From e9541dc928f3e525f514df4ca39cfe5d0c27e9ba Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 5 Aug 2024 14:26:30 +0000 Subject: [PATCH 1/3] [nasa/cryptolib#268] switched source branch to dev --- include/crypto_error.h | 1 + .../internal/sa_interface_inmemory.template.c | 5 +++ test/unit/ut_aos_process.c | 30 ++++++++++++++++ test/unit/ut_tc_process.c | 34 +++++++++++++++++++ test/unit/ut_tm_process.c | 30 ++++++++++++++++ 5 files changed, 100 insertions(+) diff --git a/include/crypto_error.h b/include/crypto_error.h index ff2f3439..3505c95c 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -124,6 +124,7 @@ #define CRYPTO_LIB_ERR_FAIL_SA_SAVE (-52) #define CRYPTO_LIB_ERR_FAIL_SA_LOAD (-53) #define CRYPTO_LIB_ERR_KEY_VALIDATION (-54) +#define CRYPTO_LIB_ERR_SPI_INDEX_OOB (-55) extern char *crypto_enum_errlist_core[]; extern char *crypto_enum_errlist_config[]; diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index a045c1d1..a537a38f 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -704,6 +704,11 @@ static int32_t sa_close(void) static int32_t sa_get_from_spi(uint16_t spi, SecurityAssociation_t** security_association) { int32_t status = CRYPTO_LIB_SUCCESS; + // Check if spi index in sa array + if (spi > NUM_SA) + { + return CRYPTO_LIB_ERR_SPI_INDEX_OOB; + } *security_association = &sa[spi]; // if (sa[spi].shivf_len > 0 && crypto_config.cryptography_type != CRYPTOGRAPHY_TYPE_KMCCRYPTO) // { diff --git a/test/unit/ut_aos_process.c b/test/unit/ut_aos_process.c index abc7ae39..11357d4a 100644 --- a/test/unit/ut_aos_process.c +++ b/test/unit/ut_aos_process.c @@ -798,4 +798,34 @@ UTEST(AOS_PROCESS, AEAD_GCM_BITMASK_1) free(ptr_processed_frame); } +UTEST(AOS_PROCESS, AOS_SA_SEGFAULT_TEST) +{ + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t* ptr_processed_frame = NULL; + uint16_t processed_aos_len; + + // Configure Parameters + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_AOS_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // AOS Tests + Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_HAS_IZ, 10); + status = Crypto_Init(); + + // Test frame setup + char* framed_aos_h = "42C00000000000000000000000000000FFFF"; + char* framed_aos_b = NULL; + int framed_aos_len = 0; + hex_conversion(framed_aos_h, &framed_aos_b, &framed_aos_len); + + status = Crypto_AOS_ProcessSecurity((uint8_t* )framed_aos_b, framed_aos_len, &ptr_processed_frame, &processed_aos_len); + ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_OOB, status); + + Crypto_Shutdown(); + free(framed_aos_b); + free(ptr_processed_frame); +} + UTEST_MAIN(); \ No newline at end of file diff --git a/test/unit/ut_tc_process.c b/test/unit/ut_tc_process.c index 97fcd622..3a71a279 100644 --- a/test/unit/ut_tc_process.c +++ b/test/unit/ut_tc_process.c @@ -939,4 +939,38 @@ UTEST(TC_PROCESS, GCM_IV_AND_ARSN) free(tc_nist_processed_frame); } +UTEST(TC_PROCESS, TC_SA_SEGFAULT_TEST) +{ + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + + // Configure Parameters + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // AOS Tests + Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_OCF_NA, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + status = Crypto_Init(); + + TC_t* tc_sdls_processed_frame; + tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + + // Test frame setup + char* test_frame_pt_h = "2003002A000000FF00000000000000000000000000000000025364F9BC3344AF359DA06CA886748F59A0AB"; + uint8_t *test_frame_pt_b = NULL; + int test_frame_pt_len = 0; + + // Convert input test frame + hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + + status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); + + ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_OOB, status); + free(test_frame_pt_b); + free(tc_sdls_processed_frame); + Crypto_Shutdown(); +} + UTEST_MAIN(); diff --git a/test/unit/ut_tm_process.c b/test/unit/ut_tm_process.c index 2b971dc0..a3be06cc 100644 --- a/test/unit/ut_tm_process.c +++ b/test/unit/ut_tm_process.c @@ -1072,4 +1072,34 @@ UTEST(TM_PROCESS_ENC_VAL, AEAD_AES_GCM_BITMASK_1) free(iv_b); } +UTEST(TM_PROCESS, TM_SA_SEGFAULT_TEST) +{ + // Local Variables + int32_t status = CRYPTO_LIB_SUCCESS; + uint8_t* ptr_processed_frame = NULL; + uint16_t processed_tm_len; + + // Configure Parameters + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TM_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + // AOS Tests + Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_NO_FHEC, AOS_HAS_IZ, 10); + status = Crypto_Init(); + + // Test frame setup + char* framed_tm_h = "02c000001800FFFF"; + char* framed_tm_b = NULL; + int framed_tm_len = 0; + hex_conversion(framed_tm_h, &framed_tm_b, &framed_tm_len); + + status = Crypto_TM_ProcessSecurity((uint8_t* )framed_tm_b, framed_tm_len, &ptr_processed_frame, &processed_tm_len); + ASSERT_EQ(CRYPTO_LIB_ERR_SPI_INDEX_OOB, status); + + Crypto_Shutdown(); + free(framed_tm_b); + free(ptr_processed_frame); +} + UTEST_MAIN(); \ No newline at end of file From 391e7648d40479dde82b55f347b6b1eef5602e90 Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 5 Aug 2024 14:56:42 +0000 Subject: [PATCH 2/3] [nasa/cryptolib#268] Added another status check after Crypto_TC_Sanity_Validations --- src/core/crypto_tc.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 64328258..44184aab 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1762,6 +1762,11 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t* ingest, int* len_ingest, TC_t* tc #endif status = Crypto_TC_Sanity_Validations(tc_sdls_processed_frame, &sa_ptr); + if (status != CRYPTO_LIB_SUCCESS) + { + mc_if->mc_log(status); + return status; + } // Allocate the necessary byte arrays within the security header + trailer given the SA //tc_sdls_processed_frame->tc_sec_header.iv = calloc(1, sa_ptr->iv_len); From 83e2b453d3422dc49ad0a6ff508f41483fa67eea Mon Sep 17 00:00:00 2001 From: Donnie-Ice Date: Mon, 5 Aug 2024 15:42:17 +0000 Subject: [PATCH 3/3] [nasa/cryptolib#268] Fix one-off index check --- src/sa/internal/sa_interface_inmemory.template.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index a537a38f..0d01a11f 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -705,7 +705,7 @@ static int32_t sa_get_from_spi(uint16_t spi, SecurityAssociation_t** security_as { int32_t status = CRYPTO_LIB_SUCCESS; // Check if spi index in sa array - if (spi > NUM_SA) + if (spi >= NUM_SA) { return CRYPTO_LIB_ERR_SPI_INDEX_OOB; }