From ea797cfb7471aaacabcee9bf66fd3cdf750b3939 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 14 Jun 2023 16:30:37 -0400 Subject: [PATCH 01/10] [nasa/cryptolib#164] First attempt to have pre-allocated fields in security association struct; --- .gitignore | 1 + include/crypto_structs.h | 16 +- src/core/crypto.c | 7 +- src/core/crypto_print.c | 18 +- src/core/crypto_tc.c | 76 ++++---- src/core/crypto_tm.c | 33 ++-- .../internal/sadb_routine_inmemory.template.c | 93 +++------- test/unit/et_dt_validation.c | 162 +++++------------- test/unit/ut_crypto.c | 80 +++++---- test/unit/ut_tc_apply.c | 13 +- test/unit/ut_tc_process.c | 114 +++--------- test/unit/ut_tm_apply.c | 63 ++----- test/unit/ut_tm_process.c | 63 ++----- 13 files changed, 237 insertions(+), 502 deletions(-) diff --git a/.gitignore b/.gitignore index 15422467..9a3b0fb7 100644 --- a/.gitignore +++ b/.gitignore @@ -14,3 +14,4 @@ __pycache__ build venv vgcore* +core.* diff --git a/include/crypto_structs.h b/include/crypto_structs.h index a978988a..4339fa6a 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -70,18 +70,18 @@ typedef struct uint8_t shsnf_len : 6; // Sec. Header SN Field Length uint8_t shplf_len : 2; // Sec. Header PL Field Length uint8_t stmacf_len : 8; // Sec. Trailer MAC Field Length - uint8_t* ecs; // Encryption Cipher Suite (algorithm / mode ID) + uint8_t ecs; // Encryption Cipher Suite (algorithm / mode ID) uint8_t ecs_len : 8; // Encryption Cipher Suite Length - uint8_t* iv; // Initialization Vector + uint8_t iv[IV_SIZE]; // Initialization Vector uint8_t iv_len; // Length of entire IV uint8_t acs_len : 8; // Authentication Cipher Suite Length - uint8_t* acs; // Authentication Cipher Suite (algorithm / mode ID) + uint8_t acs; // Authentication Cipher Suite (algorithm / mode ID) uint16_t abm_len : 16; // Authentication Bit Mask Length - uint8_t* abm; // Authentication Bit Mask (Primary Hdr. through Security Hdr.) - uint8_t arsn_len : 8; // Anti-Replay Seq Num Length - uint8_t* arsn; // Anti-Replay Seq Num - uint8_t arsnw_len : 8; // Anti-Replay Seq Num Window Length - uint16_t arsnw; // Anti-Replay Seq Num Window + uint8_t abm[ABM_SIZE]; // Authentication Bit Mask (Primary Hdr. through Security Hdr.) + uint8_t arsn_len : 8; // Anti-Replay Seq Num Length + uint8_t arsn[ARSN_SIZE];// Anti-Replay Seq Num + uint8_t arsnw_len : 8; // Anti-Replay Seq Num Window Length + uint16_t arsnw; // Anti-Replay Seq Num Window } SecurityAssociation_t; #define SA_SIZE (sizeof(SecurityAssociation_t)) diff --git a/src/core/crypto.c b/src/core/crypto.c index b9c1ac23..d23a1e21 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -848,7 +848,7 @@ int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t *sa_ptr, uint8_t *arsn, u } } // If IV is greater than zero and using GCM, check for replay - if ((sa_ptr->iv_len > 0) && *sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM) + if ((sa_ptr->iv_len > 0) && (sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM)) { // Check IV is in ARSNW if(crypto_config->crypto_increment_nontransmitted_iv == SA_INCREMENT_NONTRANSMITTED_IV_TRUE) @@ -890,7 +890,7 @@ int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t *sa_ptr, uint8_t *arsn, u // else{} // For GCM specifically, if have a valid IV... - if (*sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM && IV_VALID == CRYPTO_TRUE) + if ((sa_ptr->ecs == CRYPTO_CIPHER_AES256_GCM) && (IV_VALID == CRYPTO_TRUE)) { // Using ARSN? Need to be valid to increment both if (sa_ptr->arsn_len > 0 && ARSN_VALID == CRYPTO_TRUE) @@ -906,12 +906,11 @@ int32_t Crypto_Check_Anti_Replay(SecurityAssociation_t *sa_ptr, uint8_t *arsn, u } // If not GCM, and ARSN is valid - can incrmeent it - if (*sa_ptr->ecs != CRYPTO_CIPHER_AES256_GCM && ARSN_VALID == CRYPTO_TRUE) + if (sa_ptr->ecs != CRYPTO_CIPHER_AES256_GCM && ARSN_VALID == CRYPTO_TRUE) { memcpy(sa_ptr->arsn, arsn, sa_ptr->arsn_len); } - return status; } diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index 9a5d83fa..ae53c278 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -201,11 +201,11 @@ void Crypto_saPrint(SecurityAssociation_t* sa) printf("\t shplf_len = %d \n", sa->shplf_len); printf("\t stmacf_len = %d \n", sa->stmacf_len); printf("\t ecs_len = %d \n", sa->ecs_len); - if (sa->ecs != NULL) + if (sa->ecs_len > 0) { for (i = 0; i < sa->ecs_len; i++) { - printf("\t ecs[%d] = 0x%02x \n", i, *(sa->ecs + i)); + printf("\t ecs[%d] = 0x%02x \n", i, (sa->ecs + i)); } } printf("\t ekid = %d \n", sa->ekid); @@ -213,7 +213,7 @@ void Crypto_saPrint(SecurityAssociation_t* sa) printf("\t akid = %d \n", sa->akid); printf("\t ak_ref = %s \n", sa->ak_ref); printf("\t iv_len = %d \n", sa->shivf_len); - if (sa->iv != NULL) + if (sa->iv_len > 0) { for (i = 0; i < sa->iv_len; i++) { @@ -224,15 +224,9 @@ void Crypto_saPrint(SecurityAssociation_t* sa) printf("\t iv = %s \n", sa->iv); } printf("\t acs_len = %d \n", sa->acs_len); - if (sa->acs != NULL) - { - for (i = 0; i < sa->acs_len; i++) - { - printf("\t acs[%d] = 0x%02x \n", i, *(sa->acs + i)); - } - } + printf("\t acs = 0x%02x \n", sa->acs); printf("\t abm_len = %d \n", sa->abm_len); - if (sa->abm != NULL) + if (sa->abm_len > 0) { printf("\t abm = "); for (i = 0; i < sa->abm_len; i++) @@ -242,7 +236,7 @@ void Crypto_saPrint(SecurityAssociation_t* sa) printf("\n"); } printf("\t arsn_len = %d \n", sa->arsn_len); - if (sa->arsn != NULL) + if (sa->arsn_len > 0) { printf("\t arsn = "); for (i = 0; i < sa->arsn_len; i++) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 6c243d51..157055c8 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -218,9 +218,9 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly if (sa_service_type != SA_PLAINTEXT) { - if (sa_ptr->ecs != NULL) + if (sa_ptr->ecs != CRYPTO_CIPHER_NONE) { - encryption_cipher = *sa_ptr->ecs; + encryption_cipher = sa_ptr->ecs; #ifdef TC_DEBUG printf(KYEL "SA Encryption Cipher: %d\n", encryption_cipher); #endif @@ -298,7 +298,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in new_enc_frame_header_field_length = (*p_enc_frame_len) - 1; // Handle Padding, if necessary - if(*(sa_ptr->ecs) == CRYPTO_CIPHER_AES256_CBC) + if(sa_ptr->ecs == CRYPTO_CIPHER_AES256_CBC) { pkcs_padding = tf_payload_len % TC_BLOCK_SIZE; // Block Sizes of 16 @@ -436,25 +436,24 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in } #endif - if(sa_service_type != SA_PLAINTEXT && sa_ptr->ecs == NULL && sa_ptr->acs == NULL) - { - return CRYPTO_LIB_ERR_NULL_CIPHERS; - } + //if(sa_service_type != SA_PLAINTEXT) + //{ + // return CRYPTO_LIB_ERR_NULL_CIPHERS; + //} - if(sa_ptr->est == 0 && sa_ptr->ast == 1) + if((sa_ptr->est == 0) && (sa_ptr->ast == 1)) { - if(sa_ptr->acs !=NULL && sa_ptr->acs_len != 0) + if(sa_ptr->acs_len != 0) { - if((*(sa_ptr->acs) == CRYPTO_MAC_CMAC_AES256 || *(sa_ptr->acs) == CRYPTO_MAC_HMAC_SHA256 || *(sa_ptr->acs) == CRYPTO_MAC_HMAC_SHA512) && + if((sa_ptr->acs == CRYPTO_MAC_CMAC_AES256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA512) && sa_ptr->iv_len > 0 ) - { - return CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO; - } + { + return CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO; + } } - } + } - // Copy in IV from SA if not NULL and transmitted length > 0 - if (sa_ptr->iv != NULL) + if (sa_ptr->iv_len > 0) { // Start index from the transmitted portion for (i = sa_ptr->iv_len - sa_ptr->shivf_len; i < sa_ptr->iv_len; i++) @@ -601,7 +600,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in (uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input (size_t)tf_payload_len, // in data length NULL, // Using SA key reference, key is null - Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), // Length of key derived from sa_ptr key_ref + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // Length of key derived from sa_ptr key_ref sa_ptr, // SA (for key reference) sa_ptr->iv, // IV sa_ptr->iv_len, // IV Length @@ -612,8 +611,8 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in (sa_ptr->est==1), (sa_ptr->ast==1), (sa_ptr->ast==1), - sa_ptr->ecs, // encryption cipher - sa_ptr->acs, // authentication cipher + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher cam_cookies ); @@ -629,11 +628,11 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in (size_t)tf_payload_len, // in data length //new_frame_length, NULL, // Using SA key reference, key is null - Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), // Length of key derived from sa_ptr key_ref + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), // Length of key derived from sa_ptr key_ref sa_ptr, // SA (for key reference) sa_ptr->iv, // IV sa_ptr->iv_len, // IV Length - sa_ptr->ecs, // encryption cipher + &sa_ptr->ecs, // encryption cipher pkcs_padding, cam_cookies ); @@ -646,7 +645,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in (uint8_t*)(p_in_frame + TC_FRAME_HEADER_SIZE + segment_hdr_len), // plaintext input (size_t)tf_payload_len, // in data length NULL, // Using SA key reference, key is null - Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), sa_ptr, // SA (for key reference) sa_ptr->iv, // IV sa_ptr->iv_len, // IV Length @@ -654,8 +653,8 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in sa_ptr->stmacf_len, // tag size aad, // AAD Input aad_len, // Length of AAD - *sa_ptr->ecs, // encryption cipher - *sa_ptr->acs, // authentication cipher + sa_ptr->ecs, // encryption cipher + sa_ptr->acs, // authentication cipher cam_cookies ); } @@ -671,17 +670,17 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in #ifdef INCREMENT if (crypto_config->crypto_increment_nontransmitted_iv == SA_INCREMENT_NONTRANSMITTED_IV_TRUE) { - if(sa_ptr->shivf_len > 0 && sa_ptr->iv != NULL){ Crypto_increment(sa_ptr->iv, sa_ptr->iv_len); } + if(sa_ptr->shivf_len > 0 && sa_ptr->iv_len != 0){ Crypto_increment(sa_ptr->iv, sa_ptr->iv_len); } } else // SA_INCREMENT_NONTRANSMITTED_IV_FALSE { // Only increment the transmitted portion - if(sa_ptr->shivf_len > 0 && sa_ptr->iv != NULL){ Crypto_increment(sa_ptr->iv+(sa_ptr->iv_len-sa_ptr->shivf_len), sa_ptr->shivf_len); } + if(sa_ptr->shivf_len > 0 && sa_ptr->iv_len != 0){ Crypto_increment(sa_ptr->iv+(sa_ptr->iv_len-sa_ptr->shivf_len), sa_ptr->shivf_len); } } if(sa_ptr->shsnf_len > 0){ Crypto_increment(sa_ptr->arsn, sa_ptr->arsn_len); } #ifdef SA_DEBUG - if(sa_ptr->iv != NULL) + if(sa_ptr->iv_len > 0) { printf(KYEL "Next IV value is:\n\t"); for (i = 0; i < sa_ptr->iv_len; i++) @@ -905,7 +904,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly if (sa_service_type != SA_PLAINTEXT) { - encryption_cipher = *sa_ptr->ecs; + encryption_cipher = sa_ptr->ecs; ecs_is_aead_algorithm = Crypto_Is_AEAD_Algorithm(encryption_cipher); } #ifdef TC_DEBUG @@ -1071,7 +1070,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length NULL, // Key - Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV sa_ptr->iv_len, // IV Length @@ -1082,8 +1081,8 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc (sa_ptr->est), // Decryption Bool (sa_ptr->ast), // Authentication Bool (sa_ptr->ast), // AAD Bool - sa_ptr->ecs, // encryption cipher - sa_ptr->acs, // authentication cipher + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher cam_cookies ); @@ -1097,7 +1096,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length NULL, // Key - Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV sa_ptr->iv_len, // IV Length @@ -1106,7 +1105,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc aad, // additional authenticated data aad_len, // length of AAD CRYPTO_CIPHER_NONE, //encryption cipher - *sa_ptr->acs, //authentication cipher + sa_ptr->acs, //authentication cipher cam_cookies ); } @@ -1117,12 +1116,12 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc &(ingest[tc_enc_payload_start_index]), // ciphertext input (size_t)(tc_sdls_processed_frame->tc_pdu_len), // in data length NULL, // Key - Crypto_Get_ECS_Algo_Keylen(*sa_ptr->ecs), + Crypto_Get_ECS_Algo_Keylen(sa_ptr->ecs), sa_ptr, // SA for key reference tc_sdls_processed_frame->tc_sec_header.iv, // IV sa_ptr->iv_len, // IV Length - sa_ptr->ecs, // encryption cipher - sa_ptr->acs, // authentication cipher + &sa_ptr->ecs, // encryption cipher + &sa_ptr->acs, // authentication cipher cam_cookies ); @@ -1175,12 +1174,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int *len_ingest, TC_t* tc { if (crypto_config->sadb_type == SADB_TYPE_MARIADB) { - if(sa_ptr->ecs != NULL) free(sa_ptr->ecs); if(sa_ptr->ek_ref != NULL) free(sa_ptr->ek_ref); - if(sa_ptr->iv != NULL) free(sa_ptr->iv); - if(sa_ptr->abm != NULL) free(sa_ptr->abm); - if(sa_ptr->arsn != NULL) free(sa_ptr->arsn); - if(sa_ptr->acs != NULL) free(sa_ptr->acs); free(sa_ptr); } } diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index b98d07fd..0b374dea 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -54,7 +54,6 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) uint16_t pdu_len = -1; uint32_t pkcs_padding = 0; uint16_t new_fecf = 0x0000; - uint32_t encryption_cipher; uint8_t ecs_is_aead_algorithm; #ifdef DEBUG @@ -135,9 +134,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly if (sa_service_type != SA_PLAINTEXT) { - encryption_cipher = - (sa_ptr->ecs[0] << 24) | (sa_ptr->ecs[1] << 16) | (sa_ptr->ecs[2] << 8) | sa_ptr->ecs[3]; - ecs_is_aead_algorithm = Crypto_Is_AEAD_Algorithm(encryption_cipher); + ecs_is_aead_algorithm = Crypto_Is_AEAD_Algorithm(sa_ptr->ecs); } #ifdef TM_DEBUG @@ -216,16 +213,16 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) } #endif - if(sa_service_type != SA_PLAINTEXT && sa_ptr->ecs == NULL && sa_ptr->acs == NULL) + if(sa_service_type != SA_PLAINTEXT && sa_ptr->ecs_len == 0 && sa_ptr->acs_len == 0) { return CRYPTO_LIB_ERR_NULL_CIPHERS; } if(sa_ptr->est == 0 && sa_ptr->ast == 1) { - if(sa_ptr->acs !=NULL && sa_ptr->acs_len != 0) + if(sa_ptr->acs_len != 0) { - if((*(sa_ptr->acs) == CRYPTO_MAC_CMAC_AES256 || *(sa_ptr->acs) == CRYPTO_MAC_HMAC_SHA256 || *(sa_ptr->acs) == CRYPTO_MAC_HMAC_SHA512) && + if((sa_ptr->acs == CRYPTO_MAC_CMAC_AES256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA256 || sa_ptr->acs == CRYPTO_MAC_HMAC_SHA512) && sa_ptr->iv_len > 0 ) { return CRYPTO_LIB_ERR_IV_NOT_SUPPORTED_FOR_ACS_ALGO; @@ -385,7 +382,7 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) (uint8_t*)(&tm_frame[0]), // plaintext input (size_t)0, // in data length - from start of frame to end of data NULL, // Using SA key reference, key is null - Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), sa_ptr, // SA (for key reference) sa_ptr->iv, // IV sa_ptr->iv_len, // IV Length @@ -393,8 +390,8 @@ int32_t Crypto_TM_ApplySecurity(SecurityAssociation_t *sa_ptr) sa_ptr->stmacf_len, // tag size aad, // AAD Input aad_len, // Length of AAD - *sa_ptr->ecs, // encryption cipher - *sa_ptr->acs, // authentication cipher + sa_ptr->ecs, // encryption cipher + sa_ptr->acs, // authentication cipher NULL); } if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) @@ -858,9 +855,9 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in // Determine Algorithm cipher & mode. // TODO - Parse authentication_cipher, and handle AEAD cases properly if (sa_service_type != SA_PLAINTEXT) { - if (sa_ptr->ecs != NULL) + if (sa_ptr->ecs != CRYPTO_CIPHER_NONE) { - encryption_cipher = *sa_ptr->ecs; + encryption_cipher = sa_ptr->ecs; #ifdef TC_DEBUG printf(KYEL "SA Encryption Cipher: %d\n", encryption_cipher); #endif @@ -1013,10 +1010,10 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in ** Begin Authentication / Encryption */ - if(sa_service_type != SA_PLAINTEXT && sa_ptr->ecs == NULL && sa_ptr->acs == NULL) - { - return CRYPTO_LIB_ERR_NULL_CIPHERS; - } + // if(sa_service_type != SA_PLAINTEXT) + // { + // return CRYPTO_LIB_ERR_NULL_CIPHERS; + // } if (sa_service_type != SA_PLAINTEXT && ecs_is_aead_algorithm == CRYPTO_FALSE) // Non aead algorithm { @@ -1045,7 +1042,7 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in p_ingest+byte_idx, // ciphertext input pdu_len, // in data length NULL, // Key - Crypto_Get_ACS_Algo_Keylen(*sa_ptr->acs), + Crypto_Get_ACS_Algo_Keylen(sa_ptr->acs), sa_ptr, // SA for key reference p_ingest+iv_loc, // IV sa_ptr->iv_len, // IV Length @@ -1054,7 +1051,7 @@ int32_t Crypto_TM_ProcessSecurity(const uint8_t* p_ingest, const uint16_t len_in aad, // additional authenticated data aad_len, // length of AAD CRYPTO_CIPHER_NONE, // encryption cipher - *sa_ptr->acs, // authentication cipher + sa_ptr->acs, // authentication cipher NULL); // cam cookies } if(sa_service_type == SA_ENCRYPTION || sa_service_type == SA_AUTHENTICATED_ENCRYPTION) diff --git a/src/sa/internal/sadb_routine_inmemory.template.c b/src/sa/internal/sadb_routine_inmemory.template.c index f4b78f4a..4088c050 100644 --- a/src/sa/internal/sadb_routine_inmemory.template.c +++ b/src/sa/internal/sadb_routine_inmemory.template.c @@ -82,7 +82,6 @@ int32_t sadb_config(void) sa[1].shivf_len = 0; sa[1].shsnf_len = 2; sa[1].arsn_len = 2; - sa[1].arsn = (uint8_t*) calloc(1, sa[1].arsn_len * sizeof(uint8_t)); sa[1].arsnw_len = 1; sa[1].arsnw = 5; sa[1].gvcid_blk.tfvn = 0; @@ -97,14 +96,11 @@ int32_t sadb_config(void) sa[2].est = 1; sa[2].ast = 1; sa[2].ecs_len = 1; - sa[2].ecs = calloc(1, sa[2].ecs_len * sizeof(uint8_t)); - *sa[2].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[2].ecs = CRYPTO_CIPHER_AES256_GCM; sa[2].shivf_len = 12; sa[2].iv_len = 12; - sa[2].iv = (uint8_t* )calloc(1, sa[2].shivf_len * sizeof(uint8_t)); *(sa[2].iv + sa[2].shivf_len - 1) = 0; sa[2].abm_len = ABM_SIZE; // 20 - sa[2].abm = (uint8_t* )calloc(1, sa[2].abm_len * sizeof(uint8_t)); sa[2].arsnw_len = 1; sa[2].arsnw = 5; sa[2].arsn_len = (sa[2].arsnw * 2) + 1; @@ -116,14 +112,11 @@ int32_t sadb_config(void) sa[3].est = 1; sa[3].ast = 1; sa[3].ecs_len = 1; - sa[3].ecs = calloc(1, sa[3].ecs_len * sizeof(uint8_t)); - *sa[3].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[3].ecs = CRYPTO_CIPHER_AES256_GCM; sa[3].shivf_len = 12; sa[3].iv_len = 12; - sa[3].iv = (uint8_t* )calloc(1, sa[3].shivf_len * sizeof(uint8_t)); *(sa[3].iv + sa[3].shivf_len - 1) = 0; sa[3].abm_len = ABM_SIZE; // 20 - sa[3].abm = (uint8_t* )calloc(1, sa[3].abm_len * sizeof(uint8_t)); sa[3].arsnw_len = 1; sa[3].arsnw = 5; sa[3].arsn_len = (sa[3].arsnw * 2) + 1; @@ -136,15 +129,12 @@ int32_t sadb_config(void) sa[4].est = 1; sa[4].ast = 1; sa[4].ecs_len = 1; - sa[4].ecs = calloc(1, sa[4].ecs_len * sizeof(uint8_t)); - *sa[4].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[4].ecs = CRYPTO_CIPHER_AES256_GCM; sa[4].shivf_len = 12; sa[4].iv_len = 12; sa[4].stmacf_len = 16; - sa[4].iv = (uint8_t* )calloc(1, sa[4].shivf_len * sizeof(uint8_t)); *(sa[4].iv + 11) = 0; sa[4].abm_len = ABM_SIZE; // 20 - sa[4].abm = (uint8_t* )calloc(1, sa[4].abm_len * sizeof(uint8_t)); sa[4].arsnw_len = 1; sa[4].arsnw = 5; sa[4].arsn_len = 0; @@ -160,14 +150,11 @@ int32_t sadb_config(void) sa[5].est = 1; sa[5].ast = 1; sa[5].ecs_len = 1; - sa[5].ecs = calloc(1, sa[5].ecs_len * sizeof(uint8_t)); - *sa[5].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[5].ecs = CRYPTO_CIPHER_AES256_GCM; sa[5].shivf_len = 12; sa[5].iv_len = 12; - sa[5].iv = (uint8_t* )calloc(1, sa[5].shivf_len * sizeof(uint8_t)); *(sa[5].iv + sa[5].shivf_len - 1) = 0; sa[5].abm_len = ABM_SIZE; // 20 - sa[5].abm = (uint8_t* )calloc(1, sa[5].abm_len * sizeof(uint8_t)); sa[5].arsnw_len = 1; sa[5].arsnw = 5; sa[5].arsn_len = (sa[5].arsnw * 2) + 1; @@ -178,14 +165,11 @@ int32_t sadb_config(void) sa[6].est = 1; sa[6].ast = 1; sa[6].ecs_len = 1; - sa[6].ecs = calloc(1, sa[6].ecs_len * sizeof(uint8_t)); - *sa[6].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[6].ecs = CRYPTO_CIPHER_AES256_GCM; sa[6].shivf_len = 12; sa[6].iv_len = 12; - sa[6].iv = (uint8_t* )calloc(1, sa[6].shivf_len * sizeof(uint8_t)); *(sa[6].iv + sa[6].shivf_len - 1) = 0; sa[6].abm_len = ABM_SIZE; // 20 - sa[6].abm = (uint8_t* )calloc(1, sa[6].abm_len * sizeof(uint8_t)); sa[6].arsnw_len = 1; sa[6].arsnw = 5; sa[6].arsn_len = (sa[6].arsnw * 2) + 1; @@ -197,14 +181,11 @@ int32_t sadb_config(void) sa[7].est = 1; sa[7].ast = 1; sa[7].ecs_len = 1; - sa[7].ecs = calloc(1, sa[7].ecs_len * sizeof(uint8_t)); - *sa[7].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[7].ecs = CRYPTO_CIPHER_AES256_GCM; sa[7].shivf_len = 12; sa[7].iv_len = 12; - sa[7].iv = (uint8_t* )calloc(1, sa[7].shivf_len * sizeof(uint8_t)); *(sa[7].iv + sa[7].shivf_len - 1) = 0; sa[7].abm_len = ABM_SIZE; // 20 - sa[7].abm = (uint8_t* )calloc(1, sa[7].abm_len * sizeof(uint8_t)); sa[7].arsnw_len = 1; sa[7].arsnw = 5; sa[7].arsn_len = (sa[7].arsnw * 2) + 1; @@ -234,10 +215,8 @@ int32_t sadb_config(void) sa[9].ast = 0; sa[9].shivf_len = 12; sa[9].iv_len = 12; - sa[9].iv = (uint8_t* )calloc(1, sa[9].shivf_len * sizeof(uint8_t)); *(sa[9].iv + 11) = 0; sa[9].abm_len = ABM_SIZE; // 20 - sa[9].abm = (uint8_t* )calloc(1, sa[9].abm_len * sizeof(uint8_t)); sa[9].arsnw_len = 1; sa[9].arsnw = 5; sa[9].arsn_len = 0; @@ -254,15 +233,12 @@ int32_t sadb_config(void) sa[10].est = 1; sa[10].ast = 1; sa[10].ecs_len = 1; - sa[10].ecs = calloc(1, sa[10].ecs_len * sizeof(uint8_t)); - *sa[10].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[10].ecs = CRYPTO_CIPHER_AES256_GCM; sa[10].shivf_len = 12; sa[10].iv_len = 12; sa[10].stmacf_len = 16; - sa[10].iv = (uint8_t* )calloc(1, sa[10].shivf_len * sizeof(uint8_t)); *(sa[10].iv + 11) = 0; sa[10].abm_len = ABM_SIZE; // 20 - sa[10].abm = (uint8_t* )calloc(1, sa[10].abm_len * sizeof(uint8_t)); sa[10].arsnw_len = 1; sa[10].arsnw = 5; sa[10].arsn_len = 0; @@ -280,16 +256,13 @@ int32_t sadb_config(void) sa[11].est = 1; sa[11].ast = 0; sa[11].ecs_len = 1; - sa[11].ecs = calloc(1, sa[11].ecs_len * sizeof(uint8_t)); - *sa[11].ecs = CRYPTO_CIPHER_AES256_CBC; + sa[11].ecs = CRYPTO_CIPHER_AES256_CBC; sa[11].shivf_len = 16; sa[11].iv_len = 16; sa[11].shplf_len = 1; sa[11].stmacf_len = 0; - sa[11].iv = (uint8_t* )calloc(1, sa[11].shivf_len * sizeof(uint8_t)); //TODO; Should this be iv_len instead of shiv_len? *(sa[11].iv + (sa[11].iv_len - 1)) = 0; sa[11].abm_len = ABM_SIZE; // 20 - sa[11].abm = (uint8_t* )calloc(1, sa[11].abm_len * sizeof(uint8_t)); sa[11].arsnw_len = 0; sa[11].arsnw = 5; sa[11].arsn_len = 0; @@ -308,7 +281,6 @@ int32_t sadb_config(void) sa[12].shivf_len = 0; sa[12].shsnf_len = 0; sa[12].arsn_len = 0; - sa[12].arsn = (uint8_t*) calloc(1, sa[1].arsn_len * sizeof(uint8_t)); sa[12].arsnw_len = 0; sa[12].arsnw = 5; sa[12].gvcid_blk.tfvn = 0; @@ -326,25 +298,33 @@ int32_t sadb_config(void) int32_t sadb_init(void) { int32_t status = CRYPTO_LIB_SUCCESS; - int x; - for (x = 0; x < NUM_SA; x++) + for (int x = 0; x < NUM_SA; x++) { sa[x].ekid = x; sa[x].akid = x; sa[x].sa_state = SA_NONE; sa[x].ecs_len = 0; - sa[x].ecs = NULL; + sa[x].ecs = 0; sa[x].shivf_len = 0; - sa[x].iv = NULL; + for (int y = 0; y < IV_SIZE; y++) + { + sa[x].iv[y] = 0; + } sa[x].iv_len = 0; - sa[x].abm = NULL; + for (int y = 0; y < ABM_SIZE; y++) + { + sa[x].abm[y] = 0; + } sa[x].abm_len = 0; sa[x].acs_len = 0; - sa[x].acs = NULL; + sa[x].acs = 0; sa[x].shsnf_len = 0; sa[x].arsn_len = 0; - sa[x].arsn = NULL; + for (int y = 0; y < ARSN_SIZE; y++) + { + sa[x].arsn[y] = 0; + } } return status; } @@ -356,16 +336,6 @@ int32_t sadb_init(void) static int32_t sadb_close(void) { int32_t status = CRYPTO_LIB_SUCCESS; - int x; - - for (x = 0; x < NUM_SA; x++) - { - if(sa[x].ecs != NULL) free(sa[x].ecs); - if(sa[x].iv != NULL) free(sa[x].iv); - if(sa[x].abm != NULL) free(sa[x].abm); - if(sa[x].arsn != NULL) free(sa[x].arsn); - if(sa[x].acs != NULL) free(sa[x].acs); - } return status; } @@ -518,7 +488,6 @@ static int32_t sadb_get_operational_sa_from_gvcid(uint8_t tfvn, uint16_t scid, u printf(KYEL "\tscid %d\n" RESET, scid); printf(KYEL "\tvcid %d\n" RESET, vcid); printf(KYEL "\tmapid %02X\n" RESET, mapid); - printf(KYEL "***FYI TM_SIZE set to %ld\n" RESET, TM_SIZE); #endif } @@ -880,28 +849,23 @@ static int32_t sadb_sa_create(void) sa[spi].est = ((uint8_t)sdls_frame.pdu.data[2] & 0x80) >> 7; sa[spi].ast = ((uint8_t)sdls_frame.pdu.data[2] & 0x40) >> 6; sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[2] & 0x3F); - if (sa[spi].iv != NULL) - { - free(sa[spi].iv); - } - sa[spi].iv = (uint8_t* )calloc(1, sa[spi].shivf_len * sizeof(uint8_t)); sa[spi].shsnf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0xFC) >> 2; sa[spi].shplf_len = ((uint8_t)sdls_frame.pdu.data[3] & 0x03); sa[spi].stmacf_len = ((uint8_t)sdls_frame.pdu.data[4]); sa[spi].ecs_len = ((uint8_t)sdls_frame.pdu.data[5]); for (x = 0; x < sa[spi].ecs_len; x++) { - *(sa[spi].ecs + x) = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].ecs = ((uint8_t)sdls_frame.pdu.data[count++]); } sa[spi].shivf_len = ((uint8_t)sdls_frame.pdu.data[count++]); for (x = 0; x < sa[spi].shivf_len; x++) { - *(sa[spi].iv + x) = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].iv[x] = ((uint8_t)sdls_frame.pdu.data[count++]); } sa[spi].acs_len = ((uint8_t)sdls_frame.pdu.data[count++]); for (x = 0; x < sa[spi].acs_len; x++) { - *sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]); + sa[spi].acs = ((uint8_t)sdls_frame.pdu.data[count++]); } sa[spi].abm_len = (uint8_t)((sdls_frame.pdu.data[count] << 8) | (sdls_frame.pdu.data[count + 1])); count = count + 2; @@ -910,11 +874,6 @@ static int32_t sadb_sa_create(void) sa[spi].abm[x] = ((uint8_t)sdls_frame.pdu.data[count++]); } sa[spi].arsn_len = ((uint8_t)sdls_frame.pdu.data[count++]); - if (sa[spi].arsn != NULL) - { - free(sa[spi].arsn); - } - sa[spi].arsn = (uint8_t* )calloc(1, sa[spi].arsn_len * sizeof(uint8_t)); for (x = 0; x < sa[spi].arsn_len; x++) { *(sa[spi].arsn + x) = ((uint8_t)sdls_frame.pdu.data[count++]); diff --git a/test/unit/et_dt_validation.c b/test/unit/et_dt_validation.c index 613a5b8d..28cc601c 100644 --- a/test/unit/et_dt_validation.c +++ b/test/unit/et_dt_validation.c @@ -176,8 +176,7 @@ UTEST(ET_VALIDATION, AUTH_ENCRYPTION_TEST) // Default SA // Expose SA 1 for testing sadb_routine->sadb_get_sa_from_spi(1, &test_association_1); - test_association_1->ecs = calloc(1, test_association_1->ecs_len * sizeof(uint8_t)); - *test_association_1->ecs = CRYPTO_CIPHER_NONE; + test_association_1->ecs = CRYPTO_CIPHER_NONE; // Expose SA 4 for testing sadb_routine->sadb_get_sa_from_spi(4, &test_association_4); @@ -193,13 +192,11 @@ UTEST(ET_VALIDATION, AUTH_ENCRYPTION_TEST) // Expose SA 4 for testing test_association_4->arsn_len = 0; test_association_4->gvcid_blk.vcid = 1; - test_association_4->iv = calloc(1, test_association_4->shivf_len * sizeof(uint8_t)); test_association_4->iv[11] = 1; test_association_4->ast = 1; test_association_4->est = 1; test_association_4->sa_state = SA_OPERATIONAL; - test_association_4->ecs = calloc(1, test_association_4->ecs_len * sizeof(uint8_t)); - *test_association_4->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association_4->ecs = CRYPTO_CIPHER_AES256_GCM; return_val = Crypto_TC_ApplySecurity(enc_test_ping_b, enc_test_ping_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); @@ -264,8 +261,7 @@ UTEST(DT_VALIDATION, AUTH_DECRYPTION_TEST) // Default SA // Expose SA 1 for testing sadb_routine->sadb_get_sa_from_spi(1, &test_association); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; // Expose SA 4 for testing sadb_routine->sadb_get_sa_from_spi(4, &test_association); @@ -282,13 +278,11 @@ UTEST(DT_VALIDATION, AUTH_DECRYPTION_TEST) sadb_routine->sadb_get_sa_from_spi(4, &test_association); test_association->arsn_len = 0; test_association->gvcid_blk.vcid = 1; - test_association->iv = calloc(1, test_association->shivf_len * sizeof(uint8_t)); test_association->iv[11] = 0; test_association->ast = 1; test_association->est = 1; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; return_val = Crypto_TC_ProcessSecurity(dec_test_ping_b, &dec_test_ping_len, tc_sdls_processed_frame); ASSERT_EQ(9, return_val); // 9 is the number of pings in that EP PDU. @@ -358,8 +352,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -370,7 +363,6 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) hex_conversion(buffer_nist_pt_h, (char**) &buffer_nist_pt_b, &buffer_nist_pt_len); // Convert/Set input IV hex_conversion(buffer_nist_iv_h, (char**) &buffer_nist_iv_b, &buffer_nist_iv_len); - test_association->iv = malloc(*buffer_nist_iv_b * sizeof(uint8_t)); memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert input ciphertext hex_conversion(buffer_nist_ct_h, (char**) &buffer_nist_ct_b, &buffer_nist_ct_len); @@ -437,8 +429,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; sadb_routine->sadb_get_sa_from_spi(9, &test_association); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; test_association->ast =1; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -510,8 +501,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -585,8 +575,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -659,8 +648,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -735,8 +723,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -806,8 +793,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -882,8 +868,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -953,8 +938,7 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1029,8 +1013,7 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->arsn_len = 0; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1118,8 +1101,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) test_association->abm_len = 1024; test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1204,8 +1186,7 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1297,8 +1278,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) test_association->shivf_len = 12; test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1422,8 +1402,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_DATA) test_association->shivf_len = 12; test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1523,8 +1502,7 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_MAC) test_association->shivf_len = 12; test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -1617,17 +1595,13 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) test_association->shivf_len = 0; test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn = 0; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->ekid = 0; test_association->akid = 136; @@ -1709,17 +1683,13 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) test_association->shivf_len = 0; test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn = 0; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->ekid = 0; test_association->akid = 136; @@ -1799,17 +1769,13 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) test_association->shivf_len = 0; test_association->iv_len = 0; test_association->shsnf_len = 4; - test_association->arsn = 0; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->ekid = 0; test_association->akid = 136; @@ -1895,15 +1861,12 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->ekid = 0; test_association->akid = 136; @@ -1990,15 +1953,12 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA256; test_association->ekid = 0; test_association->akid = 136; @@ -2079,15 +2039,12 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA256; test_association->ekid = 0; test_association->akid = 136; @@ -2169,15 +2126,12 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; test_association->ekid = 0; test_association->akid = 136; @@ -2261,16 +2215,12 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; - test_association->abm = calloc(1, test_association->abm_len * sizeof(uint8_t)); memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; test_association->ekid = 0; test_association->akid = 136; @@ -2354,15 +2304,12 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA256; test_association->ekid = 0; test_association->akid = 136; @@ -2446,15 +2393,12 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA256; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA256; test_association->ekid = 0; test_association->akid = 136; @@ -2537,15 +2481,12 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; test_association->ekid = 0; test_association->akid = 136; @@ -2627,15 +2568,12 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; test_association->ekid = 0; test_association->akid = 136; @@ -2755,15 +2693,12 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_SHORT_KEY) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; test_association->ekid = 0; test_association->akid = 136; @@ -2836,15 +2771,12 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_SHORT_KEY) test_association->iv_len = 0; test_association->shsnf_len = 4; test_association->arsn_len = 4; - test_association->arsn = calloc(1, test_association->arsn_len * sizeof(uint8_t)); test_association->abm_len = 1024; memset(test_association->abm, 0xFF, (test_association->abm_len * sizeof(uint8_t))); // Bitmask test_association->stmacf_len = 16; test_association->sa_state = SA_OPERATIONAL; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_HMAC_SHA512; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->acs = CRYPTO_MAC_HMAC_SHA512; test_association->ekid = 0; test_association->akid = 136; diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 90bb51b5..b9d4ac31 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -99,151 +99,150 @@ UTEST(CRYPTO_C, PDU_SWITCH) sdls_frame.pdu.pid = PID_OTAR; uint8_t* ingest = NULL; - TC_t* tc_frame; - tc_frame = malloc(sizeof(uint8_t) * TC_SIZE); - status = Crypto_PDU(ingest, tc_frame); + TC_t tc_frame; + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_KEY_ACTIVATION; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_KEY_DEACTIVATION; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pdu_len = 0; sdls_frame.pdu.pid = PID_KEY_VERIFICATION; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_KEY_DESTRUCTION; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_KEY_INVENTORY; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTOGRAPHY_UNSUPPORTED_OPERATION_FOR_KEY_RING); sdls_frame.pdu.pid = SG_KEY_MGMT; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.sg = SG_SA_MGMT; sdls_frame.pdu.pid = PID_CREATE_SA; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_DELETE_SA; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_SET_ARSNW; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_REKEY_SA; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_EXPIRE_SA; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_SET_ARSN; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_START_SA; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_STOP_SA; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = PID_READ_ARSN; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.pid = PID_SA_STATUS; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.pid = 0b111; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.sg = SG_SEC_MON_CTRL; sdls_frame.pdu.pid = PID_LOG_STATUS; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.pid = PID_DUMP_LOG; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.pid = PID_ERASE_LOG; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.pid = PID_SELF_TEST; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_ERROR); sdls_frame.pdu.pid = PID_ALARM_FLAG; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 0b1111; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.sg = PID_LOG_STATUS; sdls_frame.pdu.pid = PID_LOG_STATUS; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.uf = 1; sdls_frame.pdu.pid = 0; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 1; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 2; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 3; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 4; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 5; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 6; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 7; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.pid = 8; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); sdls_frame.pdu.type = 1; sdls_frame.pdu.pid = 8; - status = Crypto_PDU(ingest, tc_frame); + status = Crypto_PDU(ingest, &tc_frame); ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } @@ -293,17 +292,16 @@ UTEST(INVALID_SA_CONFIGS, INVALID_IV_ARSN) hex_conversion(jpl_frame_pt_h, (char**) &jpl_frame_pt_b, &jpl_frame_pt_len); // Should fail, as SA will be set to use ARSN, but ARSN pointer is NULL - free(test_association->arsn); - test_association->arsn = NULL; + test_association->arsn_len = 0; status = Crypto_TC_ApplySecurity(jpl_frame_pt_b, jpl_frame_pt_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_ERR_NULL_ARSN, status); // Should fail, as SA will be set to use IV, but IV pointer is NULL - free(test_association->iv); - test_association->iv = NULL; + test_association->iv_len = 0; test_association->shivf_len = 12; status = Crypto_TC_ApplySecurity(jpl_frame_pt_b, jpl_frame_pt_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_ERR_NULL_IV, status); + free(test_association); } /** diff --git a/test/unit/ut_tc_apply.c b/test/unit/ut_tc_apply.c index 0130f123..b669ccc4 100644 --- a/test/unit/ut_tc_apply.c +++ b/test/unit/ut_tc_apply.c @@ -419,16 +419,11 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLO test_association->est=0; test_association->ast=1; test_association->ecs_len=1; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; test_association->acs_len=1; - free(test_association->acs); - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->arsn_len = 3; test_association->shsnf_len = 2; - test_association->arsn = calloc(1,test_association->arsn_len); memcpy(test_association->arsn, (uint8_t *)new_arsn_b, new_arsn_len); // This TA was originally setup for AESGCM, need to specify an akid so we can use it for a MAC test_association->akid = 130; @@ -1023,7 +1018,6 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) test_association->arsn_len = 0; test_association->iv_len = 0; test_association->shivf_len = 0; - test_association->iv = NULL; return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); @@ -1035,7 +1029,7 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) //printf("Encrypted Frame:\n"); for(int i = 0; i < enc_frame_len; i++) { - //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); + printf("%02x -> %02x \n", ptr_enc_frame[i], truth_data_b[i]); ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } //printf("\n"); @@ -1093,7 +1087,6 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) test_association->arsn_len = 0; test_association->iv_len = 16; test_association->shivf_len = 16; - test_association->iv = NULL; return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); ASSERT_EQ(CRYPTO_LIB_ERR_NULL_IV, return_val); diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index f548d306..e61d5f82 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -68,9 +68,7 @@ UTEST(TC_PROCESS, EXERCISE_IV) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); memcpy(ek_ring[test_association->ekid].value, buffer_nist_key_b, buffer_nist_key_len); @@ -184,15 +182,10 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->sa_state = SA_OPERATIONAL; sadb_routine->sadb_get_sa_from_spi(9, &test_association); - free(test_association->ecs); test_association->ecs_len = 1; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; - free(test_association->acs); + test_association->ecs = CRYPTO_CIPHER_NONE; test_association->acs_len = 1; - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->est = 0; test_association->ast = 1; test_association->shivf_len = 0; @@ -204,8 +197,6 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) test_association->akid = 136; test_association->ekid = 0; // memset(test_association->abm, 0x00, (test_association->abm_len * sizeof(uint8_t))); - free(test_association->abm); - test_association->abm = calloc(1, test_association->abm_len * sizeof(uint8_t)); test_association->stmacf_len = 16; // Insert key into keyring of SA 9 hex_conversion(buffer_nist_key_h, (char**) &buffer_nist_key_b, &buffer_nist_key_len); @@ -217,8 +208,6 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) hex_conversion(buffer_good_arsn_with_gap_h, (char**) &buffer_good_arsn_with_gap_b, &buffer_good_arsn_with_gap_len); // Convert/Set input ARSN hex_conversion(buffer_arsn_h, (char**) &buffer_arsn_b, &buffer_arsn_len); - free(test_association->arsn); - test_association->arsn = calloc(1, test_association->arsn_len); memcpy(test_association->arsn, buffer_arsn_b, buffer_arsn_len); // Expect to fail on replay printf(KGRN "Checking replay - using previous received ARSN...\n" RESET); @@ -305,17 +294,14 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) int32_t return_val = -1; - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + TC_t tc_sdls_processed_frame; + memset(&tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); // Default SA // Expose SA 1 for testing sadb_routine->sadb_get_sa_from_spi(1, &test_association); - //free(test_association->ecs); test_association->ecs_len = 1; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; // Deactive SA 1 test_association->sa_state = SA_NONE; @@ -326,8 +312,6 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) test_association->gvcid_blk.vcid = 0; test_association->shivf_len = 6; test_association->iv_len = 12; - free(test_association->iv); - test_association->iv = calloc(1, test_association->iv_len * sizeof(uint8_t)); // IV = "000000000000FFFFFFFFFFFE" test_association->iv[0] = 0x00; test_association->iv[1] = 0x00; @@ -344,46 +328,29 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) test_association->ast = 1; test_association->est = 1; test_association->sa_state = SA_OPERATIONAL; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; Crypto_saPrint(test_association); - return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, tc_sdls_processed_frame); + return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); ASSERT_EQ(test_association->iv[11],0xFE); - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? - return_val = Crypto_TC_ProcessSecurity(dec_test_ff_b, &dec_test_ff_len, tc_sdls_processed_frame); + + return_val = Crypto_TC_ProcessSecurity(dec_test_ff_b, &dec_test_ff_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); ASSERT_EQ(test_association->iv[11],0xFF); - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? - return_val = Crypto_TC_ProcessSecurity(dec_test_00_b, &dec_test_00_len, tc_sdls_processed_frame); + + return_val = Crypto_TC_ProcessSecurity(dec_test_00_b, &dec_test_00_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); for(int i=0; i < test_association->iv_len; i++) { ASSERT_EQ(test_association->iv[i],0x00); } - Crypto_saPrint(test_association); Crypto_Shutdown(); - free(dec_test_fe_b); free(dec_test_ff_b); - free(dec_test_00_b); - - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? - free(tc_sdls_processed_frame); - + free(dec_test_00_b); } UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) @@ -422,10 +389,8 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) // Default SA // Expose SA 1 for testing sadb_routine->sadb_get_sa_from_spi(1, &test_association); - free(test_association->ecs); test_association->ecs_len = 1; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; // Deactive SA 1 test_association->sa_state = SA_NONE; @@ -436,8 +401,6 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) test_association->gvcid_blk.vcid = 0; test_association->shivf_len = 6; test_association->iv_len = 12; - free(test_association->iv); - test_association->iv = calloc(1, test_association->iv_len * sizeof(uint8_t)); // IV = "000000000000FFFFFFFFFFFE" test_association->iv[0] = 0x00; test_association->iv[1] = 0x00; @@ -454,9 +417,7 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) test_association->ast = 1; test_association->est = 1; test_association->sa_state = SA_OPERATIONAL; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; Crypto_saPrint(test_association); return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, tc_sdls_processed_frame); @@ -533,16 +494,14 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) int32_t return_val = -1; - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + TC_t tc_sdls_processed_frame; + memset(&tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); // Default SA // Expose SA 1 for testing sadb_routine->sadb_get_sa_from_spi(1, &test_association); test_association->ecs_len = 1; - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; // Deactive SA 1 test_association->sa_state = SA_NONE; @@ -555,17 +514,11 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) test_association->est=0; test_association->ast=1; test_association->ecs_len=1; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->ecs = CRYPTO_CIPHER_NONE; test_association->acs_len=1; - free(test_association->acs); - test_association->acs = calloc(1, test_association->acs_len * sizeof(uint8_t)); - *test_association->acs = CRYPTO_MAC_CMAC_AES256; + test_association->acs = CRYPTO_MAC_CMAC_AES256; test_association->arsn_len = 3; test_association->shsnf_len = 2; - free(test_association->arsn); - test_association->arsn = calloc(1,test_association->arsn_len); // ARSN = "05FFFD" test_association->arsn[0] = 0x05; test_association->arsn[1] = 0xFF; @@ -575,22 +528,16 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) test_association->akid = 130; Crypto_saPrint(test_association); - return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, tc_sdls_processed_frame); + return_val = Crypto_TC_ProcessSecurity(dec_test_fe_b, &dec_test_fe_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); ASSERT_EQ(test_association->arsn[2],0xFE); - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? - return_val = Crypto_TC_ProcessSecurity(dec_test_ff_b, &dec_test_ff_len, tc_sdls_processed_frame); + + return_val = Crypto_TC_ProcessSecurity(dec_test_ff_b, &dec_test_ff_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); ASSERT_EQ(test_association->arsn[2],0xFF); - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? + // test_association->iv[5] = 0x01; - return_val = Crypto_TC_ProcessSecurity(dec_test_00_b, &dec_test_00_len, tc_sdls_processed_frame); + return_val = Crypto_TC_ProcessSecurity(dec_test_00_b, &dec_test_00_len, &tc_sdls_processed_frame); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); ASSERT_EQ(test_association->arsn[0] ,0x06); ASSERT_EQ(test_association->arsn[1] ,0x00); @@ -603,11 +550,6 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) free(dec_test_fe_b); free(dec_test_ff_b); free(dec_test_00_b); - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? - free(tc_sdls_processed_frame); } UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) @@ -929,9 +871,7 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) sadb_routine->sadb_get_sa_from_spi(9, &test_association); test_association->sa_state = SA_OPERATIONAL; test_association->ecs_len = 1; - free(test_association->ecs); - test_association->ecs = calloc(1, test_association->ecs_len * sizeof(uint8_t)); - *test_association->ecs = CRYPTO_CIPHER_AES256_GCM; + test_association->ecs = CRYPTO_CIPHER_AES256_GCM; test_association->shsnf_len = 2; test_association->arsn_len = 2; test_association->arsnw = 5; @@ -955,8 +895,6 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); // Convert/Set input ARSN hex_conversion(buffer_arsn_h, (char**) &buffer_arsn_b, &buffer_arsn_len); - free(test_association->arsn); - test_association->arsn = calloc(1, test_association->arsn_len); memcpy(test_association->arsn, buffer_arsn_b, buffer_arsn_len); // Expect to fail on ARSN (Bad IV, bad ARSN) diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index cc5b3254..7278d14d 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -346,18 +346,13 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -430,18 +425,13 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -524,18 +514,13 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -616,18 +601,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -708,18 +688,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -801,18 +776,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -897,18 +867,13 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; sa_ptr->ekid = 0; sa_ptr->akid = 136; diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 10e0a346..76ccc112 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -241,18 +241,13 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -320,18 +315,13 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -417,18 +407,13 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -512,18 +497,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -607,18 +587,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -703,18 +678,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -802,18 +772,13 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn = 0; sa_ptr->arsn_len = 0; - sa_ptr->arsn = NULL; sa_ptr->abm_len = 1786; - sa_ptr->abm = (uint8_t* )calloc(1, sa_ptr->abm_len * sizeof(uint8_t)); memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; - sa_ptr->ecs = calloc(1, sa_ptr->ecs_len * sizeof(uint8_t)); - *sa_ptr->ecs = CRYPTO_CIPHER_NONE; - sa_ptr->acs = calloc(1, sa_ptr->acs_len * sizeof(uint8_t)); - *sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; sa_ptr->ekid = 0; sa_ptr->akid = 136; From 58c78a8a716c77ffad0b68536a44f4d162a0bdd7 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Thu, 15 Jun 2023 07:50:21 -0400 Subject: [PATCH 02/10] [nasa/cryptolib#164] Incremented CryptoLib version number as it was missed in last release; --- include/crypto.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/include/crypto.h b/include/crypto.h index b5d7527b..bd0efba8 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -44,7 +44,7 @@ */ #define CRYPTO_LIB_MAJOR_VERSION 1 #define CRYPTO_LIB_MINOR_VERSION 2 -#define CRYPTO_LIB_REVISION 1 +#define CRYPTO_LIB_REVISION 2 #define CRYPTO_LIB_MISSION_REV 0 /* From 53f11281664e51ee8cfb938398a2c8fffe92fc2b Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Thu, 15 Jun 2023 07:51:38 -0400 Subject: [PATCH 03/10] [nasa/cryptolib#164] Comment out debugging messages in standalone with TM frame processing; --- support/standalone/standalone.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/support/standalone/standalone.c b/support/standalone/standalone.c index 0e5c0573..cb7b66fc 100644 --- a/support/standalone/standalone.c +++ b/support/standalone/standalone.c @@ -458,10 +458,10 @@ void* crypto_standalone_tm_process(void* sock) } else { - if ( ((tm_ptr[0] != 0x03) && (tm_ptr[1] != 0xFF)) && ((tm_ptr[0] != 0xFF) && (tm_ptr[1] != 0x48)) ) - { - printf("crypto_standalone_tm_process - SPP loop error, expected idle packet or frame! tm_ptr = 0x%02x%02x \n", tm_ptr[0], tm_ptr[1]); - } + //if ( ((tm_ptr[0] != 0x03) && (tm_ptr[1] != 0xFF)) && ((tm_ptr[0] != 0xFF) && (tm_ptr[1] != 0x48)) ) + //{ + // printf("crypto_standalone_tm_process - SPP loop error, expected idle packet or frame! tm_ptr = 0x%02x%02x \n", tm_ptr[0], tm_ptr[1]); + //} tm_process_len = 0; } } From 49039bf44f958c70a3e804bee9758d9af295df19 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Thu, 15 Jun 2023 08:38:11 -0400 Subject: [PATCH 04/10] [nasa/cryptolib#164] Added TC debug toggle command to standalone for demonstration purposes; --- support/standalone/standalone.c | 44 ++++++++++++++++++++++++++------- support/standalone/standalone.h | 1 + 2 files changed, 36 insertions(+), 9 deletions(-) diff --git a/support/standalone/standalone.c b/support/standalone/standalone.c index cb7b66fc..719c78e1 100644 --- a/support/standalone/standalone.c +++ b/support/standalone/standalone.c @@ -30,6 +30,7 @@ static volatile uint8_t keepRunning = CRYPTO_LIB_SUCCESS; static volatile uint8_t tc_seq_num = 0; static volatile uint8_t tc_vcid = CRYPTO_STANDALONE_FRAMING_VCID; +static volatile uint8_t tc_debug = 0; /* @@ -61,10 +62,11 @@ void crypto_standalone_print_help(void) { printf(CRYPTO_PROMPT "command [args]\n" "----------------------------------------------------------------------\n" - "help - Display help \n" "exit - Exit app \n" + "help - Display help \n" "noop - No operation command to device \n" "reset - Reset CryptoLib \n" + "tc - Toggle TC debug prints \n" "vcid # - Change active TC virtual channel \n" "\n" ); @@ -98,6 +100,10 @@ int32_t crypto_standalone_get_command(const char* str) { status = CRYPTO_CMD_VCID; } + else if(strcmp(lcmd, "tc") == 0) + { + status = CRYPTO_CMD_TC_DEBUG; + } return status; } @@ -167,6 +173,22 @@ int32_t crypto_standalone_process_command(int32_t cc, int32_t num_tokens, char* } } break; + + case CRYPTO_CMD_TC_DEBUG: + if (crypto_standalone_check_number_arguments(num_tokens, 0) == CRYPTO_LIB_SUCCESS) + { + if (tc_debug == 0) + { + tc_debug = 1; + printf("Enabled TC debug prints! \n"); + } + else + { + tc_debug = 1; + printf("Disabled TC debug prints! \n"); + } + } + break; default: printf("Invalid command format, type 'help' for more info\n"); @@ -287,14 +309,15 @@ void* crypto_standalone_tc_apply(void* sock) if (status != -1) { tc_in_len = status; - #ifdef CRYPTO_STANDALONE_TC_APPLY_DEBUG + if (tc_debug == 1) + { printf("crypto_standalone_tc_apply - received[%d]: 0x", tc_in_len); for(int i = 0; i < status; i++) { printf("%02x", tc_apply_in[i]); } printf("\n"); - #endif + } /* Frame */ #ifdef CRYPTO_STANDALONE_HANDLE_FRAMING @@ -302,28 +325,30 @@ void* crypto_standalone_tc_apply(void* sock) memcpy(tc_apply_in, tc_framed, tc_out_len); tc_in_len = tc_out_len; tc_out_len = 0; - #ifdef CRYPTO_STANDALONE_TC_APPLY_DEBUG + if (tc_debug == 1) + { printf("crypto_standalone_tc_apply - framed[%d]: 0x", tc_in_len); for(int i = 0; i < tc_in_len; i++) { printf("%02x", tc_apply_in[i]); } printf("\n"); - #endif + } #endif /* Process */ status = Crypto_TC_ApplySecurity(tc_apply_in, tc_in_len, &tc_out_ptr, &tc_out_len); if (status == CRYPTO_LIB_SUCCESS) { - #ifdef CRYPTO_STANDALONE_TC_APPLY_DEBUG + if (tc_debug == 1) + { printf("crypto_standalone_tc_apply - status = %d, encrypted[%d]: 0x", status, tc_out_len); for(int i = 0; i < tc_out_len; i++) { printf("%02x", tc_out_ptr[i]); } printf("\n"); - #endif + } /* Reply */ status = sendto(tc_sock->sockfd, tc_out_ptr, tc_out_len, 0, (struct sockaddr*) &fwd_addr, sizeof(fwd_addr)); @@ -342,9 +367,10 @@ void* crypto_standalone_tc_apply(void* sock) tc_in_len = 0; tc_out_len = 0; free(tc_out_ptr); - #ifdef CRYPTO_STANDALONE_TC_APPLY_DEBUG + if (tc_debug == 1) + { printf("\n"); - #endif + } } /* Delay */ diff --git a/support/standalone/standalone.h b/support/standalone/standalone.h index 91447fc1..2ba8addf 100644 --- a/support/standalone/standalone.h +++ b/support/standalone/standalone.h @@ -72,6 +72,7 @@ extern "C" #define CRYPTO_CMD_NOOP 2 #define CRYPTO_CMD_RESET 3 #define CRYPTO_CMD_VCID 4 +#define CRYPTO_CMD_TC_DEBUG 5 /* From 98fcb56704c331457f26f184d10ceb81b0a1540d Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 21 Jun 2023 13:21:27 -0400 Subject: [PATCH 05/10] [nasa/cryptolib#164] Updates to support NULL IV scenarios via Crypto_Config_CryptoLib; --- include/crypto.h | 5 +- include/crypto_config.h | 2 +- include/crypto_config_structs.h | 6 ++ src/core/crypto_config.c | 16 +++-- src/core/crypto_tc.c | 19 ++--- test/kmc/ut_kmc_crypto.c | 30 +++++--- test/kmc/ut_kmc_crypto_auth_only.c | 27 ++++--- test/kmc/ut_kmc_crypto_cam.c | 30 +++++--- test/kmc/ut_kmc_crypto_with_mtls_sadb.c | 11 +-- test/kmc/ut_mariadb.c | 24 ++++--- test/kmc/ut_tc_kmc.c | 66 +++++++++++------ test/performance/pt_auth_as.c | 72 ++++++++++++------- test/performance/pt_auth_enc_as.c | 54 +++++++++----- test/performance/pt_auth_enc_ps.c | 72 ++++++++++++------- test/unit/et_dt_validation.c | 90 ++++++++++++++++-------- test/unit/ut_crypto.c | 47 ++----------- test/unit/ut_mysql_m_tls_connection.c | 3 +- test/unit/ut_mysql_tls_connection.c | 3 +- test/unit/ut_sadb_err_cases_kmc_crypto.c | 12 ++-- test/unit/ut_tc_apply.c | 68 +++++++++++------- test/unit/ut_tc_process.c | 33 ++++++--- test/unit/ut_tm_apply.c | 41 ++++++++--- test/unit/ut_tm_process.c | 46 ++++++++---- 23 files changed, 492 insertions(+), 285 deletions(-) diff --git a/include/crypto.h b/include/crypto.h index 8c3497e3..f1f3d2b1 100644 --- a/include/crypto.h +++ b/include/crypto.h @@ -58,8 +58,9 @@ */ // Crypto Library Configuration functions -extern int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t sadb_type, uint8_t cryptography_type, uint8_t crypto_create_fecf, - uint8_t process_sdls_pdus, uint8_t has_pus_hdr, uint8_t ignore_sa_state, uint8_t ignore_anti_replay, +extern int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t sadb_type, uint8_t cryptography_type, + uint8_t iv_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus, + uint8_t has_pus_hdr, uint8_t ignore_sa_state, uint8_t ignore_anti_replay, uint8_t unique_sa_per_mapid, uint8_t crypto_check_fecf, uint8_t vcid_bitmask, uint8_t crypto_increment_nontransmitted_iv); extern int32_t Crypto_Config_MariaDB(char* mysql_hostname, char* mysql_database, uint16_t mysql_port, diff --git a/include/crypto_config.h b/include/crypto_config.h index b3307cc5..a6678f19 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -121,7 +121,7 @@ #define FECF_SIZE 2 #define SEGMENT_HDR_SIZE 1 #define ECS_SIZE 4 /* bytes */ -#define ABM_SIZE 1024 // 20 /* bytes */ +#define ABM_SIZE 1786 // 20 /* bytes */ #define ARSN_SIZE 20 /* total messages */ #define ARSNW_SIZE 1 /* bytes */ #define SN_SIZE 0 diff --git a/include/crypto_config_structs.h b/include/crypto_config_structs.h index 0fc5d691..811714b0 100644 --- a/include/crypto_config_structs.h +++ b/include/crypto_config_structs.h @@ -45,6 +45,11 @@ typedef enum } CryptographyType; // gvcid managed parameter enums typedef enum +{ + IV_INTERNAL, + IV_CRYPTO_MODULE +} IvType; +typedef enum { TC_NO_FECF, TC_HAS_FECF, @@ -155,6 +160,7 @@ typedef struct KeyType key_type; SadbType sadb_type; CryptographyType cryptography_type; + IvType iv_type; // Whether or not CryptoLib should generate the IV CreateFecfBool crypto_create_fecf; // Whether or not CryptoLib is expected to calculate TC FECFs and return // payloads with the FECF TcProcessSdlsPdus process_sdls_pdus; // Config to process SDLS extended procedure PDUs in CryptoLib diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 9864fc58..21e76095 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -53,9 +53,11 @@ int32_t crypto_free_config_structs(void); int32_t Crypto_Init_TC_Unit_Test(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, + TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, + TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, + SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TC Tests Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -71,7 +73,8 @@ int32_t Crypto_Init_TC_Unit_Test(void) int32_t Crypto_Init_TM_Unit_Test(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TM_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // TM Tests @@ -271,6 +274,7 @@ int32_t Crypto_Shutdown(void) * @brief Function: Crypto_Config_CryptoLib * @param key_type: uint8 * @param sadb_type: uint8 + * @param iv_type: uint8 * @param crypto_create_fecf: uint8 * @param process_sdls_pdus: uint8 * @param has_pus_hdr: uint8 @@ -281,7 +285,8 @@ int32_t Crypto_Shutdown(void) * @param vcid_bitmask: uint8 * @return int32: Success/Failure **/ -int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t sadb_type, uint8_t cryptography_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus, +int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t sadb_type, uint8_t cryptography_type, + uint8_t iv_type, uint8_t crypto_create_fecf, uint8_t process_sdls_pdus, uint8_t has_pus_hdr, uint8_t ignore_sa_state, uint8_t ignore_anti_replay, uint8_t unique_sa_per_mapid, uint8_t crypto_check_fecf, uint8_t vcid_bitmask, uint8_t crypto_increment_nontransmitted_iv) { @@ -290,6 +295,7 @@ int32_t Crypto_Config_CryptoLib(uint8_t key_type, uint8_t sadb_type, uint8_t cry crypto_config->key_type = key_type; crypto_config->sadb_type = sadb_type; crypto_config->cryptography_type = cryptography_type; + crypto_config->iv_type = iv_type; crypto_config->crypto_create_fecf = crypto_create_fecf; crypto_config->process_sdls_pdus = process_sdls_pdus; crypto_config->has_pus_hdr = has_pus_hdr; diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 8f64224e..9b46ac7d 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -454,7 +454,7 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in } } - if (sa_ptr->iv_len > 0) + if (crypto_config->iv_type == IV_INTERNAL) { // Start index from the transmitted portion for (i = sa_ptr->iv_len - sa_ptr->shivf_len; i < sa_ptr->iv_len; i++) @@ -463,11 +463,11 @@ int32_t Crypto_TC_ApplySecurity_Cam(const uint8_t* p_in_frame, const uint16_t in index++; } } - // IV is NULL + // IV is NULL / IV_CRYPTO_MODULE else { // Transmitted length > 0, AND using KMC_CRYPTO - if ((sa_ptr->shivf_len > 0) && crypto_config->cryptography_type == CRYPTOGRAPHY_TYPE_KMCCRYPTO) + if ((sa_ptr->shivf_len > 0) && (crypto_config->cryptography_type == CRYPTOGRAPHY_TYPE_KMCCRYPTO)) { index += sa_ptr->iv_len - (sa_ptr->iv_len - sa_ptr->shivf_len); } @@ -1342,7 +1342,7 @@ uint8_t* Crypto_Prepare_TC_AAD(uint8_t* buffer, uint16_t len_aad, uint8_t* abm_b **/ static int32_t crypto_tc_validate_sa(SecurityAssociation_t *sa) { - if (sa->shivf_len > 0 && sa->iv == NULL && crypto_config->cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) + if (sa->shivf_len > 0 && crypto_config->iv_type == IV_CRYPTO_MODULE && crypto_config->cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) { return CRYPTO_LIB_ERR_NULL_IV; } @@ -1350,23 +1350,18 @@ static int32_t crypto_tc_validate_sa(SecurityAssociation_t *sa) { return CRYPTO_LIB_ERR_IV_LEN_SHORTER_THAN_SEC_HEADER_LENGTH; } - if (sa->iv_len > 0 && sa->iv == NULL && crypto_config->cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) + if (sa->iv_len > 0 && crypto_config->iv_type == IV_CRYPTO_MODULE && crypto_config->cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) { return CRYPTO_LIB_ERR_NULL_IV; } - - if (sa->shsnf_len > 0 && sa->arsn == NULL) + if (crypto_config->iv_type == IV_CRYPTO_MODULE && crypto_config->cryptography_type == CRYPTOGRAPHY_TYPE_LIBGCRYPT) { - return CRYPTO_LIB_ERR_NULL_ARSN; + return CRYPTO_LIB_ERR_NULL_IV; } if (sa->arsn_len - sa->shsnf_len < 0) { return CRYPTO_LIB_ERR_ARSN_LEN_SHORTER_THAN_SEC_HEADER_LENGTH; } - if (sa->arsn_len > 0 && sa->arsn == NULL) - { - return CRYPTO_LIB_ERR_NULL_ARSN; - } return CRYPTO_LIB_SUCCESS; } diff --git a/test/kmc/ut_kmc_crypto.c b/test/kmc/ut_kmc_crypto.c index 3655609e..35a91932 100644 --- a/test/kmc/ut_kmc_crypto.c +++ b/test/kmc/ut_kmc_crypto.c @@ -45,7 +45,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -94,7 +95,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) //UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_ONLY) //{ // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("sadb_user", "sadb_password", "localhost","sadb", 3306, CRYPTO_FALSE, NULL, NULL, NULL, NULL, 0, NULL); @@ -144,7 +146,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -196,7 +199,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -255,7 +259,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) //UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_ONLY) //{ // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("sadb_user", "sadb_password", "localhost","sadb", 3306, CRYPTO_FALSE, NULL, NULL, NULL, NULL, 0, NULL); @@ -315,7 +320,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -376,7 +382,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -425,7 +432,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -483,7 +491,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // UTEST(KMC_CRYPTO, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -533,7 +542,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // UTEST(KMC_CRYPTO, UNHAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_32BYTE_MAC) // { // // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); diff --git a/test/kmc/ut_kmc_crypto_auth_only.c b/test/kmc/ut_kmc_crypto_auth_only.c index f9d35260..d92c1115 100644 --- a/test/kmc/ut_kmc_crypto_auth_only.c +++ b/test/kmc/ut_kmc_crypto_auth_only.c @@ -45,7 +45,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -94,7 +95,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_CMAC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -151,7 +153,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_CMAC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_LARGE_FRM_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -197,7 +200,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_LARGE_FRM_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC256_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -247,7 +251,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC256_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC256_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -302,7 +307,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC256_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -351,7 +357,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC512_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -407,7 +414,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC512_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -457,7 +465,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); diff --git a/test/kmc/ut_kmc_crypto_cam.c b/test/kmc/ut_kmc_crypto_cam.c index fb2e8f70..db6f2f13 100644 --- a/test/kmc/ut_kmc_crypto_cam.c +++ b/test/kmc/ut_kmc_crypto_cam.c @@ -33,7 +33,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS_KEYTAB_FILE) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -92,7 +93,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS_KEYTAB_FILE) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -154,7 +156,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -215,7 +218,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -277,7 +281,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_AUTH_ONLY) UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -348,7 +353,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -419,7 +425,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -475,7 +482,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -540,7 +548,8 @@ UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", @@ -597,7 +606,8 @@ UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8 UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_32BYTE_MAC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sadb_user", diff --git a/test/kmc/ut_kmc_crypto_with_mtls_sadb.c b/test/kmc/ut_kmc_crypto_with_mtls_sadb.c index 36325fb6..a568a952 100644 --- a/test/kmc/ut_kmc_crypto_with_mtls_sadb.c +++ b/test/kmc/ut_kmc_crypto_with_mtls_sadb.c @@ -44,7 +44,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_MTLS) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -93,7 +94,8 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_MTLS) UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_TLS) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -141,7 +143,7 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_TLS) UTEST(KMC_CRYPTO, SADB_BAD_USER_NAME) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + (KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "bad_user_name", NULL); @@ -160,7 +162,8 @@ UTEST(KMC_CRYPTO, SADB_BAD_USER_NAME) UTEST(KMC_CRYPTO, SADB_BAD_PASSWORD) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", "bad_password"); diff --git a/test/kmc/ut_mariadb.c b/test/kmc/ut_mariadb.c index d99ec163..a363f69a 100644 --- a/test/kmc/ut_mariadb.c +++ b/test/kmc/ut_mariadb.c @@ -93,7 +93,8 @@ UTEST(MARIA_DB, DB_CONNECT) ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -131,7 +132,8 @@ UTEST(MARIA_DB, HAPPY_PATH_ENC) ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -182,7 +184,8 @@ UTEST(MARIA_DB, HAPPY_PATH_AUTH_ENC) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -242,7 +245,8 @@ UTEST(MARIA_DB, AUTH_DECRYPTION_TEST) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -294,7 +298,8 @@ UTEST(MARIA_DB, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -377,7 +382,8 @@ UTEST(MARIA_DB, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -461,7 +467,8 @@ UTEST(MARIA_DB, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); @@ -567,7 +574,8 @@ UTEST(MARIA_DB, BAD_SPACE_CRAFT_ID) ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); diff --git a/test/kmc/ut_tc_kmc.c b/test/kmc/ut_tc_kmc.c index b5597976..ace62a0f 100644 --- a/test/kmc/ut_tc_kmc.c +++ b/test/kmc/ut_tc_kmc.c @@ -120,7 +120,8 @@ void MDB_DB_RESET() UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -180,7 +181,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -239,7 +241,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_16BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -300,7 +303,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_16BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_MAX) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -347,7 +351,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_MAX) UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_TOO_BIG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -392,7 +397,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_TOO_BIG) UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -446,7 +452,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_NULL_IV) UTEST(TC_APPLY_SECURITY, ENC_GCM_KMC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -501,7 +508,8 @@ UTEST(TC_APPLY_SECURITY, ENC_GCM_KMC_NULL_IV) UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_MDB_KMC) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -537,7 +545,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_MDB_KMC) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_1BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -584,7 +593,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_1BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_16BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -632,7 +642,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_16BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_MAX) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -677,7 +688,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_MAX) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_TOO_BIG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -723,7 +735,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_TOO_BIG) UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -760,7 +773,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_NULL_IV) **/ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_KMC) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -818,7 +832,8 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_KMC) **/ UTEST(TC_PROCESS, DECRYPT_CBC_KMC_1B) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -876,7 +891,8 @@ UTEST(TC_PROCESS, DECRYPT_CBC_KMC_1B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_KMC_16B) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -934,7 +950,8 @@ UTEST(TC_PROCESS, DECRYPT_CBC_KMC_16B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_KMC_NULL_IV) { - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -975,7 +992,8 @@ UTEST(TC_PROCESS, DECRYPT_CBC_KMC_NULL_IV) UTEST(TC_PROCESS, DECRYPT_GCM_KMC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -1027,7 +1045,8 @@ UTEST(TC_PROCESS, DECRYPT_GCM_KMC_NULL_IV) **/ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_MDB_KMC) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -1075,7 +1094,8 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_MDB_KMC) **/ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_1B) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -1121,7 +1141,8 @@ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_1B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_16B) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -1168,7 +1189,8 @@ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_16B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_NULL_IV) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); diff --git a/test/performance/pt_auth_as.c b/test/performance/pt_auth_as.c index 42f04c25..9e2902cb 100644 --- a/test/performance/pt_auth_as.c +++ b/test/performance/pt_auth_as.c @@ -105,7 +105,8 @@ double Apply_Security_Loop(uint8_t *frame, int frame_length, uint8_t *enc_frame, UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -153,7 +154,8 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -201,7 +203,8 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_100) UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -248,7 +251,8 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_100) UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -290,7 +294,8 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_100) UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -338,7 +343,8 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -386,7 +392,8 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_100) UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -433,7 +440,8 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_100) UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -475,7 +483,8 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_100) UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -523,7 +532,8 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -571,7 +581,8 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_100) UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -618,7 +629,8 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_100) UTEST(PERFORMANCE, MDB_KMC_AUTH_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -660,7 +672,8 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_LONG_100) UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -708,7 +721,8 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_SHORT_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -756,7 +770,8 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_SHORT_1K) UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -803,7 +818,8 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_SHORT_1K) UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -845,7 +861,8 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_SHORT_1K) UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -893,7 +910,8 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_MED_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -941,7 +959,8 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_MED_1K) UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -988,7 +1007,8 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_MED_1K) UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -1030,7 +1050,8 @@ UTEST(PERFORMANCE, MDB_KMC_AUTH_MED_1K) UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -1078,7 +1099,8 @@ UTEST(PERFORMANCE, LSA_LIBG_AUTH_LONG_1K) UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -1126,7 +1148,8 @@ UTEST(PERFORMANCE, MDB_LIBG_AUTH_LONG_1K) UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -1173,7 +1196,8 @@ UTEST(PERFORMANCE, LSA_KMC_AUTH_LONG_1K) UTEST(PERFORMANCE, MDB_KMC_AUTH_LONG_1K) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); diff --git a/test/performance/pt_auth_enc_as.c b/test/performance/pt_auth_enc_as.c index cf4a9d7e..7ab4dbd9 100644 --- a/test/performance/pt_auth_enc_as.c +++ b/test/performance/pt_auth_enc_as.c @@ -148,7 +148,8 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -186,7 +187,8 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) UTEST(PERFORMANCE, LSA_KMC_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -223,7 +225,8 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_100) UTEST(PERFORMANCE, MDB_KMC_SHORT_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -305,7 +308,8 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_100) UTEST(PERFORMANCE, MDB_LIBG_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -343,7 +347,8 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_100) UTEST(PERFORMANCE, LSA_KMC_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -379,7 +384,8 @@ UTEST(PERFORMANCE, LSA_KMC_MED_100) UTEST(PERFORMANCE, MDB_KMC_MED_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -463,7 +469,8 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -500,7 +507,8 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_100) UTEST(PERFORMANCE, LSA_KMC_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -539,7 +547,8 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_100) UTEST(PERFORMANCE, MDB_KMC_LONG_100) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -624,7 +633,8 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_1000) UTEST(PERFORMANCE, MDB_LIBG_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -662,7 +672,8 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_1000) UTEST(PERFORMANCE, LSA_KMC_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -699,7 +710,8 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_1000) UTEST(PERFORMANCE, MDB_KMC_SHORT_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -781,7 +793,8 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_1000) UTEST(PERFORMANCE, MDB_LIBG_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -819,7 +832,8 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_1000) UTEST(PERFORMANCE, LSA_KMC_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -855,7 +869,8 @@ UTEST(PERFORMANCE, LSA_KMC_MED_1000) UTEST(PERFORMANCE, MDB_KMC_MED_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -939,7 +954,8 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_1000) UTEST(PERFORMANCE, MDB_LIBG_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -976,7 +992,8 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_1000) UTEST(PERFORMANCE, LSA_KMC_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -1016,7 +1033,8 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_1000) UTEST(PERFORMANCE, MDB_KMC_LONG_1000) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); diff --git a/test/performance/pt_auth_enc_ps.c b/test/performance/pt_auth_enc_ps.c index c38b4fd2..4011bbc5 100644 --- a/test/performance/pt_auth_enc_ps.c +++ b/test/performance/pt_auth_enc_ps.c @@ -105,7 +105,8 @@ double Process_Security_Loop(char *data_b, int* data_l, TC_t* processed_frame, i UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -149,7 +150,8 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_100) UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -181,7 +183,8 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_100) UTEST(PERFORMANCE, LSA_KMC_SHORT_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -225,7 +228,8 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_100) UTEST(PERFORMANCE, MDB_KMC_SHORT_100) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -262,7 +266,8 @@ UTEST(PERFORMANCE, MDB_KMC_SHORT_100) UTEST(PERFORMANCE, LSA_LIBG_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -306,7 +311,8 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_100) UTEST(PERFORMANCE, MDB_LIBG_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -340,7 +346,8 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_100) UTEST(PERFORMANCE, LSA_KMC_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -384,7 +391,8 @@ UTEST(PERFORMANCE, LSA_KMC_MED_100) UTEST(PERFORMANCE, MDB_KMC_MED_100) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -421,7 +429,8 @@ UTEST(PERFORMANCE, MDB_KMC_MED_100) UTEST(PERFORMANCE, LSA_LIBG_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -465,7 +474,8 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_100) UTEST(PERFORMANCE, MDB_LIBG_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -499,7 +509,8 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_100) UTEST(PERFORMANCE, LSA_KMC_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -543,7 +554,8 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_100) UTEST(PERFORMANCE, MDB_KMC_LONG_100) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -580,7 +592,8 @@ UTEST(PERFORMANCE, MDB_KMC_LONG_100) UTEST(PERFORMANCE, LSA_LIBG_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -624,7 +637,8 @@ UTEST(PERFORMANCE, LSA_LIBG_SHORT_1K) UTEST(PERFORMANCE, MDB_LIBG_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -656,7 +670,8 @@ UTEST(PERFORMANCE, MDB_LIBG_SHORT_1K) UTEST(PERFORMANCE, LSA_KMC_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -700,7 +715,8 @@ UTEST(PERFORMANCE, LSA_KMC_SHORT_1K) UTEST(PERFORMANCE, MDB_KMC_SHORT_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -737,7 +753,8 @@ UTEST(PERFORMANCE, MDB_KMC_SHORT_1K) UTEST(PERFORMANCE, LSA_LIBG_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -781,7 +798,8 @@ UTEST(PERFORMANCE, LSA_LIBG_MED_1K) UTEST(PERFORMANCE, MDB_LIBG_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -815,7 +833,8 @@ UTEST(PERFORMANCE, MDB_LIBG_MED_1K) UTEST(PERFORMANCE, LSA_KMC_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -859,7 +878,8 @@ UTEST(PERFORMANCE, LSA_KMC_MED_1K) UTEST(PERFORMANCE, MDB_KMC_MED_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -896,7 +916,8 @@ UTEST(PERFORMANCE, MDB_KMC_MED_1K) UTEST(PERFORMANCE, LSA_LIBG_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); @@ -940,7 +961,8 @@ UTEST(PERFORMANCE, LSA_LIBG_LONG_1K) UTEST(PERFORMANCE, MDB_LIBG_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); @@ -974,7 +996,8 @@ UTEST(PERFORMANCE, MDB_LIBG_LONG_1K) UTEST(PERFORMANCE, LSA_KMC_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); @@ -1017,7 +1040,8 @@ UTEST(PERFORMANCE, LSA_KMC_LONG_1K) UTEST(PERFORMANCE, MDB_KMC_LONG_1K) { - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_MariaDB("client-demo-kmc.example.com","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/home/itc/Desktop/CERTS/ammos-ca-bundle.crt", NULL, "/home/itc/Desktop/CERTS/ammos-client-cert.pem", "/home/itc/Desktop/CERTS/ammos-client-key.pem",NULL,"robert", NULL); diff --git a/test/unit/et_dt_validation.c b/test/unit/et_dt_validation.c index c1b8c38b..6619c97b 100644 --- a/test/unit/et_dt_validation.c +++ b/test/unit/et_dt_validation.c @@ -324,7 +324,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib // Crypto_Init_TC_Unit_Test(); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -397,7 +398,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -476,7 +478,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -547,7 +550,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -624,7 +628,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -696,7 +701,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_2) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -771,7 +777,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -843,7 +850,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_3) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -918,7 +926,8 @@ UTEST(NIST_ENC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -990,7 +999,8 @@ UTEST(NIST_DEC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_4) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1076,7 +1086,8 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1163,7 +1174,8 @@ UTEST(NIST_ENC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_1) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1245,7 +1257,8 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0) { // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1369,7 +1382,8 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_DATA) { // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1470,7 +1484,8 @@ UTEST(NIST_DEC_MAC_VALIDATION, AES_GCM_256_IV_96_PT_128_TEST_0_BAD_MAC) { // Setup & Initialize CryptoLib int32_t status; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1572,7 +1587,8 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1661,7 +1677,8 @@ UTEST(NIST_ENC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1747,7 +1764,8 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_0) { uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1840,7 +1858,8 @@ UTEST(NIST_DEC_CMAC_VALIDATION, AES_CMAC_256_PT_128_TEST_1) { uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -1931,7 +1950,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2019,7 +2039,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2106,7 +2127,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) uint16_t enc_frame_len = 0; int32_t status; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2197,7 +2219,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) uint16_t enc_frame_len = 0; int32_t status; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2286,7 +2309,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_0) int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2377,7 +2401,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_256_PT_128_TEST_1) int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2465,7 +2490,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_0) { int32_t status = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2553,7 +2579,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_PT_128_TEST_1) { int32_t status = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2643,7 +2670,8 @@ UTEST(PLAINTEXT, ENCRYPT_DECRYPT) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_TRUE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2680,7 +2708,8 @@ UTEST(NIST_ENC_HMAC_VALIDATION, SHA_512_SHORT_KEY) uint8_t *ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -2759,7 +2788,8 @@ UTEST(NIST_DEC_HMAC_VALIDATION, SHA_512_SHORT_KEY) int32_t status = 0; uint8_t *ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_crypto.c b/test/unit/ut_crypto.c index 286fece2..290ae125 100644 --- a/test/unit/ut_crypto.c +++ b/test/unit/ut_crypto.c @@ -53,7 +53,8 @@ UTEST(CRYPTO_C, CALC_CRC16) UTEST(CRYPTO_C, BAD_CC_FLAG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_NO_SEGMENT_HDRS, 1024); @@ -86,7 +87,8 @@ UTEST(CRYPTO_C, PDU_SWITCH) { int32_t status = CRYPTO_LIB_ERROR; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -263,47 +265,6 @@ UTEST(CRYPTO_C, EXT_PROC_PDU) ASSERT_EQ(status, CRYPTO_LIB_SUCCESS); } -/* - * @brief Unit Test: Test that an SA set to use IV/ARSN without mallocing doesn't segfault and returns an error - **/ -UTEST(INVALID_SA_CONFIGS, INVALID_IV_ARSN) -{ - int32_t status = CRYPTO_LIB_ERROR; - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_TRUE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); - Crypto_Init(); - - char* jpl_frame_pt_h = "2003001c00ff000100001880d03e000a197f0b000300020093d4ba21c4555555555555"; - uint8_t* jpl_frame_pt_b = NULL; - int jpl_frame_pt_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - sadb_routine->sadb_get_sa_from_spi(1, &test_association); - - // Convert input jpl frame - hex_conversion(jpl_frame_pt_h, (char**) &jpl_frame_pt_b, &jpl_frame_pt_len); - - // Should fail, as SA will be set to use ARSN, but ARSN pointer is NULL - test_association->arsn_len = 0; - status = Crypto_TC_ApplySecurity(jpl_frame_pt_b, jpl_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_ERR_NULL_ARSN, status); - - // Should fail, as SA will be set to use IV, but IV pointer is NULL - test_association->iv_len = 0; - test_association->shivf_len = 12; - status = Crypto_TC_ApplySecurity(jpl_frame_pt_b, jpl_frame_pt_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_ERR_NULL_IV, status); - free(test_association); -} - /** * @brief Unit Test: Crypto ACS Get Algorithm response **/ diff --git a/test/unit/ut_mysql_m_tls_connection.c b/test/unit/ut_mysql_m_tls_connection.c index 2b0ea864..7ca5c41f 100644 --- a/test/unit/ut_mysql_m_tls_connection.c +++ b/test/unit/ut_mysql_m_tls_connection.c @@ -129,7 +129,8 @@ UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) { int32_t Crypto_Init_TC_Unit_Test_For_DB(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_mysql_tls_connection.c b/test/unit/ut_mysql_tls_connection.c index e2ecd332..e34feb45 100644 --- a/test/unit/ut_mysql_tls_connection.c +++ b/test/unit/ut_mysql_tls_connection.c @@ -113,7 +113,8 @@ UTEST(MARIA_DB_CONNECTION_TESTS, TLS_TEST) { int32_t Crypto_Init_TC_Unit_Test_For_DB(void) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_sadb_err_cases_kmc_crypto.c b/test/unit/ut_sadb_err_cases_kmc_crypto.c index 6adc5dda..c033b19e 100644 --- a/test/unit/ut_sadb_err_cases_kmc_crypto.c +++ b/test/unit/ut_sadb_err_cases_kmc_crypto.c @@ -45,7 +45,8 @@ UTEST(KMC_CRYPTO, ONLY_KEYED_SA_AVAILABLE_FOR_GVCID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -96,7 +97,8 @@ UTEST(KMC_CRYPTO, ONLY_KEYED_SA_AVAILABLE_FOR_GVCID) UTEST(KMC_CRYPTO, ONLY_UNKEYED_SA_AVAILABLE_FOR_GVCID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -147,7 +149,8 @@ UTEST(KMC_CRYPTO, ONLY_UNKEYED_SA_AVAILABLE_FOR_GVCID) UTEST(KMC_CRYPTO, NULL_EKID_BLANK_ECS_ERROR) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); @@ -198,7 +201,8 @@ UTEST(KMC_CRYPTO, NULL_EKID_BLANK_ECS_ERROR) UTEST(KMC_CRYPTO, INVALID_ABM_LENGTH_FOR_FRAME_WITH_SEG_HEADERS) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, SADB_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); diff --git a/test/unit/ut_tc_apply.c b/test/unit/ut_tc_apply.c index 2aa463ae..e0c21876 100644 --- a/test/unit/ut_tc_apply.c +++ b/test/unit/ut_tc_apply.c @@ -38,7 +38,8 @@ UTEST(TC_APPLY_SECURITY, NO_CRYPTO_INIT) int raw_tc_sdls_ping_len = 0; hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -300,7 +301,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_IV_ROLLOVE UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -379,7 +381,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -479,7 +482,8 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLO UTEST(TC_APPLY_SECURITY, BAD_SPACE_CRAFT_ID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -510,7 +514,8 @@ UTEST(TC_APPLY_SECURITY, BAD_SPACE_CRAFT_ID) UTEST(TC_APPLY_SECURITY, BAD_VIRTUAL_CHANNEL_ID) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -542,7 +547,8 @@ UTEST(TC_APPLY_SECURITY, BAD_VIRTUAL_CHANNEL_ID) UTEST(TC_APPLY_SECURITY, NULL_BUFFER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -577,7 +583,8 @@ UTEST(TC_APPLY_SECURITY, INVALID_FRAME_SIZE) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -624,7 +631,8 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -657,7 +665,8 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENG uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -690,7 +699,8 @@ UTEST(TC_APPLY_SECURITY, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENG UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -751,7 +761,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_16BP) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -814,7 +825,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_16BP) UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_MAX) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -861,7 +873,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_MAX) UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_TOO_BIG) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -904,7 +917,8 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_FRAME_TOO_BIG) UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP_1) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -976,9 +990,11 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_1BP_1) UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, + TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, + TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, + SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1045,9 +1061,11 @@ UTEST(TC_APPLY_SECURITY, ENC_CBC_NULL_IV) UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, + TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, + TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, + SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -1073,7 +1091,8 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); - uint8_t* ptr_enc_frame = NULL; + uint8_t enc_frame[2048]; + uint8_t* ptr_enc_frame = &enc_frame[0]; uint16_t enc_frame_len = 0; SecurityAssociation_t* test_association; @@ -1087,8 +1106,9 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) test_association->arsn_len = 0; test_association->iv_len = 16; test_association->shivf_len = 16; - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, + &ptr_enc_frame, &enc_frame_len); + ASSERT_EQ(CRYPTO_LIB_ERR_NULL_IV, return_val); char* truth_data_h = "200300260000000BFFEEDDCCBBAA00000000000001BD8722C9D22E0CB109AC402748F672067D37"; @@ -1096,6 +1116,7 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) int truth_data_l = 0; hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); + printf("Received Encrypted Frame of length %d bytes:\n\t", enc_frame_len); for(int i = 0; i < enc_frame_len; i++) { @@ -1107,7 +1128,6 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) Crypto_Shutdown(); free(truth_data_b); free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); } diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index e46e80d0..18cdb910 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -34,7 +34,8 @@ UTEST(TC_PROCESS, EXERCISE_IV) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -148,7 +149,8 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -270,7 +272,8 @@ UTEST(TC_PROCESS, EXERCISE_ARSN) UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -358,7 +361,8 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_STATIC_IV_ROLLOVER) UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -469,7 +473,8 @@ UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) UTEST(TC_PROCESS, HAPPY_PATH_PROCESS_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -558,7 +563,8 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPEC) { int32_t status = CRYPTO_LIB_SUCCESS; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -599,7 +605,8 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENGTH_HEAD { int32_t status = CRYPTO_LIB_SUCCESS; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 4); @@ -638,7 +645,8 @@ UTEST(TC_PROCESS, ERROR_TC_INPUT_FRAME_TOO_SHORT_FOR_SPECIFIED_FRAME_LENGTH_HEAD UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC) { int32_t status = CRYPTO_LIB_SUCCESS; - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -699,7 +707,8 @@ UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC) **/ UTEST(TC_PROCESS, DECRYPT_CBC_1B) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); @@ -762,7 +771,8 @@ UTEST(TC_PROCESS, DECRYPT_CBC_1B) **/ UTEST(TC_PROCESS, DECRYPT_CBC_16B) { - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024); @@ -827,7 +837,8 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) { uint8_t* ptr_enc_frame = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_NO_FECF, TC_HAS_SEGMENT_HDRS, 1024); diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index 422aa116..cc59c94c 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -43,7 +43,8 @@ UTEST(TM_APPLY_SECURITY, NO_CRYPTO_INIT) hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_HAS_SECONDARY_HDR , 1786); @@ -191,7 +192,8 @@ UTEST(TM_APPLY_SECURITY, HAPPY_PATH_CLEAR_FECF_LEFT_BLANK) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_NO_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -352,7 +354,9 @@ UTEST(TM_APPLY_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; + sa_ptr->ecs_len = 1; sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -392,7 +396,8 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -432,6 +437,8 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_0) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -480,7 +487,8 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -521,6 +529,8 @@ UTEST(TM_APPLY_SECURITY, AES_CMAC_256_TEST_1) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -568,7 +578,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -608,6 +619,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_0) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -655,7 +668,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -695,6 +709,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_256_TEST_1) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -742,7 +758,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -783,6 +800,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -834,7 +853,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -875,6 +895,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -922,7 +944,8 @@ UTEST(TM_APPLY_ENC_VAL, AES_HMAC_SHA_512_TEST_1) UTEST(TM_APPLY_ENC_VAL, AES_GCM_BITMASK_1) { // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 00ea5d59..5070374d 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -42,7 +42,8 @@ UTEST(TM_PROCESS_SECURITY, NO_CRYPTO_INIT) char* framed_tm_b = NULL; hex_conversion(framed_tm_h, &framed_tm_b, (int *)&framed_tm_len); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_HAS_SECONDARY_HDR , 1786); @@ -241,25 +242,26 @@ UTEST(TM_PROCESS_SECURITY, SECONDARY_HDR_PRESENT_MAC) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0xFF, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; // Determine managed parameters by GVCID, which nominally happens in TO - status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, - gvcid_managed_parameters, ¤t_managed_parameters); + //status = Crypto_Get_Managed_Parameters_For_Gvcid(tm_frame_pri_hdr.tfvn, tm_frame_pri_hdr.scid, tm_frame_pri_hdr.vcid, + // gvcid_managed_parameters, ¤t_managed_parameters); status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // Now, byte by byte verify the static frame in memory is equivalent to what we started with for(int i=0; i < current_managed_parameters->max_frame_size; i++) { - // printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); + printf("Checking %02x against %02X\n", ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); ASSERT_EQ(ptr_processed_frame[i], (uint8_t)*(truth_tm_b + i)); } @@ -282,7 +284,8 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -315,13 +318,14 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_0) sa_ptr->shivf_len = 0; sa_ptr->iv_len = 0; sa_ptr->shsnf_len = 0; - sa_ptr->arsn_len = 0; sa_ptr->abm_len = 1786; memset(sa_ptr->abm, 0x00, (sa_ptr->abm_len * sizeof(uint8_t))); // Bitmask sa_ptr->stmacf_len = 16; sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -373,7 +377,8 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -414,6 +419,8 @@ UTEST(TM_PROCESS_SECURITY, AES_CMAC_256_TEST_1) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_CMAC_AES256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -464,7 +471,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -504,6 +512,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_0) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -554,7 +564,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -594,6 +605,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_256_TEST_1) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA256; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -644,7 +657,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -685,6 +699,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_0) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -739,7 +755,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) // Setup & Initialize CryptoLib // Oddball setup that doesn't use TM_INIT to check FECF - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); @@ -780,6 +797,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_HMAC_SHA_512_TEST_1) sa_ptr->sa_state = SA_OPERATIONAL; sa_ptr->ecs = CRYPTO_CIPHER_NONE; sa_ptr->acs = CRYPTO_MAC_HMAC_SHA512; + sa_ptr->ecs_len = 1; + sa_ptr->acs_len = 1; sa_ptr->ekid = 0; sa_ptr->akid = 136; @@ -834,7 +853,8 @@ UTEST(TM_PROCESS_ENC_VAL, AES_GCM_BITMASK_1) // SecurityAssociation_t *sa_ptr = NULL; // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002c, 0, TM_HAS_FECF, TM_SEGMENT_HDRS_NA, 1786); From 64343c0eba203eeec5cd830d72fd93dda6fd16a2 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 21 Jun 2023 13:46:51 -0400 Subject: [PATCH 06/10] [nasa/cryptolib#164] Update CI to include test build flags and sa/mariadb to avoid freeing data; --- .github/workflows/build.yml | 12 ++++----- .../mariadb/sadb_routine_mariadb.template.c | 26 +++---------------- 2 files changed, 9 insertions(+), 29 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index e771482d..404245be 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -24,7 +24,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 - name: Build # Build your program with the given configuration @@ -49,7 +49,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 - name: Build # Build your program with the given configuration @@ -75,7 +75,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 - name: Build # Build your program with the given configuration @@ -101,7 +101,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 - name: Build # Build your program with the given configuration @@ -127,7 +127,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 -DTEST=1 -DTEST_ENC=1 - name: Build # Build your program with the given configuration @@ -153,7 +153,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 -DTEST=1 -DTEST_ENC=1 - name: Build # Build your program with the given configuration diff --git a/src/sa/mariadb/sadb_routine_mariadb.template.c b/src/sa/mariadb/sadb_routine_mariadb.template.c index 9e199cba..8d1cdbba 100644 --- a/src/sa/mariadb/sadb_routine_mariadb.template.c +++ b/src/sa/mariadb/sadb_routine_mariadb.template.c @@ -252,18 +252,8 @@ static int32_t sadb_save_sa(SecurityAssociation_t* sa) // todo - if query fails, need to push failure message to error stack instead of just return code. // We free the allocated SA memory in the save function. - if (sa->iv != NULL) - free(sa->iv); - if (sa->abm != NULL) - free(sa->abm); - if (sa->arsn != NULL) - free(sa->arsn); if (sa->ek_ref != NULL) free(sa->ek_ref); - if (sa->ecs != NULL) - free(sa->ecs); - if (sa->acs != NULL) - free(sa->acs); if (sa->ak_ref != NULL) free(sa->ak_ref); free(sa); @@ -525,25 +515,15 @@ static int32_t parse_sa_from_mysql_query(char* query, SecurityAssociation_t** se } // printf("\n"); } - if (iv_byte_str == NULL){ - sa->iv = NULL; - } - else{ - sa->iv = (uint8_t* )calloc(1, sa->iv_len * sizeof(uint8_t)); - } - - sa->arsn = (uint8_t* )calloc(1, sa->arsn_len * sizeof(uint8_t)); - sa->abm = (uint8_t* )calloc(1, sa->abm_len * sizeof(uint8_t)); - sa->ecs = (uint8_t* )calloc(1, sa->ecs_len * sizeof(uint8_t)); - sa->acs = (uint8_t* )calloc(1, sa->acs_len * sizeof(uint8_t)); + if(iv_byte_str != NULL){ if(sa->iv_len > 0) convert_hexstring_to_byte_array(iv_byte_str, sa->iv); } if(sa->arsn_len > 0) convert_hexstring_to_byte_array(arc_byte_str, sa->arsn); if(sa->abm_len > 0) convert_hexstring_to_byte_array(abm_byte_str, sa->abm); - if(sa->ecs_len > 0) convert_hexstring_to_byte_array(ecs_byte_str, sa->ecs); - if(sa->acs_len > 0) convert_hexstring_to_byte_array(acs_byte_str, sa->acs); + if(sa->ecs_len > 0) convert_hexstring_to_byte_array(ecs_byte_str, &sa->ecs); + if(sa->acs_len > 0) convert_hexstring_to_byte_array(acs_byte_str, &sa->acs); //arsnw_len is not necessary for mariadb interface, putty dummy/default value for prints. sa->arsnw_len = 1; From 9475297f955d537025be58b3c979a641746ae1c9 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 21 Jun 2023 13:49:52 -0400 Subject: [PATCH 07/10] [nasa/cryptolib#164] Removed additional flag for enc_test since it requried pycryptodome that wasn't installed; --- .github/workflows/build.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 404245be..a3dcb2fa 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -24,7 +24,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - name: Build # Build your program with the given configuration @@ -49,7 +49,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=0 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - name: Build # Build your program with the given configuration @@ -75,7 +75,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - name: Build # Build your program with the given configuration @@ -101,7 +101,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 -DTEST_ENC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=0 -DTEST=1 - name: Build # Build your program with the given configuration @@ -127,7 +127,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 -DTEST=1 -DTEST_ENC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=1 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 -DTEST=1 - name: Build # Build your program with the given configuration @@ -153,7 +153,7 @@ jobs: - name: Configure CMake # Configure CMake in a 'build' subdirectory. `CMAKE_BUILD_TYPE` is only required if you are using a single-configuration generator such as make. # See https://cmake.org/cmake/help/latest/variable/CMAKE_BUILD_TYPE.html?highlight=cmake_build_type - run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 -DTEST=1 -DTEST_ENC=1 + run: cmake -B ${{github.workspace}}/build -DDEBUG=0 -DSA_MARIADB=1 -DCRYPTO_LIBGCRYPT=1 -DCRYPTO_KMC=1 -DTEST=1 - name: Build # Build your program with the given configuration From 5d681e9d1d24701b83ed8063436c962471509da0 Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Wed, 21 Jun 2023 14:19:41 -0400 Subject: [PATCH 08/10] [nasa/cryptolib#164] Change debug define for CRYPTO IS AEAD?; --- src/core/crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 42630aad..9f778fdc 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -72,7 +72,7 @@ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) // TODO - Add cipher suite mapping to which algorithms are AEAD and which are not. if((cipher_suite_id == CRYPTO_CIPHER_AES256_GCM) || (cipher_suite_id == CRYPTO_CIPHER_AES256_CBC_MAC)) { - #ifdef CRYPTO_DEBUG + #ifdef DEBUG printf(KYEL "CRYPTO IS AEAD? : TRUE\n" RESET); #endif return CRYPTO_TRUE; @@ -80,7 +80,7 @@ uint8_t Crypto_Is_AEAD_Algorithm(uint32_t cipher_suite_id) } else { - #ifdef CRYPTO_DEBUG + #ifdef DEBUG printf(KYEL "CRYPTO IS AEAD? : FALSE\n" RESET); #endif return CRYPTO_FALSE; From 0b113ddf11e9f760d440e5850435096ef025bd6f Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Wed, 21 Jun 2023 14:36:54 -0400 Subject: [PATCH 09/10] update Error Messages --- src/core/crypto_error.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index 22b02a92..374a9b98 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -67,6 +67,8 @@ char *crypto_enum_errlist_core[] = ,"CRYPTO_LIB_ERR_NULL_MODE_PTR" ,"CRYPTO_LIB_ERR_UNSUPPORTED_MODE" ,"CRYPTO_LIB_ERR_INPUT_FRAME_TOO_SHORT_FOR_TM_STANDARD" + ,"CRYPTO_LIB_ERR_TC_ENUM_USED_FOR_TM_CONFIG" + ,"CRYPTO_LIB_ERR_KEY_ID_ERROR" }; char *crypto_enum_errlist_config[] = From 22b1bdc0f67ec7c6bff3be65fc7e36d22416b71c Mon Sep 17 00:00:00 2001 From: "Lucas, John P" Date: Thu, 22 Jun 2023 14:23:24 -0400 Subject: [PATCH 10/10] [nasa/cryptolib#164] Updates to latest unit test added in dev to enable merge; --- test/unit/ut_tc_apply.c | 32 +++++++++++++++----------------- 1 file changed, 15 insertions(+), 17 deletions(-) diff --git a/test/unit/ut_tc_apply.c b/test/unit/ut_tc_apply.c index 9c15a882..b73aad07 100644 --- a/test/unit/ut_tc_apply.c +++ b/test/unit/ut_tc_apply.c @@ -1136,25 +1136,25 @@ UTEST(TC_APPLY_SECURITY, CBC_NULL_IV_W_IVH) */ UTEST(TC_APPLY_SECURITY, PLAINTEXT_W_ARSN) { - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, SADB_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024); Crypto_Init(); - // Test string - char* raw_tc_sdls_ping_h = "2003001F00000100011880D2C9000E197F0B001B0004000400003040D95E0000"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; + // Test string + char* raw_tc_sdls_ping_h = "2003001F00000100011880D2C9000E197F0B001B0004000400003040D95E0000"; + char* raw_tc_sdls_ping_b = NULL; + int raw_tc_sdls_ping_len = 0; - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - int32_t return_val = CRYPTO_LIB_ERROR; + uint8_t* ptr_enc_frame = NULL; + uint16_t enc_frame_len = 0; + int32_t return_val = CRYPTO_LIB_ERROR; - return_val = -Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); char* truth_data_h = "200300230000010000000100011880D2C9000E197F0B001B0004000400003040D95E85F3"; uint8_t* truth_data_b = NULL; @@ -1168,11 +1168,9 @@ Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &pt ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); } -Crypto_Shutdown(); -free(raw_tc_sdls_ping_b); -free(ptr_enc_frame); -ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + Crypto_Shutdown(); + free(raw_tc_sdls_ping_b); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); } - UTEST_MAIN();