197 aes gcm siv

.github/workflows/build.yml

@@ -18,9 +18,26 @@ jobs:
     - name: Update
       run: sudo apt-get update
     - name: Install Dependencies
-      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat libgcrypt20-dev python3 
+      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 
     - name: Install Python Libraries
       run: sudo pip install pycryptodome
+    - name: Install Libgcrypt
+      run: >
+        curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
+        -o /tmp/libgpg-error-1.50.tar.bz2 
+        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgpg-error-1.50 
+        && sudo ./configure 
+        && sudo make install 
+        && curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
+        -o /tmp/libgcrypt-1.11.0.tar.bz2 
+        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgcrypt-1.11.0 
+        && sudo ./configure 
+        && sudo make install
+        && sudo ldconfig
     # End Container Setup
 
     - name: Minimal Build Script
@@ -38,9 +55,26 @@ jobs:
     - name: Update
       run: sudo apt-get update
     - name: Install Dependencies
-      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat libgcrypt20-dev python3
+      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3
     - name: Install Python Libraries
       run: sudo pip install pycryptodome
+    - name: Install Libgcrypt
+      run: >
+        curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
+        -o /tmp/libgpg-error-1.50.tar.bz2 
+        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgpg-error-1.50 
+        && sudo ./configure 
+        && sudo make install 
+        && curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
+        -o /tmp/libgcrypt-1.11.0.tar.bz2 
+        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgcrypt-1.11.0 
+        && sudo ./configure 
+        && sudo make install
+        && sudo ldconfig
     # End Container Setup
 
     - name: Internal Build Script
@@ -70,9 +104,26 @@ jobs:
     - name: Update
       run: sudo apt-get update
     - name: Install Dependencies
-      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat libgcrypt20-dev python3
+      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3
     - name: Install Python Libraries
       run: sudo pip install pycryptodome
+    - name: Install Libgcrypt
+      run: >
+        curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
+        -o /tmp/libgpg-error-1.50.tar.bz2 
+        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgpg-error-1.50 
+        && sudo ./configure 
+        && sudo make install 
+        && curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
+        -o /tmp/libgcrypt-1.11.0.tar.bz2 
+        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgcrypt-1.11.0 
+        && sudo ./configure 
+        && sudo make install
+        && sudo ldconfig
     # End Container Setup
 
     - name: KMC Build Script
@@ -102,9 +153,26 @@ jobs:
     - name: Update
       run: sudo apt-get update
     - name: Install Dependencies
-      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat libgcrypt20-dev python3 autoconf libtool
+      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool
     - name: Install Python Libraries
       run: sudo pip install pycryptodome
+    - name: Install Libgcrypt
+      run: >
+        curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
+        -o /tmp/libgpg-error-1.50.tar.bz2 
+        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgpg-error-1.50 
+        && sudo ./configure 
+        && sudo make install 
+        && curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
+        -o /tmp/libgcrypt-1.11.0.tar.bz2 
+        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgcrypt-1.11.0 
+        && sudo ./configure 
+        && sudo make install
+        && sudo ldconfig
     - name: Clone WolfSSL
       run: git clone --depth 1 --branch v5.6.0-stable https://github.com/wolfSSL/wolfssl.git /tmp/wolfssl
 
@@ -114,7 +182,7 @@ jobs:
       #run: cd /tmp/wolfssl/;
       #     sudo chown -R runner /usr/local; 
       #     ./autogen.sh;
-      #     ./configure --enable-aesccm --enable-aessiv --enable-cmac;
+      #     sudo ./configure --enable-aesccm --enable-aessiv --enable-cmac;
       #     make;
       #     make install;
       #sudo chown -R runner /usr/local;
@@ -155,21 +223,40 @@ jobs:
     - name: Update
       run: yum update -y
     - name: Install Dependencies
-      run: yum install -y epel-release python38-devel libcurl-devel libgpg-error-devel libgcrypt-devel git cmake gcc java-11-openjdk-devel openssl wget mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server
+      run: yum install -y epel-release python38-devel libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server
       # Might want to trim this down, but these dependencies should work for KMC
     - name: install lcov
       run: yum install -y --enablerepo=epel lcov
     - name: Install Python Dependencies
       run: pip3 install pycryptodome
+    - name: Install Libgcrypt
+      run: >
+        curl 
+        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
+        -o /tmp/libgpg-error-1.50.tar.bz2 
+        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgpg-error-1.50 
+        && ./configure 
+        && make install 
+        && curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
+        -o /tmp/libgcrypt-1.11.0.tar.bz2 
+        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgcrypt-1.11.0 
+        && ./configure 
+        && make install  
+        && echo "export LD_LIBRARY_PATH=/usr/local/lib/:/usr/local/include:$LD_LIBRARY_PATH" >> ~/.bashrc 
+        && source ~/.bashrc 
+        && ldconfig
     # End Container Setup
 
     - name: RHEL Build Script
       working-directory: ${{github.workspace}}
-      run: bash ${GITHUB_WORKSPACE}/support/scripts/build_rhel.sh
+      run: source ~/.bashrc && ${GITHUB_WORKSPACE}/support/scripts/build_rhel.sh
 
     - name: Code-Coverage
       working-directory: ${{github.workspace}}
-      run: make gcov
+      run: source ~/.bashrc && make gcov
 
     - name: Upload 
       uses: codecov/codecov-action@v4

CMakeLists.txt

@@ -24,6 +24,7 @@ project(crypto C)
 set(SA_CUSTOM_PATH_DEFAULT "../../sa/custom")
 set(KEY_CUSTOM_PATH_DEFAULT "../../key/custom")
 set(MC_CUSTOM_PATH_DEFAULT "../../mc/custom")
+set(MC_LOG_PATH_DEFAULT "log.txt")
 set(CRYPTO_CUSTOM_PATH_DEFAULT "../../crypto/custom")
 
 
@@ -57,6 +58,7 @@ option(SYSTEM_INSTALL "SystemInstall" OFF)
 option(TEST "Test" OFF)
 option(TEST_ENC "Tests - Encryption" OFF)
 option(SA_FILE "Save Security Association to File" OFF)
+option(KEY_VALIDATION "Validate existance of key duplication" OFF)
 
 OPTION(KMC_MDB_RH "KMC-MDB-RedHat-Integration-Testing" OFF) #Disabled by default, enable with: -DKMC_MDB_RH=ON
 OPTION(KMC_MDB_DB "KMC-MDB-Debian-Integration-Testing" OFF) #Disabled by default, enable with: -DKMC_MDB_DB=ON
@@ -110,11 +112,22 @@ if(SA_FILE)
     add_definitions(-DSA_FILE)
 endif()
 
+if(KEY_VALIDATION)
+    add_definitions(-DKEY_VALIDATION)
+endif()
+
 if(DEBUG)
     add_definitions(-DDEBUG -DOCF_DEBUG -DFECF_DEBUG -DSA_DEBUG -DPDU_DEBUG -DCCSDS_DEBUG -DTC_DEBUG -DMAC_DEBUG -DTM_DEBUG -DAOS_DEBUG)
     add_compile_options(-ggdb)
 endif()
 
+if(DEFINED MC_LOG_CUSTOM_PATH)
+    message(STATUS "MC_LOG_CUSTOM_PATH set to: ${MC_LOG_CUSTOM_PATH}")
+    add_compile_definitions(MC_LOG_PATH="${MC_LOG_CUSTOM_PATH}")
+else()
+    add_compile_definitions(MC_LOG_PATH="${MC_LOG_PATH_DEFAULT}")
+endif()
+
 IF(KMC_MDB_RH)
     ADD_DEFINITIONS(-DKMC_MDB_RH)
     ADD_DEFINITIONS(-DKMC_CFFI_EXCLUDE)

README.md

@@ -1,6 +1,8 @@
 ![Build](https://github.com/nasa/CryptoLib/actions/workflows/build.yml/badge.svg)
 [![CodeCov](https://codecov.io/gh/nasa/CryptoLib/branch/main/graph/badge.svg?token=KCOMCQO0ZU)](https://codecov.io/gh/nasa/CryptoLib)
 
+![CryptoLib logo Final All orange](https://github.com/user-attachments/assets/fc02870b-e2d2-4577-83c2-78985d5fbdd6)
+
 # CryptoLib
 
 Provide a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station.