key_ring_ptr = (crypto_key_t*) key_if->get_ek_ring; + /* ** Begin Authentication / Encryption */ @@ -600,7 +603,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in //&p_new_enc_frame[index], // length of data (uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input (size_t)tf_payload_len, // in data length - NULL, // Using SA key reference, key is null + &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), // Length of key derived from sa_ptr key_ref sa_ptr, // SA (for key reference) sa_ptr->iv, // IV @@ -628,7 +631,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in //(uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input (size_t)tf_payload_len, // in data length //new_frame_length, - NULL, // Using SA key reference, key is null + &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), // Length of key derived from sa_ptr key_ref sa_ptr, // SA (for key reference) sa_ptr->iv, // IV @@ -636,7 +639,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in sa_ptr->ecs, // encryption cipher pkcs_padding, cam_cookies - ); + ); } if (sa_service_type == SA_AUTHENTICATION) @@ -645,7 +648,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in (size_t)tf_payload_len, // length of data (uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input (size_t)tf_payload_len, // in data length - NULL, // Using SA key reference, key is null + &(local_key_ring_ptr[sa_ptr->akid].value[0]), // Key Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), sa_ptr, // SA (for key reference) sa_ptr->iv, // IV @@ -1063,6 +1066,9 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc #ifdef DEBUG printf(KYEL "TC PDU Calculated Length: %d \n" RESET, tc_sdls_processed_frame->tc_pdu_len); #endif + + /* Get Key Ring */ + crypto_key_t* local_key_ring_ptr = (crypto_key_t*) key_if->get_ek_ring; if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) { @@ -1070,7 +1076,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length - NULL, // Key + &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV @@ -1096,7 +1102,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length - NULL, // Key + &(local_key_ring_ptr[sa_ptr->akid].value[0]), // Key Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV @@ -1116,7 +1122,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length - NULL, // Key + &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index b98d07fd..96abb871 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -335,6 +335,9 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) } #endif + /* Get Key Ring */ + crypto_key_t* local_key_ring_ptr = (crypto_key_t*) key_if->get_ek_ring; + /* ** Begin Authentication / Encryption */ @@ -384,7 +387,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) (size_t) 0, // length of data (uint8_t*)(&tm_frame[0]), // plaintext input (size_t)0, // in data length - from start of frame to end of data - NULL, // Using SA key reference, key is null + &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), sa_ptr, // SA (for key reference) sa_ptr->iv, // IV @@ -651,7 +654,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) (size_t)pdu_len, // length of data &(tempTM[pdu_loc]), // plaintext input (size_t)pdu_len, // in data length - NULL, // Key is mapped via SA + &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key KEY_SIZE, sa_ptr, sa_ptr->iv, @@ -1009,6 +1012,9 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in // this will be over-written by decryption functions if necessary, // but not by authentication which requires + /* Get Key Ring */ + crypto_key_t* local_key_ring_ptr = (crypto_key_t*) key_if->get_ek_ring; + /* ** Begin Authentication / Encryption */ @@ -1044,7 +1050,7 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in pdu_len, // length of data p_ingest+byte_idx, // ciphertext input pdu_len, // in data length - NULL, // Key + &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), sa_ptr, // SA for key reference p_ingest+iv_loc, // IV @@ -1063,7 +1069,7 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in // (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data // &(ingest[tc_enc_payload_start_index]), // ciphertext input // (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length - // NULL, // Key + // &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key // Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), // sa_ptr, // SA for key reference // tc_sdls_processed_frame->tc_sec_header.iv, // IV diff --git a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c index 22701933..ff2fc417 100644 --- a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c +++ b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c @@ -135,6 +135,7 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, int32_t status = CRYPTO_LIB_SUCCESS; uint8_t* key_ptr = key; + sa_ptr = sa_ptr; // Unused in this implementation /* if(sa_ptr != NULL) //Using SA key pointer { @@ -259,6 +260,8 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le uint8_t* key_ptr = key; size_t len_in = len_data_in; // Unused len_in = len_in; + + sa_ptr = sa_ptr; // Unused in this implementation /* if(sa_ptr != NULL) //Using SA key pointer { @@ -423,6 +426,7 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, padding = padding; cam_cookies = cam_cookies; + sa_ptr = sa_ptr; // Unused in this implementation /* if(sa_ptr != NULL) //Using SA key pointer { @@ -561,6 +565,7 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, acs = acs; cam_cookies = cam_cookies; + sa_ptr = sa_ptr; // Unused in this implementation /* if(sa_ptr != NULL) //Using SA key pointer { @@ -755,6 +760,7 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, acs = acs; cam_cookies = cam_cookies; + sa_ptr = sa_ptr; // Unused in this implementation /* if(sa_ptr != NULL) //Using SA key pointer { @@ -857,6 +863,7 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, acs = acs; cam_cookies = cam_cookies; + sa_ptr = sa_ptr; // Unused in this implementation /* if(sa_ptr != NULL) //Using SA key pointer { diff --git a/test/kmc/ut_mariadb.c b/test/kmc/ut_mariadb.c index 29daa895..d99ec163 100644 --- a/test/kmc/ut_mariadb.c +++ b/test/kmc/ut_mariadb.c @@ -93,7 +93,7 @@ UTEST(MARIA_DB, DB_CONNECT) ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -131,7 +131,7 @@ UTEST(MARIA_DB, HAPPY_PATH_ENC) ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -182,7 +182,7 @@ UTEST(MARIA_DB, HAPPY_PATH_AUTH_ENC) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -242,7 +242,7 @@ UTEST(MARIA_DB, AUTH_DECRYPTION_TEST) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -294,7 +294,7 @@ UTEST(MARIA_DB, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -377,7 +377,7 @@ UTEST(MARIA_DB, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -461,7 +461,7 @@ UTEST(MARIA_DB, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -567,7 +567,7 @@ UTEST(MARIA_DB, BAD_SPACE_CRAFT_ID) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); diff --git a/test/performance/pt_auth_as.c b/test/performance/pt_auth_as.c index 9049519a..42f04c25 100644 --- a/test/performance/pt_auth_as.c +++ b/test/performance/pt_auth_as.c @@ -153,7 +153,7 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -338,7 +338,7 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -523,7 +523,7 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -708,7 +708,7 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -893,7 +893,7 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -1078,7 +1078,7 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); diff --git a/test/performance/pt_auth_enc_as.c b/test/performance/pt_auth_enc_as.c index 75f9ecac..cf4a9d7e 100644 --- a/test/performance/pt_auth_enc_as.c +++ b/test/performance/pt_auth_enc_as.c @@ -148,7 +148,7 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -305,7 +305,7 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_100) UTEST(PERFORMANCE, MDB_LIBG_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -463,7 +463,7 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -624,7 +624,7 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_1000) UTEST(PERFORMANCE, MDB_LIBG_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -781,7 +781,7 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_1000) UTEST(PERFORMANCE, MDB_LIBG_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -939,7 +939,7 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_1000) UTEST(PERFORMANCE, MDB_LIBG_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); diff --git a/test/performance/pt_auth_enc_ps.c b/test/performance/pt_auth_enc_ps.c index 6699b4a5..c38b4fd2 100644 --- a/test/performance/pt_auth_enc_ps.c +++ b/test/performance/pt_auth_enc_ps.c @@ -149,7 +149,7 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -306,7 +306,7 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_100) UTEST(PERFORMANCE, MDB_LIBG_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -465,7 +465,7 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -624,7 +624,7 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_1K) UTEST(PERFORMANCE, MDB_LIBG_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -781,7 +781,7 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_1K) UTEST(PERFORMANCE, MDB_LIBG_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -940,7 +940,7 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_1K) UTEST(PERFORMANCE, MDB_LIBG_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); diff --git a/test/unit/et_dt_validation.c b/test/unit/et_dt_validation.c index 280402dd..31ed891f 100644 --- a/test/unit/et_dt_validation.c +++ b/test/unit/et_dt_validation.c @@ -330,7 +330,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib // Crypto_Init_TC_Unit_Test(); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -404,7 +404,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -483,7 +483,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -554,7 +554,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -631,7 +631,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -703,7 +703,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -778,7 +778,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -850,7 +850,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -925,7 +925,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -997,7 +997,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1083,7 +1083,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1170,7 +1170,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1252,7 +1252,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) { // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1376,7 +1376,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_DATA) { // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1477,7 +1477,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_MAC) { // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1579,7 +1579,7 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1671,7 +1671,7 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1760,7 +1760,7 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) { uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1856,7 +1856,7 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) { uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1949,7 +1949,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2039,7 +2039,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2128,7 +2128,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) uint16_t enc_frame_len = 0; int32_t status; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2221,7 +2221,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) uint16_t enc_frame_len = 0; int32_t status; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2313,7 +2313,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2406,7 +2406,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2496,7 +2496,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) { int32_t status = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2586,7 +2586,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) { int32_t status = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2678,7 +2678,7 @@ UTEST(PLAINTEXT, ENCRYPT_DECRYPT) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_TRUE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2715,7 +2715,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_SHORT_KEY) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2796,7 +2796,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_SHORT_KEY) int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 81d7666a..82ff100d 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -53,7 +53,7 @@ UTEST(CRYPTO_C, CALC_CRC16) UTEST(CRYPTO_C, BAD_CC_FLAG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -86,7 +86,7 @@ UTEST(CRYPTO_C, PDU_SWITCH) { int32_t status = CRYPTO_LIB_ERROR; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -273,7 +273,7 @@ UTEST(INVALID_SA_CONFIGS, INVALID_IV_ARSN) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_TRUE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_crypto_config.c b/test/unit/ut_crypto_config.c index 969ef9d6..c129bb63 100644 --- a/test/unit/ut_crypto_config.c +++ b/test/unit/ut_crypto_config.c @@ -63,6 +63,7 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_MARIADB_NULL) { int32_t status = CRYPTO_LIB_ERROR; CryptoConfig_t* crypto_config_p = malloc(sizeof(CryptoConfig_t) * sizeof(uint8_t)); + crypto_config_p->key_type=KEY_TYPE_INTERNAL; GvcidManagedParameters_t* gvcid_managed_paramenters_p = malloc(sizeof(GvcidManagedParameters_t)); gvcid_managed_paramenters_p->next = NULL; SadbMariaDBConfig_t* sadb_mariadb_config_p = NULL; @@ -83,6 +84,7 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_KMCCRYPTO_NULL) { int32_t status = CRYPTO_LIB_ERROR; CryptoConfig_t* crypto_config = malloc(sizeof(CryptoConfig_t) * sizeof(uint8_t)); + crypto_config->key_type=KEY_TYPE_INTERNAL; GvcidManagedParameters_t* gvcid_managed_paramenters_p = malloc(sizeof(GvcidManagedParameters_t)); gvcid_managed_paramenters_p->next = NULL; SadbMariaDBConfig_t* sadb_mariadb_config_p = malloc(sizeof(SadbMariaDBConfig_t) * sizeof(uint8_t)); @@ -105,6 +107,7 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_INVALID_INTERFACE) { int32_t status = CRYPTO_LIB_ERROR; CryptoConfig_t* crypto_config = malloc(sizeof(CryptoConfig_t) * sizeof(uint8_t)); + crypto_config->key_type=KEY_TYPE_INTERNAL; GvcidManagedParameters_t* gvcid_managed_paramenters_p = malloc(sizeof(GvcidManagedParameters_t)); gvcid_managed_paramenters_p->next = NULL; SadbMariaDBConfig_t* sadb_mariadb_config_p = malloc(sizeof(SadbMariaDBConfig_t) * sizeof(uint8_t)); @@ -127,6 +130,7 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_INVALID_SADB) { int32_t status = CRYPTO_LIB_ERROR; CryptoConfig_t* crypto_config_p = malloc(sizeof(CryptoConfig_t) * sizeof(uint8_t)); + crypto_config_p->key_type=KEY_TYPE_INTERNAL; GvcidManagedParameters_t* gvcid_managed_paramenters_p = malloc(sizeof(GvcidManagedParameters_t) * sizeof(uint8_t)); gvcid_managed_paramenters_p->next = NULL; SadbMariaDBConfig_t* sadb_mariadb_config_p = malloc(sizeof(SadbMariaDBConfig_t) * sizeof(uint8_t)); @@ -197,6 +201,7 @@ UTEST(CRYPTO_CONFIG, CRYPTO_INIT_KMC_OK) { int32_t status = CRYPTO_LIB_ERROR; CryptoConfig_t* crypto_config_p = malloc(sizeof(CryptoConfig_t) * sizeof(uint8_t)); + crypto_config_p->key_type=KEY_TYPE_INTERNAL; GvcidManagedParameters_t* gvcid_managed_paramenters_p = malloc(sizeof(GvcidManagedParameters_t) * sizeof(uint8_t)); SadbMariaDBConfig_t* sadb_mariadb_config_p = malloc(sizeof(SadbMariaDBConfig_t) * sizeof(uint8_t)); CryptographyKmcCryptoServiceConfig_t* cryptography_kmc_crypto_config_p = malloc(sizeof(CryptographyKmcCryptoServiceConfig_t) * sizeof(uint8_t)); diff --git a/test/unit/ut_mysql_m_tls_connection.c b/test/unit/ut_mysql_m_tls_connection.c index 812c3bb0..2b0ea864 100644 --- a/test/unit/ut_mysql_m_tls_connection.c +++ b/test/unit/ut_mysql_m_tls_connection.c @@ -129,7 +129,7 @@ UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) { int32_t Crypto_Init_TC_Unit_Test_For_DB(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_mysql_tls_connection.c b/test/unit/ut_mysql_tls_connection.c index c72e2795..e2ecd332 100644 --- a/test/unit/ut_mysql_tls_connection.c +++ b/test/unit/ut_mysql_tls_connection.c @@ -113,7 +113,7 @@ UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) { int32_t Crypto_Init_TC_Unit_Test_For_DB(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_tc_apply.c b/test/unit/ut_tc_apply.c index 67bf2a03..51cd5deb 100644 --- a/test/unit/ut_tc_apply.c +++ b/test/unit/ut_tc_apply.c @@ -38,7 +38,7 @@ UTEST(TC_APPLY_SECURITY, NO_CRYPTO_INIT) int raw_tc_sdls_ping_len = 0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -300,7 +300,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_IV_ROLLOVE UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -379,7 +379,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -484,7 +484,7 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLO UTEST(TC_APPLY_SECURITY, BAD_SPACE_CRAFT_ID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -515,7 +515,7 @@ UTEST(TC_APPLY_SECURITY, BAD_SPACE_CRAFT_ID) UTEST(TC_APPLY_SECURITY, BAD_VIRTUAL_CHANNEL_ID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -547,7 +547,7 @@ UTEST(TC_APPLY_SECURITY, BAD_VIRTUAL_CHANNEL_ID) UTEST(TC_APPLY_SECURITY, NULL_BUFFER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -582,7 +582,7 @@ UTEST(TC_APPLY_SECURITY, INVALID_FRAME_SIZE) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -629,7 +629,7 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -662,7 +662,7 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENG uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -695,7 +695,7 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENG UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -756,7 +756,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_16BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -819,7 +819,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_16BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_MAX) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -866,7 +866,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_MAX) UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_TOO_BIG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -909,7 +909,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_TOO_BIG) UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP_1) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -981,7 +981,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP_1) UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -1051,7 +1051,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index 95aba912..b0d3bc24 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -34,7 +34,7 @@ UTEST(TC_PROCESS, EXERCISE_IV) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -149,7 +149,7 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -279,7 +279,7 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -389,7 +389,7 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -506,7 +506,7 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -614,7 +614,7 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) { int32_t status = CRYPTO_LIB_SUCCESS; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -655,7 +655,7 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENGTH_HEAD { int32_t status = CRYPTO_LIB_SUCCESS; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -694,7 +694,7 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENGTH_HEAD UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -755,7 +755,7 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC) **/ UTEST(TC_PROCESS, DECRYPT_CBC_1B) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -818,7 +818,7 @@ UTEST(TC_PROCESS, DECRYPT_CBC_1B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_16B) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -883,7 +883,7 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index 94be1ff6..5ab72676 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -43,7 +43,7 @@ UTEST(TM_APPLY_SECURITY, NO_CRYPTO_INIT) hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_HAS_SECONDARY_HDR , 1786); @@ -191,7 +191,7 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_NO_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -397,7 +397,7 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -490,7 +490,7 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -583,7 +583,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -675,7 +675,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -767,7 +767,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -863,7 +863,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 77612aaa..176f909a 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -42,7 +42,7 @@ UTEST(TM_PROCESS_SECURITY, NO_CRYPTO_INIT) char* framed_tm_b = NULL; hex_conversion(framed_tm_h, &framed_tm_b, (int *)&framed_tm_len); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_HAS_SECONDARY_HDR , 1786); @@ -287,7 +287,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -383,7 +383,7 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -479,7 +479,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -574,7 +574,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -669,7 +669,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -768,7 +768,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); From 1e0e77f80db8856259cf3aff7fbf0f02597b2b75 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 31 May 2023 10:18:57 -0400 Subject: [PATCH 33/46] [nasa/cryptolib#159] Two tests still failing after moving error checking for KEY_LENGTH up to core level from crypto; --- src/core/crypto_tc.c | 46 +++++++++- src/core/crypto_tm.c | 20 ++++- ...ryptography_interface_libgcrypt.template.c | 85 +------------------ .../key_interface_internal.template.c | 4 + 4 files changed, 65 insertions(+), 90 deletions(-) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index fc7bcfc8..b2a7179d 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -552,7 +552,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in tf_payload_len += pkcs_padding; /* Get Key Ring */ - crypto_key_t* local_key_ring_ptr = (crypto_key_t*) key_if->get_ek_ring; + crypto_key_t* local_key_ring_ptr = key_if->get_ek_ring(); /* ** Begin Authentication / Encryption @@ -598,6 +598,13 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in if(ecs_is_aead_algorithm == CRYPTO_TRUE) { + // Check that key length to be used is atleast as long as the algo requirement + if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len > Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + { + free(aad); + return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; + } + status = cryptography_if->cryptography_aead_encrypt(&p_new_enc_frame[index], // ciphertext output (size_t)tf_payload_len, //&p_new_enc_frame[index], // length of data @@ -625,6 +632,13 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in // TODO - implement non-AEAD algorithm logic if (sa_service_type == SA_ENCRYPTION) { + // Check that key length to be used is atleast as long as the algo requirement + if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len > Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + { + free(aad); + return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; + } + status = cryptography_if->cryptography_encrypt(&p_new_enc_frame[index], // ciphertext output (size_t)tf_payload_len, &p_new_enc_frame[index], // length of data @@ -644,6 +658,13 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in if (sa_service_type == SA_AUTHENTICATION) { + // Check that key length to be used is atleast as long as the algo requirement + if((int32_t) local_key_ring_ptr[sa_ptr->akid].key_len > Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) + { + free(aad); + return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; + } + status = cryptography_if->cryptography_authenticate(&p_new_enc_frame[index], // ciphertext output (size_t)tf_payload_len, // length of data (uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input @@ -1068,10 +1089,17 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc #endif /* Get Key Ring */ - crypto_key_t* local_key_ring_ptr = (crypto_key_t*) key_if->get_ek_ring; + crypto_key_t* local_key_ring_ptr = key_if->get_ek_ring(); if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) { + // Check that key length to be used is atleast as long as the algo requirement + if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len > Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + { + free(aad); + return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; + } + status = cryptography_if->cryptography_aead_decrypt(tc_sdls_processed_frame->tc_pdu, // plaintext output (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data &(ingest[tc_enc_payload_start_index]), // ciphertext input @@ -1098,6 +1126,13 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc // TODO - implement non-AEAD algorithm logic if(sa_service_type == SA_AUTHENTICATION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { + // Check that key length to be used is atleast as long as the algo requirement + if((int32_t) local_key_ring_ptr[sa_ptr->akid].key_len > Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) + { + free(aad); + return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; + } + status = cryptography_if->cryptography_validate_authentication(tc_sdls_processed_frame->tc_pdu, // plaintext output (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data &(ingest[tc_enc_payload_start_index]), // ciphertext input @@ -1118,6 +1153,13 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc } if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { + // Check that key length to be used is atleast as long as the algo requirement + if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len > Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + { + free(aad); + return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; + } + status = cryptography_if->cryptography_decrypt(tc_sdls_processed_frame->tc_pdu, // plaintext output (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data &(ingest[tc_enc_payload_start_index]), // ciphertext input diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 96abb871..5824ee7b 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -336,7 +336,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) #endif /* Get Key Ring */ - crypto_key_t* local_key_ring_ptr = (crypto_key_t*) key_if->get_ek_ring; + crypto_key_t* local_key_ring_ptr = key_if->get_ek_ring(); /* ** Begin Authentication / Encryption @@ -387,7 +387,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) (size_t) 0, // length of data (uint8_t*)(&tm_frame[0]), // plaintext input (size_t)0, // in data length - from start of frame to end of data - &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key + &(local_key_ring_ptr[sa_ptr->akid].value[0]), // Key Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), sa_ptr, // SA (for key reference) sa_ptr->iv, // IV @@ -1013,7 +1013,7 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in // but not by authentication which requires /* Get Key Ring */ - crypto_key_t* local_key_ring_ptr = (crypto_key_t*) key_if->get_ek_ring; + crypto_key_t* local_key_ring_ptr = key_if->get_ek_ring(); /* ** Begin Authentication / Encryption @@ -1046,11 +1046,17 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in // Use ingest and abm to create aad Crypto_Prepare_TM_AAD(p_ingest, aad_len, sa_ptr->abm, &aad[0]); + // Check that key length to be used is atleast as long as the algo requirement + if((int32_t) local_key_ring_ptr[sa_ptr->akid].key_len > Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) + { + return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; + } + status = cryptography_if->cryptography_validate_authentication(p_new_dec_frame+byte_idx, // plaintext output pdu_len, // length of data p_ingest+byte_idx, // ciphertext input pdu_len, // in data length - &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key + &(local_key_ring_ptr[sa_ptr->akid].value[0]), // Key Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), sa_ptr, // SA for key reference p_ingest+iv_loc, // IV @@ -1065,6 +1071,12 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in } if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { + // Check that key length to be used is atleast as long as the algo requirement + //if((int32_t) local_key_ring_ptr[sa_ptr->akid].key_len > Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + //{ + // return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; + //} + // status = cryptography_if->cryptography_decrypt(tc_sdls_processed_frame->tc_pdu, // plaintext output // (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data // &(ingest[tc_enc_payload_start_index]), // ciphertext input diff --git a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c index ff2fc417..8df1b6e2 100644 --- a/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c +++ b/src/crypto/libgcrypt/cryptography_interface_libgcrypt.template.c @@ -136,12 +136,7 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, uint8_t* key_ptr = key; sa_ptr = sa_ptr; // Unused in this implementation - /* - if(sa_ptr != NULL) //Using SA key pointer - { - key_ptr = &(ek_ring[sa_ptr->akid].value[0]); - } - */ + // Need to copy the data over, since authentication won't change/move the data directly if(data_out != NULL) { @@ -163,14 +158,6 @@ static int32_t cryptography_authenticate(uint8_t* data_out, size_t len_data_out, return CRYPTO_LIB_ERR_UNSUPPORTED_ACS; } - // Check that key length to be used is atleast as long as the algo requirement - /* - if (sa_ptr != NULL && len_key > ek_ring[sa_ptr->akid].key_len) - { - return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; - } - */ - gcry_error = gcry_mac_open(&(tmp_mac_hd), algo, GCRY_MAC_FLAG_SECURE, NULL); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { @@ -262,12 +249,6 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le len_in = len_in; sa_ptr = sa_ptr; // Unused in this implementation - /* - if(sa_ptr != NULL) //Using SA key pointer - { - key_ptr = &(ek_ring[sa_ptr->akid].value[0]); - } - */ // Need to copy the data over, since authentication won't change/move the data directly // If you don't want data out, don't set a data out length @@ -290,14 +271,6 @@ static int32_t cryptography_validate_authentication(uint8_t* data_out, size_t le return CRYPTO_LIB_ERR_UNSUPPORTED_ACS; } - // Check that key length to be used is atleast as long as the algo requirement - /* - if (sa_ptr != NULL && len_key > ek_ring[sa_ptr->akid].key_len) - { - return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; - } - */ - gcry_error = gcry_mac_open(&(tmp_mac_hd), algo, GCRY_MAC_FLAG_SECURE, NULL); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { @@ -427,12 +400,6 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, cam_cookies = cam_cookies; sa_ptr = sa_ptr; // Unused in this implementation - /* - if(sa_ptr != NULL) //Using SA key pointer - { - key_ptr = &(ek_ring[sa_ptr->ekid].value[0]); - } - */ // Select correct libgcrypt algorith enum int32_t algo = -1; @@ -454,14 +421,6 @@ static int32_t cryptography_encrypt(uint8_t* data_out, size_t len_data_out, mode = cryptography_get_ecs_mode(*ecs); if (mode == CRYPTO_LIB_ERR_UNSUPPORTED_MODE) return CRYPTO_LIB_ERR_UNSUPPORTED_MODE; - // Check that key length to be used is atleast as long as the algo requirement - /* - if (sa_ptr != NULL && len_key > ek_ring[sa_ptr->ekid].key_len) - { - return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; - } - */ - gcry_error = gcry_cipher_open(&(tmp_hd), algo, mode, GCRY_CIPHER_NONE); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { @@ -566,12 +525,6 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, cam_cookies = cam_cookies; sa_ptr = sa_ptr; // Unused in this implementation - /* - if(sa_ptr != NULL) //Using SA key pointer - { - key_ptr = &(ek_ring[sa_ptr->ekid].value[0]); - } - */ // Select correct libgcrypt ecs enum int32_t algo = -1; @@ -592,14 +545,6 @@ static int32_t cryptography_aead_encrypt(uint8_t* data_out, size_t len_data_out, int32_t mode = -1; mode = cryptography_get_ecs_mode(*ecs); if (mode == CRYPTO_LIB_ERR_UNSUPPORTED_ECS_MODE) return CRYPTO_LIB_ERR_UNSUPPORTED_ECS_MODE; - - // Check that key length to be used is atleast as long as the algo requirement - /* - if (sa_ptr != NULL && len_key > ek_ring[sa_ptr->ekid].key_len) - { - return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; - } - */ // TODO: Get Flag Functionality if(mode == CRYPTO_CIPHER_AES256_CBC_MAC) @@ -761,12 +706,6 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, cam_cookies = cam_cookies; sa_ptr = sa_ptr; // Unused in this implementation - /* - if(sa_ptr != NULL) //Using SA key pointer - { - key_ptr = &(ek_ring[sa_ptr->ekid].value[0]); - } - */ // Select correct libgcrypt ecs enum int32_t algo = -1; @@ -788,14 +727,6 @@ static int32_t cryptography_decrypt(uint8_t* data_out, size_t len_data_out, mode = cryptography_get_ecs_mode(*ecs); if (mode == CRYPTO_LIB_ERR_UNSUPPORTED_MODE) return CRYPTO_LIB_ERR_UNSUPPORTED_MODE; - // Check that key length to be used is atleast as long as the algo requirement - /* - if (sa_ptr != NULL && len_key > ek_ring[sa_ptr->ekid].key_len) - { - return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; - } - */ - gcry_error = gcry_cipher_open(&(tmp_hd), algo, mode, GCRY_CIPHER_NONE); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { @@ -864,12 +795,6 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, cam_cookies = cam_cookies; sa_ptr = sa_ptr; // Unused in this implementation - /* - if(sa_ptr != NULL) //Using SA key pointer - { - key_ptr = &(ek_ring[sa_ptr->ekid].value[0]); - } - */ // Select correct libgcrypt ecs enum int32_t algo = -1; @@ -886,14 +811,6 @@ static int32_t cryptography_aead_decrypt(uint8_t* data_out, size_t len_data_out, return CRYPTO_LIB_ERR_NULL_ECS_PTR; } - // Check that key length to be used is atleast as long as the algo requirement - /* - if (sa_ptr != NULL && len_key > ek_ring[sa_ptr->ekid].key_len) - { - return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; - } - */ - gcry_error = gcry_cipher_open(&(tmp_hd), GCRY_CIPHER_AES256, GCRY_CIPHER_MODE_GCM, GCRY_CIPHER_NONE); if ((gcry_error & GPG_ERR_CODE_MASK) != GPG_ERR_NO_ERROR) { diff --git a/src/key/internal/key_interface_internal.template.c b/src/key/internal/key_interface_internal.template.c index 33dc26d3..63b9c61e 100644 --- a/src/key/internal/key_interface_internal.template.c +++ b/src/key/internal/key_interface_internal.template.c @@ -467,6 +467,10 @@ static int32_t key_init(void) ek_ring[136].key_len = 32; ek_ring[136].key_state = KEY_DEACTIVATED; + #ifdef DEBUG + printf(KGRN "Key internal interface intialized \n" RESET); + #endif + return status; } From 77363885ff77fc971abe7188a9aac764c3ae6a62 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 31 May 2023 18:59:49 -0400 Subject: [PATCH 34/46] [nasa/cryptolib#159] Updated ERR_KEY_LENGTH_ERROR to check for !=, all tests passing; --- src/core/crypto_tc.c | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index b2a7179d..2eb7b946 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -598,8 +598,8 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in if(ecs_is_aead_algorithm == CRYPTO_TRUE) { - // Check that key length to be used is atleast as long as the algo requirement - if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len > Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + // Check that key length to be used ets the algorithm requirement + if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len != Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) { free(aad); return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; @@ -632,8 +632,8 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in // TODO - implement non-AEAD algorithm logic if (sa_service_type == SA_ENCRYPTION) { - // Check that key length to be used is atleast as long as the algo requirement - if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len > Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + // Check that key length to be used ets the algorithm requirement + if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len != Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) { free(aad); return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; @@ -658,8 +658,8 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in if (sa_service_type == SA_AUTHENTICATION) { - // Check that key length to be used is atleast as long as the algo requirement - if((int32_t) local_key_ring_ptr[sa_ptr->akid].key_len > Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) + // Check that key length to be used ets the algorithm requirement + if((int32_t) local_key_ring_ptr[sa_ptr->akid].key_len != Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) { free(aad); return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; @@ -1093,8 +1093,8 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) { - // Check that key length to be used is atleast as long as the algo requirement - if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len > Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + // Check that key length to be used ets the algorithm requirement + if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len != Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) { free(aad); return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; @@ -1126,8 +1126,8 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc // TODO - implement non-AEAD algorithm logic if(sa_service_type == SA_AUTHENTICATION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { - // Check that key length to be used is atleast as long as the algo requirement - if((int32_t) local_key_ring_ptr[sa_ptr->akid].key_len > Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) + // Check that key length to be used ets the algorithm requirement + if((int32_t) local_key_ring_ptr[sa_ptr->akid].key_len != Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) { free(aad); return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; @@ -1153,8 +1153,8 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc } if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { - // Check that key length to be used is atleast as long as the algo requirement - if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len > Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + // Check that key length to be used ets the algorithm requirement + if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len != Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) { free(aad); return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; From 359f4828d435b1660fff47dde6dbe50ab8261bf4 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Tue, 13 Jun 2023 22:01:50 -0400 Subject: [PATCH 35/46] [nasa/cryptolib#159] Update key interface to get_key instead of get_ek_ring, tests failing again; --- include/crypto_error.h | 1 + include/key_interface.h | 2 +- src/core/crypto_key_mgmt.c | 99 +- src/core/crypto_tc.c | 59 +- src/core/crypto_tm.c | 44 +- src/core/crypto_user.c | 19 +- .../key_interface_internal.template.c | 858 +++++++++--------- src/key/kmc/key_interface_kmc.template.c | 21 +- test/unit/et_dt_validation.c | 157 ++-- test/unit/ut_tc_process.c | 15 +- test/unit/ut_tm_apply.c | 10 +- test/unit/ut_tm_process.c | 10 +- 12 files changed, 731 insertions(+), 564 deletions(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index 083e3fab..41817bc6 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -116,6 +116,7 @@ #define CRYPTO_LIB_ERR_UNSUPPORTED_MODE (-44) #define CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TM_STANDARD (-45) #define CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_TM_CONFIG (-46) +#define CRYPTO_LIB_ERR_KEY_ID_ERROR (-47) extern char *crypto_enum_errlist_core[]; extern char *crypto_enum_errlist_config[]; diff --git a/include/key_interface.h b/include/key_interface.h index 43ce1dae..2cd0af97 100644 --- a/include/key_interface.h +++ b/include/key_interface.h @@ -33,9 +33,9 @@ typedef struct typedef struct { /* Key Interface, SDLS */ + int32_t (*get_key)(uint32_t key_id, crypto_key_t* key_ptr); int32_t (*key_init)(void); int32_t (*key_shutdown)(void); - crypto_key_t* (*get_ek_ring)(void); /* Key Interface, SDLS-EP */ diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 63df952f..8b210be6 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -45,14 +45,8 @@ int32_t Crypto_Key_OTAR(void) int y; int32_t status = CRYPTO_LIB_SUCCESS; int pdu_keys = (sdls_frame.pdu.pdu_len - 30) / (2 + KEY_SIZE); - crypto_key_t* ek_ring = key_if->get_ek_ring(); int w; - - if ( ek_ring == NULL ) - { - status = CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; - return status; - } + crypto_key_t* ekp = NULL; // Master Key ID packet.mkid = (sdls_frame.pdu.data[0] << 8) | (sdls_frame.pdu.data[1]); @@ -89,12 +83,24 @@ int32_t Crypto_Key_OTAR(void) // printf("packet.mac[%d] = 0x%02x\n", w, packet.mac[w]); } + if (key_if != NULL) + { + status = CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; + return status; + } + + status = key_if->get_key(packet.mkid, ekp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } + uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; status = cryptography_if->cryptography_aead_decrypt(&(sdls_frame.pdu.data[14]), // plaintext output (size_t)(pdu_keys * (2 + KEY_SIZE)), // length of data NULL, // in place decryption 0, // in data length - &(ek_ring[packet.mkid].value[0]), //key + &(ekp->value[0]), //key KEY_SIZE, //key length NULL, //SA reference &(packet.iv[0]), //IV @@ -135,21 +141,27 @@ int32_t Crypto_Key_OTAR(void) } else { + status = key_if->get_key(packet.EKB[x].ekid, ekp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } + count = count + 2; for (y = count; y < (KEY_SIZE + count); y++) - { // Encrypted Key + { + // Encrypted Key packet.EKB[x].ek[y - count] = sdls_frame.pdu.data[y]; #ifdef SA_DEBUG printf("\t packet.EKB[%d].ek[%d] = 0x%02x\n", x, y - count, packet.EKB[x].ek[y - count]); #endif - // Setup Key Ring - ek_ring[packet.EKB[x].ekid].value[y - count] = sdls_frame.pdu.data[y]; + ekp->value[y - count] = sdls_frame.pdu.data[y]; } count = count + KEY_SIZE; // Set state to PREACTIVE - ek_ring[packet.EKB[x].ekid].key_state = KEY_PREACTIVE; + ekp->key_state = KEY_PREACTIVE; } } @@ -179,13 +191,16 @@ int32_t Crypto_Key_update(uint8_t state) SDLS_KEY_BLK_t packet; int count = 0; int pdu_keys = sdls_frame.pdu.pdu_len / 2; - crypto_key_t* ek_ring = key_if->get_ek_ring(); + int32_t status; + crypto_key_t* ekp = NULL; int x; - if ( ek_ring == NULL ) + if (key_if == NULL) { - return CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; + status = CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; + return status; } + #ifdef PDU_DEBUG printf("Keys "); #endif @@ -250,9 +265,15 @@ int32_t Crypto_Key_update(uint8_t state) // TODO: Exit } - if (ek_ring[packet.kblk[x].kid].key_state == (state - 1)) + status = key_if->get_key(packet.kblk[x].kid, ekp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } + + if (ekp->key_state == (state - 1)) { - ek_ring[packet.kblk[x].kid].key_state = state; + ekp->key_state = state; #ifdef PDU_DEBUG // printf("Key ID %d state changed to ", packet.kblk[x].kid); #endif @@ -287,12 +308,14 @@ int32_t Crypto_Key_inventory(uint8_t* ingest) SDLS_KEY_INVENTORY_t packet; int count = 0; uint16_t range = 0; - crypto_key_t* ek_ring = key_if->get_ek_ring(); + int32_t status; + crypto_key_t* ekp = NULL; uint16_t x; - if ( ek_ring == NULL || ingest == NULL) + if ((key_if == NULL) || (ingest == NULL)) { - return CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; + status = CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; + return status; } // Read in PDU @@ -309,11 +332,18 @@ int32_t Crypto_Key_inventory(uint8_t* ingest) ingest[count++] = (range & 0xFF00) >> 8; ingest[count++] = (range & 0x00FF); for (x = packet.kid_first; x < packet.kid_last; x++) - { // Key ID + { + // Key ID ingest[count++] = (x & 0xFF00) >> 8; ingest[count++] = (x & 0x00FF); + // Get Key + status = key_if->get_key(x, ekp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } // Key State - ingest[count++] = ek_ring[x].key_state; + ingest[count++] = ekp->key_state; } return count; } @@ -335,6 +365,14 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) // uint8_t tmp_mac[MAC_SIZE]; int x; int y; + int32_t status; + crypto_key_t* ekp = NULL; + + if (key_if == NULL) + { + status = CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; + return status; + } #ifdef PDU_DEBUG printf("Crypto_Key_verify: Requested %d key(s) to verify \n", pdu_keys); @@ -363,17 +401,20 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) sdls_frame.pdu.pdu_len = pdu_keys * (2 + IV_SIZE + CHALLENGE_SIZE + CHALLENGE_MAC_SIZE); sdls_frame.hdr.pkt_length = sdls_frame.pdu.pdu_len + 9; count = Crypto_Prep_Reply(ingest, 128); - crypto_key_t* ek_ring = key_if->get_ek_ring(); - if ( ek_ring == NULL ) // Can't verify key without a key ring, action supported for this cryptography interface! - { - return CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; - } for (x = 0; x < pdu_keys; x++) - { // Key ID + { + // Key ID ingest[count++] = (packet.blk[x].kid & 0xFF00) >> 8; ingest[count++] = (packet.blk[x].kid & 0x00FF); + // Get Key + status = key_if->get_key(x, ekp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } + // Initialization Vector iv_loc = count; for (y = 0; y < IV_SIZE; y++) @@ -388,7 +429,7 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) (size_t)CHALLENGE_SIZE, // length of data &(packet.blk[x].challenge[0]), // plaintext input (size_t)CHALLENGE_SIZE, // in data length - &(ek_ring[packet.blk[x].kid].value[0]), // Key Index + &(ekp->value[0]), // Key Index KEY_SIZE, // Key Length NULL, // SA Reference for key &(ingest[iv_loc]), // IV diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 2eb7b946..016cb130 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -551,9 +551,6 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in index -= tf_payload_len; tf_payload_len += pkcs_padding; - /* Get Key Ring */ - crypto_key_t* local_key_ring_ptr = key_if->get_ek_ring(); - /* ** Begin Authentication / Encryption */ @@ -596,10 +593,18 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in printf("Input bytes input_loc is %d\n", TC_FRAME_HEADER_SIZE + segment_hdr_len); #endif + /* Get Key */ + crypto_key_t* ekp = NULL; + status = key_if->get_key(sa_ptr->ekid, ekp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } + if(ecs_is_aead_algorithm == CRYPTO_TRUE) { // Check that key length to be used ets the algorithm requirement - if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len != Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + if((int32_t) ekp->key_len != Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) { free(aad); return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; @@ -610,7 +615,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in //&p_new_enc_frame[index], // length of data (uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input (size_t)tf_payload_len, // in data length - &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key + &(ekp->value[0]), // Key Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), // Length of key derived from sa_ptr key_ref sa_ptr, // SA (for key reference) sa_ptr->iv, // IV @@ -633,7 +638,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in if (sa_service_type == SA_ENCRYPTION) { // Check that key length to be used ets the algorithm requirement - if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len != Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + if((int32_t) ekp->key_len != Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) { free(aad); return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; @@ -645,7 +650,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in //(uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input (size_t)tf_payload_len, // in data length //new_frame_length, - &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key + &(ekp->value[0]), // Key Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), // Length of key derived from sa_ptr key_ref sa_ptr, // SA (for key reference) sa_ptr->iv, // IV @@ -658,8 +663,16 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in if (sa_service_type == SA_AUTHENTICATION) { + /* Get Key */ + crypto_key_t* akp = NULL; + status = key_if->get_key(sa_ptr->akid, akp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } + // Check that key length to be used ets the algorithm requirement - if((int32_t) local_key_ring_ptr[sa_ptr->akid].key_len != Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) + if((int32_t) akp->key_len != Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) { free(aad); return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; @@ -669,7 +682,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in (size_t)tf_payload_len, // length of data (uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input (size_t)tf_payload_len, // in data length - &(local_key_ring_ptr[sa_ptr->akid].value[0]), // Key + &(akp->value[0]), // Key Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), sa_ptr, // SA (for key reference) sa_ptr->iv, // IV @@ -1088,13 +1101,25 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc printf(KYEL "TC PDU Calculated Length: %d \n" RESET, tc_sdls_processed_frame->tc_pdu_len); #endif - /* Get Key Ring */ - crypto_key_t* local_key_ring_ptr = key_if->get_ek_ring(); + /* Get Key */ + crypto_key_t* ekp = NULL; + status = key_if->get_key(sa_ptr->ekid, ekp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } + + crypto_key_t* akp = NULL; + status = key_if->get_key(sa_ptr->akid, akp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) { // Check that key length to be used ets the algorithm requirement - if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len != Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + if((int32_t) ekp->key_len != Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) { free(aad); return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; @@ -1104,7 +1129,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length - &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key + &(ekp->value[0]), // Key Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV @@ -1127,7 +1152,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc if(sa_service_type == SA_AUTHENTICATION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { // Check that key length to be used ets the algorithm requirement - if((int32_t) local_key_ring_ptr[sa_ptr->akid].key_len != Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) + if((int32_t) akp->key_len != Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) { free(aad); return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; @@ -1137,7 +1162,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length - &(local_key_ring_ptr[sa_ptr->akid].value[0]), // Key + &(akp->value[0]), // Key Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV @@ -1154,7 +1179,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { // Check that key length to be used ets the algorithm requirement - if((int32_t) local_key_ring_ptr[sa_ptr->ekid].key_len != Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + if((int32_t) ekp->key_len != Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) { free(aad); return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; @@ -1164,7 +1189,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length - &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key + &(ekp->value[0]), // Key Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 5824ee7b..c235ce12 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -335,8 +335,20 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) } #endif - /* Get Key Ring */ - crypto_key_t* local_key_ring_ptr = key_if->get_ek_ring(); + // Get Key + crypto_key_t* ekp = NULL; + status = key_if->get_key(sa_ptr->ekid, ekp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } + + crypto_key_t* akp = NULL; + status = key_if->get_key(sa_ptr->akid, akp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } /* ** Begin Authentication / Encryption @@ -387,7 +399,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) (size_t) 0, // length of data (uint8_t*)(&tm_frame[0]), // plaintext input (size_t)0, // in data length - from start of frame to end of data - &(local_key_ring_ptr[sa_ptr->akid].value[0]), // Key + &(akp->value[0]), // Key Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), sa_ptr, // SA (for key reference) sa_ptr->iv, // IV @@ -654,7 +666,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) (size_t)pdu_len, // length of data &(tempTM[pdu_loc]), // plaintext input (size_t)pdu_len, // in data length - &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key + &(ekp->value[0]), // Key KEY_SIZE, sa_ptr, sa_ptr->iv, @@ -1012,8 +1024,20 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in // this will be over-written by decryption functions if necessary, // but not by authentication which requires - /* Get Key Ring */ - crypto_key_t* local_key_ring_ptr = key_if->get_ek_ring(); + // Get Key + crypto_key_t* ekp = NULL; + status = key_if->get_key(sa_ptr->ekid, ekp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } + + crypto_key_t* akp = NULL; + status = key_if->get_key(sa_ptr->akid, akp); + if (status != CRYPTO_LIB_SUCCESS) + { + return status; + } /* ** Begin Authentication / Encryption @@ -1047,7 +1071,7 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in Crypto_Prepare_TM_AAD(p_ingest, aad_len, sa_ptr->abm, &aad[0]); // Check that key length to be used is atleast as long as the algo requirement - if((int32_t) local_key_ring_ptr[sa_ptr->akid].key_len > Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) + if((int32_t) akp->key_len > Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs)) { return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; } @@ -1056,7 +1080,7 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in pdu_len, // length of data p_ingest+byte_idx, // ciphertext input pdu_len, // in data length - &(local_key_ring_ptr[sa_ptr->akid].value[0]), // Key + &(akp->value[0]), // Key Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), sa_ptr, // SA for key reference p_ingest+iv_loc, // IV @@ -1072,7 +1096,7 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { // Check that key length to be used is atleast as long as the algo requirement - //if((int32_t) local_key_ring_ptr[sa_ptr->akid].key_len > Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) + //if((int32_t) akp->key_len > Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs)) //{ // return CRYPTO_LIB_ERR_KEY_LENGTH_ERROR; //} @@ -1081,7 +1105,7 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in // (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data // &(ingest[tc_enc_payload_start_index]), // ciphertext input // (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length - // &(local_key_ring_ptr[sa_ptr->ekid].value[0]), // Key + // &(akp->value[0]), // Key // Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), // sa_ptr, // SA for key reference // tc_sdls_processed_frame->tc_sec_header.iv, // IV diff --git a/src/core/crypto_user.c b/src/core/crypto_user.c index fc463079..dcaa1dd9 100644 --- a/src/core/crypto_user.c +++ b/src/core/crypto_user.c @@ -123,21 +123,30 @@ int32_t Crypto_User_ModifyKey(void) // Local variables uint16_t kid = ((uint8_t)sdls_frame.pdu.data[0] << 8) | ((uint8_t)sdls_frame.pdu.data[1]); uint8_t mod = (uint8_t)sdls_frame.pdu.data[2]; - crypto_key_t* ek_ring = key_if->get_ek_ring(); + int32_t status; - if ( ek_ring == NULL ) + crypto_key_t* ekp = NULL; + + if (key_if != NULL) + { + status = CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; + return status; + } + + status = key_if->get_key(kid, ekp); + if (status != CRYPTO_LIB_SUCCESS) { - return CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; + return status; } switch (mod) { case 1: // Invalidate Key - ek_ring[kid].value[KEY_SIZE - 1]++; + ekp->value[KEY_SIZE - 1]++; printf("Key %d value invalidated! \n", kid); break; case 2: // Modify key state - ek_ring[kid].key_state = (uint8_t)sdls_frame.pdu.data[3] & 0x0F; + ekp->key_state = (uint8_t)sdls_frame.pdu.data[3] & 0x0F; printf("Key %d state changed to %d! \n", kid, mod); break; default: diff --git a/src/key/internal/key_interface_internal.template.c b/src/key/internal/key_interface_internal.template.c index 63b9c61e..f1dd513d 100644 --- a/src/key/internal/key_interface_internal.template.c +++ b/src/key/internal/key_interface_internal.template.c @@ -18,454 +18,485 @@ #include "key_interface.h" /* Variables */ -static crypto_key_t ek_ring[NUM_KEYS] = {0}; +static crypto_key_t key_ring[NUM_KEYS] = {0}; static KeyInterfaceStruct key_if_struct; /* Prototypes */ +static int32_t get_key(uint32_t key_id, crypto_key_t* key_ptr); static int32_t key_init(void); static int32_t key_shutdown(void); -static crypto_key_t* get_ek_ring(void); /* Functions */ KeyInterface get_key_interface_internal(void) { + /* Key Interface, SDLS */ + key_if_struct.get_key = get_key; key_if_struct.key_init = key_init; key_if_struct.key_shutdown = key_shutdown; - key_if_struct.get_ek_ring = get_ek_ring; + + /* Key Interface, SDLS-EP */ + return &key_if_struct; } +static int32_t get_key(uint32_t key_id, crypto_key_t* key_ptr) +{ + int32_t status = CRYPTO_LIB_SUCCESS; + key_ptr = key_ptr; /* Avoid set but not used warning */ + + if(key_id < NUM_KEYS) + { + key_ptr = &key_ring[key_id]; + } + else + { + status = CRYPTO_LIB_ERR_KEY_ID_ERROR; + } + return status; +} + static int32_t key_init(void) { int32_t status = CRYPTO_LIB_SUCCESS; + // Initialize all to zero + for(uint32_t i = 0; i < NUM_KEYS; i++) + { + for(uint32_t j = 0; j < KEY_SIZE; j++) + { + key_ring[i].value[j] = 0; + } + key_ring[i].key_len = 0; + key_ring[i].key_state = 0; + } + // Master Keys // 0 - 000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F -> ACTIVE - ek_ring[0].value[0] = 0x00; - ek_ring[0].value[1] = 0x01; - ek_ring[0].value[2] = 0x02; - ek_ring[0].value[3] = 0x03; - ek_ring[0].value[4] = 0x04; - ek_ring[0].value[5] = 0x05; - ek_ring[0].value[6] = 0x06; - ek_ring[0].value[7] = 0x07; - ek_ring[0].value[8] = 0x08; - ek_ring[0].value[9] = 0x09; - ek_ring[0].value[10] = 0x0A; - ek_ring[0].value[11] = 0x0B; - ek_ring[0].value[12] = 0x0C; - ek_ring[0].value[13] = 0x0D; - ek_ring[0].value[14] = 0x0E; - ek_ring[0].value[15] = 0x0F; - ek_ring[0].value[16] = 0x00; - ek_ring[0].value[17] = 0x01; - ek_ring[0].value[18] = 0x02; - ek_ring[0].value[19] = 0x03; - ek_ring[0].value[20] = 0x04; - ek_ring[0].value[21] = 0x05; - ek_ring[0].value[22] = 0x06; - ek_ring[0].value[23] = 0x07; - ek_ring[0].value[24] = 0x08; - ek_ring[0].value[25] = 0x09; - ek_ring[0].value[26] = 0x0A; - ek_ring[0].value[27] = 0x0B; - ek_ring[0].value[28] = 0x0C; - ek_ring[0].value[29] = 0x0D; - ek_ring[0].value[30] = 0x0E; - ek_ring[0].value[31] = 0x0F; - ek_ring[0].key_len = 32; - ek_ring[0].key_state = KEY_ACTIVE; + key_ring[0].value[0] = 0x00; + key_ring[0].value[1] = 0x01; + key_ring[0].value[2] = 0x02; + key_ring[0].value[3] = 0x03; + key_ring[0].value[4] = 0x04; + key_ring[0].value[5] = 0x05; + key_ring[0].value[6] = 0x06; + key_ring[0].value[7] = 0x07; + key_ring[0].value[8] = 0x08; + key_ring[0].value[9] = 0x09; + key_ring[0].value[10] = 0x0A; + key_ring[0].value[11] = 0x0B; + key_ring[0].value[12] = 0x0C; + key_ring[0].value[13] = 0x0D; + key_ring[0].value[14] = 0x0E; + key_ring[0].value[15] = 0x0F; + key_ring[0].value[16] = 0x00; + key_ring[0].value[17] = 0x01; + key_ring[0].value[18] = 0x02; + key_ring[0].value[19] = 0x03; + key_ring[0].value[20] = 0x04; + key_ring[0].value[21] = 0x05; + key_ring[0].value[22] = 0x06; + key_ring[0].value[23] = 0x07; + key_ring[0].value[24] = 0x08; + key_ring[0].value[25] = 0x09; + key_ring[0].value[26] = 0x0A; + key_ring[0].value[27] = 0x0B; + key_ring[0].value[28] = 0x0C; + key_ring[0].value[29] = 0x0D; + key_ring[0].value[30] = 0x0E; + key_ring[0].value[31] = 0x0F; + key_ring[0].key_len = 32; + key_ring[0].key_state = KEY_ACTIVE; // 1 - 101112131415161718191A1B1C1D1E1F101112131415161718191A1B1C1D1E1F -> ACTIVE - ek_ring[1].value[0] = 0x10; - ek_ring[1].value[1] = 0x11; - ek_ring[1].value[2] = 0x12; - ek_ring[1].value[3] = 0x13; - ek_ring[1].value[4] = 0x14; - ek_ring[1].value[5] = 0x15; - ek_ring[1].value[6] = 0x16; - ek_ring[1].value[7] = 0x17; - ek_ring[1].value[8] = 0x18; - ek_ring[1].value[9] = 0x19; - ek_ring[1].value[10] = 0x1A; - ek_ring[1].value[11] = 0x1B; - ek_ring[1].value[12] = 0x1C; - ek_ring[1].value[13] = 0x1D; - ek_ring[1].value[14] = 0x1E; - ek_ring[1].value[15] = 0x1F; - ek_ring[1].value[16] = 0x10; - ek_ring[1].value[17] = 0x11; - ek_ring[1].value[18] = 0x12; - ek_ring[1].value[19] = 0x13; - ek_ring[1].value[20] = 0x14; - ek_ring[1].value[21] = 0x15; - ek_ring[1].value[22] = 0x16; - ek_ring[1].value[23] = 0x17; - ek_ring[1].value[24] = 0x18; - ek_ring[1].value[25] = 0x19; - ek_ring[1].value[26] = 0x1A; - ek_ring[1].value[27] = 0x1B; - ek_ring[1].value[28] = 0x1C; - ek_ring[1].value[29] = 0x1D; - ek_ring[1].value[30] = 0x1E; - ek_ring[1].value[31] = 0x1F; - ek_ring[1].key_len = 32; - ek_ring[1].key_state = KEY_ACTIVE; + key_ring[1].value[0] = 0x10; + key_ring[1].value[1] = 0x11; + key_ring[1].value[2] = 0x12; + key_ring[1].value[3] = 0x13; + key_ring[1].value[4] = 0x14; + key_ring[1].value[5] = 0x15; + key_ring[1].value[6] = 0x16; + key_ring[1].value[7] = 0x17; + key_ring[1].value[8] = 0x18; + key_ring[1].value[9] = 0x19; + key_ring[1].value[10] = 0x1A; + key_ring[1].value[11] = 0x1B; + key_ring[1].value[12] = 0x1C; + key_ring[1].value[13] = 0x1D; + key_ring[1].value[14] = 0x1E; + key_ring[1].value[15] = 0x1F; + key_ring[1].value[16] = 0x10; + key_ring[1].value[17] = 0x11; + key_ring[1].value[18] = 0x12; + key_ring[1].value[19] = 0x13; + key_ring[1].value[20] = 0x14; + key_ring[1].value[21] = 0x15; + key_ring[1].value[22] = 0x16; + key_ring[1].value[23] = 0x17; + key_ring[1].value[24] = 0x18; + key_ring[1].value[25] = 0x19; + key_ring[1].value[26] = 0x1A; + key_ring[1].value[27] = 0x1B; + key_ring[1].value[28] = 0x1C; + key_ring[1].value[29] = 0x1D; + key_ring[1].value[30] = 0x1E; + key_ring[1].value[31] = 0x1F; + key_ring[1].key_len = 32; + key_ring[1].key_state = KEY_ACTIVE; // 2 - 202122232425262728292A2B2C2D2E2F202122232425262728292A2B2C2D2E2F -> ACTIVE - ek_ring[2].value[0] = 0x20; - ek_ring[2].value[1] = 0x21; - ek_ring[2].value[2] = 0x22; - ek_ring[2].value[3] = 0x23; - ek_ring[2].value[4] = 0x24; - ek_ring[2].value[5] = 0x25; - ek_ring[2].value[6] = 0x26; - ek_ring[2].value[7] = 0x27; - ek_ring[2].value[8] = 0x28; - ek_ring[2].value[9] = 0x29; - ek_ring[2].value[10] = 0x2A; - ek_ring[2].value[11] = 0x2B; - ek_ring[2].value[12] = 0x2C; - ek_ring[2].value[13] = 0x2D; - ek_ring[2].value[14] = 0x2E; - ek_ring[2].value[15] = 0x2F; - ek_ring[2].value[16] = 0x20; - ek_ring[2].value[17] = 0x21; - ek_ring[2].value[18] = 0x22; - ek_ring[2].value[19] = 0x23; - ek_ring[2].value[20] = 0x24; - ek_ring[2].value[21] = 0x25; - ek_ring[2].value[22] = 0x26; - ek_ring[2].value[23] = 0x27; - ek_ring[2].value[24] = 0x28; - ek_ring[2].value[25] = 0x29; - ek_ring[2].value[26] = 0x2A; - ek_ring[2].value[27] = 0x2B; - ek_ring[2].value[28] = 0x2C; - ek_ring[2].value[29] = 0x2D; - ek_ring[2].value[30] = 0x2E; - ek_ring[2].value[31] = 0x2F; - ek_ring[2].key_len = 32; - ek_ring[2].key_state = KEY_ACTIVE; + key_ring[2].value[0] = 0x20; + key_ring[2].value[1] = 0x21; + key_ring[2].value[2] = 0x22; + key_ring[2].value[3] = 0x23; + key_ring[2].value[4] = 0x24; + key_ring[2].value[5] = 0x25; + key_ring[2].value[6] = 0x26; + key_ring[2].value[7] = 0x27; + key_ring[2].value[8] = 0x28; + key_ring[2].value[9] = 0x29; + key_ring[2].value[10] = 0x2A; + key_ring[2].value[11] = 0x2B; + key_ring[2].value[12] = 0x2C; + key_ring[2].value[13] = 0x2D; + key_ring[2].value[14] = 0x2E; + key_ring[2].value[15] = 0x2F; + key_ring[2].value[16] = 0x20; + key_ring[2].value[17] = 0x21; + key_ring[2].value[18] = 0x22; + key_ring[2].value[19] = 0x23; + key_ring[2].value[20] = 0x24; + key_ring[2].value[21] = 0x25; + key_ring[2].value[22] = 0x26; + key_ring[2].value[23] = 0x27; + key_ring[2].value[24] = 0x28; + key_ring[2].value[25] = 0x29; + key_ring[2].value[26] = 0x2A; + key_ring[2].value[27] = 0x2B; + key_ring[2].value[28] = 0x2C; + key_ring[2].value[29] = 0x2D; + key_ring[2].value[30] = 0x2E; + key_ring[2].value[31] = 0x2F; + key_ring[2].key_len = 32; + key_ring[2].key_state = KEY_ACTIVE; // Session Keys // 128 - 0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF -> ACTIVE - ek_ring[128].value[0] = 0x01; - ek_ring[128].value[1] = 0x23; - ek_ring[128].value[2] = 0x45; - ek_ring[128].value[3] = 0x67; - ek_ring[128].value[4] = 0x89; - ek_ring[128].value[5] = 0xAB; - ek_ring[128].value[6] = 0xCD; - ek_ring[128].value[7] = 0xEF; - ek_ring[128].value[8] = 0x01; - ek_ring[128].value[9] = 0x23; - ek_ring[128].value[10] = 0x45; - ek_ring[128].value[11] = 0x67; - ek_ring[128].value[12] = 0x89; - ek_ring[128].value[13] = 0xAB; - ek_ring[128].value[14] = 0xCD; - ek_ring[128].value[15] = 0xEF; - ek_ring[128].value[16] = 0x01; - ek_ring[128].value[17] = 0x23; - ek_ring[128].value[18] = 0x45; - ek_ring[128].value[19] = 0x67; - ek_ring[128].value[20] = 0x89; - ek_ring[128].value[21] = 0xAB; - ek_ring[128].value[22] = 0xCD; - ek_ring[128].value[23] = 0xEF; - ek_ring[128].value[24] = 0x01; - ek_ring[128].value[25] = 0x23; - ek_ring[128].value[26] = 0x45; - ek_ring[128].value[27] = 0x67; - ek_ring[128].value[28] = 0x89; - ek_ring[128].value[29] = 0xAB; - ek_ring[128].value[30] = 0xCD; - ek_ring[128].value[31] = 0xEF; - ek_ring[128].key_len = 32; - ek_ring[128].key_state = KEY_ACTIVE; + key_ring[128].value[0] = 0x01; + key_ring[128].value[1] = 0x23; + key_ring[128].value[2] = 0x45; + key_ring[128].value[3] = 0x67; + key_ring[128].value[4] = 0x89; + key_ring[128].value[5] = 0xAB; + key_ring[128].value[6] = 0xCD; + key_ring[128].value[7] = 0xEF; + key_ring[128].value[8] = 0x01; + key_ring[128].value[9] = 0x23; + key_ring[128].value[10] = 0x45; + key_ring[128].value[11] = 0x67; + key_ring[128].value[12] = 0x89; + key_ring[128].value[13] = 0xAB; + key_ring[128].value[14] = 0xCD; + key_ring[128].value[15] = 0xEF; + key_ring[128].value[16] = 0x01; + key_ring[128].value[17] = 0x23; + key_ring[128].value[18] = 0x45; + key_ring[128].value[19] = 0x67; + key_ring[128].value[20] = 0x89; + key_ring[128].value[21] = 0xAB; + key_ring[128].value[22] = 0xCD; + key_ring[128].value[23] = 0xEF; + key_ring[128].value[24] = 0x01; + key_ring[128].value[25] = 0x23; + key_ring[128].value[26] = 0x45; + key_ring[128].value[27] = 0x67; + key_ring[128].value[28] = 0x89; + key_ring[128].value[29] = 0xAB; + key_ring[128].value[30] = 0xCD; + key_ring[128].value[31] = 0xEF; + key_ring[128].key_len = 32; + key_ring[128].key_state = KEY_ACTIVE; // 129 - ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789ABCDEF0123456789 -> ACTIVE - ek_ring[129].value[0] = 0xAB; - ek_ring[129].value[1] = 0xCD; - ek_ring[129].value[2] = 0xEF; - ek_ring[129].value[3] = 0x01; - ek_ring[129].value[4] = 0x23; - ek_ring[129].value[5] = 0x45; - ek_ring[129].value[6] = 0x67; - ek_ring[129].value[7] = 0x89; - ek_ring[129].value[8] = 0xAB; - ek_ring[129].value[9] = 0xCD; - ek_ring[129].value[10] = 0xEF; - ek_ring[129].value[11] = 0x01; - ek_ring[129].value[12] = 0x23; - ek_ring[129].value[13] = 0x45; - ek_ring[129].value[14] = 0x67; - ek_ring[129].value[15] = 0x89; - ek_ring[129].value[16] = 0xAB; - ek_ring[129].value[17] = 0xCD; - ek_ring[129].value[18] = 0xEF; - ek_ring[129].value[19] = 0x01; - ek_ring[129].value[20] = 0x23; - ek_ring[129].value[21] = 0x45; - ek_ring[129].value[22] = 0x67; - ek_ring[129].value[23] = 0x89; - ek_ring[129].value[24] = 0xAB; - ek_ring[129].value[25] = 0xCD; - ek_ring[129].value[26] = 0xEF; - ek_ring[129].value[27] = 0x01; - ek_ring[129].value[28] = 0x23; - ek_ring[129].value[29] = 0x45; - ek_ring[129].value[30] = 0x67; - ek_ring[129].value[31] = 0x89; - ek_ring[129].key_len = 32; - ek_ring[129].key_state = KEY_ACTIVE; + key_ring[129].value[0] = 0xAB; + key_ring[129].value[1] = 0xCD; + key_ring[129].value[2] = 0xEF; + key_ring[129].value[3] = 0x01; + key_ring[129].value[4] = 0x23; + key_ring[129].value[5] = 0x45; + key_ring[129].value[6] = 0x67; + key_ring[129].value[7] = 0x89; + key_ring[129].value[8] = 0xAB; + key_ring[129].value[9] = 0xCD; + key_ring[129].value[10] = 0xEF; + key_ring[129].value[11] = 0x01; + key_ring[129].value[12] = 0x23; + key_ring[129].value[13] = 0x45; + key_ring[129].value[14] = 0x67; + key_ring[129].value[15] = 0x89; + key_ring[129].value[16] = 0xAB; + key_ring[129].value[17] = 0xCD; + key_ring[129].value[18] = 0xEF; + key_ring[129].value[19] = 0x01; + key_ring[129].value[20] = 0x23; + key_ring[129].value[21] = 0x45; + key_ring[129].value[22] = 0x67; + key_ring[129].value[23] = 0x89; + key_ring[129].value[24] = 0xAB; + key_ring[129].value[25] = 0xCD; + key_ring[129].value[26] = 0xEF; + key_ring[129].value[27] = 0x01; + key_ring[129].value[28] = 0x23; + key_ring[129].value[29] = 0x45; + key_ring[129].value[30] = 0x67; + key_ring[129].value[31] = 0x89; + key_ring[129].key_len = 32; + key_ring[129].key_state = KEY_ACTIVE; // 130 - FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210 -> ACTIVE - ek_ring[130].value[0] = 0xFE; - ek_ring[130].value[1] = 0xDC; - ek_ring[130].value[2] = 0xBA; - ek_ring[130].value[3] = 0x98; - ek_ring[130].value[4] = 0x76; - ek_ring[130].value[5] = 0x54; - ek_ring[130].value[6] = 0x32; - ek_ring[130].value[7] = 0x10; - ek_ring[130].value[8] = 0xFE; - ek_ring[130].value[9] = 0xDC; - ek_ring[130].value[10] = 0xBA; - ek_ring[130].value[11] = 0x98; - ek_ring[130].value[12] = 0x76; - ek_ring[130].value[13] = 0x54; - ek_ring[130].value[14] = 0x32; - ek_ring[130].value[15] = 0x10; - ek_ring[130].value[16] = 0xFE; - ek_ring[130].value[17] = 0xDC; - ek_ring[130].value[18] = 0xBA; - ek_ring[130].value[19] = 0x98; - ek_ring[130].value[20] = 0x76; - ek_ring[130].value[21] = 0x54; - ek_ring[130].value[22] = 0x32; - ek_ring[130].value[23] = 0x10; - ek_ring[130].value[24] = 0xFE; - ek_ring[130].value[25] = 0xDC; - ek_ring[130].value[26] = 0xBA; - ek_ring[130].value[27] = 0x98; - ek_ring[130].value[28] = 0x76; - ek_ring[130].value[29] = 0x54; - ek_ring[130].value[30] = 0x32; - ek_ring[130].value[31] = 0x10; - ek_ring[130].key_len = 32; - ek_ring[130].key_state = KEY_ACTIVE; + key_ring[130].value[0] = 0xFE; + key_ring[130].value[1] = 0xDC; + key_ring[130].value[2] = 0xBA; + key_ring[130].value[3] = 0x98; + key_ring[130].value[4] = 0x76; + key_ring[130].value[5] = 0x54; + key_ring[130].value[6] = 0x32; + key_ring[130].value[7] = 0x10; + key_ring[130].value[8] = 0xFE; + key_ring[130].value[9] = 0xDC; + key_ring[130].value[10] = 0xBA; + key_ring[130].value[11] = 0x98; + key_ring[130].value[12] = 0x76; + key_ring[130].value[13] = 0x54; + key_ring[130].value[14] = 0x32; + key_ring[130].value[15] = 0x10; + key_ring[130].value[16] = 0xFE; + key_ring[130].value[17] = 0xDC; + key_ring[130].value[18] = 0xBA; + key_ring[130].value[19] = 0x98; + key_ring[130].value[20] = 0x76; + key_ring[130].value[21] = 0x54; + key_ring[130].value[22] = 0x32; + key_ring[130].value[23] = 0x10; + key_ring[130].value[24] = 0xFE; + key_ring[130].value[25] = 0xDC; + key_ring[130].value[26] = 0xBA; + key_ring[130].value[27] = 0x98; + key_ring[130].value[28] = 0x76; + key_ring[130].value[29] = 0x54; + key_ring[130].value[30] = 0x32; + key_ring[130].value[31] = 0x10; + key_ring[130].key_len = 32; + key_ring[130].key_state = KEY_ACTIVE; // 131 - 9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA -> ACTIVE - ek_ring[131].value[0] = 0x98; - ek_ring[131].value[1] = 0x76; - ek_ring[131].value[2] = 0x54; - ek_ring[131].value[3] = 0x32; - ek_ring[131].value[4] = 0x10; - ek_ring[131].value[5] = 0xFE; - ek_ring[131].value[6] = 0xDC; - ek_ring[131].value[7] = 0xBA; - ek_ring[131].value[8] = 0x98; - ek_ring[131].value[9] = 0x76; - ek_ring[131].value[10] = 0x54; - ek_ring[131].value[11] = 0x32; - ek_ring[131].value[12] = 0x10; - ek_ring[131].value[13] = 0xFE; - ek_ring[131].value[14] = 0xDC; - ek_ring[131].value[15] = 0xBA; - ek_ring[131].value[16] = 0x98; - ek_ring[131].value[17] = 0x76; - ek_ring[131].value[18] = 0x54; - ek_ring[131].value[19] = 0x32; - ek_ring[131].value[20] = 0x10; - ek_ring[131].value[21] = 0xFE; - ek_ring[131].value[22] = 0xDC; - ek_ring[131].value[23] = 0xBA; - ek_ring[131].value[24] = 0x98; - ek_ring[131].value[25] = 0x76; - ek_ring[131].value[26] = 0x54; - ek_ring[131].value[27] = 0x32; - ek_ring[131].value[28] = 0x10; - ek_ring[131].value[29] = 0xFE; - ek_ring[131].value[30] = 0xDC; - ek_ring[131].value[31] = 0xBA; - ek_ring[131].key_len = 32; - ek_ring[131].key_state = KEY_ACTIVE; + key_ring[131].value[0] = 0x98; + key_ring[131].value[1] = 0x76; + key_ring[131].value[2] = 0x54; + key_ring[131].value[3] = 0x32; + key_ring[131].value[4] = 0x10; + key_ring[131].value[5] = 0xFE; + key_ring[131].value[6] = 0xDC; + key_ring[131].value[7] = 0xBA; + key_ring[131].value[8] = 0x98; + key_ring[131].value[9] = 0x76; + key_ring[131].value[10] = 0x54; + key_ring[131].value[11] = 0x32; + key_ring[131].value[12] = 0x10; + key_ring[131].value[13] = 0xFE; + key_ring[131].value[14] = 0xDC; + key_ring[131].value[15] = 0xBA; + key_ring[131].value[16] = 0x98; + key_ring[131].value[17] = 0x76; + key_ring[131].value[18] = 0x54; + key_ring[131].value[19] = 0x32; + key_ring[131].value[20] = 0x10; + key_ring[131].value[21] = 0xFE; + key_ring[131].value[22] = 0xDC; + key_ring[131].value[23] = 0xBA; + key_ring[131].value[24] = 0x98; + key_ring[131].value[25] = 0x76; + key_ring[131].value[26] = 0x54; + key_ring[131].value[27] = 0x32; + key_ring[131].value[28] = 0x10; + key_ring[131].value[29] = 0xFE; + key_ring[131].value[30] = 0xDC; + key_ring[131].value[31] = 0xBA; + key_ring[131].key_len = 32; + key_ring[131].key_state = KEY_ACTIVE; // 132 - 0123456789ABCDEFABCDEF01234567890123456789ABCDEFABCDEF0123456789 -> PRE_ACTIVATION - ek_ring[132].value[0] = 0x01; - ek_ring[132].value[1] = 0x23; - ek_ring[132].value[2] = 0x45; - ek_ring[132].value[3] = 0x67; - ek_ring[132].value[4] = 0x89; - ek_ring[132].value[5] = 0xAB; - ek_ring[132].value[6] = 0xCD; - ek_ring[132].value[7] = 0xEF; - ek_ring[132].value[8] = 0xAB; - ek_ring[132].value[9] = 0xCD; - ek_ring[132].value[10] = 0xEF; - ek_ring[132].value[11] = 0x01; - ek_ring[132].value[12] = 0x23; - ek_ring[132].value[13] = 0x45; - ek_ring[132].value[14] = 0x67; - ek_ring[132].value[15] = 0x89; - ek_ring[132].value[16] = 0x01; - ek_ring[132].value[17] = 0x23; - ek_ring[132].value[18] = 0x45; - ek_ring[132].value[19] = 0x67; - ek_ring[132].value[20] = 0x89; - ek_ring[132].value[21] = 0xAB; - ek_ring[132].value[22] = 0xCD; - ek_ring[132].value[23] = 0xEF; - ek_ring[132].value[24] = 0xAB; - ek_ring[132].value[25] = 0xCD; - ek_ring[132].value[26] = 0xEF; - ek_ring[132].value[27] = 0x01; - ek_ring[132].value[28] = 0x23; - ek_ring[132].value[29] = 0x45; - ek_ring[132].value[30] = 0x67; - ek_ring[132].value[31] = 0x89; - ek_ring[132].key_len = 32; - ek_ring[132].key_state = KEY_PREACTIVE; + key_ring[132].value[0] = 0x01; + key_ring[132].value[1] = 0x23; + key_ring[132].value[2] = 0x45; + key_ring[132].value[3] = 0x67; + key_ring[132].value[4] = 0x89; + key_ring[132].value[5] = 0xAB; + key_ring[132].value[6] = 0xCD; + key_ring[132].value[7] = 0xEF; + key_ring[132].value[8] = 0xAB; + key_ring[132].value[9] = 0xCD; + key_ring[132].value[10] = 0xEF; + key_ring[132].value[11] = 0x01; + key_ring[132].value[12] = 0x23; + key_ring[132].value[13] = 0x45; + key_ring[132].value[14] = 0x67; + key_ring[132].value[15] = 0x89; + key_ring[132].value[16] = 0x01; + key_ring[132].value[17] = 0x23; + key_ring[132].value[18] = 0x45; + key_ring[132].value[19] = 0x67; + key_ring[132].value[20] = 0x89; + key_ring[132].value[21] = 0xAB; + key_ring[132].value[22] = 0xCD; + key_ring[132].value[23] = 0xEF; + key_ring[132].value[24] = 0xAB; + key_ring[132].value[25] = 0xCD; + key_ring[132].value[26] = 0xEF; + key_ring[132].value[27] = 0x01; + key_ring[132].value[28] = 0x23; + key_ring[132].value[29] = 0x45; + key_ring[132].value[30] = 0x67; + key_ring[132].value[31] = 0x89; + key_ring[132].key_len = 32; + key_ring[132].key_state = KEY_PREACTIVE; // 133 - ABCDEF01234567890123456789ABCDEFABCDEF01234567890123456789ABCDEF -> ACTIVE - ek_ring[133].value[0] = 0xAB; - ek_ring[133].value[1] = 0xCD; - ek_ring[133].value[2] = 0xEF; - ek_ring[133].value[3] = 0x01; - ek_ring[133].value[4] = 0x23; - ek_ring[133].value[5] = 0x45; - ek_ring[133].value[6] = 0x67; - ek_ring[133].value[7] = 0x89; - ek_ring[133].value[8] = 0x01; - ek_ring[133].value[9] = 0x23; - ek_ring[133].value[10] = 0x45; - ek_ring[133].value[11] = 0x67; - ek_ring[133].value[12] = 0x89; - ek_ring[133].value[13] = 0xAB; - ek_ring[133].value[14] = 0xCD; - ek_ring[133].value[15] = 0xEF; - ek_ring[133].value[16] = 0xAB; - ek_ring[133].value[17] = 0xCD; - ek_ring[133].value[18] = 0xEF; - ek_ring[133].value[19] = 0x01; - ek_ring[133].value[20] = 0x23; - ek_ring[133].value[21] = 0x45; - ek_ring[133].value[22] = 0x67; - ek_ring[133].value[23] = 0x89; - ek_ring[133].value[24] = 0x01; - ek_ring[133].value[25] = 0x23; - ek_ring[133].value[26] = 0x45; - ek_ring[133].value[27] = 0x67; - ek_ring[133].value[28] = 0x89; - ek_ring[133].value[29] = 0xAB; - ek_ring[133].value[30] = 0xCD; - ek_ring[133].value[31] = 0xEF; - ek_ring[133].key_len = 32; - ek_ring[133].key_state = KEY_ACTIVE; + key_ring[133].value[0] = 0xAB; + key_ring[133].value[1] = 0xCD; + key_ring[133].value[2] = 0xEF; + key_ring[133].value[3] = 0x01; + key_ring[133].value[4] = 0x23; + key_ring[133].value[5] = 0x45; + key_ring[133].value[6] = 0x67; + key_ring[133].value[7] = 0x89; + key_ring[133].value[8] = 0x01; + key_ring[133].value[9] = 0x23; + key_ring[133].value[10] = 0x45; + key_ring[133].value[11] = 0x67; + key_ring[133].value[12] = 0x89; + key_ring[133].value[13] = 0xAB; + key_ring[133].value[14] = 0xCD; + key_ring[133].value[15] = 0xEF; + key_ring[133].value[16] = 0xAB; + key_ring[133].value[17] = 0xCD; + key_ring[133].value[18] = 0xEF; + key_ring[133].value[19] = 0x01; + key_ring[133].value[20] = 0x23; + key_ring[133].value[21] = 0x45; + key_ring[133].value[22] = 0x67; + key_ring[133].value[23] = 0x89; + key_ring[133].value[24] = 0x01; + key_ring[133].value[25] = 0x23; + key_ring[133].value[26] = 0x45; + key_ring[133].value[27] = 0x67; + key_ring[133].value[28] = 0x89; + key_ring[133].value[29] = 0xAB; + key_ring[133].value[30] = 0xCD; + key_ring[133].value[31] = 0xEF; + key_ring[133].key_len = 32; + key_ring[133].key_state = KEY_ACTIVE; // 134 - ABCDEF0123456789FEDCBA9876543210ABCDEF0123456789FEDCBA9876543210 -> DEACTIVE - ek_ring[134].value[0] = 0xAB; - ek_ring[134].value[1] = 0xCD; - ek_ring[134].value[2] = 0xEF; - ek_ring[134].value[3] = 0x01; - ek_ring[134].value[4] = 0x23; - ek_ring[134].value[5] = 0x45; - ek_ring[134].value[6] = 0x67; - ek_ring[134].value[7] = 0x89; - ek_ring[134].value[8] = 0xFE; - ek_ring[134].value[9] = 0xDC; - ek_ring[134].value[10] = 0xBA; - ek_ring[134].value[11] = 0x98; - ek_ring[134].value[12] = 0x76; - ek_ring[134].value[13] = 0x54; - ek_ring[134].value[14] = 0x32; - ek_ring[134].value[15] = 0x10; - ek_ring[134].value[16] = 0xAB; - ek_ring[134].value[17] = 0xCD; - ek_ring[134].value[18] = 0xEF; - ek_ring[134].value[19] = 0x01; - ek_ring[134].value[20] = 0x23; - ek_ring[134].value[21] = 0x45; - ek_ring[134].value[22] = 0x67; - ek_ring[134].value[23] = 0x89; - ek_ring[134].value[24] = 0xFE; - ek_ring[134].value[25] = 0xDC; - ek_ring[134].value[26] = 0xBA; - ek_ring[134].value[27] = 0x98; - ek_ring[134].value[28] = 0x76; - ek_ring[134].value[29] = 0x54; - ek_ring[134].value[30] = 0x32; - ek_ring[134].value[31] = 0x10; - ek_ring[134].key_len = 32; - ek_ring[134].key_state = KEY_DEACTIVATED; + key_ring[134].value[0] = 0xAB; + key_ring[134].value[1] = 0xCD; + key_ring[134].value[2] = 0xEF; + key_ring[134].value[3] = 0x01; + key_ring[134].value[4] = 0x23; + key_ring[134].value[5] = 0x45; + key_ring[134].value[6] = 0x67; + key_ring[134].value[7] = 0x89; + key_ring[134].value[8] = 0xFE; + key_ring[134].value[9] = 0xDC; + key_ring[134].value[10] = 0xBA; + key_ring[134].value[11] = 0x98; + key_ring[134].value[12] = 0x76; + key_ring[134].value[13] = 0x54; + key_ring[134].value[14] = 0x32; + key_ring[134].value[15] = 0x10; + key_ring[134].value[16] = 0xAB; + key_ring[134].value[17] = 0xCD; + key_ring[134].value[18] = 0xEF; + key_ring[134].value[19] = 0x01; + key_ring[134].value[20] = 0x23; + key_ring[134].value[21] = 0x45; + key_ring[134].value[22] = 0x67; + key_ring[134].value[23] = 0x89; + key_ring[134].value[24] = 0xFE; + key_ring[134].value[25] = 0xDC; + key_ring[134].value[26] = 0xBA; + key_ring[134].value[27] = 0x98; + key_ring[134].value[28] = 0x76; + key_ring[134].value[29] = 0x54; + key_ring[134].value[30] = 0x32; + key_ring[134].value[31] = 0x10; + key_ring[134].key_len = 32; + key_ring[134].key_state = KEY_DEACTIVATED; // 135 - ABCDEF0123456789FEDCBA9876543210ABCDEF0123456789FEDCBA9876543210 -> DEACTIVE - ek_ring[135].value[0] = 0x00; - ek_ring[135].value[1] = 0x00; - ek_ring[135].value[2] = 0x00; - ek_ring[135].value[3] = 0x00; - ek_ring[135].value[4] = 0x00; - ek_ring[135].value[5] = 0x00; - ek_ring[135].value[6] = 0x00; - ek_ring[135].value[7] = 0x00; - ek_ring[135].value[8] = 0x00; - ek_ring[135].value[9] = 0x00; - ek_ring[135].value[10] = 0x00; - ek_ring[135].value[11] = 0x00; - ek_ring[135].value[12] = 0x00; - ek_ring[135].value[13] = 0x00; - ek_ring[135].value[14] = 0x00; - ek_ring[135].value[15] = 0x00; - ek_ring[135].value[16] = 0x00; - ek_ring[135].value[17] = 0x00; - ek_ring[135].value[18] = 0x00; - ek_ring[135].value[19] = 0x00; - ek_ring[135].value[20] = 0x00; - ek_ring[135].value[21] = 0x00; - ek_ring[135].value[22] = 0x00; - ek_ring[135].value[23] = 0x00; - ek_ring[135].value[24] = 0x00; - ek_ring[135].value[25] = 0x00; - ek_ring[135].value[26] = 0x00; - ek_ring[135].value[27] = 0x00; - ek_ring[135].value[28] = 0x00; - ek_ring[135].value[29] = 0x00; - ek_ring[135].value[30] = 0x00; - ek_ring[135].value[31] = 0x00; - ek_ring[135].key_len = 32; - ek_ring[135].key_state = KEY_DEACTIVATED; + key_ring[135].value[0] = 0x00; + key_ring[135].value[1] = 0x00; + key_ring[135].value[2] = 0x00; + key_ring[135].value[3] = 0x00; + key_ring[135].value[4] = 0x00; + key_ring[135].value[5] = 0x00; + key_ring[135].value[6] = 0x00; + key_ring[135].value[7] = 0x00; + key_ring[135].value[8] = 0x00; + key_ring[135].value[9] = 0x00; + key_ring[135].value[10] = 0x00; + key_ring[135].value[11] = 0x00; + key_ring[135].value[12] = 0x00; + key_ring[135].value[13] = 0x00; + key_ring[135].value[14] = 0x00; + key_ring[135].value[15] = 0x00; + key_ring[135].value[16] = 0x00; + key_ring[135].value[17] = 0x00; + key_ring[135].value[18] = 0x00; + key_ring[135].value[19] = 0x00; + key_ring[135].value[20] = 0x00; + key_ring[135].value[21] = 0x00; + key_ring[135].value[22] = 0x00; + key_ring[135].value[23] = 0x00; + key_ring[135].value[24] = 0x00; + key_ring[135].value[25] = 0x00; + key_ring[135].value[26] = 0x00; + key_ring[135].value[27] = 0x00; + key_ring[135].value[28] = 0x00; + key_ring[135].value[29] = 0x00; + key_ring[135].value[30] = 0x00; + key_ring[135].value[31] = 0x00; + key_ring[135].key_len = 32; + key_ring[135].key_state = KEY_DEACTIVATED; // 136 - ff9f9284cf599eac3b119905a7d18851e7e374cf63aea04358586b0f757670f9 // Reference: // https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Algorithm-Validation-Program/documents/mac/gcmtestvectors.zip - ek_ring[136].value[0] = 0xff; - ek_ring[136].value[1] = 0x9f; - ek_ring[136].value[2] = 0x92; - ek_ring[136].value[3] = 0x84; - ek_ring[136].value[4] = 0xcf; - ek_ring[136].value[5] = 0x59; - ek_ring[136].value[6] = 0x9e; - ek_ring[136].value[7] = 0xac; - ek_ring[136].value[8] = 0x3b; - ek_ring[136].value[9] = 0x11; - ek_ring[136].value[10] = 0x99; - ek_ring[136].value[11] = 0x05; - ek_ring[136].value[12] = 0xa7; - ek_ring[136].value[13] = 0xd1; - ek_ring[136].value[14] = 0x88; - ek_ring[136].value[15] = 0x51; - ek_ring[136].value[16] = 0xe7; - ek_ring[136].value[17] = 0xe3; - ek_ring[136].value[18] = 0x74; - ek_ring[136].value[19] = 0xcf; - ek_ring[136].value[20] = 0x63; - ek_ring[136].value[21] = 0xae; - ek_ring[136].value[22] = 0xa0; - ek_ring[136].value[23] = 0x43; - ek_ring[136].value[24] = 0x58; - ek_ring[136].value[25] = 0x58; - ek_ring[136].value[26] = 0x6b; - ek_ring[136].value[27] = 0x0f; - ek_ring[136].value[28] = 0x75; - ek_ring[136].value[29] = 0x76; - ek_ring[136].value[30] = 0x70; - ek_ring[136].value[31] = 0xf9; - ek_ring[136].key_len = 32; - ek_ring[136].key_state = KEY_DEACTIVATED; + key_ring[136].value[0] = 0xff; + key_ring[136].value[1] = 0x9f; + key_ring[136].value[2] = 0x92; + key_ring[136].value[3] = 0x84; + key_ring[136].value[4] = 0xcf; + key_ring[136].value[5] = 0x59; + key_ring[136].value[6] = 0x9e; + key_ring[136].value[7] = 0xac; + key_ring[136].value[8] = 0x3b; + key_ring[136].value[9] = 0x11; + key_ring[136].value[10] = 0x99; + key_ring[136].value[11] = 0x05; + key_ring[136].value[12] = 0xa7; + key_ring[136].value[13] = 0xd1; + key_ring[136].value[14] = 0x88; + key_ring[136].value[15] = 0x51; + key_ring[136].value[16] = 0xe7; + key_ring[136].value[17] = 0xe3; + key_ring[136].value[18] = 0x74; + key_ring[136].value[19] = 0xcf; + key_ring[136].value[20] = 0x63; + key_ring[136].value[21] = 0xae; + key_ring[136].value[22] = 0xa0; + key_ring[136].value[23] = 0x43; + key_ring[136].value[24] = 0x58; + key_ring[136].value[25] = 0x58; + key_ring[136].value[26] = 0x6b; + key_ring[136].value[27] = 0x0f; + key_ring[136].value[28] = 0x75; + key_ring[136].value[29] = 0x76; + key_ring[136].value[30] = 0x70; + key_ring[136].value[31] = 0xf9; + key_ring[136].key_len = 32; + key_ring[136].key_state = KEY_DEACTIVATED; #ifdef DEBUG printf(KGRN "Key internal interface intialized \n" RESET); @@ -478,8 +509,3 @@ static int32_t key_shutdown(void) { return CRYPTO_LIB_SUCCESS; } - -static crypto_key_t* get_ek_ring(void) -{ - return &ek_ring[0]; -} diff --git a/src/key/kmc/key_interface_kmc.template.c b/src/key/kmc/key_interface_kmc.template.c index ee42a1b8..2bdf2ba6 100644 --- a/src/key/kmc/key_interface_kmc.template.c +++ b/src/key/kmc/key_interface_kmc.template.c @@ -23,31 +23,36 @@ static crypto_key_t ek_ring[NUM_KEYS] = {0}; static KeyInterfaceStruct key_if_struct; /* Prototypes */ +static int32_t get_key(uint32_t key_id, crypto_key_t* key_ptr); static int32_t key_init(void); static int32_t key_shutdown(void); -static crypto_key_t* get_ek_ring(void); /* Functions */ KeyInterface get_key_interface_kmc(void) { + key_if_struct.get_key = get_key; key_if_struct.key_init = key_init; - key_if_struct.get_ek_ring = get_ek_ring; key_if_struct.key_shutdown = key_shutdown; return &key_if_struct; } -static int32_t key_init(void) +static int32_t get_key(uint32_t key_id, crypto_key_t* key_ptr) { - return CRYPTO_LIB_SUCCESS; + /* Avoid set but not used warning */ + key_id = key_id; + key_ptr = key_ptr; + + fprintf(stderr, "Attempting to access key ring with KMC Crypto Service. This shouldn't happen!\n "); + + return NULL; } -static int32_t key_shutdown(void) +static int32_t key_init(void) { return CRYPTO_LIB_SUCCESS; } -static crypto_key_t* get_ek_ring(void) +static int32_t key_shutdown(void) { - fprintf(stderr, "Attempting to access key ring with KMC Crypto Service. This shouldn't happen!\n "); - return NULL; + return CRYPTO_LIB_SUCCESS; } diff --git a/test/unit/et_dt_validation.c b/test/unit/et_dt_validation.c index 31ed891f..f9abdf1a 100644 --- a/test/unit/et_dt_validation.c +++ b/test/unit/et_dt_validation.c @@ -337,7 +337,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -363,7 +363,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -411,7 +412,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -442,7 +443,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) test_association->ast =1; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -490,7 +492,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "e9ccd6eef27f740d1d5c70b187734e11e76a8ac0ad1702ff02180c5c1c9e5399"; @@ -515,7 +517,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -561,7 +564,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext char* buffer_nist_key_h = "e9ccd6eef27f740d1d5c70b187734e11e76a8ac0ad1702ff02180c5c1c9e5399"; @@ -590,7 +593,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -638,7 +642,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -664,7 +668,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -710,7 +715,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -740,7 +745,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -785,7 +791,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -811,7 +817,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -857,7 +864,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -887,7 +894,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -932,7 +940,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -958,7 +966,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -1004,7 +1013,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1034,7 +1043,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -1090,7 +1100,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1123,7 +1133,8 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -1177,7 +1188,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1209,7 +1220,8 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -1259,7 +1271,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; @@ -1302,7 +1314,8 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); @@ -1383,7 +1396,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_DATA) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; @@ -1427,7 +1440,8 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_DATA) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -1484,7 +1498,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_MAC) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; // NIST supplied vectors char* buffer_nist_key_h = "78dc4e0aaf52d935c3c01eea57428f00ca1fd475f5da86a49c8dd73d68c8e223"; @@ -1528,7 +1542,8 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_MAC) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -1586,7 +1601,7 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1633,7 +1648,8 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char**) &buffer_frame_pt_b, &buffer_frame_pt_len); @@ -1678,7 +1694,7 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1725,7 +1741,8 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char**) &buffer_frame_pt_b, &buffer_frame_pt_len); @@ -1767,7 +1784,7 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1818,7 +1835,8 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char**) &buffer_frame_pt_b, &buffer_frame_pt_len); @@ -1863,7 +1881,7 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -1912,7 +1930,8 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char**) &buffer_frame_pt_b, &buffer_frame_pt_len); @@ -1956,7 +1975,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2004,7 +2023,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); @@ -2046,7 +2066,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2093,7 +2113,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); // Convert input mac @@ -2135,7 +2156,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2183,8 +2204,9 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); - ek_ring[test_association->akid].key_len = 64; + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); + akp->key_len = 64; // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); @@ -2228,7 +2250,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2276,8 +2298,9 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); - ek_ring[test_association->akid].key_len = 64; + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); + akp->key_len = 64; // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); @@ -2320,7 +2343,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2371,7 +2394,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); @@ -2413,7 +2437,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2463,7 +2487,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); @@ -2503,7 +2528,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2554,8 +2579,9 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); - ek_ring[test_association->akid].key_len = 64; + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); + akp->key_len = 64; // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); @@ -2593,7 +2619,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2644,8 +2670,9 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); - ek_ring[test_association->akid].key_len = 64; + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); + akp->key_len = 64; // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); @@ -2722,7 +2749,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_SHORT_KEY) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2769,8 +2796,9 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_SHORT_KEY) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); - ek_ring[test_association->akid].key_len = 32; + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); + akp->key_len = 32; // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); @@ -2803,7 +2831,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_SHORT_KEY) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // NIST supplied vectors // NOTE: Added Transfer Frame header to the plaintext @@ -2853,8 +2881,9 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_SHORT_KEY) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); - ek_ring[test_association->akid].key_len = 32; + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); + akp->key_len = 32; // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index b0d3bc24..2ba83fd6 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -41,7 +41,7 @@ UTEST(TC_PROCESS, EXERCISE_IV) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; int status = 0; // NIST supplied vectors @@ -73,7 +73,8 @@ UTEST(TC_PROCESS, EXERCISE_IV) *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed hex_conversion(buffer_replay_h, (char**) &buffer_replay_b, &buffer_replay_len); @@ -156,7 +157,7 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; int status = 0; // NIST supplied vectors @@ -209,7 +210,8 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) test_association->stmacf_len = 16; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->akid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->akid, akp); + memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed hex_conversion(buffer_replay_h, (char**) &buffer_replay_b, &buffer_replay_len); hex_conversion(buffer_outside_window_h, (char**) &buffer_outside_window_b, &buffer_outside_window_len); @@ -890,7 +892,7 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* ekp = NULL; int status = 0; // NIST supplied vectors @@ -937,7 +939,8 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) test_association->arsnw = 5; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); + key_if->get_key(test_association->ekid, ekp); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed hex_conversion(buffer_replay_h, (char**) &buffer_replay_b, &buffer_replay_len); diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index 5ab72676..0e148272 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -774,7 +774,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) status = Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // Test frame setup char* framed_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB00000000000000000000000000000000415B"; char* framed_tm_b = NULL; @@ -817,7 +817,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->akid = 136; // Update key length for SHA512 - ek_ring[sa_ptr->akid].key_len = 64; + key_if->get_key(sa_ptr->akid, akp); + akp->key_len = 64; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -870,7 +871,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) status = Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // Test frame setup char* framed_tm_h = "02C000001800000008010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB00000000000000000000000000000000415B"; char* framed_tm_b = NULL; @@ -913,7 +914,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->akid = 136; // Update key length for SHA512 - ek_ring[sa_ptr->akid].key_len = 64; + key_if->get_key(sa_ptr->akid, akp); + akp->key_len = 64; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 176f909a..1c319b71 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -676,7 +676,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) status = Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // Test frame setup char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB554bac80d1fdcff21fd6996bf1d91327bff1"; char* framed_tm_b = NULL; @@ -719,7 +719,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->akid = 136; // Update key length for SHA512 - ek_ring[sa_ptr->akid].key_len = 64; + key_if->get_key(sa_ptr->akid, akp); + akp->key_len = 64; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; @@ -775,7 +776,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) status = Crypto_Init(); SadbRoutine sadb_routine = get_sadb_routine_inmemory(); - crypto_key_t* ek_ring = key_if->get_ek_ring(); + crypto_key_t* akp = NULL; // Test frame setup char* framed_tm_h = "02C000001800000C08010000000F00112233445566778899AABBCCDDEEFFA107FF000006D2ABBABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB9933b46131d0ff5f4b0ab4295ca3ae9df6c2"; char* framed_tm_b = NULL; @@ -818,7 +819,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->akid = 136; // Update key length for SHA512 - ek_ring[sa_ptr->akid].key_len = 64; + key_if->get_key(sa_ptr->akid, akp); + akp->key_len = 64; // Bit math to give concise access to values already set in the static transfer frame tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; From 2e580c9096435333e25c4e7db9cd196a0d39ef35 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 14 Jun 2023 09:10:27 -0400 Subject: [PATCH 36/46] [nasa/cryptolib#159] Key interface passing all tests, only getting one key at a time; --- include/key_interface.h | 2 +- src/core/crypto_key_mgmt.c | 36 +++++------- src/core/crypto_tc.c | 28 ++++----- src/core/crypto_tm.c | 24 ++++---- src/core/crypto_user.c | 13 +---- .../key_interface_internal.template.c | 14 ++--- src/key/kmc/key_interface_kmc.template.c | 4 +- test/unit/et_dt_validation.c | 58 +++++++++---------- test/unit/ut_tc_process.c | 6 +- test/unit/ut_tm_apply.c | 4 +- test/unit/ut_tm_process.c | 4 +- 11 files changed, 88 insertions(+), 105 deletions(-) diff --git a/include/key_interface.h b/include/key_interface.h index 2cd0af97..64d6dde2 100644 --- a/include/key_interface.h +++ b/include/key_interface.h @@ -33,7 +33,7 @@ typedef struct typedef struct { /* Key Interface, SDLS */ - int32_t (*get_key)(uint32_t key_id, crypto_key_t* key_ptr); + crypto_key_t* (*get_key)(uint32_t key_id); int32_t (*key_init)(void); int32_t (*key_shutdown)(void); diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 8b210be6..84d213a1 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -83,16 +83,10 @@ int32_t Crypto_Key_OTAR(void) // printf("packet.mac[%d] = 0x%02x\n", w, packet.mac[w]); } - if (key_if != NULL) + ekp = key_if->get_key(packet.mkid); + if (ekp == NULL) { - status = CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; - return status; - } - - status = key_if->get_key(packet.mkid, ekp); - if (status != CRYPTO_LIB_SUCCESS) - { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } uint8_t ecs = CRYPTO_CIPHER_AES256_GCM; @@ -141,10 +135,10 @@ int32_t Crypto_Key_OTAR(void) } else { - status = key_if->get_key(packet.EKB[x].ekid, ekp); - if (status != CRYPTO_LIB_SUCCESS) + ekp = key_if->get_key(packet.EKB[x].ekid); + if (ekp == NULL) { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } count = count + 2; @@ -265,10 +259,10 @@ int32_t Crypto_Key_update(uint8_t state) // TODO: Exit } - status = key_if->get_key(packet.kblk[x].kid, ekp); - if (status != CRYPTO_LIB_SUCCESS) + ekp = key_if->get_key(packet.kblk[x].kid); + if (ekp == NULL) { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } if (ekp->key_state == (state - 1)) @@ -337,10 +331,10 @@ int32_t Crypto_Key_inventory(uint8_t* ingest) ingest[count++] = (x & 0xFF00) >> 8; ingest[count++] = (x & 0x00FF); // Get Key - status = key_if->get_key(x, ekp); - if (status != CRYPTO_LIB_SUCCESS) + ekp = key_if->get_key(x); + if (ekp == NULL) { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } // Key State ingest[count++] = ekp->key_state; @@ -409,10 +403,10 @@ int32_t Crypto_Key_verify(uint8_t* ingest, TC_t* tc_frame) ingest[count++] = (packet.blk[x].kid & 0x00FF); // Get Key - status = key_if->get_key(x, ekp); - if (status != CRYPTO_LIB_SUCCESS) + ekp = key_if->get_key(x); + if (ekp == NULL) { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } // Initialization Vector diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 016cb130..97a6f58a 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -70,6 +70,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in uint8_t ecs_is_aead_algorithm; int i; uint32_t pkcs_padding = 0; + crypto_key_t* ekp = NULL; #ifdef DEBUG printf(KYEL "\n----- Crypto_TC_ApplySecurity START -----\n" RESET); @@ -594,11 +595,10 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in #endif /* Get Key */ - crypto_key_t* ekp = NULL; - status = key_if->get_key(sa_ptr->ekid, ekp); - if (status != CRYPTO_LIB_SUCCESS) + ekp = key_if->get_key(sa_ptr->ekid); + if (ekp == NULL) { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } if(ecs_is_aead_algorithm == CRYPTO_TRUE) @@ -665,10 +665,10 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in { /* Get Key */ crypto_key_t* akp = NULL; - status = key_if->get_key(sa_ptr->akid, akp); - if (status != CRYPTO_LIB_SUCCESS) + akp = key_if->get_key(sa_ptr->akid); + if (akp == NULL) { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } // Check that key length to be used ets the algorithm requirement @@ -826,6 +826,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc uint16_t aad_len; uint32_t encryption_cipher; uint8_t ecs_is_aead_algorithm = -1; + crypto_key_t* ekp = NULL; if (crypto_config == NULL) { @@ -1102,18 +1103,17 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc #endif /* Get Key */ - crypto_key_t* ekp = NULL; - status = key_if->get_key(sa_ptr->ekid, ekp); - if (status != CRYPTO_LIB_SUCCESS) + ekp = key_if->get_key(sa_ptr->ekid); + if (ekp == NULL) { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } crypto_key_t* akp = NULL; - status = key_if->get_key(sa_ptr->akid, akp); - if (status != CRYPTO_LIB_SUCCESS) + akp = key_if->get_key(sa_ptr->akid); + if (akp == NULL) { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index c235ce12..45518199 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -337,17 +337,17 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) // Get Key crypto_key_t* ekp = NULL; - status = key_if->get_key(sa_ptr->ekid, ekp); - if (status != CRYPTO_LIB_SUCCESS) + ekp = key_if->get_key(sa_ptr->ekid); + if (ekp == NULL) { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } crypto_key_t* akp = NULL; - status = key_if->get_key(sa_ptr->akid, akp); - if (status != CRYPTO_LIB_SUCCESS) + akp = key_if->get_key(sa_ptr->akid); + if (akp == NULL) { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } /* @@ -1026,17 +1026,17 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in // Get Key crypto_key_t* ekp = NULL; - status = key_if->get_key(sa_ptr->ekid, ekp); - if (status != CRYPTO_LIB_SUCCESS) + ekp = key_if->get_key(sa_ptr->ekid); + if (ekp == NULL) { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } crypto_key_t* akp = NULL; - status = key_if->get_key(sa_ptr->akid, akp); - if (status != CRYPTO_LIB_SUCCESS) + akp = key_if->get_key(sa_ptr->akid); + if (akp == NULL) { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } /* diff --git a/src/core/crypto_user.c b/src/core/crypto_user.c index dcaa1dd9..33f78018 100644 --- a/src/core/crypto_user.c +++ b/src/core/crypto_user.c @@ -123,20 +123,13 @@ int32_t Crypto_User_ModifyKey(void) // Local variables uint16_t kid = ((uint8_t)sdls_frame.pdu.data[0] << 8) | ((uint8_t)sdls_frame.pdu.data[1]); uint8_t mod = (uint8_t)sdls_frame.pdu.data[2]; - int32_t status; crypto_key_t* ekp = NULL; - if (key_if != NULL) + ekp = key_if->get_key(kid); + if (ekp == NULL) { - status = CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING; - return status; - } - - status = key_if->get_key(kid, ekp); - if (status != CRYPTO_LIB_SUCCESS) - { - return status; + return CRYPTO_LIB_ERR_KEY_ID_ERROR; } switch (mod) diff --git a/src/key/internal/key_interface_internal.template.c b/src/key/internal/key_interface_internal.template.c index f1dd513d..86c7659a 100644 --- a/src/key/internal/key_interface_internal.template.c +++ b/src/key/internal/key_interface_internal.template.c @@ -22,7 +22,7 @@ static crypto_key_t key_ring[NUM_KEYS] = {0}; static KeyInterfaceStruct key_if_struct; /* Prototypes */ -static int32_t get_key(uint32_t key_id, crypto_key_t* key_ptr); +static crypto_key_t* get_key(uint32_t key_id); static int32_t key_init(void); static int32_t key_shutdown(void); @@ -39,20 +39,16 @@ KeyInterface get_key_interface_internal(void) return &key_if_struct; } -static int32_t get_key(uint32_t key_id, crypto_key_t* key_ptr) +static crypto_key_t* get_key(uint32_t key_id) { - int32_t status = CRYPTO_LIB_SUCCESS; - key_ptr = key_ptr; /* Avoid set but not used warning */ + crypto_key_t* key_ptr = NULL; if(key_id < NUM_KEYS) { key_ptr = &key_ring[key_id]; } - else - { - status = CRYPTO_LIB_ERR_KEY_ID_ERROR; - } - return status; + + return key_ptr; } static int32_t key_init(void) diff --git a/src/key/kmc/key_interface_kmc.template.c b/src/key/kmc/key_interface_kmc.template.c index 2bdf2ba6..cb85dac8 100644 --- a/src/key/kmc/key_interface_kmc.template.c +++ b/src/key/kmc/key_interface_kmc.template.c @@ -23,7 +23,7 @@ static crypto_key_t ek_ring[NUM_KEYS] = {0}; static KeyInterfaceStruct key_if_struct; /* Prototypes */ -static int32_t get_key(uint32_t key_id, crypto_key_t* key_ptr); +static crypto_key_t* get_key(uint32_t key_id); static int32_t key_init(void); static int32_t key_shutdown(void); @@ -36,7 +36,7 @@ KeyInterface get_key_interface_kmc(void) return &key_if_struct; } -static int32_t get_key(uint32_t key_id, crypto_key_t* key_ptr) +static crypto_key_t* get_key(uint32_t key_id) { /* Avoid set but not used warning */ key_id = key_id; diff --git a/test/unit/et_dt_validation.c b/test/unit/et_dt_validation.c index f9abdf1a..b1f26dc8 100644 --- a/test/unit/et_dt_validation.c +++ b/test/unit/et_dt_validation.c @@ -363,7 +363,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -443,7 +443,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) test_association->ast =1; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -517,7 +517,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -593,7 +593,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -668,7 +668,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -745,7 +745,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -817,7 +817,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -894,7 +894,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -966,7 +966,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -1043,7 +1043,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -1133,7 +1133,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -1220,7 +1220,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -1314,7 +1314,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext // TODO: Account for length of header and FECF (5+2) @@ -1440,7 +1440,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_DATA) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -1542,7 +1542,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_MAC) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -1648,7 +1648,7 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -1741,7 +1741,7 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -1835,7 +1835,7 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -1930,7 +1930,7 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -2023,7 +2023,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -2113,7 +2113,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext hex_conversion(buffer_frame_pt_h, (char **)&buffer_frame_pt_b, &buffer_frame_pt_len); @@ -2204,7 +2204,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); akp->key_len = 64; @@ -2298,7 +2298,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); akp->key_len = 64; @@ -2394,7 +2394,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -2487,7 +2487,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert input plaintext @@ -2579,7 +2579,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); akp->key_len = 64; @@ -2670,7 +2670,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); akp->key_len = 64; @@ -2796,7 +2796,7 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_SHORT_KEY) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); akp->key_len = 32; @@ -2881,7 +2881,7 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_SHORT_KEY) // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); akp->key_len = 32; diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index 2ba83fd6..c973a8a6 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -73,7 +73,7 @@ UTEST(TC_PROCESS, EXERCISE_IV) *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed @@ -210,7 +210,7 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) test_association->stmacf_len = 16; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->akid, akp); + akp = key_if->get_key(test_association->akid); memcpy(akp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed hex_conversion(buffer_replay_h, (char**) &buffer_replay_b, &buffer_replay_len); @@ -939,7 +939,7 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) test_association->arsnw = 5; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); - key_if->get_key(test_association->ekid, ekp); + ekp = key_if->get_key(test_association->ekid); memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); // Convert frames that will be processed diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index 0e148272..84d4899e 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -817,7 +817,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->akid = 136; // Update key length for SHA512 - key_if->get_key(sa_ptr->akid, akp); + akp = key_if->get_key(sa_ptr->akid); akp->key_len = 64; // Bit math to give concise access to values already set in the static transfer frame @@ -914,7 +914,7 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->akid = 136; // Update key length for SHA512 - key_if->get_key(sa_ptr->akid, akp); + akp = key_if->get_key(sa_ptr->akid); akp->key_len = 64; // Bit math to give concise access to values already set in the static transfer frame diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 1c319b71..e96ff351 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -719,7 +719,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->akid = 136; // Update key length for SHA512 - key_if->get_key(sa_ptr->akid, akp); + akp = key_if->get_key(sa_ptr->akid); akp->key_len = 64; // Bit math to give concise access to values already set in the static transfer frame @@ -819,7 +819,7 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->akid = 136; // Update key length for SHA512 - key_if->get_key(sa_ptr->akid, akp); + akp = key_if->get_key(sa_ptr->akid); akp->key_len = 64; // Bit math to give concise access to values already set in the static transfer frame From 83b8dc7dafdaee0f8b293e336ef1251715b12497 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Wed, 14 Jun 2023 12:40:02 -0400 Subject: [PATCH 37/46] Fix TM_Apply Encryption, Add TM_Process Encryption and AES Enc only UT --- include/crypto.h | 2 +- src/src_main/crypto.c | 7 ++ src/src_main/crypto_tm.c | 162 +++++++++++++++++++++------------- util/src_util/ut_tm_apply.c | 1 + util/src_util/ut_tm_process.c | 102 +++++++++++++++++++++ 5 files changed, 212 insertions(+), 62 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index b5d7527b..1969a45d 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -95,7 +95,7 @@ extern int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint extern int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc_sdls_processed_frame, char* cam_cookies); // Telemetry (TM) extern int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr); -extern int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t *p_decrypted_length); +extern int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t *p_decrypted_length); // Advanced Orbiting Systems (AOS) extern int32_t Crypto_AOS_ApplySecurity(uint8_t* ingest, int *len_ingest); extern int32_t Crypto_AOS_ProcessSecurity(uint8_t* ingest, int *len_ingest); diff --git a/src/src_main/crypto.c b/src/src_main/crypto.c index b9c1ac23..92697831 100644 --- a/src/src_main/crypto.c +++ b/src/src_main/crypto.c @@ -72,10 +72,17 @@ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) // TODO - Add cipher suite mapping to which algorithms are AEAD and which are not. if((cipher_suite_id == CRYPTO_CIPHER_AES256_GCM) || (cipher_suite_id == CRYPTO_CIPHER_AES256_CBC_MAC)) { + #ifdef CRYPTO_DEBUG + printf(KYEL "CRYPTO IS AEAD? : TRUE\n" RESET); + #endif return CRYPTO_TRUE; + } else { + #ifdef CRYPTO_DEBUG + printf(KYEL "CRYPTO IS AEAD? : FALSE\n" RESET); + #endif return CRYPTO_FALSE; } } diff --git a/src/src_main/crypto_tm.c b/src/src_main/crypto_tm.c index fdcacdc0..918a8a1a 100644 --- a/src/src_main/crypto_tm.c +++ b/src/src_main/crypto_tm.c @@ -136,8 +136,10 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly if (sa_service_type != SA_PLAINTEXT) { - encryption_cipher = - (sa_ptr->ecs[0] << 24) | (sa_ptr->ecs[1] << 16) | (sa_ptr->ecs[2] << 8) | sa_ptr->ecs[3]; + printf(KRED "Checking AEAD status\n"); + //encryption_cipher = + // (sa_ptr->ecs[0] << 24) | (sa_ptr->ecs[1] << 16) | (sa_ptr->ecs[2] << 8) | sa_ptr->ecs[3]; + encryption_cipher = *sa_ptr->ecs; ecs_is_aead_algorithm = Crypto_Is_AEAD_Algorithm(encryption_cipher); } @@ -372,8 +374,19 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) // Do the encryption if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) { - printf(KRED "NOT SUPPORTED!!!\n"); - status = CRYPTO_LIB_ERR_UNSUPPORTED_MODE; + status = cryptography_if->cryptography_encrypt(//Stub out data in/out as this is done in place and want to save cycles + (uint8_t*)(&tm_frame[data_loc]), // ciphertext output + (size_t) pdu_len, // length of data + (uint8_t*)(&tm_frame[data_loc]), // plaintext input + (size_t) pdu_len, // in data length - from start of frame to end of data + NULL, // Using SA key reference, key is null + Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), + sa_ptr, // SA (for key reference) + sa_ptr->iv, // IV + sa_ptr->iv_len, // IV Length + sa_ptr->ecs, // encryption cipher + pkcs_padding, // authentication cipher + NULL); } else if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) // Non aead algorithm { @@ -408,7 +421,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) (uint8_t*)(&tm_frame[data_loc]), // plaintext input (size_t) pdu_len, // in data length - from start of frame to end of data NULL, // Using SA key reference, key is null - Crypto_Get_ACS_Algo_Keylen(*sa_ptr->ecs), + Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), sa_ptr, // SA (for key reference) sa_ptr->iv, // IV sa_ptr->iv_len, // IV Length @@ -733,7 +746,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) * @param len_ingest: int* * @return int32: Success/Failure **/ -int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t *p_decrypted_length) +int32_t Crypto_TM_ProcessSecurity(uint8_t* p_ingest, uint16_t len_ingest, uint8_t** pp_processed_frame, uint16_t *p_decrypted_length) { // Local Variables int32_t status = CRYPTO_LIB_SUCCESS; @@ -902,11 +915,9 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in break; case SA_AUTHENTICATION: printf(KBLU "Processing a TM - AUTHENTICATED!\n" RESET); - printf(KRED "*****NOT IMPLEMENTED!!!!!\n"); break; case SA_ENCRYPTION: printf(KBLU "Processing a TM - ENCRYPTED!\n" RESET); - printf(KRED "*****NOT IMPLEMENTED!!!!!\n"); break; case SA_AUTHENTICATED_ENCRYPTION: printf(KBLU "Processing a TM - AUTHENTICATED ENCRYPTION!\n" RESET); @@ -988,8 +999,8 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in */ // Calculate size of the protocol data unit - // NOTE: This size itself it not the length for authentication - pdu_len = current_managed_parameters->max_frame_size - (byte_idx) - sa_ptr->stmacf_len; // - fecf_len - ocf_len; + // NOTE: This size itself is not the length for authentication + pdu_len = current_managed_parameters->max_frame_size - (byte_idx) - sa_ptr->stmacf_len; if(current_managed_parameters->has_ocf == TM_HAS_OCF) { pdu_len -= 4; @@ -1033,34 +1044,36 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in return CRYPTO_LIB_ERR_NULL_CIPHERS; } - if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) // Non aead algorithm + // Parse MAC, prepare AAD + if ((sa_service_type == SA_AUTHENTICATION) || (sa_service_type == SA_AUTHENTICATED_ENCRYPTION)) { - // Parse MAC, prepare AAD - if ((sa_service_type == SA_AUTHENTICATION) || (sa_service_type == SA_AUTHENTICATED_ENCRYPTION)) +#ifdef MAC_DEBUG + printf("MAC Parsed from Frame:\n"); + Crypto_hexprint(p_ingest+mac_loc,sa_ptr->stmacf_len); +#endif + aad_len = mac_loc; + // if ((sa_service_type == SA_AUTHENTICATED_ENCRYPTION)) + // { + // //aad_len = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + + // // sa_ptr->shplf_len; + // printf(KRED "*****NOT IMPLEMENTED!!!!!\n"); + // } + if (sa_ptr->abm_len < aad_len) { - #ifdef MAC_DEBUG - printf("MAC Parsed from Frame:\n"); - Crypto_hexprint(p_ingest+mac_loc,sa_ptr->stmacf_len); - #endif - aad_len = mac_loc; - if ((sa_service_type == SA_AUTHENTICATED_ENCRYPTION) && (ecs_is_aead_algorithm == CRYPTO_TRUE)) - { - //aad_len = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + sa_ptr->shsnf_len + - // sa_ptr->shplf_len; - } - if (sa_ptr->abm_len < aad_len) - { - return CRYPTO_LIB_ERR_ABM_TOO_SHORT_FOR_AAD; - } - // Use ingest and abm to create aad - Crypto_Prepare_TM_AAD(p_ingest, aad_len, sa_ptr->abm, &aad[0]); + return CRYPTO_LIB_ERR_ABM_TOO_SHORT_FOR_AAD; + } + // Use ingest and abm to create aad + Crypto_Prepare_TM_AAD(p_ingest, aad_len, sa_ptr->abm, &aad[0]); + } - status = cryptography_if->cryptography_validate_authentication(p_new_dec_frame+byte_idx, // plaintext output + if(sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_TRUE) + { + status = cryptography_if->cryptography_aead_decrypt(p_new_dec_frame+byte_idx, // plaintext output pdu_len, // length of data p_ingest+byte_idx, // ciphertext input pdu_len, // in data length NULL, // Key - Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), sa_ptr, // SA for key reference p_ingest+iv_loc, // IV sa_ptr->iv_len, // IV Length @@ -1068,40 +1081,67 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in sa_ptr->stmacf_len, // tag size aad, // additional authenticated data aad_len, // length of AAD - CRYPTO_CIPHER_NONE, // encryption cipher - *sa_ptr->acs, // authentication cipher - NULL); // cam cookies + (sa_ptr->est), // Decryption Bool + (sa_ptr->ast), // Authentication Bool + (sa_ptr->ast), // AAD Bool + sa_ptr->ecs, // encryption cipher + sa_ptr->acs, // authentication cipher + NULL); + + } + + else if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) + { + // TODO - implement non-AEAD algorithm logic + if(sa_service_type == SA_AUTHENTICATION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) + { + status = cryptography_if->cryptography_validate_authentication(p_new_dec_frame+byte_idx, // plaintext output + pdu_len, // length of data + p_ingest+byte_idx, // ciphertext input + pdu_len, // in data length + NULL, // Key + Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + sa_ptr, // SA for key reference + p_ingest+iv_loc, // IV + sa_ptr->iv_len, // IV Length + p_ingest+mac_loc, // Frame Expected Tag + sa_ptr->stmacf_len, // tag size + aad, // additional authenticated data + aad_len, // length of AAD + CRYPTO_CIPHER_NONE, // encryption cipher + *sa_ptr->acs, // authentication cipher + NULL); // cam cookies + } if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) { - // status = cryptography_if->cryptography_decrypt(tc_sdls_processed_frame->tc_pdu, // plaintext output - // (size_t)(tc_sdls_processed_frame->tc_pdu_len), // length of data - // &(ingest[tc_enc_payload_start_index]), // ciphertext input - // (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length - // NULL, // Key - // Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), - // sa_ptr, // SA for key reference - // tc_sdls_processed_frame->tc_sec_header.iv, // IV - // sa_ptr->iv_len, // IV Length - // sa_ptr->ecs, // encryption cipher - // sa_ptr->acs, // authentication cipher - // cam_cookies - - // ); - - // //Handle Padding Removal - // if(sa_ptr->shplf_len != 0) - // { - // int padding_location = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + - // sa_ptr->shsnf_len; - // uint16_t padding_amount = 0; - // // Get Padding Amount from ingest frame - // padding_amount = (int)ingest[padding_location]; - // // Remove Padding from final decrypted portion - // tc_sdls_processed_frame->tc_pdu_len -= padding_amount; - // } - } + status = cryptography_if->cryptography_decrypt(p_new_dec_frame+byte_idx, // plaintext output + pdu_len, // length of data + p_ingest+byte_idx, // ciphertext input + pdu_len, // in data length + NULL, // Key + Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), + sa_ptr, // SA for key reference + p_ingest+iv_loc, // IV + sa_ptr->iv_len, // IV Length + sa_ptr->ecs, // encryption cipher + sa_ptr->acs, // authentication cipher + NULL + ); + + // //Handle Padding Removal + // if(sa_ptr->shplf_len != 0) + // { + // int padding_location = TC_FRAME_HEADER_SIZE + segment_hdr_len + SPI_LEN + sa_ptr->shivf_len + + // sa_ptr->shsnf_len; + // uint16_t padding_amount = 0; + // // Get Padding Amount from ingest frame + // padding_amount = (int)ingest[padding_location]; + // // Remove Padding from final decrypted portion + // tc_sdls_processed_frame->tc_pdu_len -= padding_amount; + // } } +} // If plaintext, copy byte by byte else if(sa_service_type == SA_PLAINTEXT) diff --git a/util/src_util/ut_tm_apply.c b/util/src_util/ut_tm_apply.c index 4e326faa..c7bb1818 100644 --- a/util/src_util/ut_tm_apply.c +++ b/util/src_util/ut_tm_apply.c @@ -1036,4 +1036,5 @@ for (int i = 0; i < 1786; i++) free(framed_tm_b); free(iv_b); } + UTEST_MAIN(); \ No newline at end of file diff --git a/util/src_util/ut_tm_process.c b/util/src_util/ut_tm_process.c index 10e0a346..0d9f6589 100644 --- a/util/src_util/ut_tm_process.c +++ b/util/src_util/ut_tm_process.c @@ -854,4 +854,106 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) free(ptr_processed_frame); } +/** + * @brief Decryption Only: AES-GCM. 16-byte IV, as GCM requires. Verified with CyberChef + * https://gchq.github.io/CyberChef/#recipe=AES_Encrypt(%7B'option':'Hex','string':'FF9F9284CF599EAC3B119905A7D18851E7E374CF63AEA04358586B0F757670F9'%7D,%7B'option':'Hex','string':'deadbeefdeadbeefdeadbeefdeadbeef'%7D,'GCM','Hex','Hex',%7B'option':'Hex','string':''%7D)&input=QUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQkFBQkJBQUJCQUFCQg + **/ +UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) +{ + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t* ptr_processed_frame = NULL; + uint16_t processed_tm_len; + // SecurityAssociation_t *sa_ptr = NULL; + + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); + Crypto_Init(); + SadbRoutine sadb_routine = get_sadb_routine_inmemory(); + // crypto_key_t* ek_ring = cryptography_if->get_ek_ring(); + + // Test frame setup Header |SPI| IV | Data + char* framed_tm_h = "02c0000018000009deadbeefdeadbeefdeadbeefdeadbeef0b355a29091cc09b6434ca743273c0a1f0529d44cedd32f09b9dbb45ab35c4b607c4783aaefe7068f6924f069e335dacbf11cb0aba3268b6e1f5b12d6a9ce5e26bf249125ce02cecd90f17f642a9ed8524e73cbca4a125d16a00babca86146b264f2e36d3f81a8645b8b8a66214c473efdbf6f8faa435c9dc3b839bde4fadea2d8a5c9edfd7e1db8b1ba6c1b10e20f82d98c3959104e826c5dc4f63228f5d3fda431adcb775a2300000113e3fee4b87f2f87550b66fa001494c23357a2f095f3593790f6bbbc6eddc301422a8ab70c51b20924c02d202da34523823c8e08b7973e6eb4ab7ba5f7a78dd5513c911bc5213087091629f3600856b9d4a756337f92dd3f853d442f1f0c9966eb7d5e7954f5963ad83382ee13b20f2866ae7393e54b81e25e7598da37959b9f195aa2a9c858c867ff84af8e079baffeeb19102b22800d42938819771eb622aac490bcedaa7ea2481b0547e687ccb95e26a2922166d7cab077ef0e06ec3bf07764de160c3c0db07a9f93d41ece84521ec0e82d9a3658b502850b19cac88e6b5d0c975f850616bd3f2a950b01a38f903108a1a12f38ede3b6833b7126e2af81b719147bcda0aee5bd60e90a8dd800ef5f967400773ee79334f08480b110dfabb2946826828aca98c16004d1d78c1c18c384a19a0afb73792abfdfc55dbe7b36496114b85c28c954d8ff6d661b92e5cd1541d5843e55cfa1f48f08423301012583a7f770c3d3c0ca1a54bafaece16e35c45423474de63d98e966a6a65abaa012798562f18fde35426bea7e75f06f3e2a2538ae992e6996f2fa48f8c2ca179ed76c0f817b47b64bba561f7502b672188200c360d709de7da7443abbfe5506604a6394d3dc7914e71df54efed8dcb264e07b8b7eb50015dd33a11354fa85fcda7b225b1a89ac68827946d1c94fe6e926fda7c4ee8cbf8dafb2bb2fc3900914f04dff504ccec0a45bd78784aa43d9aaa3eff8f72eac5c2e7fbdd9c78f49dad8624dc84329ca1753840284f4dab6102ebd1da47ed9a7e7cb055318d359a5ba9e55434740731ead208457ae94a169135fd02e99e68775f5f99550be0ff79ad2bafe7d4c08fab79d101273f3cae8c6e66585248779238705a1d1d4531347eb593edf7d55e85c91c633f6185782dcb3942ddc78be75ee20bd42ad42cac5440f5579c690d3a127c0962c4d6250dbafc2622b47d1ee505d3dba523592530d78644e2ac4b2e352d584c14191599df0eb1f8e78a20fcf3be1b76e6efa374a8a9f119ae92a707e056bcc5a4b9ad27739fc7cfca27e3ed0d33a0e724089930cf5a947e9eff24c4a3bf5147150d65f4a781723b4ffe230af61e25f5e1a7d74565a52411af43700a05ac1a3e778b7d85b1570895726f394a7345aeb634c4185ff6c2603efc4f00422163b37bd5ec98bd320139ec0e3b69563e9216c236f9516cf2305fc8cc7995e7813a9dc6ada3ab6d503368103eb349199345a449e636524dfc87ece09bb2a8c5323eca50875dec26d25eedff6e3908b9086ca182cc93300008623074f1ad52f1cfe6ef32a6bcf78ad4621cdcc5ff4e6282eed12c3939e28f66faa2b47ab4c0bed328a883995f8616ffa8ee3e66905e9719e7c980d2bcbe0744fc1795956c46adca32b9d3fce5c968b65794b9b10526821f82be34d7c76ce097e5973335015b99c1d8398d0b1d17353f221f9657f90e2bbbfa0f196664edb5b22f4d352e5b1bf3734d6a95678ad5d3a5cb3a76a8938ff2058a4e0297ae9a50df6b4231ea6319db77476aedd7dcbc091d018c89a66eb8e05b42b7e2ef76776b563d432bb3b51827e73212e68d693bbbea8922c5a184394dfd7ec296324f7d91dc4ba950a9edb25f29112b843d662cebc630ca24e4b93a31e7e0b644bafad2435167fa6f9195b3b23971effb4bdbd0f65af8ef2cd1146fc533b7c83cc83fe1540294de3e16154e8fca507b2fc0154677aca2d3718a76924b9e8585bf25f14729fce656b426704293ae6a8181e3929f1352304ef0ca7747fa2db0db7dcf32d2a5b0f68933acb58f32712ef50aefc28a1b7e4315e8b8bcdcacf230200bdc4f41b320969def240c21a259ee319e69711f2c44ed08d7be40e905078534906cb2ae09e653ae3e33ece1e056512798a9525883ad5eaafc394b0c788e57d21b7d076926dd6d583fe220814f4473e67245a3fe732de8bf814baff99d3aad1ca671269bd3f84560e98398aa9f6ba625e9bc516bb88a4fb2a7ec4b3017ac74362f58653b6b7a2226fcbd484a834fe5e8f4a7432fecf8974d57088c7955eee593bd806bb84b46dc2e75c2709c37468866df97e66f49bece821aa8997ec766d6e6529cf96c18a14435ee0ded2bde56d77b2091d4ca1346830edda23d114efe1596201d80fe213b8b7dffa79fc84a2a63c77ac9fae6cb1b8bb99521b43309915da6b28316e400f10fda0f1dbdd25761de798dc894009f391fd96d2471558a2c9656251af547a43"; + char* framed_tm_b = NULL; + int framed_tm_len = 0; + hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); + + // Truth frame setup + char* truth_tm_h = "02C000001800000000000000000000000000000000000000AABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABBAABB0000"; + char* truth_tm_b = NULL; + int truth_tm_len = 0; + hex_conversion(truth_tm_h, &truth_tm_b, &truth_tm_len); + + + // Bit math to give concise access to values already set in the static transfer frame + tm_frame_pri_hdr.tfvn = ((uint8_t)framed_tm_b[0] & 0xC0) >> 6; + tm_frame_pri_hdr.scid = (((uint16_t)framed_tm_b[0] & 0x3F) << 4) | (((uint16_t)framed_tm_b[1] & 0xF0) >> 4); + tm_frame_pri_hdr.vcid = ((uint8_t)framed_tm_b[1] & 0x0E) >> 1; + + // Determine managed parameters by GVCID, which nominally happens in TO + status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + gvcid_managed_parameters, ¤t_managed_parameters); + + // Expose/setup SAs for testing + SecurityAssociation_t* test_association = NULL; + test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + // Deactivate SA 1 + sadb_routine->sadb_get_sa_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + // Activate SA 9 + sadb_routine->sadb_get_sa_from_spi(9, &test_association); + test_association->arsn_len = 0; + test_association->abm_len = 1786; + test_association->abm = (uint8_t* )calloc(1, test_association->abm_len * sizeof(uint8_t)); + memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); + *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->iv_len = 16; + test_association->shivf_len = 16; + + // Set a more obvious IV for test purposes + char * iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEEE"; + char* iv_b = NULL; + int iv_len = 0; + hex_conversion(iv_h, &iv_b, &iv_len); + memcpy(test_association->iv, iv_b, iv_len); + + status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("Decrypted frame contents:\n\t"); + for (int i = 0; i < 1786; i++) + { + printf("%02x", ptr_processed_frame[i]); + // ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + } + // printf("\n Truth Contents\n\t"); + + // for (int i = 0; i < 1786; i++) + // { + // // printf("[%d]: %02x -> %02x \n", i, tm_frame[i], truth_tm_b[i]); + // printf("%02x", (uint8_t)*(truth_tm_b+i)); + // // ASSERT_EQ(*(ptr_enc_frame + enc_data_idx), buffer_nist_ct_b[i]); + // // enc_data_idx++; + // } + // printf("\n"); + + printf("\nDoing final checks:\n\t"); + for (int i = 0; i < 1786; i++) + { + printf("%02x", ptr_processed_frame[i]); + ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + } + + printf("\n"); + + free(truth_tm_b); + free(framed_tm_b); + free(iv_b); +} + UTEST_MAIN(); \ No newline at end of file From ea797cfb7471aaacabcee9bf66fd3cdf750b3939 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 14 Jun 2023 16:30:37 -0400 Subject: [PATCH 38/46] [nasa/cryptolib#164] First attempt to have pre-allocated fields in security association struct; --- .gitignore | 1 + include/crypto_structs.h | 16 +- src/core/crypto.c | 7 +- src/core/crypto_print.c | 18 +- src/core/crypto_tc.c | 76 ++++---- src/core/crypto_tm.c | 33 ++-- .../internal/sadb_routine_inmemory.template.c | 93 +++------- test/unit/et_dt_validation.c | 162 +++++------------- test/unit/ut_crypto.c | 80 +++++---- test/unit/ut_tc_apply.c | 13 +- test/unit/ut_tc_process.c | 114 +++--------- test/unit/ut_tm_apply.c | 63 ++----- test/unit/ut_tm_process.c | 63 ++----- 13 files changed, 237 insertions(+), 502 deletions(-) diff --git a/.gitignore b/.gitignore index 15422467..9a3b0fb7 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,4 @@ __pycache__ build venv vgcore* +core.* diff --git a/include/crypto_structs.h b/include/crypto_structs.h index a978988a..4339fa6a 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -70,18 +70,18 @@ typedef struct uint8_t shsnf_len : 6; // Sec. Header SN Field Length uint8_t shplf_len : 2; // Sec. Header PL Field Length uint8_t stmacf_len : 8; // Sec. Trailer MAC Field Length - uint8_t* ecs; // Encryption Cipher Suite (algorithm / mode ID) + uint8_t ecs; // Encryption Cipher Suite (algorithm / mode ID) uint8_t ecs_len : 8; // Encryption Cipher Suite Length - uint8_t* iv; // Initialization Vector + uint8_t iv[IV_SIZE]; // Initialization Vector uint8_t iv_len; // Length of entire IV uint8_t acs_len : 8; // Authentication Cipher Suite Length - uint8_t* acs; // Authentication Cipher Suite (algorithm / mode ID) + uint8_t acs; // Authentication Cipher Suite (algorithm / mode ID) uint16_t abm_len : 16; // Authentication Bit Mask Length - uint8_t* abm; // Authentication Bit Mask (Primary Hdr. through Security Hdr.) - uint8_t arsn_len : 8; // Anti-Replay Seq Num Length - uint8_t* arsn; // Anti-Replay Seq Num - uint8_t arsnw_len : 8; // Anti-Replay Seq Num Window Length - uint16_t arsnw; // Anti-Replay Seq Num Window + uint8_t abm[ABM_SIZE]; // Authentication Bit Mask (Primary Hdr. through Security Hdr.) + uint8_t arsn_len : 8; // Anti-Replay Seq Num Length + uint8_t arsn[ARSN_SIZE];// Anti-Replay Seq Num + uint8_t arsnw_len : 8; // Anti-Replay Seq Num Window Length + uint16_t arsnw; // Anti-Replay Seq Num Window } SecurityAssociation_t; #define SA_SIZE (sizeof(SecurityAssociation_t)) diff --git a/src/core/crypto.c b/src/core/crypto.c index b9c1ac23..d23a1e21 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -848,7 +848,7 @@ int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t *sa_ptr, uint8_t *arsn, u } } // If IV is greater than zero and using GCM, check for replay - if ((sa_ptr->iv_len > 0) && *sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM) + if ((sa_ptr->iv_len > 0) && (sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM)) { // Check IV is in ARSNW if(crypto_config->crypto_increment_nontransmitted_iv == SA_INCREMENT_NONTRANSMITTED_IV_TRUE) @@ -890,7 +890,7 @@ int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t *sa_ptr, uint8_t *arsn, u // else{} // For GCM specifically, if have a valid IV... - if (*sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM && IV_VALID == CRYPTO_TRUE) + if ((sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM) && (IV_VALID == CRYPTO_TRUE)) { // Using ARSN? Need to be valid to increment both if (sa_ptr->arsn_len > 0 && ARSN_VALID == CRYPTO_TRUE) @@ -906,12 +906,11 @@ int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t *sa_ptr, uint8_t *arsn, u } // If not GCM, and ARSN is valid - can incrmeent it - if (*sa_ptr->ecs != CRYPTO_CIPHER_AES256_GCM && ARSN_VALID == CRYPTO_TRUE) + if (sa_ptr->ecs != CRYPTO_CIPHER_AES256_GCM && ARSN_VALID == CRYPTO_TRUE) { memcpy(sa_ptr->arsn, arsn, sa_ptr->arsn_len); } - return status; } diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index 9a5d83fa..ae53c278 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -201,11 +201,11 @@ void Crypto_saPrint(SecurityAssociation_t* sa) printf("\t shplf_len = %d \n", sa->shplf_len); printf("\t stmacf_len = %d \n", sa->stmacf_len); printf("\t ecs_len = %d \n", sa->ecs_len); - if (sa->ecs != NULL) + if (sa->ecs_len > 0) { for (i = 0; i < sa->ecs_len; i++) { - printf("\t ecs[%d] = 0x%02x \n", i, *(sa->ecs + i)); + printf("\t ecs[%d] = 0x%02x \n", i, (sa->ecs + i)); } } printf("\t ekid = %d \n", sa->ekid); @@ -213,7 +213,7 @@ void Crypto_saPrint(SecurityAssociation_t* sa) printf("\t akid = %d \n", sa->akid); printf("\t ak_ref = %s \n", sa->ak_ref); printf("\t iv_len = %d \n", sa->shivf_len); - if (sa->iv != NULL) + if (sa->iv_len > 0) { for (i = 0; i < sa->iv_len; i++) { @@ -224,15 +224,9 @@ void Crypto_saPrint(SecurityAssociation_t* sa) printf("\t iv = %s \n", sa->iv); } printf("\t acs_len = %d \n", sa->acs_len); - if (sa->acs != NULL) - { - for (i = 0; i < sa->acs_len; i++) - { - printf("\t acs[%d] = 0x%02x \n", i, *(sa->acs + i)); - } - } + printf("\t acs = 0x%02x \n", sa->acs); printf("\t abm_len = %d \n", sa->abm_len); - if (sa->abm != NULL) + if (sa->abm_len > 0) { printf("\t abm = "); for (i = 0; i < sa->abm_len; i++) @@ -242,7 +236,7 @@ void Crypto_saPrint(SecurityAssociation_t* sa) printf("\n"); } printf("\t arsn_len = %d \n", sa->arsn_len); - if (sa->arsn != NULL) + if (sa->arsn_len > 0) { printf("\t arsn = "); for (i = 0; i < sa->arsn_len; i++) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 6c243d51..157055c8 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -218,9 +218,9 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly if (sa_service_type != SA_PLAINTEXT) { - if (sa_ptr->ecs != NULL) + if (sa_ptr->ecs != CRYPTO_CIPHER_NONE) { - encryption_cipher = *sa_ptr->ecs; + encryption_cipher = sa_ptr->ecs; #ifdef TC_DEBUG printf(KYEL "SA Encryption Cipher: %d\n", encryption_cipher); #endif @@ -298,7 +298,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in new_enc_frame_header_field_length = (*p_enc_frame_len) - 1; // Handle Padding, if necessary - if(*(sa_ptr->ecs) == CRYPTO_CIPHER_AES256_CBC) + if(sa_ptr->ecs == CRYPTO_CIPHER_AES256_CBC) { pkcs_padding = tf_payload_len % TC_BLOCK_SIZE; // Block Sizes of 16 @@ -436,25 +436,24 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in } #endif - if(sa_service_type != SA_PLAINTEXT && sa_ptr->ecs == NULL && sa_ptr->acs == NULL) - { - return CRYPTO_LIB_ERR_NULL_CIPHERS; - } + //if(sa_service_type != SA_PLAINTEXT) + //{ + // return CRYPTO_LIB_ERR_NULL_CIPHERS; + //} - if(sa_ptr->est == 0 && sa_ptr->ast == 1) + if((sa_ptr->est == 0) && (sa_ptr->ast == 1)) { - if(sa_ptr->acs !=NULL && sa_ptr->acs_len != 0) + if(sa_ptr->acs_len != 0) { - if((*(sa_ptr->acs) == CRYPTO_MAC_CMAC_AES256 || *(sa_ptr->acs) == CRYPTO_MAC_HMAC_SHA256 || *(sa_ptr->acs) == CRYPTO_MAC_HMAC_SHA512) && + if((sa_ptr->acs == CRYPTO_MAC_CMAC_AES256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA512) && sa_ptr->iv_len > 0 ) - { - return CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO; - } + { + return CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO; + } } - } + } - // Copy in IV from SA if not NULL and transmitted length > 0 - if (sa_ptr->iv != NULL) + if (sa_ptr->iv_len > 0) { // Start index from the transmitted portion for (i = sa_ptr->iv_len - sa_ptr->shivf_len; i < sa_ptr->iv_len; i++) @@ -601,7 +600,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in (uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input (size_t)tf_payload_len, // in data length NULL, // Using SA key reference, key is null - Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), // Length of key derived from sa_ptr key_ref + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // Length of key derived from sa_ptr key_ref sa_ptr, // SA (for key reference) sa_ptr->iv, // IV sa_ptr->iv_len, // IV Length @@ -612,8 +611,8 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in (sa_ptr->est==1), (sa_ptr->ast==1), (sa_ptr->ast==1), - sa_ptr->ecs, // encryption cipher - sa_ptr->acs, // authentication cipher + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher cam_cookies ); @@ -629,11 +628,11 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in (size_t)tf_payload_len, // in data length //new_frame_length, NULL, // Using SA key reference, key is null - Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), // Length of key derived from sa_ptr key_ref + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // Length of key derived from sa_ptr key_ref sa_ptr, // SA (for key reference) sa_ptr->iv, // IV sa_ptr->iv_len, // IV Length - sa_ptr->ecs, // encryption cipher + &sa_ptr->ecs, // encryption cipher pkcs_padding, cam_cookies ); @@ -646,7 +645,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in (uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input (size_t)tf_payload_len, // in data length NULL, // Using SA key reference, key is null - Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), sa_ptr, // SA (for key reference) sa_ptr->iv, // IV sa_ptr->iv_len, // IV Length @@ -654,8 +653,8 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in sa_ptr->stmacf_len, // tag size aad, // AAD Input aad_len, // Length of AAD - *sa_ptr->ecs, // encryption cipher - *sa_ptr->acs, // authentication cipher + sa_ptr->ecs, // encryption cipher + sa_ptr->acs, // authentication cipher cam_cookies ); } @@ -671,17 +670,17 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in #ifdef INCREMENT if (crypto_config->crypto_increment_nontransmitted_iv == SA_INCREMENT_NONTRANSMITTED_IV_TRUE) { - if(sa_ptr->shivf_len > 0 && sa_ptr->iv != NULL){ Crypto_increment(sa_ptr->iv, sa_ptr->iv_len); } + if(sa_ptr->shivf_len > 0 && sa_ptr->iv_len != 0){ Crypto_increment(sa_ptr->iv, sa_ptr->iv_len); } } else // SA_INCREMENT_NONTRANSMITTED_IV_FALSE { // Only increment the transmitted portion - if(sa_ptr->shivf_len > 0 && sa_ptr->iv != NULL){ Crypto_increment(sa_ptr->iv+(sa_ptr->iv_len-sa_ptr->shivf_len), sa_ptr->shivf_len); } + if(sa_ptr->shivf_len > 0 && sa_ptr->iv_len != 0){ Crypto_increment(sa_ptr->iv+(sa_ptr->iv_len-sa_ptr->shivf_len), sa_ptr->shivf_len); } } if(sa_ptr->shsnf_len > 0){ Crypto_increment(sa_ptr->arsn, sa_ptr->arsn_len); } #ifdef SA_DEBUG - if(sa_ptr->iv != NULL) + if(sa_ptr->iv_len > 0) { printf(KYEL "Next IV value is:\n\t"); for (i = 0; i < sa_ptr->iv_len; i++) @@ -905,7 +904,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly if (sa_service_type != SA_PLAINTEXT) { - encryption_cipher = *sa_ptr->ecs; + encryption_cipher = sa_ptr->ecs; ecs_is_aead_algorithm = Crypto_Is_AEAD_Algorithm(encryption_cipher); } #ifdef TC_DEBUG @@ -1071,7 +1070,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length NULL, // Key - Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV sa_ptr->iv_len, // IV Length @@ -1082,8 +1081,8 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc (sa_ptr->est), // Decryption Bool (sa_ptr->ast), // Authentication Bool (sa_ptr->ast), // AAD Bool - sa_ptr->ecs, // encryption cipher - sa_ptr->acs, // authentication cipher + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher cam_cookies ); @@ -1097,7 +1096,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length NULL, // Key - Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV sa_ptr->iv_len, // IV Length @@ -1106,7 +1105,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc aad, // additional authenticated data aad_len, // length of AAD CRYPTO_CIPHER_NONE, //encryption cipher - *sa_ptr->acs, //authentication cipher + sa_ptr->acs, //authentication cipher cam_cookies ); } @@ -1117,12 +1116,12 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length NULL, // Key - Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV sa_ptr->iv_len, // IV Length - sa_ptr->ecs, // encryption cipher - sa_ptr->acs, // authentication cipher + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher cam_cookies ); @@ -1175,12 +1174,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc { if (crypto_config->sadb_type == SADB_TYPE_MARIADB) { - if(sa_ptr->ecs != NULL) free(sa_ptr->ecs); if(sa_ptr->ek_ref != NULL) free(sa_ptr->ek_ref); - if(sa_ptr->iv != NULL) free(sa_ptr->iv); - if(sa_ptr->abm != NULL) free(sa_ptr->abm); - if(sa_ptr->arsn != NULL) free(sa_ptr->arsn); - if(sa_ptr->acs != NULL) free(sa_ptr->acs); free(sa_ptr); } } diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index b98d07fd..0b374dea 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -54,7 +54,6 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) uint16_t pdu_len = -1; uint32_t pkcs_padding = 0; uint16_t new_fecf = 0x0000; - uint32_t encryption_cipher; uint8_t ecs_is_aead_algorithm; #ifdef DEBUG @@ -135,9 +134,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly if (sa_service_type != SA_PLAINTEXT) { - encryption_cipher = - (sa_ptr->ecs[0] << 24) | (sa_ptr->ecs[1] << 16) | (sa_ptr->ecs[2] << 8) | sa_ptr->ecs[3]; - ecs_is_aead_algorithm = Crypto_Is_AEAD_Algorithm(encryption_cipher); + ecs_is_aead_algorithm = Crypto_Is_AEAD_Algorithm(sa_ptr->ecs); } #ifdef TM_DEBUG @@ -216,16 +213,16 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) } #endif - if(sa_service_type != SA_PLAINTEXT && sa_ptr->ecs == NULL && sa_ptr->acs == NULL) + if(sa_service_type != SA_PLAINTEXT && sa_ptr->ecs_len == 0 && sa_ptr->acs_len == 0) { return CRYPTO_LIB_ERR_NULL_CIPHERS; } if(sa_ptr->est == 0 && sa_ptr->ast == 1) { - if(sa_ptr->acs !=NULL && sa_ptr->acs_len != 0) + if(sa_ptr->acs_len != 0) { - if((*(sa_ptr->acs) == CRYPTO_MAC_CMAC_AES256 || *(sa_ptr->acs) == CRYPTO_MAC_HMAC_SHA256 || *(sa_ptr->acs) == CRYPTO_MAC_HMAC_SHA512) && + if((sa_ptr->acs == CRYPTO_MAC_CMAC_AES256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA512) && sa_ptr->iv_len > 0 ) { return CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO; @@ -385,7 +382,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) (uint8_t*)(&tm_frame[0]), // plaintext input (size_t)0, // in data length - from start of frame to end of data NULL, // Using SA key reference, key is null - Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), sa_ptr, // SA (for key reference) sa_ptr->iv, // IV sa_ptr->iv_len, // IV Length @@ -393,8 +390,8 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) sa_ptr->stmacf_len, // tag size aad, // AAD Input aad_len, // Length of AAD - *sa_ptr->ecs, // encryption cipher - *sa_ptr->acs, // authentication cipher + sa_ptr->ecs, // encryption cipher + sa_ptr->acs, // authentication cipher NULL); } if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) @@ -858,9 +855,9 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly if (sa_service_type != SA_PLAINTEXT) { - if (sa_ptr->ecs != NULL) + if (sa_ptr->ecs != CRYPTO_CIPHER_NONE) { - encryption_cipher = *sa_ptr->ecs; + encryption_cipher = sa_ptr->ecs; #ifdef TC_DEBUG printf(KYEL "SA Encryption Cipher: %d\n", encryption_cipher); #endif @@ -1013,10 +1010,10 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in ** Begin Authentication / Encryption */ - if(sa_service_type != SA_PLAINTEXT && sa_ptr->ecs == NULL && sa_ptr->acs == NULL) - { - return CRYPTO_LIB_ERR_NULL_CIPHERS; - } + // if(sa_service_type != SA_PLAINTEXT) + // { + // return CRYPTO_LIB_ERR_NULL_CIPHERS; + // } if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) // Non aead algorithm { @@ -1045,7 +1042,7 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in p_ingest+byte_idx, // ciphertext input pdu_len, // in data length NULL, // Key - Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), sa_ptr, // SA for key reference p_ingest+iv_loc, // IV sa_ptr->iv_len, // IV Length @@ -1054,7 +1051,7 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in aad, // additional authenticated data aad_len, // length of AAD CRYPTO_CIPHER_NONE, // encryption cipher - *sa_ptr->acs, // authentication cipher + sa_ptr->acs, // authentication cipher NULL); // cam cookies } if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) diff --git a/src/sa/internal/sadb_routine_inmemory.template.c b/src/sa/internal/sadb_routine_inmemory.template.c index f4b78f4a..4088c050 100644 --- a/src/sa/internal/sadb_routine_inmemory.template.c +++ b/src/sa/internal/sadb_routine_inmemory.template.c @@ -82,7 +82,6 @@ int32_t sadb_config(void) sa[1].shivf_len = 0; sa[1].shsnf_len = 2; sa[1].arsn_len = 2; - sa[1].arsn = (uint8_t*) calloc(1, sa[1].arsn_len * sizeof(uint8_t)); sa[1].arsnw_len = 1; sa[1].arsnw = 5; sa[1].gvcid_blk.tfvn = 0; @@ -97,14 +96,11 @@ int32_t sadb_config(void) sa[2].est = 1; sa[2].ast = 1; sa[2].ecs_len = 1; - sa[2].ecs = calloc(1, sa[2].ecs_len * sizeof(uint8_t)); - *sa[2].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[2].ecs = CRYPTO_CIPHER_AES256_GCM; sa[2].shivf_len = 12; sa[2].iv_len = 12; - sa[2].iv = (uint8_t* )calloc(1, sa[2].shivf_len * sizeof(uint8_t)); *(sa[2].iv + sa[2].shivf_len - 1) = 0; sa[2].abm_len = ABM_SIZE; // 20 - sa[2].abm = (uint8_t* )calloc(1, sa[2].abm_len * sizeof(uint8_t)); sa[2].arsnw_len = 1; sa[2].arsnw = 5; sa[2].arsn_len = (sa[2].arsnw * 2) + 1; @@ -116,14 +112,11 @@ int32_t sadb_config(void) sa[3].est = 1; sa[3].ast = 1; sa[3].ecs_len = 1; - sa[3].ecs = calloc(1, sa[3].ecs_len * sizeof(uint8_t)); - *sa[3].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[3].ecs = CRYPTO_CIPHER_AES256_GCM; sa[3].shivf_len = 12; sa[3].iv_len = 12; - sa[3].iv = (uint8_t* )calloc(1, sa[3].shivf_len * sizeof(uint8_t)); *(sa[3].iv + sa[3].shivf_len - 1) = 0; sa[3].abm_len = ABM_SIZE; // 20 - sa[3].abm = (uint8_t* )calloc(1, sa[3].abm_len * sizeof(uint8_t)); sa[3].arsnw_len = 1; sa[3].arsnw = 5; sa[3].arsn_len = (sa[3].arsnw * 2) + 1; @@ -136,15 +129,12 @@ int32_t sadb_config(void) sa[4].est = 1; sa[4].ast = 1; sa[4].ecs_len = 1; - sa[4].ecs = calloc(1, sa[4].ecs_len * sizeof(uint8_t)); - *sa[4].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[4].ecs = CRYPTO_CIPHER_AES256_GCM; sa[4].shivf_len = 12; sa[4].iv_len = 12; sa[4].stmacf_len = 16; - sa[4].iv = (uint8_t* )calloc(1, sa[4].shivf_len * sizeof(uint8_t)); *(sa[4].iv + 11) = 0; sa[4].abm_len = ABM_SIZE; // 20 - sa[4].abm = (uint8_t* )calloc(1, sa[4].abm_len * sizeof(uint8_t)); sa[4].arsnw_len = 1; sa[4].arsnw = 5; sa[4].arsn_len = 0; @@ -160,14 +150,11 @@ int32_t sadb_config(void) sa[5].est = 1; sa[5].ast = 1; sa[5].ecs_len = 1; - sa[5].ecs = calloc(1, sa[5].ecs_len * sizeof(uint8_t)); - *sa[5].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[5].ecs = CRYPTO_CIPHER_AES256_GCM; sa[5].shivf_len = 12; sa[5].iv_len = 12; - sa[5].iv = (uint8_t* )calloc(1, sa[5].shivf_len * sizeof(uint8_t)); *(sa[5].iv + sa[5].shivf_len - 1) = 0; sa[5].abm_len = ABM_SIZE; // 20 - sa[5].abm = (uint8_t* )calloc(1, sa[5].abm_len * sizeof(uint8_t)); sa[5].arsnw_len = 1; sa[5].arsnw = 5; sa[5].arsn_len = (sa[5].arsnw * 2) + 1; @@ -178,14 +165,11 @@ int32_t sadb_config(void) sa[6].est = 1; sa[6].ast = 1; sa[6].ecs_len = 1; - sa[6].ecs = calloc(1, sa[6].ecs_len * sizeof(uint8_t)); - *sa[6].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[6].ecs = CRYPTO_CIPHER_AES256_GCM; sa[6].shivf_len = 12; sa[6].iv_len = 12; - sa[6].iv = (uint8_t* )calloc(1, sa[6].shivf_len * sizeof(uint8_t)); *(sa[6].iv + sa[6].shivf_len - 1) = 0; sa[6].abm_len = ABM_SIZE; // 20 - sa[6].abm = (uint8_t* )calloc(1, sa[6].abm_len * sizeof(uint8_t)); sa[6].arsnw_len = 1; sa[6].arsnw = 5; sa[6].arsn_len = (sa[6].arsnw * 2) + 1; @@ -197,14 +181,11 @@ int32_t sadb_config(void) sa[7].est = 1; sa[7].ast = 1; sa[7].ecs_len = 1; - sa[7].ecs = calloc(1, sa[7].ecs_len * sizeof(uint8_t)); - *sa[7].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[7].ecs = CRYPTO_CIPHER_AES256_GCM; sa[7].shivf_len = 12; sa[7].iv_len = 12; - sa[7].iv = (uint8_t* )calloc(1, sa[7].shivf_len * sizeof(uint8_t)); *(sa[7].iv + sa[7].shivf_len - 1) = 0; sa[7].abm_len = ABM_SIZE; // 20 - sa[7].abm = (uint8_t* )calloc(1, sa[7].abm_len * sizeof(uint8_t)); sa[7].arsnw_len = 1; sa[7].arsnw = 5; sa[7].arsn_len = (sa[7].arsnw * 2) + 1; @@ -234,10 +215,8 @@ int32_t sadb_config(void) sa[9].ast = 0; sa[9].shivf_len = 12; sa[9].iv_len = 12; - sa[9].iv = (uint8_t* )calloc(1, sa[9].shivf_len * sizeof(uint8_t)); *(sa[9].iv + 11) = 0; sa[9].abm_len = ABM_SIZE; // 20 - sa[9].abm = (uint8_t* )calloc(1, sa[9].abm_len * sizeof(uint8_t)); sa[9].arsnw_len = 1; sa[9].arsnw = 5; sa[9].arsn_len = 0; @@ -254,15 +233,12 @@ int32_t sadb_config(void) sa[10].est = 1; sa[10].ast = 1; sa[10].ecs_len = 1; - sa[10].ecs = calloc(1, sa[10].ecs_len * sizeof(uint8_t)); - *sa[10].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[10].ecs = CRYPTO_CIPHER_AES256_GCM; sa[10].shivf_len = 12; sa[10].iv_len = 12; sa[10].stmacf_len = 16; - sa[10].iv = (uint8_t* )calloc(1, sa[10].shivf_len * sizeof(uint8_t)); *(sa[10].iv + 11) = 0; sa[10].abm_len = ABM_SIZE; // 20 - sa[10].abm = (uint8_t* )calloc(1, sa[10].abm_len * sizeof(uint8_t)); sa[10].arsnw_len = 1; sa[10].arsnw = 5; sa[10].arsn_len = 0; @@ -280,16 +256,13 @@ int32_t sadb_config(void) sa[11].est = 1; sa[11].ast = 0; sa[11].ecs_len = 1; - sa[11].ecs = calloc(1, sa[11].ecs_len * sizeof(uint8_t)); - *sa[11].ecs = CRYPTO_CIPHER_AES256_CBC; + sa[11].ecs = CRYPTO_CIPHER_AES256_CBC; sa[11].shivf_len = 16; sa[11].iv_len = 16; sa[11].shplf_len = 1; sa[11].stmacf_len = 0; - sa[11].iv = (uint8_t* )calloc(1, sa[11].shivf_len * sizeof(uint8_t)); //TODO; Should this be iv_len instead of shiv_len? *(sa[11].iv + (sa[11].iv_len - 1)) = 0; sa[11].abm_len = ABM_SIZE; // 20 - sa[11].abm = (uint8_t* )calloc(1, sa[11].abm_len * sizeof(uint8_t)); sa[11].arsnw_len = 0; sa[11].arsnw = 5; sa[11].arsn_len = 0; @@ -308,7 +281,6 @@ int32_t sadb_config(void) sa[12].shivf_len = 0; sa[12].shsnf_len = 0; sa[12].arsn_len = 0; - sa[12].arsn = (uint8_t*) calloc(1, sa[1].arsn_len * sizeof(uint8_t)); sa[12].arsnw_len = 0; sa[12].arsnw = 5; sa[12].gvcid_blk.tfvn = 0; @@ -326,25 +298,33 @@ int32_t sadb_config(void) int32_t sadb_init(void) { int32_t status = CRYPTO_LIB_SUCCESS; - int x; - for (x = 0; x < NUM_SA; x++) + for (int x = 0; x < NUM_SA; x++) { sa[x].ekid = x; sa[x].akid = x; sa[x].sa_state = SA_NONE; sa[x].ecs_len = 0; - sa[x].ecs = NULL; + sa[x].ecs = 0; sa[x].shivf_len = 0; - sa[x].iv = NULL; + for (int y = 0; y < IV_SIZE; y++) + { + sa[x].iv[y] = 0; + } sa[x].iv_len = 0; - sa[x].abm = NULL; + for (int y = 0; y < ABM_SIZE; y++) + { + sa[x].abm[y] = 0; + } sa[x].abm_len = 0; sa[x].acs_len = 0; - sa[x].acs = NULL; + sa[x].acs = 0; sa[x].shsnf_len = 0; sa[x].arsn_len = 0; - sa[x].arsn = NULL; + for (int y = 0; y < ARSN_SIZE; y++) + { + sa[x].arsn[y] = 0; + } } return status; } @@ -356,16 +336,6 @@ int32_t sadb_init(void) static int32_t sadb_close(void) { int32_t status = CRYPTO_LIB_SUCCESS; - int x; - - for (x = 0; x < NUM_SA; x++) - { - if(sa[x].ecs != NULL) free(sa[x].ecs); - if(sa[x].iv != NULL) free(sa[x].iv); - if(sa[x].abm != NULL) free(sa[x].abm); - if(sa[x].arsn != NULL) free(sa[x].arsn); - if(sa[x].acs != NULL) free(sa[x].acs); - } return status; } @@ -518,7 +488,6 @@ static int32_t sadb_get_operational_sa_from_gvcid(uint8_t tfvn, uint16_t scid, u printf(KYEL "\tscid %d\n" RESET, scid); printf(KYEL "\tvcid %d\n" RESET, vcid); printf(KYEL "\tmapid %02X\n" RESET, mapid); - printf(KYEL "***FYI TM_SIZE set to %ld\n" RESET, TM_SIZE); #endif } @@ -880,28 +849,23 @@ static int32_t sadb_sa_create(void) sa[spi].est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7; sa[spi].ast = ((uint8_t)sdls_frame.pdu.data[2] & 0x40) >> 6; sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[2] & 0x3F); - if (sa[spi].iv != NULL) - { - free(sa[spi].iv); - } - sa[spi].iv = (uint8_t* )calloc(1, sa[spi].shivf_len * sizeof(uint8_t)); sa[spi].shsnf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0xFC) >> 2; sa[spi].shplf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0x03); sa[spi].stmacf_len = ((uint8_t)sdls_frame.pdu.data[4]); sa[spi].ecs_len = ((uint8_t)sdls_frame.pdu.data[5]); for (x = 0; x < sa[spi].ecs_len; x++) { - *(sa[spi].ecs + x) = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].ecs = ((uint8_t)sdls_frame.pdu.data[count++]); } sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[count++]); for (x = 0; x < sa[spi].shivf_len; x++) { - *(sa[spi].iv + x) = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].iv[x] = ((uint8_t)sdls_frame.pdu.data[count++]); } sa[spi].acs_len = ((uint8_t)sdls_frame.pdu.data[count++]); for (x = 0; x < sa[spi].acs_len; x++) { - *sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]); } sa[spi].abm_len = (uint8_t)((sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1])); count = count + 2; @@ -910,11 +874,6 @@ static int32_t sadb_sa_create(void) sa[spi].abm[x] = ((uint8_t)sdls_frame.pdu.data[count++]); } sa[spi].arsn_len = ((uint8_t)sdls_frame.pdu.data[count++]); - if (sa[spi].arsn != NULL) - { - free(sa[spi].arsn); - } - sa[spi].arsn = (uint8_t* )calloc(1, sa[spi].arsn_len * sizeof(uint8_t)); for (x = 0; x < sa[spi].arsn_len; x++) { *(sa[spi].arsn + x) = ((uint8_t)sdls_frame.pdu.data[count++]); diff --git a/test/unit/et_dt_validation.c b/test/unit/et_dt_validation.c index 613a5b8d..28cc601c 100644 --- a/test/unit/et_dt_validation.c +++ b/test/unit/et_dt_validation.c @@ -176,8 +176,7 @@ UTEST(ET_VALIDATION, AUTH_ENCRYPTION_TEST) // Default SA // Expose SA 1 for testing sadb_routine->sadb_get_sa_from_spi(1, &test_association_1); - test_association_1->ecs = calloc(1, test_association_1->ecs_len * sizeof(uint8_t)); - *test_association_1->ecs = CRYPTO_CIPHER_NONE; + test_association_1->ecs = CRYPTO_CIPHER_NONE; // Expose SA 4 for testing sadb_routine->sadb_get_sa_from_spi(4, &test_association_4); @@ -193,13 +192,11 @@ UTEST(ET_VALIDATION, AUTH_ENCRYPTION_TEST) // Expose SA 4 for testing test_association_4->arsn_len = 0; test_association_4->gvcid_blk.vcid = 1; - test_association_4->iv = calloc(1, test_association_4->shivf_len * sizeof(uint8_t)); test_association_4->iv[11] = 1; test_association_4->ast = 1; test_association_4->est = 1; test_association_4->sa_state = SA_OPERATIONAL; - test_association_4->ecs = calloc(1, test_association_4->ecs_len * sizeof(uint8_t)); - *test_association_4->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association_4->ecs = CRYPTO_CIPHER_AES256_GCM; return_val = Crypto_TC_ApplySecurity(enc_test_ping_b, enc_test_ping_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); @@ -264,8 +261,7 @@ UTEST(DT_VALIDATION, AUTH_DECRYPTION_TEST) // Default SA // Expose SA 1 for testing sadb_routine->sadb_get_sa_from_spi(1, &test_association); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; // Expose SA 4 for testing sadb_routine->sadb_get_sa_from_spi(4, &test_association); @@ -282,13 +278,11 @@ UTEST(DT_VALIDATION, AUTH_DECRYPTION_TEST) sadb_routine->sadb_get_sa_from_spi(4, &test_association); test_association->arsn_len = 0; test_association->gvcid_blk.vcid = 1; - test_association->iv = calloc(1, test_association->shivf_len * sizeof(uint8_t)); test_association->iv[11] = 0; test_association->ast = 1; test_association->est = 1; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; return_val = Crypto_TC_ProcessSecurity(dec_test_ping_b, &dec_test_ping_len, tc_sdls_processed_frame); ASSERT_EQ(9, return_val); // 9 is the number of pings in that EP PDU. @@ -358,8 +352,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -370,7 +363,6 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - test_association->iv = malloc(*buffer_nist_iv_b * sizeof(uint8_t)); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input ciphertext hex_conversion(buffer_nist_ct_h, (char**) &buffer_nist_ct_b, &buffer_nist_ct_len); @@ -437,8 +429,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; sadb_routine->sadb_get_sa_from_spi(9, &test_association); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; test_association->ast =1; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -510,8 +501,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -585,8 +575,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -659,8 +648,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -735,8 +723,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -806,8 +793,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -882,8 +868,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -953,8 +938,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1029,8 +1013,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1118,8 +1101,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) test_association->abm_len = 1024; test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1204,8 +1186,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1297,8 +1278,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) test_association->shivf_len = 12; test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1422,8 +1402,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_DATA) test_association->shivf_len = 12; test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1523,8 +1502,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_MAC) test_association->shivf_len = 12; test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1617,17 +1595,13 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) test_association->shivf_len = 0; test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn = 0; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->ekid = 0; test_association->akid = 136; @@ -1709,17 +1683,13 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) test_association->shivf_len = 0; test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn = 0; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->ekid = 0; test_association->akid = 136; @@ -1799,17 +1769,13 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) test_association->shivf_len = 0; test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn = 0; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->ekid = 0; test_association->akid = 136; @@ -1895,15 +1861,12 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->ekid = 0; test_association->akid = 136; @@ -1990,15 +1953,12 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA256; test_association->ekid = 0; test_association->akid = 136; @@ -2079,15 +2039,12 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA256; test_association->ekid = 0; test_association->akid = 136; @@ -2169,15 +2126,12 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; test_association->ekid = 0; test_association->akid = 136; @@ -2261,16 +2215,12 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; - test_association->abm = calloc(1, test_association->abm_len * sizeof(uint8_t)); memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; test_association->ekid = 0; test_association->akid = 136; @@ -2354,15 +2304,12 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA256; test_association->ekid = 0; test_association->akid = 136; @@ -2446,15 +2393,12 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA256; test_association->ekid = 0; test_association->akid = 136; @@ -2537,15 +2481,12 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; test_association->ekid = 0; test_association->akid = 136; @@ -2627,15 +2568,12 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; test_association->ekid = 0; test_association->akid = 136; @@ -2755,15 +2693,12 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_SHORT_KEY) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; test_association->ekid = 0; test_association->akid = 136; @@ -2836,15 +2771,12 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_SHORT_KEY) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; test_association->ekid = 0; test_association->akid = 136; diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 90bb51b5..b9d4ac31 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -99,151 +99,150 @@ UTEST(CRYPTO_C, PDU_SWITCH) sdls_frame.pdu.pid = PID_OTAR; uint8_t* ingest = NULL; - TC_t* tc_frame; - tc_frame = malloc(sizeof(uint8_t) * TC_SIZE); - status = Crypto_PDU(ingest, tc_frame); + TC_t tc_frame; + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_KEY_ACTIVATION; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_KEY_DEACTIVATION; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pdu_len = 0; sdls_frame.pdu.pid = PID_KEY_VERIFICATION; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_KEY_DESTRUCTION; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_KEY_INVENTORY; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING); sdls_frame.pdu.pid = SG_KEY_MGMT; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.sg = SG_SA_MGMT; sdls_frame.pdu.pid = PID_CREATE_SA; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_DELETE_SA; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_SET_ARSNW; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_REKEY_SA; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_EXPIRE_SA; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_SET_ARSN; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_START_SA; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_STOP_SA; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_READ_ARSN; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.pid = PID_SA_STATUS; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.pid = 0b111; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.sg = SG_SEC_MON_CTRL; sdls_frame.pdu.pid = PID_LOG_STATUS; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.pid = PID_DUMP_LOG; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.pid = PID_ERASE_LOG; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.pid = PID_SELF_TEST; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.pid = PID_ALARM_FLAG; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 0b1111; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.sg = PID_LOG_STATUS; sdls_frame.pdu.pid = PID_LOG_STATUS; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.uf = 1; sdls_frame.pdu.pid = 0; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 1; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 2; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 3; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 4; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 5; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 6; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 7; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 8; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.type = 1; sdls_frame.pdu.pid = 8; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } @@ -293,17 +292,16 @@ UTEST(INVALID_SA_CONFIGS, INVALID_IV_ARSN) hex_conversion(jpl_frame_pt_h, (char**) &jpl_frame_pt_b, &jpl_frame_pt_len); // Should fail, as SA will be set to use ARSN, but ARSN pointer is NULL - free(test_association->arsn); - test_association->arsn = NULL; + test_association->arsn_len = 0; status = Crypto_TC_ApplySecurity(jpl_frame_pt_b, jpl_frame_pt_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_ERR_NULL_ARSN, status); // Should fail, as SA will be set to use IV, but IV pointer is NULL - free(test_association->iv); - test_association->iv = NULL; + test_association->iv_len = 0; test_association->shivf_len = 12; status = Crypto_TC_ApplySecurity(jpl_frame_pt_b, jpl_frame_pt_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_ERR_NULL_IV, status); + free(test_association); } /** diff --git a/test/unit/ut_tc_apply.c b/test/unit/ut_tc_apply.c index 0130f123..b669ccc4 100644 --- a/test/unit/ut_tc_apply.c +++ b/test/unit/ut_tc_apply.c @@ -419,16 +419,11 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLO test_association->est=0; test_association->ast=1; test_association->ecs_len=1; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; test_association->acs_len=1; - free(test_association->acs); - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->arsn_len = 3; test_association->shsnf_len = 2; - test_association->arsn = calloc(1,test_association->arsn_len); memcpy(test_association->arsn, (uint8_t *)new_arsn_b, new_arsn_len); // This TA was originally setup for AESGCM, need to specify an akid so we can use it for a MAC test_association->akid = 130; @@ -1023,7 +1018,6 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) test_association->arsn_len = 0; test_association->iv_len = 0; test_association->shivf_len = 0; - test_association->iv = NULL; return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); @@ -1035,7 +1029,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) //printf("Encrypted Frame:\n"); for(int i = 0; i < enc_frame_len; i++) { - //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); + printf("%02x -> %02x \n", ptr_enc_frame[i], truth_data_b[i]); ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } //printf("\n"); @@ -1093,7 +1087,6 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) test_association->arsn_len = 0; test_association->iv_len = 16; test_association->shivf_len = 16; - test_association->iv = NULL; return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_ERR_NULL_IV, return_val); diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index f548d306..e61d5f82 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -68,9 +68,7 @@ UTEST(TC_PROCESS, EXERCISE_IV) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); @@ -184,15 +182,10 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->sa_state = SA_OPERATIONAL; sadb_routine->sadb_get_sa_from_spi(9, &test_association); - free(test_association->ecs); test_association->ecs_len = 1; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - free(test_association->acs); + test_association->ecs = CRYPTO_CIPHER_NONE; test_association->acs_len = 1; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->est = 0; test_association->ast = 1; test_association->shivf_len = 0; @@ -204,8 +197,6 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) test_association->akid = 136; test_association->ekid = 0; // memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); - free(test_association->abm); - test_association->abm = calloc(1, test_association->abm_len * sizeof(uint8_t)); test_association->stmacf_len = 16; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -217,8 +208,6 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) hex_conversion(buffer_good_arsn_with_gap_h, (char**) &buffer_good_arsn_with_gap_b, &buffer_good_arsn_with_gap_len); // Convert/Set input ARSN hex_conversion(buffer_arsn_h, (char**) &buffer_arsn_b, &buffer_arsn_len); - free(test_association->arsn); - test_association->arsn = calloc(1, test_association->arsn_len); memcpy(test_association->arsn, buffer_arsn_b, buffer_arsn_len); // Expect to fail on replay printf(KGRN "Checking replay - using previous received ARSN...\n" RESET); @@ -305,17 +294,14 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) int32_t return_val = -1; - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + TC_t tc_sdls_processed_frame; + memset(&tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); // Default SA // Expose SA 1 for testing sadb_routine->sadb_get_sa_from_spi(1, &test_association); - //free(test_association->ecs); test_association->ecs_len = 1; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; // Deactive SA 1 test_association->sa_state = SA_NONE; @@ -326,8 +312,6 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) test_association->gvcid_blk.vcid = 0; test_association->shivf_len = 6; test_association->iv_len = 12; - free(test_association->iv); - test_association->iv = calloc(1, test_association->iv_len * sizeof(uint8_t)); // IV = "000000000000FFFFFFFFFFFE" test_association->iv[0] = 0x00; test_association->iv[1] = 0x00; @@ -344,46 +328,29 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) test_association->ast = 1; test_association->est = 1; test_association->sa_state = SA_OPERATIONAL; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; Crypto_saPrint(test_association); - return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, tc_sdls_processed_frame); + return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); ASSERT_EQ(test_association->iv[11],0xFE); - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? - return_val = Crypto_TC_ProcessSecurity(dec_test_ff_b, &dec_test_ff_len, tc_sdls_processed_frame); + + return_val = Crypto_TC_ProcessSecurity(dec_test_ff_b, &dec_test_ff_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); ASSERT_EQ(test_association->iv[11],0xFF); - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? - return_val = Crypto_TC_ProcessSecurity(dec_test_00_b, &dec_test_00_len, tc_sdls_processed_frame); + + return_val = Crypto_TC_ProcessSecurity(dec_test_00_b, &dec_test_00_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); for(int i=0; i < test_association->iv_len; i++) { ASSERT_EQ(test_association->iv[i],0x00); } - Crypto_saPrint(test_association); Crypto_Shutdown(); - free(dec_test_fe_b); free(dec_test_ff_b); - free(dec_test_00_b); - - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? - free(tc_sdls_processed_frame); - + free(dec_test_00_b); } UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) @@ -422,10 +389,8 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) // Default SA // Expose SA 1 for testing sadb_routine->sadb_get_sa_from_spi(1, &test_association); - free(test_association->ecs); test_association->ecs_len = 1; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; // Deactive SA 1 test_association->sa_state = SA_NONE; @@ -436,8 +401,6 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) test_association->gvcid_blk.vcid = 0; test_association->shivf_len = 6; test_association->iv_len = 12; - free(test_association->iv); - test_association->iv = calloc(1, test_association->iv_len * sizeof(uint8_t)); // IV = "000000000000FFFFFFFFFFFE" test_association->iv[0] = 0x00; test_association->iv[1] = 0x00; @@ -454,9 +417,7 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) test_association->ast = 1; test_association->est = 1; test_association->sa_state = SA_OPERATIONAL; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; Crypto_saPrint(test_association); return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, tc_sdls_processed_frame); @@ -533,16 +494,14 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) int32_t return_val = -1; - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + TC_t tc_sdls_processed_frame; + memset(&tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); // Default SA // Expose SA 1 for testing sadb_routine->sadb_get_sa_from_spi(1, &test_association); test_association->ecs_len = 1; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; // Deactive SA 1 test_association->sa_state = SA_NONE; @@ -555,17 +514,11 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) test_association->est=0; test_association->ast=1; test_association->ecs_len=1; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; test_association->acs_len=1; - free(test_association->acs); - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->arsn_len = 3; test_association->shsnf_len = 2; - free(test_association->arsn); - test_association->arsn = calloc(1,test_association->arsn_len); // ARSN = "05FFFD" test_association->arsn[0] = 0x05; test_association->arsn[1] = 0xFF; @@ -575,22 +528,16 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) test_association->akid = 130; Crypto_saPrint(test_association); - return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, tc_sdls_processed_frame); + return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); ASSERT_EQ(test_association->arsn[2],0xFE); - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? - return_val = Crypto_TC_ProcessSecurity(dec_test_ff_b, &dec_test_ff_len, tc_sdls_processed_frame); + + return_val = Crypto_TC_ProcessSecurity(dec_test_ff_b, &dec_test_ff_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); ASSERT_EQ(test_association->arsn[2],0xFF); - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? + // test_association->iv[5] = 0x01; - return_val = Crypto_TC_ProcessSecurity(dec_test_00_b, &dec_test_00_len, tc_sdls_processed_frame); + return_val = Crypto_TC_ProcessSecurity(dec_test_00_b, &dec_test_00_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); ASSERT_EQ(test_association->arsn[0] ,0x06); ASSERT_EQ(test_association->arsn[1] ,0x00); @@ -603,11 +550,6 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) free(dec_test_fe_b); free(dec_test_ff_b); free(dec_test_00_b); - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? - free(tc_sdls_processed_frame); } UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) @@ -929,9 +871,7 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; test_association->shsnf_len = 2; test_association->arsn_len = 2; test_association->arsnw = 5; @@ -955,8 +895,6 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert/Set input ARSN hex_conversion(buffer_arsn_h, (char**) &buffer_arsn_b, &buffer_arsn_len); - free(test_association->arsn); - test_association->arsn = calloc(1, test_association->arsn_len); memcpy(test_association->arsn, buffer_arsn_b, buffer_arsn_len); // Expect to fail on ARSN (Bad IV, bad ARSN) diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index cc5b3254..7278d14d 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -346,18 +346,13 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -430,18 +425,13 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -524,18 +514,13 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -616,18 +601,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -708,18 +688,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -801,18 +776,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -897,18 +867,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; sa_ptr->ekid = 0; sa_ptr->akid = 136; diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 10e0a346..76ccc112 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -241,18 +241,13 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -320,18 +315,13 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -417,18 +407,13 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -512,18 +497,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -607,18 +587,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -703,18 +678,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -802,18 +772,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; sa_ptr->ekid = 0; sa_ptr->akid = 136; From 58c78a8a716c77ffad0b68536a44f4d162a0bdd7 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Thu, 15 Jun 2023 07:50:21 -0400 Subject: [PATCH 39/46] [nasa/cryptolib#164] Incremented CryptoLib version number as it was missed in last release; --- include/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/crypto.h b/include/crypto.h index b5d7527b..bd0efba8 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -44,7 +44,7 @@ */ #define CRYPTO_LIB_MAJOR_VERSION 1 #define CRYPTO_LIB_MINOR_VERSION 2 -#define CRYPTO_LIB_REVISION 1 +#define CRYPTO_LIB_REVISION 2 #define CRYPTO_LIB_MISSION_REV 0 /* From 53f11281664e51ee8cfb938398a2c8fffe92fc2b Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Thu, 15 Jun 2023 07:51:38 -0400 Subject: [PATCH 40/46] [nasa/cryptolib#164] Comment out debugging messages in standalone with TM frame processing; --- support/standalone/standalone.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/support/standalone/standalone.c b/support/standalone/standalone.c index 0e5c0573..cb7b66fc 100644 --- a/support/standalone/standalone.c +++ b/support/standalone/standalone.c @@ -458,10 +458,10 @@ void* crypto_standalone_tm_process(void* sock) } else { - if ( ((tm_ptr[0] != 0x03) && (tm_ptr[1] != 0xFF)) && ((tm_ptr[0] != 0xFF) && (tm_ptr[1] != 0x48)) ) - { - printf("crypto_standalone_tm_process - SPP loop error, expected idle packet or frame! tm_ptr = 0x%02x%02x \n", tm_ptr[0], tm_ptr[1]); - } + //if ( ((tm_ptr[0] != 0x03) && (tm_ptr[1] != 0xFF)) && ((tm_ptr[0] != 0xFF) && (tm_ptr[1] != 0x48)) ) + //{ + // printf("crypto_standalone_tm_process - SPP loop error, expected idle packet or frame! tm_ptr = 0x%02x%02x \n", tm_ptr[0], tm_ptr[1]); + //} tm_process_len = 0; } } From 49039bf44f958c70a3e804bee9758d9af295df19 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Thu, 15 Jun 2023 08:38:11 -0400 Subject: [PATCH 41/46] [nasa/cryptolib#164] Added TC debug toggle command to standalone for demonstration purposes; --- support/standalone/standalone.c | 44 ++++++++++++++++++++++++++------- support/standalone/standalone.h | 1 + 2 files changed, 36 insertions(+), 9 deletions(-) diff --git a/support/standalone/standalone.c b/support/standalone/standalone.c index cb7b66fc..719c78e1 100644 --- a/support/standalone/standalone.c +++ b/support/standalone/standalone.c @@ -30,6 +30,7 @@ static volatile uint8_t keepRunning = CRYPTO_LIB_SUCCESS; static volatile uint8_t tc_seq_num = 0; static volatile uint8_t tc_vcid = CRYPTO_STANDALONE_FRAMING_VCID; +static volatile uint8_t tc_debug = 0; /* @@ -61,10 +62,11 @@ void crypto_standalone_print_help(void) { printf(CRYPTO_PROMPT "command [args]\n" "----------------------------------------------------------------------\n" - "help - Display help \n" "exit - Exit app \n" + "help - Display help \n" "noop - No operation command to device \n" "reset - Reset CryptoLib \n" + "tc - Toggle TC debug prints \n" "vcid # - Change active TC virtual channel \n" "\n" ); @@ -98,6 +100,10 @@ int32_t crypto_standalone_get_command(const char* str) { status = CRYPTO_CMD_VCID; } + else if(strcmp(lcmd, "tc") == 0) + { + status = CRYPTO_CMD_TC_DEBUG; + } return status; } @@ -167,6 +173,22 @@ int32_t crypto_standalone_process_command(int32_t cc, int32_t num_tokens, char* } } break; + + case CRYPTO_CMD_TC_DEBUG: + if (crypto_standalone_check_number_arguments(num_tokens, 0) == CRYPTO_LIB_SUCCESS) + { + if (tc_debug == 0) + { + tc_debug = 1; + printf("Enabled TC debug prints! \n"); + } + else + { + tc_debug = 1; + printf("Disabled TC debug prints! \n"); + } + } + break; default: printf("Invalid command format, type 'help' for more info\n"); @@ -287,14 +309,15 @@ void* crypto_standalone_tc_apply(void* sock) if (status != -1) { tc_in_len = status; - #ifdef CRYPTO_STANDALONE_TC_APPLY_DEBUG + if (tc_debug == 1) + { printf("crypto_standalone_tc_apply - received[%d]: 0x", tc_in_len); for(int i = 0; i < status; i++) { printf("%02x", tc_apply_in[i]); } printf("\n"); - #endif + } /* Frame */ #ifdef CRYPTO_STANDALONE_HANDLE_FRAMING @@ -302,28 +325,30 @@ void* crypto_standalone_tc_apply(void* sock) memcpy(tc_apply_in, tc_framed, tc_out_len); tc_in_len = tc_out_len; tc_out_len = 0; - #ifdef CRYPTO_STANDALONE_TC_APPLY_DEBUG + if (tc_debug == 1) + { printf("crypto_standalone_tc_apply - framed[%d]: 0x", tc_in_len); for(int i = 0; i < tc_in_len; i++) { printf("%02x", tc_apply_in[i]); } printf("\n"); - #endif + } #endif /* Process */ status = Crypto_TC_ApplySecurity(tc_apply_in, tc_in_len, &tc_out_ptr, &tc_out_len); if (status == CRYPTO_LIB_SUCCESS) { - #ifdef CRYPTO_STANDALONE_TC_APPLY_DEBUG + if (tc_debug == 1) + { printf("crypto_standalone_tc_apply - status = %d, encrypted[%d]: 0x", status, tc_out_len); for(int i = 0; i < tc_out_len; i++) { printf("%02x", tc_out_ptr[i]); } printf("\n"); - #endif + } /* Reply */ status = sendto(tc_sock->sockfd, tc_out_ptr, tc_out_len, 0, (struct sockaddr*) &fwd_addr, sizeof(fwd_addr)); @@ -342,9 +367,10 @@ void* crypto_standalone_tc_apply(void* sock) tc_in_len = 0; tc_out_len = 0; free(tc_out_ptr); - #ifdef CRYPTO_STANDALONE_TC_APPLY_DEBUG + if (tc_debug == 1) + { printf("\n"); - #endif + } } /* Delay */ diff --git a/support/standalone/standalone.h b/support/standalone/standalone.h index 91447fc1..2ba8addf 100644 --- a/support/standalone/standalone.h +++ b/support/standalone/standalone.h @@ -72,6 +72,7 @@ extern "C" #define CRYPTO_CMD_NOOP 2 #define CRYPTO_CMD_RESET 3 #define CRYPTO_CMD_VCID 4 +#define CRYPTO_CMD_TC_DEBUG 5 /* From 98fcb56704c331457f26f184d10ceb81b0a1540d Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 21 Jun 2023 13:21:27 -0400 Subject: [PATCH 42/46] [nasa/cryptolib#164] Updates to support NULL IV scenarios via Crypto_Config_CryptoLib; --- include/crypto.h | 5 +- include/crypto_config.h | 2 +- include/crypto_config_structs.h | 6 ++ src/core/crypto_config.c | 16 +++-- src/core/crypto_tc.c | 19 ++--- test/kmc/ut_kmc_crypto.c | 30 +++++--- test/kmc/ut_kmc_crypto_auth_only.c | 27 ++++--- test/kmc/ut_kmc_crypto_cam.c | 30 +++++--- test/kmc/ut_kmc_crypto_with_mtls_sadb.c | 11 +-- test/kmc/ut_mariadb.c | 24 ++++--- test/kmc/ut_tc_kmc.c | 66 +++++++++++------ test/performance/pt_auth_as.c | 72 ++++++++++++------- test/performance/pt_auth_enc_as.c | 54 +++++++++----- test/performance/pt_auth_enc_ps.c | 72 ++++++++++++------- test/unit/et_dt_validation.c | 90 ++++++++++++++++-------- test/unit/ut_crypto.c | 47 ++----------- test/unit/ut_mysql_m_tls_connection.c | 3 +- test/unit/ut_mysql_tls_connection.c | 3 +- test/unit/ut_sadb_err_cases_kmc_crypto.c | 12 ++-- test/unit/ut_tc_apply.c | 68 +++++++++++------- test/unit/ut_tc_process.c | 33 ++++++--- test/unit/ut_tm_apply.c | 41 ++++++++--- test/unit/ut_tm_process.c | 46 ++++++++---- 23 files changed, 492 insertions(+), 285 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 8c3497e3..f1f3d2b1 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -58,8 +58,9 @@ */ // Crypto Library Configuration functions -extern int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t sadb_type, uint8_t cryptography_type, uint8_t crypto_create_fecf, - uint8_t process_sdls_pdus, uint8_t has_pus_hdr, uint8_t ignore_sa_state, uint8_t ignore_anti_replay, +extern int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t sadb_type, uint8_t cryptography_type, + uint8_t iv_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus, + uint8_t has_pus_hdr, uint8_t ignore_sa_state, uint8_t ignore_anti_replay, uint8_t unique_sa_per_mapid, uint8_t crypto_check_fecf, uint8_t vcid_bitmask, uint8_t crypto_increment_nontransmitted_iv); extern int32_t Crypto_Config_MariaDB(char* mysql_hostname, char* mysql_database, uint16_t mysql_port, diff --git a/include/crypto_config.h b/include/crypto_config.h index b3307cc5..a6678f19 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -121,7 +121,7 @@ #define FECF_SIZE 2 #define SEGMENT_HDR_SIZE 1 #define ECS_SIZE 4 /* bytes */ -#define ABM_SIZE 1024 // 20 /* bytes */ +#define ABM_SIZE 1786 // 20 /* bytes */ #define ARSN_SIZE 20 /* total messages */ #define ARSNW_SIZE 1 /* bytes */ #define SN_SIZE 0 diff --git a/include/crypto_config_structs.h b/include/crypto_config_structs.h index 0fc5d691..811714b0 100644 --- a/include/crypto_config_structs.h +++ b/include/crypto_config_structs.h @@ -45,6 +45,11 @@ typedef enum } CryptographyType; // gvcid managed parameter enums typedef enum +{ + IV_INTERNAL, + IV_CRYPTO_MODULE +} IvType; +typedef enum { TC_NO_FECF, TC_HAS_FECF, @@ -155,6 +160,7 @@ typedef struct KeyType key_type; SadbType sadb_type; CryptographyType cryptography_type; + IvType iv_type; // Whether or not CryptoLib should generate the IV CreateFecfBool crypto_create_fecf; // Whether or not CryptoLib is expected to calculate TC FECFs and return // payloads with the FECF TcProcessSdlsPdus process_sdls_pdus; // Config to process SDLS extended procedure PDUs in CryptoLib diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 9864fc58..21e76095 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -53,9 +53,11 @@ int32_t crypto_free_config_structs(void); int32_t Crypto_Init_TC_Unit_Test(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, + TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, + TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, + SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TC Tests Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -71,7 +73,8 @@ int32_t Crypto_Init_TC_Unit_Test(void) int32_t Crypto_Init_TM_Unit_Test(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TM_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TM Tests @@ -271,6 +274,7 @@ int32_t Crypto_Shutdown(void) * @brief Function: Crypto_Config_CryptoLib * @param key_type: uint8 * @param sadb_type: uint8 + * @param iv_type: uint8 * @param crypto_create_fecf: uint8 * @param process_sdls_pdus: uint8 * @param has_pus_hdr: uint8 @@ -281,7 +285,8 @@ int32_t Crypto_Shutdown(void) * @param vcid_bitmask: uint8 * @return int32: Success/Failure **/ -int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t sadb_type, uint8_t cryptography_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus, +int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t sadb_type, uint8_t cryptography_type, + uint8_t iv_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus, uint8_t has_pus_hdr, uint8_t ignore_sa_state, uint8_t ignore_anti_replay, uint8_t unique_sa_per_mapid, uint8_t crypto_check_fecf, uint8_t vcid_bitmask, uint8_t crypto_increment_nontransmitted_iv) { @@ -290,6 +295,7 @@ int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t sadb_type, uint8_t cry crypto_config->key_type = key_type; crypto_config->sadb_type = sadb_type; crypto_config->cryptography_type = cryptography_type; + crypto_config->iv_type = iv_type; crypto_config->crypto_create_fecf = crypto_create_fecf; crypto_config->process_sdls_pdus = process_sdls_pdus; crypto_config->has_pus_hdr = has_pus_hdr; diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 8f64224e..9b46ac7d 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -454,7 +454,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in } } - if (sa_ptr->iv_len > 0) + if (crypto_config->iv_type == IV_INTERNAL) { // Start index from the transmitted portion for (i = sa_ptr->iv_len - sa_ptr->shivf_len; i < sa_ptr->iv_len; i++) @@ -463,11 +463,11 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in index++; } } - // IV is NULL + // IV is NULL / IV_CRYPTO_MODULE else { // Transmitted length > 0, AND using KMC_CRYPTO - if ((sa_ptr->shivf_len > 0) && crypto_config->cryptography_type == CRYPTOGRAPHY_TYPE_KMCCRYPTO) + if ((sa_ptr->shivf_len > 0) && (crypto_config->cryptography_type == CRYPTOGRAPHY_TYPE_KMCCRYPTO)) { index += sa_ptr->iv_len - (sa_ptr->iv_len - sa_ptr->shivf_len); } @@ -1342,7 +1342,7 @@ uint8_t* Crypto_Prepare_TC_AAD(uint8_t* buffer, uint16_t len_aad, uint8_t* abm_b **/ static int32_t crypto_tc_validate_sa(SecurityAssociation_t *sa) { - if (sa->shivf_len > 0 && sa->iv == NULL && crypto_config->cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) + if (sa->shivf_len > 0 && crypto_config->iv_type == IV_CRYPTO_MODULE && crypto_config->cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) { return CRYPTO_LIB_ERR_NULL_IV; } @@ -1350,23 +1350,18 @@ static int32_t crypto_tc_validate_sa(SecurityAssociation_t *sa) { return CRYPTO_LIB_ERR_IV_LEN_SHORTER_THAN_SEC_HEADER_LENGTH; } - if (sa->iv_len > 0 && sa->iv == NULL && crypto_config->cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) + if (sa->iv_len > 0 && crypto_config->iv_type == IV_CRYPTO_MODULE && crypto_config->cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) { return CRYPTO_LIB_ERR_NULL_IV; } - - if (sa->shsnf_len > 0 && sa->arsn == NULL) + if (crypto_config->iv_type == IV_CRYPTO_MODULE && crypto_config->cryptography_type == CRYPTOGRAPHY_TYPE_LIBGCRYPT) { - return CRYPTO_LIB_ERR_NULL_ARSN; + return CRYPTO_LIB_ERR_NULL_IV; } if (sa->arsn_len - sa->shsnf_len < 0) { return CRYPTO_LIB_ERR_ARSN_LEN_SHORTER_THAN_SEC_HEADER_LENGTH; } - if (sa->arsn_len > 0 && sa->arsn == NULL) - { - return CRYPTO_LIB_ERR_NULL_ARSN; - } return CRYPTO_LIB_SUCCESS; } diff --git a/test/kmc/ut_kmc_crypto.c b/test/kmc/ut_kmc_crypto.c index 3655609e..35a91932 100644 --- a/test/kmc/ut_kmc_crypto.c +++ b/test/kmc/ut_kmc_crypto.c @@ -45,7 +45,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -94,7 +95,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) //UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_ONLY) //{ // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("sadb_user", "sadb_password", "localhost","sadb", 3306, CRYPTO_FALSE, NULL, NULL, NULL, NULL, 0, NULL); @@ -144,7 +146,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -196,7 +199,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -255,7 +259,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) //UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_ONLY) //{ // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("sadb_user", "sadb_password", "localhost","sadb", 3306, CRYPTO_FALSE, NULL, NULL, NULL, NULL, 0, NULL); @@ -315,7 +320,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -376,7 +382,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -425,7 +432,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -483,7 +491,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // UTEST(KMC_CRYPTO, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -533,7 +542,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // UTEST(KMC_CRYPTO, UNHAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_32BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); diff --git a/test/kmc/ut_kmc_crypto_auth_only.c b/test/kmc/ut_kmc_crypto_auth_only.c index f9d35260..d92c1115 100644 --- a/test/kmc/ut_kmc_crypto_auth_only.c +++ b/test/kmc/ut_kmc_crypto_auth_only.c @@ -45,7 +45,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -94,7 +95,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_CMAC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -151,7 +153,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_CMAC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_LARGE_FRM_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -197,7 +200,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_LARGE_FRM_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC256_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -247,7 +251,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC256_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC256_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -302,7 +307,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC256_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -351,7 +357,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC512_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -407,7 +414,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC512_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -457,7 +465,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); diff --git a/test/kmc/ut_kmc_crypto_cam.c b/test/kmc/ut_kmc_crypto_cam.c index fb2e8f70..db6f2f13 100644 --- a/test/kmc/ut_kmc_crypto_cam.c +++ b/test/kmc/ut_kmc_crypto_cam.c @@ -33,7 +33,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS_KEYTAB_FILE) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -92,7 +93,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS_KEYTAB_FILE) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -154,7 +156,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -215,7 +218,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -277,7 +281,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -348,7 +353,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -419,7 +425,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -475,7 +482,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -540,7 +548,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -597,7 +606,8 @@ UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8 UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_32BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", diff --git a/test/kmc/ut_kmc_crypto_with_mtls_sadb.c b/test/kmc/ut_kmc_crypto_with_mtls_sadb.c index 36325fb6..a568a952 100644 --- a/test/kmc/ut_kmc_crypto_with_mtls_sadb.c +++ b/test/kmc/ut_kmc_crypto_with_mtls_sadb.c @@ -44,7 +44,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_MTLS) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -93,7 +94,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_MTLS) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_TLS) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -141,7 +143,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_TLS) UTEST(KMC_CRYPTO, SADB_BAD_USER_NAME) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + (KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "bad_user_name", NULL); @@ -160,7 +162,8 @@ UTEST(KMC_CRYPTO, SADB_BAD_USER_NAME) UTEST(KMC_CRYPTO, SADB_BAD_PASSWORD) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", "bad_password"); diff --git a/test/kmc/ut_mariadb.c b/test/kmc/ut_mariadb.c index d99ec163..a363f69a 100644 --- a/test/kmc/ut_mariadb.c +++ b/test/kmc/ut_mariadb.c @@ -93,7 +93,8 @@ UTEST(MARIA_DB, DB_CONNECT) ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -131,7 +132,8 @@ UTEST(MARIA_DB, HAPPY_PATH_ENC) ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -182,7 +184,8 @@ UTEST(MARIA_DB, HAPPY_PATH_AUTH_ENC) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -242,7 +245,8 @@ UTEST(MARIA_DB, AUTH_DECRYPTION_TEST) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -294,7 +298,8 @@ UTEST(MARIA_DB, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -377,7 +382,8 @@ UTEST(MARIA_DB, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -461,7 +467,8 @@ UTEST(MARIA_DB, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -567,7 +574,8 @@ UTEST(MARIA_DB, BAD_SPACE_CRAFT_ID) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); diff --git a/test/kmc/ut_tc_kmc.c b/test/kmc/ut_tc_kmc.c index b5597976..ace62a0f 100644 --- a/test/kmc/ut_tc_kmc.c +++ b/test/kmc/ut_tc_kmc.c @@ -120,7 +120,8 @@ void MDB_DB_RESET() UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -180,7 +181,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -239,7 +241,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_16BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -300,7 +303,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_16BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_MAX) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -347,7 +351,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_MAX) UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_TOO_BIG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -392,7 +397,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_TOO_BIG) UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -446,7 +452,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_NULL_IV) UTEST(TC_APPLY_SECURITY, ENC_GCM_KMC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -501,7 +508,8 @@ UTEST(TC_APPLY_SECURITY, ENC_GCM_KMC_NULL_IV) UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_MDB_KMC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -537,7 +545,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_MDB_KMC) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_1BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -584,7 +593,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_1BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_16BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -632,7 +642,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_16BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_MAX) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -677,7 +688,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_MAX) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_TOO_BIG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -723,7 +735,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_TOO_BIG) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -760,7 +773,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_NULL_IV) **/ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_KMC) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -818,7 +832,8 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_KMC) **/ UTEST(TC_PROCESS, DECRYPT_CBC_KMC_1B) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -876,7 +891,8 @@ UTEST(TC_PROCESS, DECRYPT_CBC_KMC_1B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_KMC_16B) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -934,7 +950,8 @@ UTEST(TC_PROCESS, DECRYPT_CBC_KMC_16B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_KMC_NULL_IV) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -975,7 +992,8 @@ UTEST(TC_PROCESS, DECRYPT_CBC_KMC_NULL_IV) UTEST(TC_PROCESS, DECRYPT_GCM_KMC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -1027,7 +1045,8 @@ UTEST(TC_PROCESS, DECRYPT_GCM_KMC_NULL_IV) **/ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_MDB_KMC) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -1075,7 +1094,8 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_MDB_KMC) **/ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_1B) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -1121,7 +1141,8 @@ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_1B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_16B) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -1168,7 +1189,8 @@ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_16B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_NULL_IV) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); diff --git a/test/performance/pt_auth_as.c b/test/performance/pt_auth_as.c index 42f04c25..9e2902cb 100644 --- a/test/performance/pt_auth_as.c +++ b/test/performance/pt_auth_as.c @@ -105,7 +105,8 @@ double Apply_Security_Loop(uint8_t *frame, int frame_length, uint8_t *enc_frame, UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -153,7 +154,8 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -201,7 +203,8 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_100) UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -248,7 +251,8 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_100) UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -290,7 +294,8 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_100) UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -338,7 +343,8 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -386,7 +392,8 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_100) UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -433,7 +440,8 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_100) UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -475,7 +483,8 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_100) UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -523,7 +532,8 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -571,7 +581,8 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_100) UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -618,7 +629,8 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_100) UTEST(PERFORMANCE, MDB_KMC_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -660,7 +672,8 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_LONG_100) UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -708,7 +721,8 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -756,7 +770,8 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_1K) UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -803,7 +818,8 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_1K) UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -845,7 +861,8 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_1K) UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -893,7 +910,8 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -941,7 +959,8 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_1K) UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -988,7 +1007,8 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_1K) UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -1030,7 +1050,8 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_1K) UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -1078,7 +1099,8 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -1126,7 +1148,8 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_1K) UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -1173,7 +1196,8 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_1K) UTEST(PERFORMANCE, MDB_KMC_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); diff --git a/test/performance/pt_auth_enc_as.c b/test/performance/pt_auth_enc_as.c index cf4a9d7e..7ab4dbd9 100644 --- a/test/performance/pt_auth_enc_as.c +++ b/test/performance/pt_auth_enc_as.c @@ -148,7 +148,8 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -186,7 +187,8 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) UTEST(PERFORMANCE, LSA_KMC_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -223,7 +225,8 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_100) UTEST(PERFORMANCE, MDB_KMC_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -305,7 +308,8 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_100) UTEST(PERFORMANCE, MDB_LIBG_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -343,7 +347,8 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_100) UTEST(PERFORMANCE, LSA_KMC_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -379,7 +384,8 @@ UTEST(PERFORMANCE, LSA_KMC_MED_100) UTEST(PERFORMANCE, MDB_KMC_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -463,7 +469,8 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -500,7 +507,8 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_100) UTEST(PERFORMANCE, LSA_KMC_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -539,7 +547,8 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_100) UTEST(PERFORMANCE, MDB_KMC_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -624,7 +633,8 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_1000) UTEST(PERFORMANCE, MDB_LIBG_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -662,7 +672,8 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_1000) UTEST(PERFORMANCE, LSA_KMC_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -699,7 +710,8 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_1000) UTEST(PERFORMANCE, MDB_KMC_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -781,7 +793,8 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_1000) UTEST(PERFORMANCE, MDB_LIBG_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -819,7 +832,8 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_1000) UTEST(PERFORMANCE, LSA_KMC_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -855,7 +869,8 @@ UTEST(PERFORMANCE, LSA_KMC_MED_1000) UTEST(PERFORMANCE, MDB_KMC_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -939,7 +954,8 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_1000) UTEST(PERFORMANCE, MDB_LIBG_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -976,7 +992,8 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_1000) UTEST(PERFORMANCE, LSA_KMC_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -1016,7 +1033,8 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_1000) UTEST(PERFORMANCE, MDB_KMC_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); diff --git a/test/performance/pt_auth_enc_ps.c b/test/performance/pt_auth_enc_ps.c index c38b4fd2..4011bbc5 100644 --- a/test/performance/pt_auth_enc_ps.c +++ b/test/performance/pt_auth_enc_ps.c @@ -105,7 +105,8 @@ double Process_Security_Loop(char *data_b, int* data_l, TC_t* processed_frame, i UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -149,7 +150,8 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -181,7 +183,8 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) UTEST(PERFORMANCE, LSA_KMC_SHORT_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -225,7 +228,8 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_100) UTEST(PERFORMANCE, MDB_KMC_SHORT_100) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -262,7 +266,8 @@ UTEST(PERFORMANCE, MDB_KMC_SHORT_100) UTEST(PERFORMANCE, LSA_LIBG_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -306,7 +311,8 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_100) UTEST(PERFORMANCE, MDB_LIBG_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -340,7 +346,8 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_100) UTEST(PERFORMANCE, LSA_KMC_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -384,7 +391,8 @@ UTEST(PERFORMANCE, LSA_KMC_MED_100) UTEST(PERFORMANCE, MDB_KMC_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -421,7 +429,8 @@ UTEST(PERFORMANCE, MDB_KMC_MED_100) UTEST(PERFORMANCE, LSA_LIBG_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -465,7 +474,8 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -499,7 +509,8 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_100) UTEST(PERFORMANCE, LSA_KMC_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -543,7 +554,8 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_100) UTEST(PERFORMANCE, MDB_KMC_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -580,7 +592,8 @@ UTEST(PERFORMANCE, MDB_KMC_LONG_100) UTEST(PERFORMANCE, LSA_LIBG_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -624,7 +637,8 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_1K) UTEST(PERFORMANCE, MDB_LIBG_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -656,7 +670,8 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_1K) UTEST(PERFORMANCE, LSA_KMC_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -700,7 +715,8 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_1K) UTEST(PERFORMANCE, MDB_KMC_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -737,7 +753,8 @@ UTEST(PERFORMANCE, MDB_KMC_SHORT_1K) UTEST(PERFORMANCE, LSA_LIBG_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -781,7 +798,8 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_1K) UTEST(PERFORMANCE, MDB_LIBG_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -815,7 +833,8 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_1K) UTEST(PERFORMANCE, LSA_KMC_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -859,7 +878,8 @@ UTEST(PERFORMANCE, LSA_KMC_MED_1K) UTEST(PERFORMANCE, MDB_KMC_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -896,7 +916,8 @@ UTEST(PERFORMANCE, MDB_KMC_MED_1K) UTEST(PERFORMANCE, LSA_LIBG_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -940,7 +961,8 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_1K) UTEST(PERFORMANCE, MDB_LIBG_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -974,7 +996,8 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_1K) UTEST(PERFORMANCE, LSA_KMC_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -1017,7 +1040,8 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_1K) UTEST(PERFORMANCE, MDB_KMC_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); diff --git a/test/unit/et_dt_validation.c b/test/unit/et_dt_validation.c index c1b8c38b..6619c97b 100644 --- a/test/unit/et_dt_validation.c +++ b/test/unit/et_dt_validation.c @@ -324,7 +324,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib // Crypto_Init_TC_Unit_Test(); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -397,7 +398,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -476,7 +478,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -547,7 +550,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -624,7 +628,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -696,7 +701,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -771,7 +777,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -843,7 +850,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -918,7 +926,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -990,7 +999,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1076,7 +1086,8 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1163,7 +1174,8 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1245,7 +1257,8 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) { // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1369,7 +1382,8 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_DATA) { // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1470,7 +1484,8 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_MAC) { // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1572,7 +1587,8 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1661,7 +1677,8 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1747,7 +1764,8 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) { uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1840,7 +1858,8 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) { uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1931,7 +1950,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2019,7 +2039,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2106,7 +2127,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) uint16_t enc_frame_len = 0; int32_t status; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2197,7 +2219,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) uint16_t enc_frame_len = 0; int32_t status; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2286,7 +2309,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2377,7 +2401,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2465,7 +2490,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) { int32_t status = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2553,7 +2579,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) { int32_t status = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2643,7 +2670,8 @@ UTEST(PLAINTEXT, ENCRYPT_DECRYPT) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_TRUE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2680,7 +2708,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_SHORT_KEY) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2759,7 +2788,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_SHORT_KEY) int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 286fece2..290ae125 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -53,7 +53,8 @@ UTEST(CRYPTO_C, CALC_CRC16) UTEST(CRYPTO_C, BAD_CC_FLAG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -86,7 +87,8 @@ UTEST(CRYPTO_C, PDU_SWITCH) { int32_t status = CRYPTO_LIB_ERROR; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -263,47 +265,6 @@ UTEST(CRYPTO_C, EXT_PROC_PDU) ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } -/* - * @brief Unit Test: Test that an SA set to use IV/ARSN without mallocing doesn't segfault and returns an error - **/ -UTEST(INVALID_SA_CONFIGS, INVALID_IV_ARSN) -{ - int32_t status = CRYPTO_LIB_ERROR; - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_TRUE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); - Crypto_Init(); - - char* jpl_frame_pt_h = "2003001c00ff000100001880d03e000a197f0b000300020093d4ba21c4555555555555"; - uint8_t* jpl_frame_pt_b = NULL; - int jpl_frame_pt_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - sadb_routine->sadb_get_sa_from_spi(1, &test_association); - - // Convert input jpl frame - hex_conversion(jpl_frame_pt_h, (char**) &jpl_frame_pt_b, &jpl_frame_pt_len); - - // Should fail, as SA will be set to use ARSN, but ARSN pointer is NULL - test_association->arsn_len = 0; - status = Crypto_TC_ApplySecurity(jpl_frame_pt_b, jpl_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_ERR_NULL_ARSN, status); - - // Should fail, as SA will be set to use IV, but IV pointer is NULL - test_association->iv_len = 0; - test_association->shivf_len = 12; - status = Crypto_TC_ApplySecurity(jpl_frame_pt_b, jpl_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_ERR_NULL_IV, status); - free(test_association); -} - /** * @brief Unit Test: Crypto ACS Get Algorithm response **/ diff --git a/test/unit/ut_mysql_m_tls_connection.c b/test/unit/ut_mysql_m_tls_connection.c index 2b0ea864..7ca5c41f 100644 --- a/test/unit/ut_mysql_m_tls_connection.c +++ b/test/unit/ut_mysql_m_tls_connection.c @@ -129,7 +129,8 @@ UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) { int32_t Crypto_Init_TC_Unit_Test_For_DB(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_mysql_tls_connection.c b/test/unit/ut_mysql_tls_connection.c index e2ecd332..e34feb45 100644 --- a/test/unit/ut_mysql_tls_connection.c +++ b/test/unit/ut_mysql_tls_connection.c @@ -113,7 +113,8 @@ UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) { int32_t Crypto_Init_TC_Unit_Test_For_DB(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_sadb_err_cases_kmc_crypto.c b/test/unit/ut_sadb_err_cases_kmc_crypto.c index 6adc5dda..c033b19e 100644 --- a/test/unit/ut_sadb_err_cases_kmc_crypto.c +++ b/test/unit/ut_sadb_err_cases_kmc_crypto.c @@ -45,7 +45,8 @@ UTEST(KMC_CRYPTO, ONLY_KEYED_SA_AVAILABLE_FOR_GVCID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -96,7 +97,8 @@ UTEST(KMC_CRYPTO, ONLY_KEYED_SA_AVAILABLE_FOR_GVCID) UTEST(KMC_CRYPTO, ONLY_UNKEYED_SA_AVAILABLE_FOR_GVCID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -147,7 +149,8 @@ UTEST(KMC_CRYPTO, ONLY_UNKEYED_SA_AVAILABLE_FOR_GVCID) UTEST(KMC_CRYPTO, NULL_EKID_BLANK_ECS_ERROR) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -198,7 +201,8 @@ UTEST(KMC_CRYPTO, NULL_EKID_BLANK_ECS_ERROR) UTEST(KMC_CRYPTO, INVALID_ABM_LENGTH_FOR_FRAME_WITH_SEG_HEADERS) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); diff --git a/test/unit/ut_tc_apply.c b/test/unit/ut_tc_apply.c index 2aa463ae..e0c21876 100644 --- a/test/unit/ut_tc_apply.c +++ b/test/unit/ut_tc_apply.c @@ -38,7 +38,8 @@ UTEST(TC_APPLY_SECURITY, NO_CRYPTO_INIT) int raw_tc_sdls_ping_len = 0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -300,7 +301,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_IV_ROLLOVE UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -379,7 +381,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -479,7 +482,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLO UTEST(TC_APPLY_SECURITY, BAD_SPACE_CRAFT_ID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -510,7 +514,8 @@ UTEST(TC_APPLY_SECURITY, BAD_SPACE_CRAFT_ID) UTEST(TC_APPLY_SECURITY, BAD_VIRTUAL_CHANNEL_ID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -542,7 +547,8 @@ UTEST(TC_APPLY_SECURITY, BAD_VIRTUAL_CHANNEL_ID) UTEST(TC_APPLY_SECURITY, NULL_BUFFER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -577,7 +583,8 @@ UTEST(TC_APPLY_SECURITY, INVALID_FRAME_SIZE) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -624,7 +631,8 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -657,7 +665,8 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENG uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -690,7 +699,8 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENG UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -751,7 +761,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_16BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -814,7 +825,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_16BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_MAX) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -861,7 +873,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_MAX) UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_TOO_BIG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -904,7 +917,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_TOO_BIG) UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP_1) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -976,9 +990,11 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP_1) UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, + TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, + TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, + SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1045,9 +1061,11 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, + TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, + TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, + SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1073,7 +1091,8 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t enc_frame[2048]; + uint8_t* ptr_enc_frame = &enc_frame[0]; uint16_t enc_frame_len = 0; SecurityAssociation_t* test_association; @@ -1087,8 +1106,9 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) test_association->arsn_len = 0; test_association->iv_len = 16; test_association->shivf_len = 16; - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, + &ptr_enc_frame, &enc_frame_len); + ASSERT_EQ(CRYPTO_LIB_ERR_NULL_IV, return_val); char* truth_data_h = "200300260000000BFFEEDDCCBBAA00000000000001BD8722C9D22E0CB109AC402748F672067D37"; @@ -1096,6 +1116,7 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) int truth_data_l = 0; hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); + printf("Received Encrypted Frame of length %d bytes:\n\t", enc_frame_len); for(int i = 0; i < enc_frame_len; i++) { @@ -1107,7 +1128,6 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) Crypto_Shutdown(); free(truth_data_b); free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); } diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index e46e80d0..18cdb910 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -34,7 +34,8 @@ UTEST(TC_PROCESS, EXERCISE_IV) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -148,7 +149,8 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -270,7 +272,8 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -358,7 +361,8 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -469,7 +473,8 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -558,7 +563,8 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) { int32_t status = CRYPTO_LIB_SUCCESS; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -599,7 +605,8 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENGTH_HEAD { int32_t status = CRYPTO_LIB_SUCCESS; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -638,7 +645,8 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENGTH_HEAD UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -699,7 +707,8 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC) **/ UTEST(TC_PROCESS, DECRYPT_CBC_1B) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -762,7 +771,8 @@ UTEST(TC_PROCESS, DECRYPT_CBC_1B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_16B) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -827,7 +837,8 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index 422aa116..cc59c94c 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -43,7 +43,8 @@ UTEST(TM_APPLY_SECURITY, NO_CRYPTO_INIT) hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_HAS_SECONDARY_HDR , 1786); @@ -191,7 +192,8 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_NO_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -352,7 +354,9 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->ecs_len = 1; sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -392,7 +396,8 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -432,6 +437,8 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -480,7 +487,8 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -521,6 +529,8 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -568,7 +578,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -608,6 +619,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -655,7 +668,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -695,6 +709,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -742,7 +758,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -783,6 +800,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -834,7 +853,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -875,6 +895,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -922,7 +944,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) UTEST(TM_APPLY_ENC_VAL, AES_GCM_BITMASK_1) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 00ea5d59..5070374d 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -42,7 +42,8 @@ UTEST(TM_PROCESS_SECURITY, NO_CRYPTO_INIT) char* framed_tm_b = NULL; hex_conversion(framed_tm_h, &framed_tm_b, (int *)&framed_tm_len); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_HAS_SECONDARY_HDR , 1786); @@ -241,25 +242,26 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters, ¤t_managed_parameters); + //status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + // gvcid_managed_parameters, ¤t_managed_parameters); status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with for(int i=0; i < current_managed_parameters->max_frame_size; i++) { - // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); } @@ -282,7 +284,8 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -315,13 +318,14 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -373,7 +377,8 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -414,6 +419,8 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -464,7 +471,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -504,6 +512,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -554,7 +564,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -594,6 +605,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -644,7 +657,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -685,6 +699,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -739,7 +755,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -780,6 +797,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -834,7 +853,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) // SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); From 64343c0eba203eeec5cd830d72fd93dda6fd16a2 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 21 Jun 2023 13:46:51 -0400 Subject: [PATCH 43/46] [nasa/cryptolib#164] Update CI to include test build flags and sa/mariadb to avoid freeing data; --- .github/workflows/build.yml | 12 ++++----- .../mariadb/sadb_routine_mariadb.template.c | 26 +++---------------- 2 files changed, 9 insertions(+), 29 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e771482d..404245be 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -24,7 +24,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 - name: Build # Build your program with the given configuration @@ -49,7 +49,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 - name: Build # Build your program with the given configuration @@ -75,7 +75,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 - name: Build # Build your program with the given configuration @@ -101,7 +101,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 - name: Build # Build your program with the given configuration @@ -127,7 +127,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 -DTEST=1 -DTEST_ENC=1 - name: Build # Build your program with the given configuration @@ -153,7 +153,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 -DTEST=1 -DTEST_ENC=1 - name: Build # Build your program with the given configuration diff --git a/src/sa/mariadb/sadb_routine_mariadb.template.c b/src/sa/mariadb/sadb_routine_mariadb.template.c index 9e199cba..8d1cdbba 100644 --- a/src/sa/mariadb/sadb_routine_mariadb.template.c +++ b/src/sa/mariadb/sadb_routine_mariadb.template.c @@ -252,18 +252,8 @@ static int32_t sadb_save_sa(SecurityAssociation_t* sa) // todo - if query fails, need to push failure message to error stack instead of just return code. // We free the allocated SA memory in the save function. - if (sa->iv != NULL) - free(sa->iv); - if (sa->abm != NULL) - free(sa->abm); - if (sa->arsn != NULL) - free(sa->arsn); if (sa->ek_ref != NULL) free(sa->ek_ref); - if (sa->ecs != NULL) - free(sa->ecs); - if (sa->acs != NULL) - free(sa->acs); if (sa->ak_ref != NULL) free(sa->ak_ref); free(sa); @@ -525,25 +515,15 @@ static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** se } // printf("\n"); } - if (iv_byte_str == NULL){ - sa->iv = NULL; - } - else{ - sa->iv = (uint8_t* )calloc(1, sa->iv_len * sizeof(uint8_t)); - } - - sa->arsn = (uint8_t* )calloc(1, sa->arsn_len * sizeof(uint8_t)); - sa->abm = (uint8_t* )calloc(1, sa->abm_len * sizeof(uint8_t)); - sa->ecs = (uint8_t* )calloc(1, sa->ecs_len * sizeof(uint8_t)); - sa->acs = (uint8_t* )calloc(1, sa->acs_len * sizeof(uint8_t)); + if(iv_byte_str != NULL){ if(sa->iv_len > 0) convert_hexstring_to_byte_array(iv_byte_str, sa->iv); } if(sa->arsn_len > 0) convert_hexstring_to_byte_array(arc_byte_str, sa->arsn); if(sa->abm_len > 0) convert_hexstring_to_byte_array(abm_byte_str, sa->abm); - if(sa->ecs_len > 0) convert_hexstring_to_byte_array(ecs_byte_str, sa->ecs); - if(sa->acs_len > 0) convert_hexstring_to_byte_array(acs_byte_str, sa->acs); + if(sa->ecs_len > 0) convert_hexstring_to_byte_array(ecs_byte_str, &sa->ecs); + if(sa->acs_len > 0) convert_hexstring_to_byte_array(acs_byte_str, &sa->acs); //arsnw_len is not necessary for mariadb interface, putty dummy/default value for prints. sa->arsnw_len = 1; From 9475297f955d537025be58b3c979a641746ae1c9 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 21 Jun 2023 13:49:52 -0400 Subject: [PATCH 44/46] [nasa/cryptolib#164] Removed additional flag for enc_test since it requried pycryptodome that wasn't installed; --- .github/workflows/build.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 404245be..a3dcb2fa 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -24,7 +24,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - name: Build # Build your program with the given configuration @@ -49,7 +49,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - name: Build # Build your program with the given configuration @@ -75,7 +75,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - name: Build # Build your program with the given configuration @@ -101,7 +101,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - name: Build # Build your program with the given configuration @@ -127,7 +127,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 -DTEST=1 -DTEST_ENC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 -DTEST=1 - name: Build # Build your program with the given configuration @@ -153,7 +153,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 -DTEST=1 -DTEST_ENC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 -DTEST=1 - name: Build # Build your program with the given configuration From 5d681e9d1d24701b83ed8063436c962471509da0 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 21 Jun 2023 14:19:41 -0400 Subject: [PATCH 45/46] [nasa/cryptolib#164] Change debug define for CRYPTO IS AEAD?; --- src/core/crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 42630aad..9f778fdc 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -72,7 +72,7 @@ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) // TODO - Add cipher suite mapping to which algorithms are AEAD and which are not. if((cipher_suite_id == CRYPTO_CIPHER_AES256_GCM) || (cipher_suite_id == CRYPTO_CIPHER_AES256_CBC_MAC)) { - #ifdef CRYPTO_DEBUG + #ifdef DEBUG printf(KYEL "CRYPTO IS AEAD? : TRUE\n" RESET); #endif return CRYPTO_TRUE; @@ -80,7 +80,7 @@ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) } else { - #ifdef CRYPTO_DEBUG + #ifdef DEBUG printf(KYEL "CRYPTO IS AEAD? : FALSE\n" RESET); #endif return CRYPTO_FALSE; From 0b113ddf11e9f760d440e5850435096ef025bd6f Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Wed, 21 Jun 2023 14:36:54 -0400 Subject: [PATCH 46/46] update Error Messages --- src/core/crypto_error.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index 22b02a92..374a9b98 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -67,6 +67,8 @@ char *crypto_enum_errlist_core[] = ,"CRYPTO_LIB_ERR_NULL_MODE_PTR" ,"CRYPTO_LIB_ERR_UNSUPPORTED_MODE" ,"CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TM_STANDARD" + ,"CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_TM_CONFIG" + ,"CRYPTO_LIB_ERR_KEY_ID_ERROR" }; char *crypto_enum_errlist_config[] =