From 5d2fd3131fc703c716fe1032564f21b83d7bd87b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luna=20Gr=C3=A4fje?= Date: Fri, 23 Aug 2024 07:25:15 -0400 Subject: [PATCH 1/2] Don't skip Handle_Increment if Do_Encrypt_NONPLAINTEXT succeeds I'm 100% sure that this was a (unfortunately disastrous) typo. --- src/core/crypto_tm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/crypto_tm.c b/src/core/crypto_tm.c index 7b9e7ea8..c3c112db 100644 --- a/src/core/crypto_tm.c +++ b/src/core/crypto_tm.c @@ -529,7 +529,7 @@ int32_t Crypto_TM_Do_Encrypt(uint8_t sa_service_type, SecurityAssociation_t* sa_ } - if (status != CRYPTO_LIB_SUCCESS) + if (status == CRYPTO_LIB_SUCCESS) { status = Crypto_TM_Do_Encrypt_Handle_Increment(sa_service_type, sa_ptr); } @@ -2035,4 +2035,4 @@ uint32_t Crypto_Prepare_TM_AAD(const uint8_t* buffer, uint16_t len_aad, const ui #endif return status; -} \ No newline at end of file +} From 5c905e6d4f2ecaef134f904e40c804cd930e004d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Luna=20Gr=C3=A4fje?= Date: Fri, 23 Aug 2024 14:40:14 -0400 Subject: [PATCH 2/2] Test that the IV is incremented as part of TM_ApplySecurity --- test/unit/ut_tm_apply.c | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/test/unit/ut_tm_apply.c b/test/unit/ut_tm_apply.c index 9904dcc4..c37415f0 100644 --- a/test/unit/ut_tm_apply.c +++ b/test/unit/ut_tm_apply.c @@ -1109,6 +1109,13 @@ UTEST(TM_APPLY_ENC_VAL, AEAD_AES_GCM_BITMASK_1) hex_conversion(iv_h, &iv_b, &iv_len); memcpy(sa_ptr->iv, iv_b, iv_len); + // Expected IV after increment + char* next_iv_h = "DEADBEEFDEADBEEFDEADBEEFDEADBEF0"; + char* next_iv_b = NULL; + int next_iv_len = 0; + hex_conversion(next_iv_h, &next_iv_b, &next_iv_len); + ASSERT_EQ(next_iv_len, iv_len); + Crypto_TM_ApplySecurity((uint8_t*)framed_tm_b); printf("Static frame contents:\n\t"); @@ -1142,10 +1149,17 @@ UTEST(TM_APPLY_ENC_VAL, AEAD_AES_GCM_BITMASK_1) } printf("\n"); + // Ensure IV has been incremented + for (int i = 0; i < iv_len; i++) + { + ASSERT_EQ((uint8_t)next_iv_b[i], (uint8_t)sa_ptr->iv[i]); + } + Crypto_Shutdown(); free(truth_tm_b); free(framed_tm_b); free(iv_b); + free(next_iv_b); } -UTEST_MAIN(); \ No newline at end of file +UTEST_MAIN();