diff --git a/include/crypto_config.h b/include/crypto_config.h index 4ac51739..7ae23b8a 100644 --- a/include/crypto_config.h +++ b/include/crypto_config.h @@ -75,6 +75,7 @@ #define TYPE_TC 0 #define TYPE_MAP 1 #define TYPE_TM 2 +#define TYPE_AOS 3 // Specific to Authentication #define SA_NONE 0 diff --git a/include/crypto_config_structs.h b/include/crypto_config_structs.h index a829e68d..4667bad6 100644 --- a/include/crypto_config_structs.h +++ b/include/crypto_config_structs.h @@ -89,7 +89,7 @@ typedef enum } CreateFecfBool; typedef enum { - AOS_FHEC_NA, + AOS_FHEC_NA=0, AOS_NO_FHEC, AOS_HAS_FHEC } AosFhecPresent; diff --git a/include/crypto_structs.h b/include/crypto_structs.h index d5ed2bdb..00654bb0 100644 --- a/include/crypto_structs.h +++ b/include/crypto_structs.h @@ -20,13 +20,14 @@ #define CRYPTO_STRUCTS_H #include "crypto_config.h" +#include #ifdef NOS3 // NOS3/cFS build is ready #include "common_types.h" #else // Assume build outside of NOS3/cFS infrastructure #include -#ifndef KMC_CFFI_EXCLUDE // Exclude libraries that CFFI parser can’t process #include +#ifndef KMC_CFFI_EXCLUDE // Exclude libraries that CFFI parser can’t process #include #endif #endif diff --git a/src/core/crypto_config.c b/src/core/crypto_config.c index 57c397fe..10ac0761 100644 --- a/src/core/crypto_config.c +++ b/src/core/crypto_config.c @@ -155,7 +155,7 @@ int32_t Crypto_Init_AOS_Unit_Test(void) //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x002c, 0, AOS_NO_FECF, AOS_SEGMENT_HDRS_NA, AOS_NO_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); AOS_UT_Managed_Parameters.scid = 0x002c; - AOS_UT_Managed_Parameters.aos_has_fhec = AOS_NO_FECF; + AOS_UT_Managed_Parameters.has_fecf = AOS_NO_FECF; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0042, 0, AOS_NO_FECF, AOS_SEGMENT_HDRS_NA, AOS_HAS_OCF, 1786, AOS_FHEC_NA, AOS_IZ_NA, 0); diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 6131c6f8..cc1ed379 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -386,7 +386,6 @@ int32_t Crypto_TC_Do_Encrypt_PLAINTEXT(uint8_t sa_service_type, SecurityAssociat mc_if->mc_log(status); return status; } - if (ecs_is_aead_algorithm == CRYPTO_TRUE) { // Check that key length to be used ets the algorithm requirement diff --git a/src/key/custom_stub/key_interface_custom_stub.template.c b/src/key/custom_stub/key_interface_custom_stub.template.c index b14257a0..0f77762d 100644 --- a/src/key/custom_stub/key_interface_custom_stub.template.c +++ b/src/key/custom_stub/key_interface_custom_stub.template.c @@ -17,13 +17,12 @@ */ #include "key_interface.h" - /* Variables */ static KeyInterfaceStruct key_if_struct; /* Functions */ KeyInterface get_key_interface_custom(void) { - fprintf(stderr,"ERROR: Loading custom key interface stub source code. Rebuild CryptoLib with -DKEY_CUSTOM=ON to use implementation.\n"); + fprintf(stderr, "ERROR: Loading custom key interface stub source code. Rebuild CryptoLib with -DKEY_CUSTOM=ON to use implementation.\n"); return &key_if_struct; } diff --git a/src/sa/internal/sa_interface_inmemory.template.c b/src/sa/internal/sa_interface_inmemory.template.c index e28463c7..e0047d48 100644 --- a/src/sa/internal/sa_interface_inmemory.template.c +++ b/src/sa/internal/sa_interface_inmemory.template.c @@ -225,6 +225,8 @@ static int32_t sa_save_sa(SecurityAssociation_t* sa) **/ void sa_populate(void) { +// Security Associations + // EMPTY SA - Not Used (SA_NONE) sa[0].spi = 0; sa[0].sa_state = SA_NONE; sa[0].est = 0; @@ -234,312 +236,328 @@ void sa_populate(void) sa[0].arsn_len = 0; sa[0].arsnw_len = 0; sa[0].arsnw = 0; - sa[0].gvcid_blk.tfvn = 3; - sa[0].gvcid_blk.scid = 3; - sa[0].gvcid_blk.vcid = 3; + sa[0].gvcid_blk.tfvn = 0; + sa[0].gvcid_blk.scid = 0; + sa[0].gvcid_blk.vcid = 0; sa[0].gvcid_blk.mapid = TYPE_TC; - // Security Associations - // SA 1 - TC CLEAR MODE + // TC - CLEAR MODE (Operational) + // IV = 0 ... 0, IV-Len = 12, TFVN = 0, VCID = 0, MAC-Len = 0, ARSNW = 5 + // EKID = 1 sa[1].spi = 1; sa[1].sa_state = SA_OPERATIONAL; sa[1].est = 0; sa[1].ast = 0; - sa[1].shivf_len = 0; + sa[1].shivf_len = 12; + sa[1].iv_len = 12; sa[1].shsnf_len = 2; - sa[1].arsn_len = 2; - sa[1].arsnw_len = 1; sa[1].arsnw = 5; + sa[1].arsnw_len = 1; + sa[1].arsn_len = 2; sa[1].gvcid_blk.tfvn = 0; sa[1].gvcid_blk.scid = SCID & 0x3FF; sa[1].gvcid_blk.vcid = 0; sa[1].gvcid_blk.mapid = TYPE_TC; - - // SA 2 - TM CLEAR MODE - sa[2].spi = 8; - sa[2].sa_state = SA_OPERATIONAL; - sa[2].est = 0; + + // TC - Encryption Only - AES-GCM-256 (Keyed) + // IV = 0...0, IV-Len = 12, TFVN = 0, VCID = 0; MAC-Len = 0, ARSNW = 5 + // EKID = 2 + sa[2].spi = 2; + sa[2].ekid = 2; + sa[2].sa_state = SA_KEYED; + sa[2].ecs_len = 1; + sa[2].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[2].est = 1; sa[2].ast = 0; - sa[2].arsn_len = 1; + sa[2].shivf_len = 12; + sa[2].iv_len = 12; + sa[2].shsnf_len = 2; + sa[2].arsn_len = 2; sa[2].arsnw_len = 1; sa[2].arsnw = 5; sa[2].gvcid_blk.tfvn = 0; sa[2].gvcid_blk.scid = SCID & 0x3FF; - sa[2].gvcid_blk.vcid = 1; - sa[2].gvcid_blk.mapid = TYPE_TM; + sa[2].gvcid_blk.vcid = 0; + sa[2].gvcid_blk.mapid = TYPE_TC; - // SA 3 - KEYED; ARSNW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 129 + // TC - Authentication Only - HMAC_SHA512 (Keyed) + // IV = 0...0, IV-Len = 12, MAC-Len = 16, TFVN = 0, VCID = 0, ARSNW = 5 + // AKID = 3 sa[3].spi = 3; - sa[3].ekid = 129; + sa[3].akid = 3; sa[3].sa_state = SA_KEYED; - sa[3].est = 1; + sa[3].acs_len = 1; + sa[3].acs = CRYPTO_MAC_HMAC_SHA512; + sa[3].est = 0; sa[3].ast = 1; - sa[3].ecs_len = 1; - sa[3].ecs = CRYPTO_CIPHER_AES256_GCM; sa[3].shivf_len = 12; sa[3].iv_len = 12; - *(sa[3].iv + sa[3].shivf_len - 1) = 0; - sa[3].abm_len = ABM_SIZE; // 20 + sa[3].shsnf_len = 2; + sa[3].arsn_len = 2; sa[3].arsnw_len = 1; sa[3].arsnw = 5; - sa[3].arsn_len = (sa[3].arsnw * 2) + 1; - - // SA 4 - KEYED; ARSNW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 130 - // SA 4 VC0/1 is now 4-VC0, 7-VC1 + sa[3].stmacf_len = 16; + sa[3].gvcid_blk.tfvn = 0; + sa[3].gvcid_blk.scid = SCID & 0x3FF; + sa[3].gvcid_blk.vcid = 0; + sa[3].gvcid_blk.mapid = TYPE_TC; + + // TC - Authenticated Encryption - AES-GCM-256 (Keyed) + // IV = 0 ... 0, IV-Len = 12, MAC-Len = 16, TFVN = 0, VCID = 0, ARSNW = 5 + // EKID = 4 sa[4].spi = 4; - sa[4].ekid = 130; - sa[4].sa_state = SA_OPERATIONAL; - sa[4].est = 1; - sa[4].ast = 1; + sa[4].ekid = 4; + sa[4].sa_state = SA_KEYED; sa[4].ecs_len = 1; sa[4].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[4].est = 1; + sa[4].ast = 1; sa[4].shivf_len = 12; sa[4].iv_len = 12; - sa[4].stmacf_len = 16; - *(sa[4].iv + 11) = 0; - sa[4].abm_len = ABM_SIZE; // 20 + sa[4].shsnf_len = 2; sa[4].arsnw_len = 1; sa[4].arsnw = 5; - sa[4].arsn_len = 0; + sa[4].arsn_len = 2; + sa[4].stmacf_len = 16; sa[4].gvcid_blk.tfvn = 0; sa[4].gvcid_blk.scid = SCID & 0x3FF; - sa[4].gvcid_blk.vcid = 4; + sa[4].gvcid_blk.vcid = 0; sa[4].gvcid_blk.mapid = TYPE_TC; - // SA 5 - KEYED; ARSNW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 131 + // TM - CLEAR MODE (Keyed) + // IV = 0...0, IV-Len = 12, MAC-Len = 0, TFVN = 0, VCID = 0, ARSNW = 5 + // EKID = 5 sa[5].spi = 5; - sa[5].ekid = 131; sa[5].sa_state = SA_KEYED; - sa[5].est = 1; - sa[5].ast = 1; - sa[5].ecs_len = 1; - sa[5].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[5].est = 0; + sa[5].ast = 0; sa[5].shivf_len = 12; sa[5].iv_len = 12; - *(sa[5].iv + sa[5].shivf_len - 1) = 0; - sa[5].abm_len = ABM_SIZE; // 20 - sa[5].arsnw_len = 1; + sa[5].shsnf_len = 2; sa[5].arsnw = 5; - sa[5].arsn_len = (sa[5].arsnw * 2) + 1; - - // SA 6 - UNKEYED; ARSNW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: - + sa[5].arsnw_len = 1; + sa[5].arsn_len = 2; + sa[5].gvcid_blk.tfvn = 0; + sa[5].gvcid_blk.scid = SCID & 0x3FF; + sa[5].gvcid_blk.vcid = 1; + sa[5].gvcid_blk.mapid = TYPE_TM; + + // TM - Encryption Only - AES-CBC-256 (Keyed) + // IV = 0...0, IV-Len = 16, TFVN = 0, VCID = 0; MAC-Len = 0, ARSNW = 5 + // EKID = 6 sa[6].spi = 6; - sa[6].sa_state = SA_UNKEYED; - sa[6].est = 1; - sa[6].ast = 1; + sa[6].ekid = 6; + sa[6].sa_state = SA_KEYED; sa[6].ecs_len = 1; - sa[6].ecs = CRYPTO_CIPHER_AES256_GCM; - sa[6].shivf_len = 12; - sa[6].iv_len = 12; - *(sa[6].iv + sa[6].shivf_len - 1) = 0; - sa[6].abm_len = ABM_SIZE; // 20 + sa[6].ecs = CRYPTO_CIPHER_AES256_CBC; + sa[6].est = 1; + sa[6].ast = 0; + sa[6].shivf_len = 16; + sa[6].iv_len = 16; + sa[6].shplf_len = 1; + sa[6].stmacf_len = 0; + sa[6].arsn_len = 2; sa[6].arsnw_len = 1; sa[6].arsnw = 5; - sa[6].arsn_len = (sa[6].arsnw * 2) + 1; - - // SA 7 - KEYED; ARSNW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 130 + sa[6].gvcid_blk.tfvn = 0; + sa[6].gvcid_blk.scid = SCID & 0x3FF; + sa[6].gvcid_blk.vcid = 0; + sa[6].gvcid_blk.mapid = TYPE_TM; + + // TM - Authentication Only HMAC_SHA512 (Keyed) + // IV = 0...0, IV-Len = 12, MAC-Len = 16, TFVN = 0, VCID = 0, ARSNW = 5 + // AKID = 7 sa[7].spi = 7; - sa[7].ekid = 130; + sa[7].akid = 7; sa[7].sa_state = SA_KEYED; - sa[7].est = 1; + sa[7].acs_len = 1; + sa[7].acs = CRYPTO_MAC_HMAC_SHA512; + sa[7].est = 0; sa[7].ast = 1; - sa[7].ecs_len = 1; - sa[7].ecs = CRYPTO_CIPHER_AES256_GCM; sa[7].shivf_len = 12; sa[7].iv_len = 12; - *(sa[7].iv + sa[7].shivf_len - 1) = 0; - sa[7].abm_len = ABM_SIZE; // 20 + sa[7].shsnf_len = 2; + sa[7].arsn_len = 2; sa[7].arsnw_len = 1; sa[7].arsnw = 5; - sa[7].arsn_len = (sa[7].arsnw * 2) + 1; + sa[7].stmacf_len = 16; sa[7].gvcid_blk.tfvn = 0; sa[7].gvcid_blk.scid = SCID & 0x3FF; - sa[7].gvcid_blk.vcid = 1; - sa[7].gvcid_blk.mapid = TYPE_TC; + sa[7].gvcid_blk.vcid = 0; + sa[7].gvcid_blk.mapid = TYPE_TM; - // SA 8 - CLEAR MODE + // TM - Authenticated Encryption AES-CBC-256 (Keyed) + // IV = 0...0, IV-Len = 16, MAC-Len = 16, TFVN = 0, VCID = 0, ARSNW = 5 + // EKID = 8 sa[8].spi = 8; - sa[8].sa_state = SA_NONE; - sa[8].est = 0; - sa[8].ast = 0; - sa[8].arsn_len = 1; + sa[8].ekid = 8; + sa[8].sa_state = SA_KEYED; + sa[8].ecs_len = 1; + sa[8].ecs = CRYPTO_CIPHER_AES256_CBC; + sa[8].est = 1; + sa[8].ast = 1; + sa[8].shplf_len = 1; + sa[8].shivf_len = 16; + sa[8].iv_len = 16; + sa[8].shsnf_len = 2; + sa[8].arsn_len = 2; sa[8].arsnw_len = 1; sa[8].arsnw = 5; + sa[8].stmacf_len = 16; sa[8].gvcid_blk.tfvn = 0; sa[8].gvcid_blk.scid = SCID & 0x3FF; - sa[8].gvcid_blk.vcid = 1; - sa[8].gvcid_blk.mapid = TYPE_TC; - - // SA 9 - Validation Tests + sa[8].gvcid_blk.vcid = 0; + sa[8].gvcid_blk.mapid = TYPE_TM; + + // AOS - Clear Mode + // IV = 0...0, IV-Len = 12, MAC-Len = 0, TFVN = 1, VCID = 0, ARSNW = 5 + // EKID = 9 sa[9].spi = 9; - sa[9].ekid = 136; sa[9].sa_state = SA_KEYED; - sa[9].est = 1; + sa[9].est = 0; sa[9].ast = 0; sa[9].shivf_len = 12; sa[9].iv_len = 12; - *(sa[9].iv + 11) = 0; - sa[9].abm_len = ABM_SIZE; // 20 - sa[9].arsnw_len = 1; + sa[9].shsnf_len = 2; sa[9].arsnw = 5; - sa[9].arsn_len = 0; - sa[9].gvcid_blk.tfvn = 0; + sa[9].arsnw_len = 1; + sa[9].arsn_len = 2; + sa[9].gvcid_blk.tfvn = 0x01; sa[9].gvcid_blk.scid = SCID & 0x3FF; sa[9].gvcid_blk.vcid = 0; - sa[9].gvcid_blk.mapid = TYPE_TC; + sa[9].gvcid_blk.mapid = TYPE_AOS; - // SA 10 - KEYED; ARSNW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 130 - // SA 10 VC0/1 is now 4-VC0, 7-VC1 + // AOS - Authentication Only, HMAC_SHA512 (Keyed) + // IV = 0...0, IV-Len = 16, MAC-Len = 16, TFVN = 1, VCID = 0, ARSNW = 5 + // AKID = 10 sa[10].spi = 10; - sa[10].ekid = 130; + sa[10].akid = 10; sa[10].sa_state = SA_KEYED; - sa[10].est = 1; + sa[10].est = 0; sa[10].ast = 1; - sa[10].ecs_len = 1; - sa[10].ecs = CRYPTO_CIPHER_AES256_GCM; - sa[10].shivf_len = 0; - sa[10].iv_len = 0; - sa[10].stmacf_len = 0; - *(sa[10].iv + 11) = 0; - sa[10].abm_len = ABM_SIZE; // 20 - sa[10].arsnw_len = 1; + sa[10].acs_len = 1; + sa[10].acs = CRYPTO_MAC_HMAC_SHA512; + sa[10].stmacf_len = 16; sa[10].arsnw = 5; - sa[10].arsn_len = 0; - sa[10].gvcid_blk.tfvn = 0x00; - sa[10].gvcid_blk.scid = 0x002C; - sa[10].gvcid_blk.vcid = 1; - sa[10].gvcid_blk.mapid = TYPE_TC; - char ek_ref_string[20] = "kmc/test/key130"; - memcpy(sa[10].ek_ref, ek_ref_string, strlen(ek_ref_string)); - - // SA 11 - KEYED; ARSNW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 130 - // SA 11 VC0/1 is now 4-VC0, 7-VC1 + sa[10].arsnw_len = 1; + sa[10].arsn_len = 2; + sa[10].gvcid_blk.tfvn = 0x01; + sa[10].gvcid_blk.scid = SCID & 0x3FF; + sa[10].gvcid_blk.vcid = 0; + sa[10].gvcid_blk.mapid = TYPE_AOS; + + // AOS - Encryption Only, AES-GCM-256 (Keyed) + // IV = 0...0, IV-Len = 16, MAC-Len = 0, TFVN = 1, VCID = 0, ARSNW = 5 + // EKID = 11 sa[11].spi = 11; - sa[11].ekid = 130; + sa[11].ekid = 11; sa[11].sa_state = SA_KEYED; sa[11].est = 1; sa[11].ast = 0; sa[11].ecs_len = 1; + sa[11].shplf_len = 1; sa[11].ecs = CRYPTO_CIPHER_AES256_CBC; - sa[11].shivf_len = 16; sa[11].iv_len = 16; - sa[11].shplf_len = 1; + sa[11].shivf_len = 16; sa[11].stmacf_len = 0; - *(sa[11].iv + (sa[11].iv_len - 1)) = 0; - sa[11].abm_len = ABM_SIZE; // 20 - sa[11].arsnw_len = 0; + sa[11].shsnf_len = 2; + sa[11].arsn_len = 2; + sa[11].arsnw_len = 1; sa[11].arsnw = 5; - sa[11].arsn_len = 0; - sa[11].gvcid_blk.tfvn = 0; + sa[11].gvcid_blk.tfvn = 0x01; sa[11].gvcid_blk.scid = SCID & 0x3FF; sa[11].gvcid_blk.vcid = 0; - sa[11].gvcid_blk.mapid = TYPE_TC; - memcpy(sa[11].ek_ref, ek_ref_string, strlen(ek_ref_string)); + sa[11].gvcid_blk.mapid = TYPE_AOS; - // SA 12 - TM CLEAR MODE - // SA 12 + // AOS - Authenticated Encryption, AES-CBC-256 (Keyed) + // IV = 0...0, IV-Len = 16, MAC-Len = 16, TFVN = 1, VCID = 0, ARSNW = 5 sa[12].spi = 12; - sa[12].sa_state = SA_OPERATIONAL; - sa[12].est = 0; - sa[12].ast = 0; - sa[12].shivf_len = 0; - sa[12].shsnf_len = 0; - sa[12].arsn_len = 0; - sa[12].arsnw_len = 0; + sa[12].ekid = 12; + sa[12].sa_state = SA_KEYED; + sa[12].est = 1; + sa[12].ast = 1; + sa[12].ecs_len = 1; + sa[12].ecs = CRYPTO_CIPHER_AES256_GCM; + sa[12].iv_len = 16; + sa[12].shivf_len = 16; + sa[12].stmacf_len = 16; + sa[12].shsnf_len = 2; + sa[12].arsn_len = 2; + sa[12].arsnw_len = 1; sa[12].arsnw = 5; - sa[12].gvcid_blk.tfvn = 0; + sa[12].gvcid_blk.tfvn = 0x01; sa[12].gvcid_blk.scid = SCID & 0x3FF; sa[12].gvcid_blk.vcid = 0; - sa[12].gvcid_blk.mapid = TYPE_TM; - // SA 13 - TM Authentication Only - // SA 13 + +// EP - Testing SAs + + // TC - NULL (SA_None) sa[13].spi = 13; - sa[13].akid = 130; - sa[13].ekid = 130; - sa[13].sa_state = SA_OPERATIONAL; - sa[13].est = 1; - sa[13].ast = 1; - sa[13].acs_len = 0; - sa[13].acs = CRYPTO_MAC_NONE; - sa[13].ecs_len = 1; - sa[13].ecs = CRYPTO_CIPHER_AES256_GCM; - sa[13].shivf_len = 16; - sa[13].iv_len = 16; - *(sa[13].iv + sa[13].shivf_len - 1) = 0; - sa[13].stmacf_len = 16; - sa[13].shsnf_len = 0; - sa[13].abm_len = ABM_SIZE; - memset(sa[13].abm, 0xFF, (sa[13].abm_len * sizeof(uint8_t))); // Bitmask - sa[13].arsn_len = 0; - sa[13].arsnw_len = 0; + sa[13].sa_state = SA_NONE; + sa[13].est = 0; + sa[13].ast = 0; + sa[13].shivf_len = 12; + sa[13].iv_len = 12; + sa[13].shsnf_len = 2; sa[13].arsnw = 5; - sa[13].gvcid_blk.tfvn = 0; + sa[13].arsnw_len = 1; + sa[13].arsn_len = 2; + sa[13].gvcid_blk.tfvn = 2; sa[13].gvcid_blk.scid = SCID & 0x3FF; sa[13].gvcid_blk.vcid = 0; - sa[13].gvcid_blk.mapid = TYPE_TM; + sa[13].gvcid_blk.mapid = TYPE_TC; - // SA 14 - AOS Clear Mode + // TC - Keyed sa[14].spi = 14; - sa[14].sa_state = SA_OPERATIONAL; + sa[14].ekid = 14; + sa[14].sa_state = SA_KEYED; sa[14].est = 0; sa[14].ast = 0; - sa[14].shivf_len = 0; - sa[14].gvcid_blk.tfvn = 0x01; + sa[14].shivf_len = 12; + sa[14].iv_len = 12; + sa[14].shsnf_len = 2; + sa[14].arsnw = 5; + sa[14].arsnw_len = 1; + sa[14].arsn_len = 2; + sa[14].gvcid_blk.tfvn = 2; sa[14].gvcid_blk.scid = SCID & 0x3FF; - sa[14].gvcid_blk.vcid = 0; + sa[14].gvcid_blk.vcid = 1; + sa[14].gvcid_blk.mapid = TYPE_TC; - // SA 15 - AOS Authentication Only + // TC - Unkeyed + sa[14].spi = 14; + sa[14].ekid = 14; + sa[14].sa_state = SA_UNKEYED; + sa[14].est = 0; + sa[14].ast = 0; + sa[14].shivf_len = 12; + sa[14].iv_len = 12; + sa[14].shsnf_len = 2; + sa[14].arsnw = 5; + sa[14].arsnw_len = 1; + sa[14].arsn_len = 2; + sa[14].gvcid_blk.tfvn = 2; + sa[14].gvcid_blk.scid = SCID & 0x3FF; + sa[14].gvcid_blk.vcid = 2; + sa[14].gvcid_blk.mapid = TYPE_TC; + + // TC - Operational sa[15].spi = 15; - sa[15].akid = 130; - sa[15].sa_state = SA_KEYED; + sa[15].ekid = 15; + sa[15].sa_state = SA_OPERATIONAL; sa[15].est = 0; - sa[15].ast = 1; - sa[15].acs_len = 1; - sa[15].acs = CRYPTO_MAC_CMAC_AES256; - sa[15].stmacf_len = 16; - sa[15].abm_len = ABM_SIZE; - memset(sa[15].abm, 0xFF, (sa[15].abm_len * sizeof(uint8_t))); // Bitmask - sa[15].gvcid_blk.tfvn = 0x01; + sa[15].ast = 0; + sa[15].shivf_len = 12; + sa[15].iv_len = 12; + sa[15].shsnf_len = 2; + sa[15].arsnw = 5; + sa[15].arsnw_len = 1; + sa[15].arsn_len = 2; + sa[15].gvcid_blk.tfvn = 2; sa[15].gvcid_blk.scid = SCID & 0x3FF; - sa[15].gvcid_blk.vcid = 0; - - // SA 16 - AOS Encryption Only - sa[16].spi = 16; - sa[16].ekid = 130; - sa[16].sa_state = SA_KEYED; - sa[16].est = 1; - sa[16].ast = 0; - sa[16].ecs_len = 1; - sa[16].ecs = CRYPTO_CIPHER_AES256_GCM; - sa[16].iv_len = 16; - sa[16].shivf_len = 16; - *(sa[16].iv + sa[16].shivf_len - 1) = 0; - sa[16].stmacf_len = 0; - sa[16].abm_len = ABM_SIZE; - memset(sa[16].abm, 0xFF, (sa[16].abm_len * sizeof(uint8_t))); // Bitmask - sa[16].gvcid_blk.tfvn = 0x01; - sa[16].gvcid_blk.scid = SCID & 0x3FF; - sa[16].gvcid_blk.vcid = 0; - - // SA 17 - AOS AEAD - sa[17].spi = 17; - sa[17].ekid = 130; - sa[17].sa_state = SA_KEYED; - sa[17].est = 1; - sa[17].ast = 1; - sa[17].ecs_len = 1; - sa[17].ecs = CRYPTO_CIPHER_AES256_GCM; - sa[17].iv_len = 16; - sa[17].shivf_len = 16; - *(sa[17].iv + sa[17].shivf_len - 1) = 0; - sa[17].stmacf_len = 16; - sa[17].abm_len = ABM_SIZE; - memset(sa[17].abm, 0xFF, (sa[17].abm_len * sizeof(uint8_t))); // Bitmask - sa[17].gvcid_blk.tfvn = 0x01; - sa[17].gvcid_blk.scid = SCID & 0x3FF; - sa[17].gvcid_blk.vcid = 0; - + sa[15].gvcid_blk.vcid = 3; + sa[15].gvcid_blk.mapid = TYPE_TC; sa_perform_save(&sa[0]); } diff --git a/support/scripts/build_kmc.sh b/support/scripts/build_kmc.sh index 95c1489f..197d4211 100755 --- a/support/scripts/build_kmc.sh +++ b/support/scripts/build_kmc.sh @@ -9,4 +9,4 @@ SCRIPT_DIR=$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd ) source $SCRIPT_DIR/env.sh -cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DCRYPTO_KMC=1 -DKEY_KMC=1 -DMC_DISABLED=1 -DSA_MARIADB=1 -DTEST=1 -DTEST_ENC=1 -DKMC_CFFI_EXCLUDE=1 -DSA_FILE=1 && make && make test +cmake $BASE_DIR -DCODECOV=1 -DDEBUG=1 -DCRYPTO_KMC=1 -DKEY_KMC=1 -DMC_DISABLED=1 -DSA_MARIADB=1 -DTEST=1 -DTEST_ENC=1 -DKMC_CFFI_EXCLUDE=1 -DSA_FILE=1 -DKMC_MDB_DB=1 && make && make test diff --git a/test/CMakeLists.txt b/test/CMakeLists.txt index ac9352a8..63f9918c 100644 --- a/test/CMakeLists.txt +++ b/test/CMakeLists.txt @@ -72,9 +72,9 @@ if(${KMC_MDB_RH} OR ${KMC_MDB_DB}) COMMAND ${PROJECT_BINARY_DIR}/bin/ut_tc_kmc WORKING_DIRECTORY ${PROJECT_TEST_DIR}) - add_test(NAME UT_SADB_ERR_CASES_KMC_CRYPTO - COMMAND ${PROJECT_BINARY_DIR}/bin/ut_sa_err_cases_kmc_crypto - WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + # add_test(NAME UT_SADB_ERR_CASES_KMC_CRYPTO + # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_sa_err_cases_kmc_crypto + # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) # add_test(NAME UT_MYSQL_TLS_CONNECTION # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_mysql_tls_connection @@ -88,22 +88,22 @@ if(${KMC_MDB_RH} OR ${KMC_MDB_DB}) # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_mariadb # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) - add_test(NAME UT_KMC_CRYPTO - COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto - WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + # add_test(NAME UT_KMC_CRYPTO + # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto + # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) - add_test(NAME UT_KMC_CRYPTO_WITH_MTLS_SADB - COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto_with_mtls_sadb - WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + # add_test(NAME UT_KMC_CRYPTO_WITH_MTLS_SADB + # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto_with_mtls_sadb + # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) # This Test cannot yet be accomplished. Need CAM #add_test(NAME UT_KMC_CRYPTO_CAM # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto_cam # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) - add_test(NAME UT_KMC_CRYPTO_AUTH_ONLY - COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto_auth_only - WORKING_DIRECTORY ${PROJECT_TEST_DIR}) + # add_test(NAME UT_KMC_CRYPTO_AUTH_ONLY + # COMMAND ${PROJECT_BINARY_DIR}/bin/ut_kmc_crypto_auth_only + # WORKING_DIRECTORY ${PROJECT_TEST_DIR}) endif() if(TEST_ENC) diff --git a/test/kmc/ut_kmc_crypto.c b/test/kmc/ut_kmc_crypto.c index 6c0ecf39..1921d7c0 100644 --- a/test/kmc/ut_kmc_crypto.c +++ b/test/kmc/ut_kmc_crypto.c @@ -29,407 +29,121 @@ #include #include -#ifdef KMC_MDB_RH - #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" -#else - /* KMC_MDB_DB */ - #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" -#endif +// #ifdef KMC_MDB_RH +// #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" +// #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" +// #else +// /* KMC_MDB_DB */ +// #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" +// #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" +// #endif + + +// /** +// * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB +// **/ +// UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 55, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); +// char* raw_tc_jpl_mmt_scid44_vcid1= "2003dc070001bd37"; +// char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; +// int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; -/** - * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB - **/ -UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 55, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - char* raw_tc_jpl_mmt_scid44_vcid1= "2003dc070001bd37"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("Frame before encryption:\n"); - for (int i=0; itc_pdu_len; i++) - { - printf("%02x ", tc_processed_frame->tc_pdu[i]); - } - printf("\n"); - ASSERT_EQ(0x01,tc_processed_frame->tc_pdu[0]); - - Crypto_Shutdown(); - free(enc_tc_jpl_mmt_scid44_vcid1_expect); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} -//// Commenting out test - AEAD algorithms must have a tag -- Enc only config is invalid -///** -// * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB -// **/ -//UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_ONLY) -//{ -// // Setup & Initialize CryptoLib -// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, -// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, -// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, -// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); -// Crypto_Config_MariaDB("sa_user", "sa_password", "localhost","sadb", 3306, CRYPTO_FALSE, NULL, NULL, NULL, NULL, 0, NULL); -// Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", "PEM","/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",NULL,"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, NULL, CRYPTO_FALSE); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); -// int32_t status = Crypto_Init(); -// -// char* enc_tc_jpl_mmt_scid44_vcid1= "202C0816000003000000000000000000000001669CD238"; -// char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; -// int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; -// -// // IV = 000000000000000000000001 -// -// TC_t* tc_processed_frame; -// tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); -// -// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len); -// -// uint8_t* ptr_enc_frame = NULL; -// -// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -// -// printf("Encrypted Frame Before Processing:\n"); -// for (int i=0; itc_pdu_len; i++) -// for (int i=0; i<2; i++) -// { -// printf("%02x ", tc_processed_frame->tc_pdu[i]); -// } -// printf("\n"); -// -// // ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); -// // ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); -// -// Crypto_Shutdown(); -// free(enc_tc_jpl_mmt_scid44_vcid1_expect); -// free(ptr_enc_frame); -// // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -//} -/** - * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB - * This doesn't work -- Apply Security Auth Only doesn't return the proper tag. - **/ -UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 56, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - char* enc_tc_jpl_mmt_scid44_vcid1= "2003E02600001400000000000000000000000200018DC038398EAA968C0D8972A614E1EFE005AE"; - char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - // Data=0001 - // IV=000000000000000000000001 - // AAD=00000000000000000000000000000000000000 - - - TC_t* tc_processed_frame; - tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - - hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("Encrypted Frame Before Processing:\n"); - for (int i=0; itc_pdu_len; i++) - { - printf("%02x ", tc_processed_frame->tc_pdu[i]); - } - printf("\n"); - - // ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); - // ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); - - Crypto_Shutdown(); - free(enc_tc_jpl_mmt_scid44_vcid1_expect); - free(ptr_enc_frame); - // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} - -UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 57, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - char* raw_tc_jpl_mmt_scid44_vcid1= "2003e408000001bd37"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("Frame before encryption:\n"); - for (int i=0; itc_pdu[i]); // } // printf("\n"); - -// ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); -// ASSERT_EQ( 0x00,tc_processed_frame->tc_pdu[1]); +// ASSERT_EQ(0x01,tc_processed_frame->tc_pdu[0]); // Crypto_Shutdown(); // free(enc_tc_jpl_mmt_scid44_vcid1_expect); // free(ptr_enc_frame); // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // } - -// UTEST(KMC_CRYPTO, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) +// //// Commenting out test - AEAD algorithms must have a tag -- Enc only config is invalid +// ///** +// // * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB +// // **/ +// //UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_ENC_ONLY) +// //{ +// // // Setup & Initialize CryptoLib +// // Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// // Crypto_Config_MariaDB("sa_user", "sa_password", "localhost","sadb", 3306, CRYPTO_FALSE, NULL, NULL, NULL, NULL, 0, NULL); +// // Crypto_Config_Kmc_Crypto_Service("https", "asec-cmdenc-srv1.jpl.nasa.gov", 8443, "crypto-service", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", "PEM","/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem",NULL,"/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, NULL, CRYPTO_FALSE); +// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// // int32_t status = Crypto_Init(); +// // +// // char* enc_tc_jpl_mmt_scid44_vcid1= "202C0816000003000000000000000000000001669CD238"; +// // char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; +// // int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; +// // +// // // IV = 000000000000000000000001 +// // +// // TC_t* tc_processed_frame; +// // tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); +// // +// // hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len); +// // +// // uint8_t* ptr_enc_frame = NULL; +// // +// // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// // +// // printf("Encrypted Frame Before Processing:\n"); +// // for (int i=0; itc_pdu_len; i++) +// // for (int i=0; i<2; i++) +// // { +// // printf("%02x ", tc_processed_frame->tc_pdu[i]); +// // } +// // printf("\n"); +// // +// // // ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); +// // // ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); +// // +// // Crypto_Shutdown(); +// // free(enc_tc_jpl_mmt_scid44_vcid1_expect); +// // free(ptr_enc_frame); +// // // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// //} +// /** +// * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB +// * This doesn't work -- Apply Security Auth Only doesn't return the proper tag. +// **/ +// UTEST(KMC_CRYPTO, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) // { // // Setup & Initialize CryptoLib // Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, @@ -497,10 +326,10 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); // Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 56, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); // int32_t status = Crypto_Init(); -// char* enc_tc_jpl_mmt_scid44_vcid1= "20032C1E000009000000000000000000000001669C5639DCCDEA8C6CE3EEF2"; +// char* enc_tc_jpl_mmt_scid44_vcid1= "2003E02600001400000000000000000000000200018DC038398EAA968C0D8972A614E1EFE005AE"; // char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; // int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; @@ -526,20 +355,31 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // printf("\n"); // status = Crypto_TC_ProcessSecurity((uint8_t* )enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len, tc_processed_frame); + // if(status != CRYPTO_LIB_SUCCESS) // { // Crypto_Shutdown(); // } -// ASSERT_EQ(CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE, status); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// // Expected to fail -- KMC doesn't support 0 cipher text input for decrypt function. +// // ASSERT_EQ(CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE, status); +// printf("Processed PDU:\n"); +// for (int i=0; itc_pdu_len; i++) +// { +// printf("%02x ", tc_processed_frame->tc_pdu[i]); +// } +// printf("\n"); + +// // ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); +// // ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); // Crypto_Shutdown(); // free(enc_tc_jpl_mmt_scid44_vcid1_expect); // free(ptr_enc_frame); +// // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); // } - -//16 bytes is max for AES GCM so this is an error test -// UTEST(KMC_CRYPTO, UNHAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_32BYTE_MAC) +// UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // { // // Setup & Initialize CryptoLib // Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, @@ -548,10 +388,10 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); // Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); -// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 12, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 57, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); // int32_t status = Crypto_Init(); -// char* raw_tc_jpl_mmt_scid44_vcid1= "20033008000001bd37"; +// char* raw_tc_jpl_mmt_scid44_vcid1= "2003e408000001bd37"; // char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; // int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; @@ -574,13 +414,173 @@ UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) // { // Crypto_Shutdown(); // } -// // we expect an InvalidAlgorithmParameterException for macLength of that size. -// ASSERT_EQ(CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_GENERIC_FAILURE, status); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// printf("Frame after encryption:\n"); +// for (int i=0; itc_pdu_len; i++) +// // { +// // printf("%02x ", tc_processed_frame->tc_pdu[i]); +// // } +// // printf("\n"); + +// // ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); +// // ASSERT_EQ( 0x00,tc_processed_frame->tc_pdu[1]); + +// // Crypto_Shutdown(); +// // free(enc_tc_jpl_mmt_scid44_vcid1_expect); +// // free(ptr_enc_frame); +// // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// // } + +// // UTEST(KMC_CRYPTO, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) +// // { +// // // Setup & Initialize CryptoLib +// // Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// // IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// // TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// // TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// // Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// // Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// // int32_t status = Crypto_Init(); + +// // char* enc_tc_jpl_mmt_scid44_vcid1= "20032C1E000009000000000000000000000001669C5639DCCDEA8C6CE3EEF2"; +// // char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; +// // int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + +// // // Data=0001 +// // // IV=000000000000000000000001 +// // // AAD=00000000000000000000000000000000000000 + + +// // TC_t* tc_processed_frame; +// // tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + +// // hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len); + +// // uint8_t* ptr_enc_frame = NULL; + +// // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// // printf("Encrypted Frame Before Processing:\n"); +// // for (int i=0; i #include -#ifdef KMC_MDB_RH - #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" -#else - /* KMC_MDB_DB */ - #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" -#endif - - -/** - * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB - **/ -UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_AUTH_ONLY) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 7, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - char* raw_tc_jpl_mmt_scid44_vcid1= "202c1c08000001bb40"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("Frame before encryption:\n"); - for (int i=0; itc_pdu_len; i++) - { - printf("%02x ", tc_processed_frame->tc_pdu[i]); - } - printf("\n"); - - ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); - ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); - - Crypto_Shutdown(); - free(enc_tc_jpl_mmt_scid44_vcid1_expect); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} - -/** - * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB - **/ -UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_LARGE_FRM_AUTH_ONLY) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 7, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - char* raw_tc_jpl_mmt_scid44_vcid1= "202c1f0700a6ec42999902579daaac3a5af6aabe93288e18d5d4046e24cc5df1f8fa06bac515206d5b0dfcc9861db694f3207175b725bfa6e987fadc1e1e417bff0c30a90b143ca737f2fcf02525c6080c38fde4d4da229387339f363ccdabf42a1defa29f711926c8e0a7479e082ec00b495ae53c8e33b5dc001833aa1d909b4b3aecd60bc6b0af62e8febb58fa15979a5d1e37b9ba48d6d1bf4b9d669306375d7f93942908e410492d6535c91245abbb98a0584aa764815bfdcab44d8c0aeff3a2e2c712649497f95e9440bb1b562cb6fa70a5ff5e5fdbcad40a97fa3bf48f0560bc9c7125b758f25a27678996e5ee3a82a5b864672b80888c2d469fe690aca0501d0de3bec247825f3fbd7f51184f8099dd2ffeb140c9aad86ae8ade912eadbcbef0bb821e684366a084f8d65bd9d0acccfae5fb130d8bf27ff855cea8de4a4e249e5bc8ef9732c06d6d578574b9f936ae1837a61369a7871612337df2dc091dadc8386e53aba816f3a162b71c268e07583a0378805a1f435bf437c0e27193cee4b653273d965fc0b42cfd3c094e2ff89f276153d452814ff016bfcc1b5ec313667de1aaddeb2d31dcaa75f88e4ac758556c7a632374089c53852601385c89aa668b70fd735e9053473538614408241ac47f6ef12aff10c2bce36df6afe7610a5a06997680b579953888684543b7cdefc7cc5987459a9255d187c8790284ad1f2ca38a3a3d56d909a03af87f3788e00d1b9887296ea5ff4087306569c2a3581189a70892e01279812151fdb9f8ec71786edd9cddd8652558503aac1904cf542aeebf269b08c5f648145b498be842080ccbdfe14c8cad1f371e706c0c4ed27d963e2e645224510e7d43ddf50daf8225f484ec841c9e642e489bd70fdbc925c532ab988d0f3999e3e1bdc88d5b0dd61e2b8d72a4a994f3efdc19382cdffdb96ea55ee5a389b003fc91ebc493c0949f56dc7b4b6d69d10dbc937f3757fb36b9000bf67d049c9c768a586b14b5166bffb41fc29c1d5613f2aaa2868fd974a95a3461b0c1c0f1ca87eccf7624fd1ffbe2f45463505b649a0b32410182731dfbe23813e88c3b6bdec7e"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("Frame before encryption:\n"); - for (int i=0; itc_pdu_len; i++) - { - printf("%02x ", tc_processed_frame->tc_pdu[i]); - } - printf("\n"); - - ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); - ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); - - Crypto_Shutdown(); - free(enc_tc_jpl_mmt_scid44_vcid1_expect); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} - -/** - * @brief Unit Test: See test name for description of whats being exercised! - **/ -UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_AUTH_ONLY) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 9, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - char* raw_tc_jpl_mmt_scid44_vcid1= "202c2408000001bb40"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("Frame before encryption:\n"); - for (int i=0; itc_pdu_len; i++) - { - printf("%02x ", tc_processed_frame->tc_pdu[i]); - } - printf("\n"); - - ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); - ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); - - Crypto_Shutdown(); - free(enc_tc_jpl_mmt_scid44_vcid1_expect); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} -/** - * @brief Unit Test: HAPPY_PATH_APPLY_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY - **/ -UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 10, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - char* raw_tc_jpl_mmt_scid44_vcid1= "202c2808000001bb40"; - - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("Frame before encryption:\n"); - for (int i=0; itc_pdu_len; i++) - { - printf("%02x ", tc_processed_frame->tc_pdu[i]); - } - printf("\n"); - - ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); - ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); - - Crypto_Shutdown(); - free(enc_tc_jpl_mmt_scid44_vcid1_expect); - free(ptr_enc_frame); - // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} +// #ifdef KMC_MDB_RH +// #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" +// #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" +// #else +// /* KMC_MDB_DB */ +// #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" +// #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" +// #endif + + +// /** +// * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB +// **/ +// UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_AUTH_ONLY) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 7, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// char* raw_tc_jpl_mmt_scid44_vcid1= "202c1c08000001bb40"; + +// char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; +// int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// printf("Frame before encryption:\n"); +// for (int i=0; itc_pdu_len; i++) +// { +// printf("%02x ", tc_processed_frame->tc_pdu[i]); +// } +// printf("\n"); + +// ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); +// ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); + +// Crypto_Shutdown(); +// free(enc_tc_jpl_mmt_scid44_vcid1_expect); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// } + +// /** +// * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB +// **/ +// UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_CMAC_LARGE_FRM_AUTH_ONLY) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 7, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// char* raw_tc_jpl_mmt_scid44_vcid1= "202c1f0700a6ec42999902579daaac3a5af6aabe93288e18d5d4046e24cc5df1f8fa06bac515206d5b0dfcc9861db694f3207175b725bfa6e987fadc1e1e417bff0c30a90b143ca737f2fcf02525c6080c38fde4d4da229387339f363ccdabf42a1defa29f711926c8e0a7479e082ec00b495ae53c8e33b5dc001833aa1d909b4b3aecd60bc6b0af62e8febb58fa15979a5d1e37b9ba48d6d1bf4b9d669306375d7f93942908e410492d6535c91245abbb98a0584aa764815bfdcab44d8c0aeff3a2e2c712649497f95e9440bb1b562cb6fa70a5ff5e5fdbcad40a97fa3bf48f0560bc9c7125b758f25a27678996e5ee3a82a5b864672b80888c2d469fe690aca0501d0de3bec247825f3fbd7f51184f8099dd2ffeb140c9aad86ae8ade912eadbcbef0bb821e684366a084f8d65bd9d0acccfae5fb130d8bf27ff855cea8de4a4e249e5bc8ef9732c06d6d578574b9f936ae1837a61369a7871612337df2dc091dadc8386e53aba816f3a162b71c268e07583a0378805a1f435bf437c0e27193cee4b653273d965fc0b42cfd3c094e2ff89f276153d452814ff016bfcc1b5ec313667de1aaddeb2d31dcaa75f88e4ac758556c7a632374089c53852601385c89aa668b70fd735e9053473538614408241ac47f6ef12aff10c2bce36df6afe7610a5a06997680b579953888684543b7cdefc7cc5987459a9255d187c8790284ad1f2ca38a3a3d56d909a03af87f3788e00d1b9887296ea5ff4087306569c2a3581189a70892e01279812151fdb9f8ec71786edd9cddd8652558503aac1904cf542aeebf269b08c5f648145b498be842080ccbdfe14c8cad1f371e706c0c4ed27d963e2e645224510e7d43ddf50daf8225f484ec841c9e642e489bd70fdbc925c532ab988d0f3999e3e1bdc88d5b0dd61e2b8d72a4a994f3efdc19382cdffdb96ea55ee5a389b003fc91ebc493c0949f56dc7b4b6d69d10dbc937f3757fb36b9000bf67d049c9c768a586b14b5166bffb41fc29c1d5613f2aaa2868fd974a95a3461b0c1c0f1ca87eccf7624fd1ffbe2f45463505b649a0b32410182731dfbe23813e88c3b6bdec7e"; + +// char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; +// int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// printf("Frame before encryption:\n"); +// for (int i=0; itc_pdu_len; i++) +// { +// printf("%02x ", tc_processed_frame->tc_pdu[i]); +// } +// printf("\n"); + +// ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); +// ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); + +// Crypto_Shutdown(); +// free(enc_tc_jpl_mmt_scid44_vcid1_expect); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// } + +// /** +// * @brief Unit Test: See test name for description of whats being exercised! +// **/ +// UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_AUTH_ONLY) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 9, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// char* raw_tc_jpl_mmt_scid44_vcid1= "202c2408000001bb40"; + +// char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; +// int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// printf("Frame before encryption:\n"); +// for (int i=0; itc_pdu_len; i++) +// { +// printf("%02x ", tc_processed_frame->tc_pdu[i]); +// } +// printf("\n"); + +// ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); +// ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); + +// Crypto_Shutdown(); +// free(enc_tc_jpl_mmt_scid44_vcid1_expect); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// } +// /** +// * @brief Unit Test: HAPPY_PATH_APPLY_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY +// **/ +// UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_HMAC512_TRUNCATED_16BYTE_MAC_AUTH_ONLY) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 10, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// char* raw_tc_jpl_mmt_scid44_vcid1= "202c2808000001bb40"; + +// char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; +// int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// printf("Frame before encryption:\n"); +// for (int i=0; itc_pdu_len; i++) +// { +// printf("%02x ", tc_processed_frame->tc_pdu[i]); +// } +// printf("\n"); + +// ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); +// ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); + +// Crypto_Shutdown(); +// free(enc_tc_jpl_mmt_scid44_vcid1_expect); +// free(ptr_enc_frame); +// // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// } UTEST_MAIN(); diff --git a/test/kmc/ut_kmc_crypto_cam.c b/test/kmc/ut_kmc_crypto_cam.c index cce6cc36..32693ce1 100644 --- a/test/kmc/ut_kmc_crypto_cam.c +++ b/test/kmc/ut_kmc_crypto_cam.c @@ -27,631 +27,631 @@ #include "shared_util.h" #include -/** - * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB - **/ -UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_KERBEROS_KEYTAB_FILE) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", - "sa_password"); - Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", - "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, - CRYPTO_FALSE, - "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", - "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", - NULL, NULL); -// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,"https://asec-dev-vm10.jpl.nasa.gov:443", NULL, NULL); - Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file","/home/isaleh/secret/testuser3300.kt",CAM_LOGIN_KEYTAB_FILE,"https://asec-dev-vm10.jpl.nasa.gov:443", "testuser3300", NULL); -// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_KERBEROS,"https://asec-dev-vm10.jpl.nasa.gov:443", NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - char* raw_tc_jpl_mmt_scid44_vcid1= "202c0408000001bd37"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - printf("Frame before encryption:\n"); - for (int i=0; itc_pdu_len; i++) - { - printf("%02x ", tc_processed_frame->tc_pdu[i]); - } - printf("\n"); - - ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); - ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); - - Crypto_Shutdown(); - free(enc_tc_jpl_mmt_scid44_vcid1_expect); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} -/** - * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB - * This doesn't work -- Apply Security Auth Only doesn't return the proper tag. - **/ -UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", - "sa_password"); - Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", - "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, - CRYPTO_FALSE, - "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", - "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", - NULL, NULL); - Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - char* enc_tc_jpl_mmt_scid44_vcid1= "202C0C2600000400000000000000000000000100016E2051F96CAB186BCE364A65AF599AE52F38"; - char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - // Data=0001 - // IV=000000000000000000000001 - // AAD=00000000000000000000000000000000000000 - - - TC_t* tc_processed_frame; - tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - - hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("Encrypted Frame Before Processing:\n"); - for (int i=0; itc_pdu_len; i++) - { - printf("%02x ", tc_processed_frame->tc_pdu[i]); - } - printf("\n"); - - // ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); - // ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); - - Crypto_Shutdown(); - free(enc_tc_jpl_mmt_scid44_vcid1_expect); - free(ptr_enc_frame); - // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} - -UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", - "sa_password"); - Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", - "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, - CRYPTO_FALSE, - "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", - "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", - NULL, NULL); - Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - char* raw_tc_jpl_mmt_scid44_vcid1= "202c2c08000001bd37"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("Frame before encryption:\n"); - for (int i=0; itc_pdu_len; i++) - { - printf("%02x ", tc_processed_frame->tc_pdu[i]); - } - printf("\n"); - - ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); - ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); - - Crypto_Shutdown(); - free(enc_tc_jpl_mmt_scid44_vcid1_expect); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); -} - -UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", - "sa_password"); - Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", - "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, - CRYPTO_FALSE, - "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", - "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", - NULL, NULL); - Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - char* enc_tc_jpl_mmt_scid44_vcid1= "202C2C1E000009000000000000000000000001669C5639DCCDEA8C6CE3EEF2"; - char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - // Data=0001 - // IV=000000000000000000000001 - // AAD=00000000000000000000000000000000000000 - - - TC_t* tc_processed_frame; - tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - - hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("Encrypted Frame Before Processing:\n"); - for (int i=0; itc_pdu_len; i++) +// { +// printf("%02x ", tc_processed_frame->tc_pdu[i]); +// } +// printf("\n"); + +// ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); +// ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); + +// Crypto_Shutdown(); +// free(enc_tc_jpl_mmt_scid44_vcid1_expect); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// } +// /** +// * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB +// * This doesn't work -- Apply Security Auth Only doesn't return the proper tag. +// **/ +// UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_PROCESS_SEC_AUTH_ONLY) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", +// "sa_password"); +// Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, +// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", +// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// NULL, NULL); +// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// char* enc_tc_jpl_mmt_scid44_vcid1= "202C0C2600000400000000000000000000000100016E2051F96CAB186BCE364A65AF599AE52F38"; +// char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; +// int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + +// // Data=0001 +// // IV=000000000000000000000001 +// // AAD=00000000000000000000000000000000000000 + + +// TC_t* tc_processed_frame; +// tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + +// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len); + +// uint8_t* ptr_enc_frame = NULL; + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// printf("Encrypted Frame Before Processing:\n"); +// for (int i=0; itc_pdu_len; i++) +// { +// printf("%02x ", tc_processed_frame->tc_pdu[i]); +// } +// printf("\n"); + +// // ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); +// // ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); + +// Crypto_Shutdown(); +// free(enc_tc_jpl_mmt_scid44_vcid1_expect); +// free(ptr_enc_frame); +// // ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// } + +// UTEST(KMC_CRYPTO_CAM, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", +// "sa_password"); +// Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, +// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", +// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// NULL, NULL); +// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// char* raw_tc_jpl_mmt_scid44_vcid1= "202c2c08000001bd37"; +// char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; +// int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + +// hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// printf("Frame before encryption:\n"); +// for (int i=0; itc_pdu_len; i++) +// { +// printf("%02x ", tc_processed_frame->tc_pdu[i]); +// } +// printf("\n"); + +// ASSERT_EQ(0x00,tc_processed_frame->tc_pdu[0]); +// ASSERT_EQ( 0x01,tc_processed_frame->tc_pdu[1]); + +// Crypto_Shutdown(); +// free(enc_tc_jpl_mmt_scid44_vcid1_expect); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// } + +// UTEST(KMC_CRYPTO_CAM, UNHAPPY_PATH_INVALID_MAC_PROCESS_SEC_ENC_AND_AUTH_AESGCM_8BYTE_MAC) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("localhost", "sadb", 3306, CRYPTO_FALSE, 0, NULL, NULL, NULL, NULL, NULL, "sa_user", +// "sa_password"); +// Crypto_Config_Kmc_Crypto_Service("https", "asec-dev-vm18.jpl.nasa.gov", 8443, "crypto-service", +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/ammos-ca-bundle.crt", NULL, +// CRYPTO_FALSE, +// "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-cert.pem", +// "PEM", "/home/isaleh/git/KMC/CryptoLib-IbraheemYSaleh/util/etc/local-test-key.pem", +// NULL, NULL); +// Crypto_Config_Cam(CAM_ENABLED_TRUE,"/home/isaleh/.cam_cookie_file",NULL,CAM_LOGIN_NONE,NULL, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x002C, 11, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// char* enc_tc_jpl_mmt_scid44_vcid1= "202C2C1E000009000000000000000000000001669C5639DCCDEA8C6CE3EEF2"; +// char* enc_tc_jpl_mmt_scid44_vcid1_expect = NULL; +// int enc_tc_jpl_mmt_scid44_vcid1_expect_len = 0; + +// // Data=0001 +// // IV=000000000000000000000001 +// // AAD=00000000000000000000000000000000000000 + + +// TC_t* tc_processed_frame; +// tc_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); + +// hex_conversion(enc_tc_jpl_mmt_scid44_vcid1, &enc_tc_jpl_mmt_scid44_vcid1_expect, &enc_tc_jpl_mmt_scid44_vcid1_expect_len); + +// uint8_t* ptr_enc_frame = NULL; + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// printf("Encrypted Frame Before Processing:\n"); +// for (int i=0; i #include -#ifdef KMC_MDB_RH - #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" -#else - /* KMC_MDB_DB */ - #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" -#endif - -/** - * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB - **/ -UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_MTLS) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// #ifdef KMC_MDB_RH +// #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" +// #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" +// #else +// /* KMC_MDB_DB */ +// #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" +// #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" +// #endif + +// /** +// * @brief Unit Test: Nominal Encryption with KMC Crypto Service && JPL Unit Test MariaDB +// **/ +// UTEST(KMC_CRYPTO, HAPPY_PATH_APPLY_SEC_ENC_AND_AUTH_MTLS) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_NO_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - char* raw_tc_jpl_mmt_scid44_vcid1= "20030408000001bd37"; - char* raw_tc_jpl_mmt_scid44_vcid1_expect = NULL; - int raw_tc_jpl_mmt_scid44_vcid1_expect_len = 0; - - hex_conversion(raw_tc_jpl_mmt_scid44_vcid1, &raw_tc_jpl_mmt_scid44_vcid1_expect, &raw_tc_jpl_mmt_scid44_vcid1_expect_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - printf("Frame before encryption:\n"); - for (int i=0; i -#ifdef KMC_MDB_RH - #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" -#else - /* KMC_MDB_DB */ - #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" -#endif - - -void cleanup_sa(SecurityAssociation_t* test_association) -{ - if (test_association->ek_ref[0] != '\0') - clean_ek_ref(test_association); - if (test_association->ak_ref[0] != '\0') - clean_ak_ref(test_association); +// #ifdef KMC_MDB_RH +// #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" +// #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" +// #else +// /* KMC_MDB_DB */ +// #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" +// #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" +// #endif + + +// void cleanup_sa(SecurityAssociation_t* test_association) +// { +// if (test_association->ek_ref[0] != '\0') +// clean_ek_ref(test_association); +// if (test_association->ak_ref[0] != '\0') +// clean_ak_ref(test_association); - free(test_association); -} - -void reload_db(void) -{ - printf("Resetting Database\n"); - system("mysql --host=localhost -uroot -pitc123! < ../../src/sa/sa_mariadb_sql/empty_sadb.sql"); - system("mysql --host=localhost -uroot -pitc123! < ../../src/sa/test_sa_mariadb_sql/create_sa_ivv_unit_tests.sql"); -} - - -// Global SQL Connection Parameters -// Generic passwords saved in a file = bad ... but this is just for testing - -char* mysql_username = "root"; -char* mysql_password = "itc123!"; -char* mysql_hostname = "localhost"; -char* mysql_database = "sadb"; -uint16_t mysql_port = 3306; //default port -char* ssl_cert = "NONE"; -char* ssl_key = "NONE"; -char* ssl_ca = "NONE"; -char* ssl_capath = "NONE"; -uint8_t verify_server = 0; -char* client_key_password = NULL; - -/** - * @brief Unit Test: Nominal SQL Connection - **/ -UTEST(MARIA_DB, DB_CONNECT) -{ - int32_t status = CRYPTO_LIB_ERROR; - reload_db(); +// free(test_association); +// } + +// void reload_db(void) +// { +// printf("Resetting Database\n"); +// system("mysql --host=localhost -uroot -pitc123! < ../../src/sa/sa_mariadb_sql/empty_sadb.sql"); +// system("mysql --host=localhost -uroot -pitc123! < ../../src/sa/test_sa_mariadb_sql/create_sa_ivv_unit_tests.sql"); +// } + + +// // Global SQL Connection Parameters +// // Generic passwords saved in a file = bad ... but this is just for testing + +// char* mysql_username = "root"; +// char* mysql_password = "itc123!"; +// char* mysql_hostname = "localhost"; +// char* mysql_database = "sadb"; +// uint16_t mysql_port = 3306; //default port +// char* ssl_cert = "NONE"; +// char* ssl_key = "NONE"; +// char* ssl_ca = "NONE"; +// char* ssl_capath = "NONE"; +// uint8_t verify_server = 0; +// char* client_key_password = NULL; + +// /** +// * @brief Unit Test: Nominal SQL Connection +// **/ +// UTEST(MARIA_DB, DB_CONNECT) +// { +// int32_t status = CRYPTO_LIB_ERROR; +// reload_db(); - status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, - ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - - status = Crypto_Init(); - - SaInterface sa_if = get_sa_interface_mariadb(); - //need the sa call - SecurityAssociation_t* test_sa; - - status = sa_if->sa_get_from_spi(1, &test_sa); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - ASSERT_EQ(test_sa->iv[11] , 0x01); - - test_sa->iv[11] = 0xAB; - status = sa_if->sa_save_sa(test_sa); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - status = sa_if->sa_get_from_spi(1, &test_sa); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - ASSERT_EQ(test_sa->iv[11] , 0xAB); - Crypto_Shutdown(); - cleanup_sa(test_sa); -} - -/** - * @brief Unit Test: Nominal Encryption - **/ -UTEST(MARIA_DB, HAPPY_PATH_ENC) -{ - int32_t status = CRYPTO_LIB_ERROR; - reload_db(); +// status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, +// ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); + +// status = Crypto_Init(); + +// SaInterface sa_if = get_sa_interface_mariadb(); +// //need the sa call +// SecurityAssociation_t* test_sa; + +// status = sa_if->sa_get_from_spi(1, &test_sa); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// ASSERT_EQ(test_sa->iv[11] , 0x01); + +// test_sa->iv[11] = 0xAB; +// status = sa_if->sa_save_sa(test_sa); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// status = sa_if->sa_get_from_spi(1, &test_sa); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// ASSERT_EQ(test_sa->iv[11] , 0xAB); +// Crypto_Shutdown(); +// cleanup_sa(test_sa); +// } + +// /** +// * @brief Unit Test: Nominal Encryption +// **/ +// UTEST(MARIA_DB, HAPPY_PATH_ENC) +// { +// int32_t status = CRYPTO_LIB_ERROR; +// reload_db(); - status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, - ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - - status = Crypto_Init(); - - char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_mariadb(); - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - int32_t return_val = CRYPTO_LIB_ERROR; - - SecurityAssociation_t* test_association; - - status = sa_if->sa_get_from_spi(2, &test_association); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - cleanup_sa(test_association); - status = sa_if->sa_get_from_spi(2, &test_association); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - ASSERT_EQ(test_association->iv[test_association->iv_len - 1], 2); // Verify that IV incremented. - - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); - cleanup_sa(test_association); - Crypto_Shutdown(); -} - -/** - * @brief Unit Test: Nominal Authorized Encryption - **/ -UTEST(MARIA_DB, HAPPY_PATH_AUTH_ENC) -{ - int32_t status = CRYPTO_LIB_ERROR; - reload_db(); +// status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, +// ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); + +// status = Crypto_Init(); + +// char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; +// SaInterface sa_if = get_sa_interface_mariadb(); + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// int32_t return_val = CRYPTO_LIB_ERROR; + +// SecurityAssociation_t* test_association; + +// status = sa_if->sa_get_from_spi(2, &test_association); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// cleanup_sa(test_association); +// status = sa_if->sa_get_from_spi(2, &test_association); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// ASSERT_EQ(test_association->iv[test_association->iv_len - 1], 2); // Verify that IV incremented. + +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// cleanup_sa(test_association); +// Crypto_Shutdown(); +// } + +// /** +// * @brief Unit Test: Nominal Authorized Encryption +// **/ +// UTEST(MARIA_DB, HAPPY_PATH_AUTH_ENC) +// { +// int32_t status = CRYPTO_LIB_ERROR; +// reload_db(); - status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, - ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, +// ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - status = Crypto_Init(); +// status = Crypto_Init(); - char* raw_tc_sdls_ping_h = "20030415000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_mariadb(); - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); +// char* raw_tc_sdls_ping_h = "20030415000080d2c70008197f0b00310000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; +// SaInterface sa_if = get_sa_interface_mariadb(); +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; - int32_t return_val = CRYPTO_LIB_ERROR; +// int32_t return_val = CRYPTO_LIB_ERROR; - SecurityAssociation_t* test_association; - // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(3, &test_association); +// SecurityAssociation_t* test_association; +// // Expose the SADB Security Association for test edits. +// sa_if->sa_get_from_spi(3, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - cleanup_sa(test_association); - status = sa_if->sa_get_from_spi(3, &test_association); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - ASSERT_EQ(test_association->iv[test_association->iv_len - 1], 2); // Verify that IV incremented. - - Crypto_Shutdown(); - cleanup_sa(test_association); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); -} - -/** - * @brief Validation Test: Authorized Decryption - * Makes use of truth data created from the previous AUTH_ENCRYPTION_TEST, to validate that Crypto_TC_ProcessSecurity( - *uint8_t* ingest, int* len_ingest,TC_t* tc_sdls_processed_frame) properly decrypts data and returns it to the intial - *truth data created by the python_auth_encryption(uint8_t* data, uint8_t* key, uint8_t* iv, uint8_t* header, uint8_t* - *bitmask, uint8_t** expected, long* expected_length) function. - **/ -UTEST(MARIA_DB, AUTH_DECRYPTION_TEST) -{ - char* dec_test_h = "20030433000000030000000000000000000000014ED87188D42B3F36130F355E83F3DE9C5E8F716321145159B41144E5514EBBEA"; - char* enc_test_h = "80d2c70008197f0b00310000b1fe"; - uint8_t* dec_test_b, *enc_test_b = NULL; - int dec_test_len, enc_test_len = 0; - int32_t status = CRYPTO_LIB_ERROR; - reload_db(); +// cleanup_sa(test_association); +// status = sa_if->sa_get_from_spi(3, &test_association); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// ASSERT_EQ(test_association->iv[test_association->iv_len - 1], 2); // Verify that IV incremented. + +// Crypto_Shutdown(); +// cleanup_sa(test_association); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// } + +// /** +// * @brief Validation Test: Authorized Decryption +// * Makes use of truth data created from the previous AUTH_ENCRYPTION_TEST, to validate that Crypto_TC_ProcessSecurity( +// *uint8_t* ingest, int* len_ingest,TC_t* tc_sdls_processed_frame) properly decrypts data and returns it to the intial +// *truth data created by the python_auth_encryption(uint8_t* data, uint8_t* key, uint8_t* iv, uint8_t* header, uint8_t* +// *bitmask, uint8_t** expected, long* expected_length) function. +// **/ +// UTEST(MARIA_DB, AUTH_DECRYPTION_TEST) +// { +// char* dec_test_h = "20030433000000030000000000000000000000014ED87188D42B3F36130F355E83F3DE9C5E8F716321145159B41144E5514EBBEA"; +// char* enc_test_h = "80d2c70008197f0b00310000b1fe"; +// uint8_t* dec_test_b, *enc_test_b = NULL; +// int dec_test_len, enc_test_len = 0; +// int32_t status = CRYPTO_LIB_ERROR; +// reload_db(); - status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, - ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, +// ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - status = Crypto_Init(); +// status = Crypto_Init(); - SaInterface sa_if = get_sa_interface_mariadb(); +// SaInterface sa_if = get_sa_interface_mariadb(); - hex_conversion(dec_test_h, (char**) &dec_test_b, &dec_test_len); - hex_conversion(enc_test_h, (char**) &enc_test_b, &enc_test_len); +// hex_conversion(dec_test_h, (char**) &dec_test_b, &dec_test_len); +// hex_conversion(enc_test_h, (char**) &enc_test_b, &enc_test_len); - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); +// TC_t* tc_sdls_processed_frame; +// tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); +// memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - SecurityAssociation_t* test_association; - sa_if->sa_get_from_spi(3, &test_association); - test_association->iv[test_association->iv_len - 1] = 0; - sa_if->sa_save_sa(test_association); - - Crypto_TC_ProcessSecurity(dec_test_b, &dec_test_len, tc_sdls_processed_frame); - for (int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) - { - ASSERT_EQ(enc_test_b[i], tc_sdls_processed_frame->tc_pdu[i]); - } - - Crypto_Shutdown(); - free(dec_test_b); - free(enc_test_b); - free(tc_sdls_processed_frame->tc_sec_header.iv); - free(tc_sdls_processed_frame->tc_sec_header.sn); - free(tc_sdls_processed_frame->tc_sec_header.pad); - free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? - free(tc_sdls_processed_frame); -} - -/** - * @brief Unit Test: Nominal Authorized Encryption With Partial IV Rollover, increment static IV - **/ -UTEST(MARIA_DB, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) -{ - int32_t status = CRYPTO_LIB_ERROR; - reload_db(); +// SecurityAssociation_t* test_association; +// sa_if->sa_get_from_spi(3, &test_association); +// test_association->iv[test_association->iv_len - 1] = 0; +// sa_if->sa_save_sa(test_association); + +// Crypto_TC_ProcessSecurity(dec_test_b, &dec_test_len, tc_sdls_processed_frame); +// for (int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) +// { +// ASSERT_EQ(enc_test_b[i], tc_sdls_processed_frame->tc_pdu[i]); +// } + +// Crypto_Shutdown(); +// free(dec_test_b); +// free(enc_test_b); +// free(tc_sdls_processed_frame->tc_sec_header.iv); +// free(tc_sdls_processed_frame->tc_sec_header.sn); +// free(tc_sdls_processed_frame->tc_sec_header.pad); +// free(tc_sdls_processed_frame->tc_sec_trailer.mac); // TODO: Is there a method to free all of this? +// free(tc_sdls_processed_frame); +// } + +// /** +// * @brief Unit Test: Nominal Authorized Encryption With Partial IV Rollover, increment static IV +// **/ +// UTEST(MARIA_DB, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_IV_ROLLOVER) +// { +// int32_t status = CRYPTO_LIB_ERROR; +// reload_db(); - status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, - ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - - status = Crypto_Init(); - - char* raw_tc_sdls_ping_h = "20030815000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - - char* new_iv_h = "FFFFFFFFFFFC"; - char* new_iv_b = NULL; - - char* expected_iv_h = "000000000001000000000001"; - char* expected_iv_b = NULL; - - int raw_tc_sdls_ping_len = 0; - int new_iv_len = 0; - int expected_iv_len = 0; - - SaInterface sa_if = get_sa_interface_mariadb(); - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); - hex_conversion(expected_iv_h, &expected_iv_b, &expected_iv_len); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - int32_t return_val = CRYPTO_LIB_ERROR; - - SecurityAssociation_t* test_association; - - sa_if->sa_get_from_spi(4, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, +// ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); + +// status = Crypto_Init(); + +// char* raw_tc_sdls_ping_h = "20030815000080d2c70008197f0b00310000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; + +// char* new_iv_h = "FFFFFFFFFFFC"; +// char* new_iv_b = NULL; + +// char* expected_iv_h = "000000000001000000000001"; +// char* expected_iv_b = NULL; + +// int raw_tc_sdls_ping_len = 0; +// int new_iv_len = 0; +// int expected_iv_len = 0; + +// SaInterface sa_if = get_sa_interface_mariadb(); +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); +// hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); +// hex_conversion(expected_iv_h, &expected_iv_b, &expected_iv_len); +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// int32_t return_val = CRYPTO_LIB_ERROR; + +// SecurityAssociation_t* test_association; + +// sa_if->sa_get_from_spi(4, &test_association); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// free(ptr_enc_frame); +// ptr_enc_frame = NULL; +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// free(ptr_enc_frame); +// ptr_enc_frame = NULL; +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// free(ptr_enc_frame); +// ptr_enc_frame = NULL; +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// free(ptr_enc_frame); +// ptr_enc_frame = NULL; +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - cleanup_sa(test_association); - sa_if->sa_get_from_spi(4, &test_association); - for (int i = 0; i < test_association->iv_len; i++) - { - printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); - ASSERT_EQ(expected_iv_b[i], *(test_association->iv + i)); - } - - Crypto_Shutdown(); - cleanup_sa(test_association); - free(expected_iv_b); - free(new_iv_b); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); -} - -/** - * @brief Unit Test: Nominal Authorized Encryption With Partial IV Rollover, Static IV - **/ -UTEST(MARIA_DB, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) -{ - int32_t status = CRYPTO_LIB_ERROR; - reload_db(); +// cleanup_sa(test_association); +// sa_if->sa_get_from_spi(4, &test_association); +// for (int i = 0; i < test_association->iv_len; i++) +// { +// printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); +// ASSERT_EQ(expected_iv_b[i], *(test_association->iv + i)); +// } + +// Crypto_Shutdown(); +// cleanup_sa(test_association); +// free(expected_iv_b); +// free(new_iv_b); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// } + +// /** +// * @brief Unit Test: Nominal Authorized Encryption With Partial IV Rollover, Static IV +// **/ +// UTEST(MARIA_DB, HAPPY_PATH_APPLY_STATIC_IV_ROLLOVER) +// { +// int32_t status = CRYPTO_LIB_ERROR; +// reload_db(); - status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, - ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - - status = Crypto_Init(); - - char* raw_tc_sdls_ping_h = "20030815000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - - char* new_iv_h = "FFFFFFFFFFFC"; - char* new_iv_b = NULL; - - char* expected_iv_h = "000000000000000000000001"; - char* expected_iv_b = NULL; - - int raw_tc_sdls_ping_len = 0; - int new_iv_len = 0; - int expected_iv_len = 0; - - SaInterface sa_if = get_sa_interface_mariadb(); - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); - hex_conversion(expected_iv_h, &expected_iv_b, &expected_iv_len); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - int32_t return_val = CRYPTO_LIB_ERROR; - - SecurityAssociation_t* test_association; - - sa_if->sa_get_from_spi(4, &test_association); - memcpy(test_association->iv, new_iv_b, new_iv_len); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - free(ptr_enc_frame); - ptr_enc_frame = NULL; - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - - cleanup_sa(test_association); - sa_if->sa_get_from_spi(4, &test_association); - for (int i = 0; i < test_association->iv_len; i++) - { - printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); - ASSERT_EQ(expected_iv_b[i], *(test_association->iv + i)); - } - - Crypto_Shutdown(); - cleanup_sa(test_association); - free(expected_iv_b); - free(new_iv_b); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); -} - - -/** - * @brief Unit Test: Nominal Authorized Encryption With Partial ARSN Rollover, increment static ARSN - **/ -UTEST(MARIA_DB, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) -{ - int32_t status = CRYPTO_LIB_ERROR; - reload_db(); +// status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, +// ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); + +// status = Crypto_Init(); + +// char* raw_tc_sdls_ping_h = "20030815000080d2c70008197f0b00310000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; + +// char* new_iv_h = "FFFFFFFFFFFC"; +// char* new_iv_b = NULL; + +// char* expected_iv_h = "000000000000000000000001"; +// char* expected_iv_b = NULL; + +// int raw_tc_sdls_ping_len = 0; +// int new_iv_len = 0; +// int expected_iv_len = 0; + +// SaInterface sa_if = get_sa_interface_mariadb(); +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); +// hex_conversion(new_iv_h, &new_iv_b, &new_iv_len); +// hex_conversion(expected_iv_h, &expected_iv_b, &expected_iv_len); +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// int32_t return_val = CRYPTO_LIB_ERROR; + +// SecurityAssociation_t* test_association; + +// sa_if->sa_get_from_spi(4, &test_association); +// memcpy(test_association->iv, new_iv_b, new_iv_len); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// free(ptr_enc_frame); +// ptr_enc_frame = NULL; +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// free(ptr_enc_frame); +// ptr_enc_frame = NULL; +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// free(ptr_enc_frame); +// ptr_enc_frame = NULL; +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// free(ptr_enc_frame); +// ptr_enc_frame = NULL; +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// cleanup_sa(test_association); +// sa_if->sa_get_from_spi(4, &test_association); +// for (int i = 0; i < test_association->iv_len; i++) +// { +// printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_iv_b[i], *(test_association->iv + i)); +// ASSERT_EQ(expected_iv_b[i], *(test_association->iv + i)); +// } + +// Crypto_Shutdown(); +// cleanup_sa(test_association); +// free(expected_iv_b); +// free(new_iv_b); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// } + + +// /** +// * @brief Unit Test: Nominal Authorized Encryption With Partial ARSN Rollover, increment static ARSN +// **/ +// UTEST(MARIA_DB, HAPPY_PATH_APPLY_NONTRANSMITTED_INCREMENTING_ARSN_ROLLOVER) +// { +// int32_t status = CRYPTO_LIB_ERROR; +// reload_db(); - status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, - ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - - status = Crypto_Init(); - - char* raw_tc_sdls_ping_h = "20030C15000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - - char* new_arsn_h = "05FFFC"; - char* new_arsn_b = NULL; - - char* expected_arsn_h = "060001"; - char* expected_arsn_b = NULL; - - int raw_tc_sdls_ping_len = 0; - int new_arsn_len = 0; - int expected_arsn_len = 0; - - SaInterface sa_if = get_sa_interface_mariadb(); - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - hex_conversion(new_arsn_h, &new_arsn_b, &new_arsn_len); - hex_conversion(expected_arsn_h, &expected_arsn_b, &expected_arsn_len); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - int32_t return_val = CRYPTO_LIB_ERROR; - - SecurityAssociation_t* test_association; - // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(5, &test_association); - - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); - free(ptr_enc_frame); - ptr_enc_frame = NULL; - cleanup_sa(test_association); - sa_if->sa_get_from_spi(5, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); - free(ptr_enc_frame); - ptr_enc_frame = NULL; - cleanup_sa(test_association); - sa_if->sa_get_from_spi(5, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); - free(ptr_enc_frame); - ptr_enc_frame = NULL; - cleanup_sa(test_association); - sa_if->sa_get_from_spi(5, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); - free(ptr_enc_frame); - ptr_enc_frame = NULL; - cleanup_sa(test_association); - sa_if->sa_get_from_spi(5, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); +// status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, +// ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); + +// status = Crypto_Init(); + +// char* raw_tc_sdls_ping_h = "20030C15000080d2c70008197f0b00310000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; + +// char* new_arsn_h = "05FFFC"; +// char* new_arsn_b = NULL; + +// char* expected_arsn_h = "060001"; +// char* expected_arsn_b = NULL; + +// int raw_tc_sdls_ping_len = 0; +// int new_arsn_len = 0; +// int expected_arsn_len = 0; + +// SaInterface sa_if = get_sa_interface_mariadb(); + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); +// hex_conversion(new_arsn_h, &new_arsn_b, &new_arsn_len); +// hex_conversion(expected_arsn_h, &expected_arsn_b, &expected_arsn_len); +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// int32_t return_val = CRYPTO_LIB_ERROR; + +// SecurityAssociation_t* test_association; +// // Expose the SADB Security Association for test edits. +// sa_if->sa_get_from_spi(5, &test_association); + +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); +// free(ptr_enc_frame); +// ptr_enc_frame = NULL; +// cleanup_sa(test_association); +// sa_if->sa_get_from_spi(5, &test_association); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); +// free(ptr_enc_frame); +// ptr_enc_frame = NULL; +// cleanup_sa(test_association); +// sa_if->sa_get_from_spi(5, &test_association); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); +// free(ptr_enc_frame); +// ptr_enc_frame = NULL; +// cleanup_sa(test_association); +// sa_if->sa_get_from_spi(5, &test_association); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); +// free(ptr_enc_frame); +// ptr_enc_frame = NULL; +// cleanup_sa(test_association); +// sa_if->sa_get_from_spi(5, &test_association); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS,return_val); - cleanup_sa(test_association); +// cleanup_sa(test_association); - printf("Expected ARSN:\n"); - Crypto_hexprint(expected_arsn_b,expected_arsn_len); - printf("Actual SA ARSN:\n"); - sa_if->sa_get_from_spi(5, &test_association); - Crypto_hexprint(test_association->arsn,test_association->arsn_len); +// printf("Expected ARSN:\n"); +// Crypto_hexprint(expected_arsn_b,expected_arsn_len); +// printf("Actual SA ARSN:\n"); +// sa_if->sa_get_from_spi(5, &test_association); +// Crypto_hexprint(test_association->arsn,test_association->arsn_len); - for (int i = 0; i < test_association->arsn_len; i++) - { - printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_arsn_b[i], *(test_association->arsn + i)); - ASSERT_EQ(expected_arsn_b[i], *(test_association->arsn + i)); - } +// for (int i = 0; i < test_association->arsn_len; i++) +// { +// printf("[%d] Truth: %02x, Actual: %02x\n", i, expected_arsn_b[i], *(test_association->arsn + i)); +// ASSERT_EQ(expected_arsn_b[i], *(test_association->arsn + i)); +// } - //Must shutdown after checking test_association ARSN since that will get freed! +// //Must shutdown after checking test_association ARSN since that will get freed! - cleanup_sa(test_association); - free(expected_arsn_b); - free(new_arsn_b); - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); -} - -/** - * @brief Unit Test: Bad Spacecraft ID - * This should pass the flawed hex string, and return CRYPTO_LIB_ERR_INVALID_SCID - * Bad Space Craft ID. This should pass the flawed .dat file, and return MANAGED_PARAMETERS_FOR_GVCID_NOT_FOUND - **/ -UTEST(MARIA_DB, BAD_SPACE_CRAFT_ID) -{ - int32_t status = CRYPTO_LIB_ERROR; - reload_db(); +// cleanup_sa(test_association); +// free(expected_arsn_b); +// free(new_arsn_b); +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// } + +// /** +// * @brief Unit Test: Bad Spacecraft ID +// * This should pass the flawed hex string, and return CRYPTO_LIB_ERR_INVALID_SCID +// * Bad Space Craft ID. This should pass the flawed .dat file, and return MANAGED_PARAMETERS_FOR_GVCID_NOT_FOUND +// **/ +// UTEST(MARIA_DB, BAD_SPACE_CRAFT_ID) +// { +// int32_t status = CRYPTO_LIB_ERROR; +// reload_db(); - status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, - ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// status = Crypto_Config_MariaDB(mysql_hostname, mysql_database, mysql_port, CRYPTO_FALSE, verify_server, ssl_ca, +// ssl_capath, ssl_cert, ssl_key, client_key_password, mysql_username, mysql_password); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); +// Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_LIBGCRYPT, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_FALSE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, TC_SIZE); - status = Crypto_Init(); +// status = Crypto_Init(); - char* raw_tc_sdls_ping_bad_scid_h = "20010015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_bad_scid_b = NULL; - int raw_tc_sdls_ping_bad_scid_len = 0; +// char* raw_tc_sdls_ping_bad_scid_h = "20010015000080d2c70008197f0b00310000b1fe3128"; +// char* raw_tc_sdls_ping_bad_scid_b = NULL; +// int raw_tc_sdls_ping_bad_scid_len = 0; - hex_conversion(raw_tc_sdls_ping_bad_scid_h, &raw_tc_sdls_ping_bad_scid_b, &raw_tc_sdls_ping_bad_scid_len); +// hex_conversion(raw_tc_sdls_ping_bad_scid_h, &raw_tc_sdls_ping_bad_scid_b, &raw_tc_sdls_ping_bad_scid_len); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; - int32_t return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_bad_scid_b, raw_tc_sdls_ping_bad_scid_len, - &ptr_enc_frame, &enc_frame_len); - free(raw_tc_sdls_ping_bad_scid_b); - free(ptr_enc_frame); - Crypto_Shutdown(); - ASSERT_EQ(MANAGED_PARAMETERS_FOR_GVCID_NOT_FOUND, return_val); -} +// int32_t return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_bad_scid_b, raw_tc_sdls_ping_bad_scid_len, +// &ptr_enc_frame, &enc_frame_len); +// free(raw_tc_sdls_ping_bad_scid_b); +// free(ptr_enc_frame); +// Crypto_Shutdown(); +// ASSERT_EQ(MANAGED_PARAMETERS_FOR_GVCID_NOT_FOUND, return_val); +// } UTEST_MAIN(); \ No newline at end of file diff --git a/test/kmc/ut_tc_kmc.c b/test/kmc/ut_tc_kmc.c index f1747e88..466e9a64 100644 --- a/test/kmc/ut_tc_kmc.c +++ b/test/kmc/ut_tc_kmc.c @@ -30,14 +30,10 @@ #include #include -#ifdef KMC_MDB_RH - #define CLIENT_CERTIFICATE "/certs/redhat-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/redhat-key.pem" -#else - /* KMC_MDB_DB */ - #define CLIENT_CERTIFICATE "/certs/debian-cert.pem" - #define CLIENT_CERTIFICATE_KEY "/certs/debian-key.pem" -#endif +#define KMC_HOSTNAME "itc.kmc.nasa.gov" +#define CA_PATH "/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-ca-bundle.crt" +#define CLIENT_CERTIFICATE "/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-cert.pem" +#define CLIENT_CERTIFICATE_KEY "/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-key.pem" /** * @brief Error Function for MDB_DB_RESET @@ -51,6 +47,14 @@ void finish_with_error(MYSQL *con) exit(1); } +void reload_db(void) +{ + printf("Resetting Database\n"); + system("mysql --host=itc.kmc.nasa.gov -u cryptosvc --ssl-ca=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-ca-bundle.crt --ssl-verify-server-cert --ssl-cert=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-cert.pem --ssl-key=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-key.pem < src/sa/sadb_mariadb_sql/empty_sadb.sql"); + printf("first call done\n"); + system("mysql --host=itc.kmc.nasa.gov -u cryptosvc --ssl-ca=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-ca-bundle.crt --ssl-verify-server-cert --ssl-cert=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-cert.pem --ssl-key=/home/itc/Desktop/kmc_oci-3.5.0/files/tls/ammos-server-key.pem < src/sa/test_sadb_mariadb_sql/create_sadb_ivv_unit_tests.sql"); +} + /** * @brief MariaDB: Table Cleanup for Unit Tests * Be sure to use only after initialization @@ -119,44 +123,50 @@ void MDB_DB_RESET() **/ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) { + reload_db(); // Setup & Initialize CryptoLib -<<<<<<< HEAD - Crypto_Config_CryptoLib(KEY_TYPE_KMC, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, -======= - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, ->>>>>>> origin/dev - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, + IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + Crypto_Config_MariaDB(KMC_HOSTNAME,"sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, CA_PATH, NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", "changeit"); Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + GvcidManagedParameters_t TC_UT_Managed_Parameters0 = {0, 0x0003, 0, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters0); + GvcidManagedParameters_t TC_UT_Managed_Parameters1 = {0, 0x0003, 1, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters1); + GvcidManagedParameters_t TC_UT_Managed_Parameters2 = {0, 0x0003, 2, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters2); + GvcidManagedParameters_t TC_UT_Managed_Parameters3 = {0, 0x0003, 3, TC_HAS_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, AOS_NO_OCF, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_UT_Managed_Parameters3); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + // Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); int32_t return_val = Crypto_Init(); ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; char* raw_tc_sdls_ping_b = NULL; int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); + // SaInterface sa_if = get_sa_interface_inmemory(); hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); uint8_t* ptr_enc_frame = NULL; uint16_t enc_frame_len = 0; - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); + // SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - sa_if->sa_get_from_spi(11, &test_association); - test_association->arsn_len = 0; - test_association->shsnf_len = 0; - test_association->ast = 0; - test_association->stmacf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - sa_if->sa_get_from_spi(11, &test_association); + // sa_if->sa_get_from_spi(1, &test_association); + // test_association->sa_state = SA_NONE; + // sa_if->sa_get_from_spi(11, &test_association); + // test_association->arsn_len = 0; + // test_association->shsnf_len = 0; + // test_association->ast = 0; + // test_association->stmacf_len = 0; + // test_association->sa_state = SA_OPERATIONAL; + // sa_if->sa_get_from_spi(11, &test_association); return_val = Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); @@ -179,1060 +189,1060 @@ UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_KMC) ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); } -/** - * @brief Unit Test: Encryption CBC KMC 1 Byte of padding - **/ -UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - char* raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - sa_if->sa_get_from_spi(11, &test_association); - printf("SPI: %d\n", test_association->spi); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->arsn_len = 0; - sa_if->sa_get_from_spi(11, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - - char* truth_data_h = "2003002A0000000B00000000000000000000000000000000011C1741A95DE7EF6FCF2B20B6F09E9FD29988"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; - - hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - //printf("Encrypted Frame:\n"); - for(int i = 0; i < enc_frame_len; i++) - { - //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); - ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); - } - //printf("\n"); - - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); -} - -/** - * @brief Unit Test: Encryption CBC KMC 16 Bytes of padding - **/ -UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_16BP) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - char* raw_tc_sdls_ping_h = "20030017000080d2c70008197f0b003100000000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - sa_if->sa_get_from_spi(11, &test_association); - printf("SPI: %d\n", test_association->spi); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->arsn_len = 0; - sa_if->sa_get_from_spi(11, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - - char* truth_data_h = "2003003A0000000B00000000000000000000000000000000103970EAE4C05ACD1B0C348FDA174DF73EF0E2D603996C4B78B992CD60918729D3A47A"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; - - hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - //printf("Encrypted Frame:\n"); - for(int i = 0; i < enc_frame_len; i++) - { - //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); - ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); - } - printf("\n"); - - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); -} - -/** - * @brief Unit Test: Nominal Encryption CBC KMC - * Frame is max size for this test. Any encrypted data of length greater than 1007 bytes, - * will cause frame length exception. - **/ -UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_MAX) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - char* raw_tc_sdls_ping_h = "200303E6000080d2c70008197f0b00310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - sa_if->sa_get_from_spi(11, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->arsn_len = 0; - sa_if->sa_get_from_spi(11, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); -} - -/** - * @brief Unit Test: Encryption CBC KMC - * Frame is 1 byte too large for this test. Any encrypted data of length greater than 1007 bytes, - * will cause frame length exception. - **/ -UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_TOO_BIG) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - char* raw_tc_sdls_ping_h = "200303F7000080d2c70008197f0b0031000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - sa_if->sa_get_from_spi(11, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->arsn_len = 0; - sa_if->sa_get_from_spi(11, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_SPEC_LIMIT, return_val); -} - -/** - * @brief Unit Test: Nominal Encryption CBC KMC, with no supplied IV - **/ -UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_NULL_IV) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// /** +// * @brief Unit Test: Encryption CBC KMC 1 Byte of padding +// **/ +// UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_1BP) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = "20030016000080d2c70008197f0b0031000000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; +// SaInterface sa_if = get_sa_interface_inmemory(); + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// // Expose the SADB Security Association for test edits. +// sa_if->sa_get_from_spi(1, &test_association); +// test_association->sa_state = SA_NONE; +// sa_if->sa_get_from_spi(11, &test_association); +// printf("SPI: %d\n", test_association->spi); +// test_association->sa_state = SA_OPERATIONAL; +// test_association->ast = 0; +// test_association->arsn_len = 0; +// sa_if->sa_get_from_spi(11, &test_association); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// char* truth_data_h = "2003002A0000000B00000000000000000000000000000000011C1741A95DE7EF6FCF2B20B6F09E9FD29988"; +// uint8_t* truth_data_b = NULL; +// int truth_data_l = 0; + +// hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); +// //printf("Encrypted Frame:\n"); +// for(int i = 0; i < enc_frame_len; i++) +// { +// //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); +// ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); +// } +// //printf("\n"); + +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// } + +// /** +// * @brief Unit Test: Encryption CBC KMC 16 Bytes of padding +// **/ +// UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_16BP) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = "20030017000080d2c70008197f0b003100000000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; +// SaInterface sa_if = get_sa_interface_inmemory(); + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// // Expose the SADB Security Association for test edits. +// sa_if->sa_get_from_spi(1, &test_association); +// test_association->sa_state = SA_NONE; +// sa_if->sa_get_from_spi(11, &test_association); +// printf("SPI: %d\n", test_association->spi); +// test_association->sa_state = SA_OPERATIONAL; +// test_association->ast = 0; +// test_association->arsn_len = 0; +// sa_if->sa_get_from_spi(11, &test_association); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// char* truth_data_h = "2003003A0000000B00000000000000000000000000000000103970EAE4C05ACD1B0C348FDA174DF73EF0E2D603996C4B78B992CD60918729D3A47A"; +// uint8_t* truth_data_b = NULL; +// int truth_data_l = 0; + +// hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); +// //printf("Encrypted Frame:\n"); +// for(int i = 0; i < enc_frame_len; i++) +// { +// //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); +// ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); +// } +// printf("\n"); + +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// } + +// /** +// * @brief Unit Test: Nominal Encryption CBC KMC +// * Frame is max size for this test. Any encrypted data of length greater than 1007 bytes, +// * will cause frame length exception. +// **/ +// UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_MAX) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = "200303E6000080d2c70008197f0b00310000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; +// SaInterface sa_if = get_sa_interface_inmemory(); + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// // Expose the SADB Security Association for test edits. +// sa_if->sa_get_from_spi(1, &test_association); +// test_association->sa_state = SA_NONE; +// sa_if->sa_get_from_spi(11, &test_association); +// test_association->sa_state = SA_OPERATIONAL; +// test_association->ast = 0; +// test_association->arsn_len = 0; +// sa_if->sa_get_from_spi(11, &test_association); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// } + +// /** +// * @brief Unit Test: Encryption CBC KMC +// * Frame is 1 byte too large for this test. Any encrypted data of length greater than 1007 bytes, +// * will cause frame length exception. +// **/ +// UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_FRAME_TOO_BIG) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = "200303F7000080d2c70008197f0b0031000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; +// SaInterface sa_if = get_sa_interface_inmemory(); + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// // Expose the SADB Security Association for test edits. +// sa_if->sa_get_from_spi(1, &test_association); +// test_association->sa_state = SA_NONE; +// sa_if->sa_get_from_spi(11, &test_association); +// test_association->sa_state = SA_OPERATIONAL; +// test_association->ast = 0; +// test_association->arsn_len = 0; +// sa_if->sa_get_from_spi(11, &test_association); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_SPEC_LIMIT, return_val); +// } + +// /** +// * @brief Unit Test: Nominal Encryption CBC KMC, with no supplied IV +// **/ +// UTEST(TC_APPLY_SECURITY, ENC_CBC_KMC_NULL_IV) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; +// SaInterface sa_if = get_sa_interface_inmemory(); + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// // Expose the SADB Security Association for test edits. +// sa_if->sa_get_from_spi(1, &test_association); +// test_association->sa_state = SA_NONE; +// sa_if->sa_get_from_spi(11, &test_association); +// printf("SPI: %d\n", test_association->spi); +// test_association->sa_state = SA_OPERATIONAL; +// test_association->ast = 0; +// test_association->est = 1; +// test_association->stmacf_len = 0; +// test_association->ecs = CRYPTO_CIPHER_AES256_CBC; +// test_association->acs_len = 1; +// test_association->acs = 0; +// test_association->arsn_len = 0; +// sa_if->sa_get_from_spi(11, &test_association); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// } + +// /** +// * @brief Unit Test: Nominal Encryption CBC KMC, with no supplied IV +// **/ +// UTEST(TC_APPLY_SECURITY, ENC_GCM_KMC_NULL_IV) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// // // 200300230000000B000000000000000000000000852DDEFF8FCD93567F271E192C07F126 +// char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; +// SaInterface sa_if = get_sa_interface_inmemory(); + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// // Expose the SADB Security Association for test edits. +// sa_if->sa_get_from_spi(1, &test_association); +// test_association->sa_state = SA_NONE; +// sa_if->sa_get_from_spi(11, &test_association); +// printf("SPI: %d\n", test_association->spi); +// test_association->sa_state = SA_OPERATIONAL; +// test_association->ast = 1; +// test_association->est = 1; +// test_association->stmacf_len = 16; +// test_association->shplf_len = 0; +// test_association->ecs = CRYPTO_CIPHER_AES256_GCM; +// test_association->acs_len = 1; +// test_association->acs = 0; +// test_association->arsn_len = 0; +// test_association->iv_len = 12; +// test_association->shivf_len = 12; +// test_association->ecs = 0x01; +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// } + +// //********************************* Encryption Tests MDB + KMC *******************************************************************// +// /** +// * @brief Unit Test: Nominal Encryption CBC MDB KMC +// **/ +// UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_MDB_KMC) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = "20031815000080d2c70008197f0b00310000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; +// //SaInterface sa_if = get_sa_interface_inmemory(); + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// } + +// /** +// * @brief Unit Test: Encryption CBC MDB KMC 1 Byte of padding +// **/ +// UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_1BP) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = "20031816000080d2c70008197f0b0031000000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* truth_data_h = "2003182A0000001200000000000000000000000000000002011D90CE80C259660B229B6C1783C80E898D52"; +// uint8_t* truth_data_b = NULL; +// int truth_data_l = 0; + +// hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); +// printf("Encrypted Frame:\n"); +// for(int i = 0; i < enc_frame_len; i++) +// { +// printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); +// ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); +// } +// printf("\n"); + +// Crypto_Shutdown(); +// //free(raw_tc_sdls_ping_b); +// //free(ptr_enc_frame); +// } + +// /** +// * @brief Unit Test: Encryption CBC MDB KMC 16 Bytes of padding +// **/ +// UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_16BP) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = "20031817000080d2c70008197f0b003100000000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// char* truth_data_h = "2003183A000000120000000000000000000000000000000310CA8B21BCB5AFB1A306CDC96C80C9208D00EB961E3F61D355E30F01CFDCCC7D026D56"; +// uint8_t* truth_data_b = NULL; +// int truth_data_l = 0; + +// hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); +// //printf("Encrypted Frame:\n"); +// for(int i = 0; i < enc_frame_len; i++) +// { +// //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); +// ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); +// } +// printf("\n"); + +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// } + +// /** +// * @brief Unit Test: Nominal Encryption CBC MDB KMC +// * Frame is max size for this test. Any encrypted data of length greater than 1007 bytes, +// * will cause frame length exception. +// **/ +// UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_MAX) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = "20031BE0000080d2c70008197f0b003100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; +// SaInterface sa_if = get_sa_interface_inmemory(); + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// // Expose the SADB Security Association for test edits. +// sa_if->sa_get_from_spi(1, &test_association); +// test_association->sa_state = SA_NONE; +// sa_if->sa_get_from_spi(11, &test_association); +// test_association->sa_state = SA_OPERATIONAL; +// test_association->ast = 0; +// test_association->arsn_len = 0; +// sa_if->sa_get_from_spi(11, &test_association); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// } + +// /** +// * @brief Unit Test: Encryption CBC MDB KMC +// * Frame is 1 byte too large for this test. Any encrypted data of length greater than 1007 bytes, +// * will cause frame length exception. +// **/ +// UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_TOO_BIG) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = "200303F2000080d2c70008197f0b003100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; +// SaInterface sa_if = get_sa_interface_inmemory(); + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// // Expose the SADB Security Association for test edits. +// sa_if->sa_get_from_spi(1, &test_association); +// test_association->sa_state = SA_NONE; +// sa_if->sa_get_from_spi(11, &test_association); +// test_association->sa_state = SA_OPERATIONAL; +// test_association->ast = 0; +// test_association->arsn_len = 0; +// sa_if->sa_get_from_spi(11, &test_association); +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_MANAGED_PARAM_MAX_LIMIT, return_val); +// } + +// /** +// * @brief Unit Test: Nominal Encryption CBC MDB KMC, Null IV +// **/ +// UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_NULL_IV) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); + +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// char* raw_tc_sdls_ping_h = "20031015000080d2c70008197f0b00310000b1fe3128"; +// char* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; + +// hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// uint8_t* ptr_enc_frame = NULL; +// uint16_t enc_frame_len = 0; + +// return_val = +// Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + + +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// free(ptr_enc_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// } + + +// //******************************************************* Decryption Tests *******************************************************// + +// /** +// * @brief Unit Test: Nominal Decryption CBC KMC +// **/ +// UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_KMC) +// { +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// TC_t* tc_sdls_processed_frame; +// tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); +// memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); +// char* test_frame_pt_h = "2003002A0000000B00000000000000000000000000000000025364F9BC3344AF359DA06CA886746F59A0AB"; +// //char* test_frame_pt_h = "2003001A0000000B025364F9BC3344AF359DA06CA886746F591C8E"; +// uint8_t *test_frame_pt_b = NULL; +// int test_frame_pt_len = 0; + +// // Expose/setup SAs for testing +// SecurityAssociation_t* test_association = NULL; +// test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// sa_if->sa_get_from_spi(11, &test_association); +// test_association->arsn_len = 0; +// test_association->shsnf_len = 0; +// test_association->ast = 0; +// test_association->stmacf_len = 0; +// test_association->sa_state = SA_OPERATIONAL; + +// // Convert input test frame +// hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + +// status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); + +// char* truth_data_h = "80d2c70008197f0b00310000b1fe"; +// uint8_t* truth_data_b = NULL; +// int truth_data_l = 0; + +// hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); +// //printf("Decrypted Frame:\n"); +// for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) +// { +// //printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// } +// //printf("\n"); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// free(test_frame_pt_b); +// Crypto_Shutdown(); +// } + +// /** +// * @brief Unit Test: Decryption CBC KMC with 1 Byte of padding +// **/ +// UTEST(TC_PROCESS, DECRYPT_CBC_KMC_1B) +// { +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// TC_t* tc_sdls_processed_frame; +// tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); +// memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + +// char* test_frame_pt_h = "2003002A0000000B00000000000000000000000000000000011C1741A95DE7EF6FCF2B20B6F09E9FD29988"; +// uint8_t *test_frame_pt_b = NULL; +// int test_frame_pt_len = 0; + +// // Expose/setup SAs for testing +// SecurityAssociation_t* test_association = NULL; +// test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// sa_if->sa_get_from_spi(11, &test_association); +// test_association->arsn_len = 0; +// test_association->shsnf_len = 0; +// test_association->ast = 0; +// test_association->stmacf_len = 0; +// test_association->sa_state = SA_OPERATIONAL; + +// // Convert input test frame +// hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + +// status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); + +// char* truth_data_h = "80d2c70008197f0b0031000000b1fe"; +// uint8_t* truth_data_b = NULL; +// int truth_data_l = 0; + +// hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); +// //printf("Decrypted Frame:\n"); +// for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) +// { +// //printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// } +// //printf("\n"); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// free(test_frame_pt_b); +// Crypto_Shutdown(); +// } + +// /** +// * @brief Unit Test: Decryption CBC KMC with 16 Bytes of padding +// **/ +// UTEST(TC_PROCESS, DECRYPT_CBC_KMC_16B) +// { +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// TC_t* tc_sdls_processed_frame; +// tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); +// memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + +// char* test_frame_pt_h = "2003003A0000000B00000000000000000000000000000000103970EAE4C05ACD1B0C348FDA174DF73EF0E2D603996C4B78B992CD60918729D3A47A"; +// uint8_t *test_frame_pt_b = NULL; +// int test_frame_pt_len = 0; + +// // Expose/setup SAs for testing +// SecurityAssociation_t* test_association = NULL; +// test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// sa_if->sa_get_from_spi(11, &test_association); +// test_association->arsn_len = 0; +// test_association->shsnf_len = 0; +// test_association->ast = 0; +// test_association->stmacf_len = 0; +// test_association->sa_state = SA_OPERATIONAL; + +// // Convert input test frame +// hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + +// status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); + +// char* truth_data_h = "80d2c70008197f0b003100000000b1fe"; +// uint8_t* truth_data_b = NULL; +// int truth_data_l = 0; + +// hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); +// //printf("Decrypted Frame:\n"); +// for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) +// { +// //printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// } +// //printf("\n"); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// free(test_frame_pt_b); +// Crypto_Shutdown(); +// } + +// /** +// * @brief Unit Test: Nominal Decryption CBC KMC, Null IV +// **/ +// UTEST(TC_PROCESS, DECRYPT_CBC_KMC_NULL_IV) +// { +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// TC_t* tc_sdls_processed_frame; +// tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); +// memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + +// char* test_frame_pt_h = "2003002A0000000B22BA7A6B53C17DD9405B599FB04222A7026AC591A28602BF97D3E7D9CE6BC52D4382EB"; +// uint8_t *test_frame_pt_b = NULL; +// int test_frame_pt_len = 0; + +// // Expose/setup SAs for testing +// SecurityAssociation_t* test_association = NULL; +// test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// sa_if->sa_get_from_spi(11, &test_association); +// test_association->sa_state = SA_OPERATIONAL; +// test_association->ast = 0; + +// // Convert input test frame +// hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); +// status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - sa_if->sa_get_from_spi(11, &test_association); - printf("SPI: %d\n", test_association->spi); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->est = 1; - test_association->stmacf_len = 0; - test_association->ecs = CRYPTO_CIPHER_AES256_CBC; - test_association->acs_len = 1; - test_association->acs = 0; - test_association->arsn_len = 0; - sa_if->sa_get_from_spi(11, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); -} - -/** - * @brief Unit Test: Nominal Encryption CBC KMC, with no supplied IV - **/ -UTEST(TC_APPLY_SECURITY, ENC_GCM_KMC_NULL_IV) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - // // 200300230000000B000000000000000000000000852DDEFF8FCD93567F271E192C07F126 - char* raw_tc_sdls_ping_h = "20030015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - sa_if->sa_get_from_spi(11, &test_association); - printf("SPI: %d\n", test_association->spi); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 1; - test_association->est = 1; - test_association->stmacf_len = 16; - test_association->shplf_len = 0; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->acs_len = 1; - test_association->acs = 0; - test_association->arsn_len = 0; - test_association->iv_len = 12; - test_association->shivf_len = 12; - test_association->ecs = 0x01; - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); -} - -//********************************* Encryption Tests MDB + KMC *******************************************************************// -/** - * @brief Unit Test: Nominal Encryption CBC MDB KMC - **/ -UTEST(TC_APPLY_SECURITY, HAPPY_PATH_ENC_CBC_MDB_KMC) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - char* raw_tc_sdls_ping_h = "20031815000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - //SaInterface sa_if = get_sa_interface_inmemory(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// free(test_frame_pt_b); +// Crypto_Shutdown(); +// } + +// /** +// * @brief Unit Test: Nominal Encryption CBC KMC, with no supplied IV +// **/ +// UTEST(TC_PROCESS, DECRYPT_GCM_KMC_NULL_IV) +// { +// // Setup & Initialize CryptoLib +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t return_val = Crypto_Init(); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// TC_t* tc_sdls_processed_frame; +// tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); +// memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + +// char* raw_tc_sdls_ping_h = "200300330000000B5C7D0E687B4ACC8978CEB8F9F1713AC7E65FAA6845BF9607A6D2B89B7AF55C4463B9068F344242AAFAEBE298"; +// uint8_t* raw_tc_sdls_ping_b = NULL; +// int raw_tc_sdls_ping_len = 0; +// SaInterface sa_if = get_sa_interface_inmemory(); + +// hex_conversion(raw_tc_sdls_ping_h, (char **) &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); + +// SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// // Expose the SADB Security Association for test edits. +// sa_if->sa_get_from_spi(1, &test_association); +// test_association->sa_state = SA_NONE; +// sa_if->sa_get_from_spi(11, &test_association); +// printf("SPI: %d\n", test_association->spi); +// test_association->sa_state = SA_OPERATIONAL; +// test_association->ast = 1; +// test_association->est = 1; +// test_association->stmacf_len = 16; +// test_association->shplf_len = 0; +// test_association->ecs = CRYPTO_CIPHER_AES256_GCM; +// test_association->acs_len = 1; +// test_association->acs = 0; +// test_association->arsn_len = 0; +// test_association->iv_len = 12; +// test_association->shivf_len = 12; +// return_val = Crypto_TC_ProcessSecurity(raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len, tc_sdls_processed_frame); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); + +// Crypto_Shutdown(); +// free(raw_tc_sdls_ping_b); +// } + +// // *************************************** Decryption + MDB ***********************************************// +// /** +// * @brief Unit Test: Nominal Decryption CBC MDB KMC +// **/ +// UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_MDB_KMC) +// { +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); + +// int32_t status = Crypto_Init(); - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; +// TC_t* tc_sdls_processed_frame; +// tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); +// memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); +// char* test_frame_pt_h = "2003182A000000120000000000000000000000000000000102FCFCF53E77DDCFD92993273B6C449B76CA1E"; +// uint8_t *test_frame_pt_b = NULL; +// int test_frame_pt_len = 0; - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); +// // Convert input test frame +// hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); -} - -/** - * @brief Unit Test: Encryption CBC MDB KMC 1 Byte of padding - **/ -UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_1BP) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - char* raw_tc_sdls_ping_h = "20031816000080d2c70008197f0b0031000000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); +// status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// char* truth_data_h = "80d2c70008197f0b00310000b1fe"; +// uint8_t* truth_data_b = NULL; +// int truth_data_l = 0; + +// hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); +// //printf("Decrypted Frame:\n"); +// for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) +// { +// //printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// } +// //printf("\n"); - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; + +// free(test_frame_pt_b); +// Crypto_Shutdown(); +// } + +// /** +// * @brief Unit Test: Decryption CBC MDB KMC with 1 Byte of padding +// **/ +// UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_1B) +// { +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// TC_t* tc_sdls_processed_frame; +// tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); +// memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + +// char* test_frame_pt_h = "2003182A0000001200000000000000000000000000000002011D90CE80C259660B229B6C1783C80E898D52"; +// uint8_t *test_frame_pt_b = NULL; +// int test_frame_pt_len = 0; + +// // Convert input test frame +// hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + +// status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// char* truth_data_h = "80d2c70008197f0b0031000000b1fe"; +// uint8_t* truth_data_b = NULL; +// int truth_data_l = 0; + +// hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); +// //printf("Decrypted Frame:\n"); +// for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) +// { +// printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// } +// //printf("\n"); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); + +// free(test_frame_pt_b); +// Crypto_Shutdown(); +// } + +// /** +// * @brief Unit Test: Decryption CBC MDB KMC with 16 Bytes of padding +// **/ +// UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_16B) +// { +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// TC_t* tc_sdls_processed_frame; +// tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); +// memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); + +// char* test_frame_pt_h = "2003183A000000120000000000000000000000000000000310CA8B21BCB5AFB1A306CDC96C80C9208D00EB961E3F61D355E30F01CFDCCC7D026D56"; +// uint8_t *test_frame_pt_b = NULL; +// int test_frame_pt_len = 0; + +// // Convert input test frame +// hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); + +// status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// char* truth_data_h = "80d2c70008197f0b003100000000b1fe"; +// uint8_t* truth_data_b = NULL; +// int truth_data_l = 0; + +// hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); +// //printf("Decrypted Frame:\n"); +// for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) +// { +// printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// //ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// } +// printf("\n"); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - char* truth_data_h = "2003182A0000001200000000000000000000000000000002011D90CE80C259660B229B6C1783C80E898D52"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; - - hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - printf("Encrypted Frame:\n"); - for(int i = 0; i < enc_frame_len; i++) - { - printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); - ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); - } - printf("\n"); - - Crypto_Shutdown(); - //free(raw_tc_sdls_ping_b); - //free(ptr_enc_frame); -} - -/** - * @brief Unit Test: Encryption CBC MDB KMC 16 Bytes of padding - **/ -UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_16BP) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - char* raw_tc_sdls_ping_h = "20031817000080d2c70008197f0b003100000000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - - char* truth_data_h = "2003183A000000120000000000000000000000000000000310CA8B21BCB5AFB1A306CDC96C80C9208D00EB961E3F61D355E30F01CFDCCC7D026D56"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; - - hex_conversion(truth_data_h, (char **)&truth_data_b, &truth_data_l); - //printf("Encrypted Frame:\n"); - for(int i = 0; i < enc_frame_len; i++) - { - //printf("%02x -> %02x ", ptr_enc_frame[i], truth_data_b[i]); - ASSERT_EQ(ptr_enc_frame[i], truth_data_b[i]); - } - printf("\n"); - - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); -} - -/** - * @brief Unit Test: Nominal Encryption CBC MDB KMC - * Frame is max size for this test. Any encrypted data of length greater than 1007 bytes, - * will cause frame length exception. - **/ -UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_MAX) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - char* raw_tc_sdls_ping_h = "20031BE0000080d2c70008197f0b003100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - sa_if->sa_get_from_spi(11, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->arsn_len = 0; - sa_if->sa_get_from_spi(11, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); -} - -/** - * @brief Unit Test: Encryption CBC MDB KMC - * Frame is 1 byte too large for this test. Any encrypted data of length greater than 1007 bytes, - * will cause frame length exception. - **/ -UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_FRAME_TOO_BIG) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - char* raw_tc_sdls_ping_h = "200303F2000080d2c70008197f0b003100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000b1fed255"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - sa_if->sa_get_from_spi(11, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - test_association->arsn_len = 0; - sa_if->sa_get_from_spi(11, &test_association); - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_ERR_TC_FRAME_SIZE_EXCEEDS_MANAGED_PARAM_MAX_LIMIT, return_val); -} - -/** - * @brief Unit Test: Nominal Encryption CBC MDB KMC, Null IV - **/ -UTEST(TC_APPLY_SECURITY, ENC_CBC_MDB_KMC_NULL_IV) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - char* raw_tc_sdls_ping_h = "20031015000080d2c70008197f0b00310000b1fe3128"; - char* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - - hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - - uint8_t* ptr_enc_frame = NULL; - uint16_t enc_frame_len = 0; - - return_val = - Crypto_TC_ApplySecurity((uint8_t* )raw_tc_sdls_ping_b, raw_tc_sdls_ping_len, &ptr_enc_frame, &enc_frame_len); - - - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); - free(ptr_enc_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); -} - - -//******************************************************* Decryption Tests *******************************************************// - -/** - * @brief Unit Test: Nominal Decryption CBC KMC - **/ -UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_KMC) -{ - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - char* test_frame_pt_h = "2003002A0000000B00000000000000000000000000000000025364F9BC3344AF359DA06CA886746F59A0AB"; - //char* test_frame_pt_h = "2003001A0000000B025364F9BC3344AF359DA06CA886746F591C8E"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - sa_if->sa_get_from_spi(11, &test_association); - test_association->arsn_len = 0; - test_association->shsnf_len = 0; - test_association->ast = 0; - test_association->stmacf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - - // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - - status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - - char* truth_data_h = "80d2c70008197f0b00310000b1fe"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; - - hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); - //printf("Decrypted Frame:\n"); - for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) - { - //printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - } - //printf("\n"); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - free(test_frame_pt_b); - Crypto_Shutdown(); -} - -/** - * @brief Unit Test: Decryption CBC KMC with 1 Byte of padding - **/ -UTEST(TC_PROCESS, DECRYPT_CBC_KMC_1B) -{ - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - - char* test_frame_pt_h = "2003002A0000000B00000000000000000000000000000000011C1741A95DE7EF6FCF2B20B6F09E9FD29988"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - sa_if->sa_get_from_spi(11, &test_association); - test_association->arsn_len = 0; - test_association->shsnf_len = 0; - test_association->ast = 0; - test_association->stmacf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - - // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - - status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - - char* truth_data_h = "80d2c70008197f0b0031000000b1fe"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; - - hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); - //printf("Decrypted Frame:\n"); - for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) - { - //printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - } - //printf("\n"); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - free(test_frame_pt_b); - Crypto_Shutdown(); -} - -/** - * @brief Unit Test: Decryption CBC KMC with 16 Bytes of padding - **/ -UTEST(TC_PROCESS, DECRYPT_CBC_KMC_16B) -{ - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 1, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 2, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 3, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - - char* test_frame_pt_h = "2003003A0000000B00000000000000000000000000000000103970EAE4C05ACD1B0C348FDA174DF73EF0E2D603996C4B78B992CD60918729D3A47A"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - sa_if->sa_get_from_spi(11, &test_association); - test_association->arsn_len = 0; - test_association->shsnf_len = 0; - test_association->ast = 0; - test_association->stmacf_len = 0; - test_association->sa_state = SA_OPERATIONAL; - - // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - - status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - - char* truth_data_h = "80d2c70008197f0b003100000000b1fe"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; - - hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); - //printf("Decrypted Frame:\n"); - for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) - { - //printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - } - //printf("\n"); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - free(test_frame_pt_b); - Crypto_Shutdown(); -} - -/** - * @brief Unit Test: Nominal Decryption CBC KMC, Null IV - **/ -UTEST(TC_PROCESS, DECRYPT_CBC_KMC_NULL_IV) -{ - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - - char* test_frame_pt_h = "2003002A0000000B22BA7A6B53C17DD9405B599FB04222A7026AC591A28602BF97D3E7D9CE6BC52D4382EB"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - sa_if->sa_get_from_spi(11, &test_association); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 0; - - // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - free(test_frame_pt_b); - Crypto_Shutdown(); -} - -/** - * @brief Unit Test: Nominal Encryption CBC KMC, with no supplied IV - **/ -UTEST(TC_PROCESS, DECRYPT_GCM_KMC_NULL_IV) -{ - // Setup & Initialize CryptoLib - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 0, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t return_val = Crypto_Init(); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - - char* raw_tc_sdls_ping_h = "200300330000000B5C7D0E687B4ACC8978CEB8F9F1713AC7E65FAA6845BF9607A6D2B89B7AF55C4463B9068F344242AAFAEBE298"; - uint8_t* raw_tc_sdls_ping_b = NULL; - int raw_tc_sdls_ping_len = 0; - SaInterface sa_if = get_sa_interface_inmemory(); - - hex_conversion(raw_tc_sdls_ping_h, (char **) &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len); - - SecurityAssociation_t* test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - // Expose the SADB Security Association for test edits. - sa_if->sa_get_from_spi(1, &test_association); - test_association->sa_state = SA_NONE; - sa_if->sa_get_from_spi(11, &test_association); - printf("SPI: %d\n", test_association->spi); - test_association->sa_state = SA_OPERATIONAL; - test_association->ast = 1; - test_association->est = 1; - test_association->stmacf_len = 16; - test_association->shplf_len = 0; - test_association->ecs = CRYPTO_CIPHER_AES256_GCM; - test_association->acs_len = 1; - test_association->acs = 0; - test_association->arsn_len = 0; - test_association->iv_len = 12; - test_association->shivf_len = 12; - return_val = Crypto_TC_ProcessSecurity(raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len, tc_sdls_processed_frame); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, return_val); - - Crypto_Shutdown(); - free(raw_tc_sdls_ping_b); -} - -// *************************************** Decryption + MDB ***********************************************// -/** - * @brief Unit Test: Nominal Decryption CBC MDB KMC - **/ -UTEST(TC_PROCESS, HAPPY_PATH_DECRYPT_CBC_MDB_KMC) -{ - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - - int32_t status = Crypto_Init(); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - - char* test_frame_pt_h = "2003182A000000120000000000000000000000000000000102FCFCF53E77DDCFD92993273B6C449B76CA1E"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; - - // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - - status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - char* truth_data_h = "80d2c70008197f0b00310000b1fe"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; - - hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); - //printf("Decrypted Frame:\n"); - for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) - { - //printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - } - //printf("\n"); - - - free(test_frame_pt_b); - Crypto_Shutdown(); -} - -/** - * @brief Unit Test: Decryption CBC MDB KMC with 1 Byte of padding - **/ -UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_1B) -{ - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - - char* test_frame_pt_h = "2003182A0000001200000000000000000000000000000002011D90CE80C259660B229B6C1783C80E898D52"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; - - // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - - status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - char* truth_data_h = "80d2c70008197f0b0031000000b1fe"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; - - hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); - //printf("Decrypted Frame:\n"); - for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) - { - printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - } - //printf("\n"); - - - free(test_frame_pt_b); - Crypto_Shutdown(); -} - -/** - * @brief Unit Test: Decryption CBC MDB KMC with 16 Bytes of padding - **/ -UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_16B) -{ - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 6, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - - char* test_frame_pt_h = "2003183A000000120000000000000000000000000000000310CA8B21BCB5AFB1A306CDC96C80C9208D00EB961E3F61D355E30F01CFDCCC7D026D56"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; - - // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - char* truth_data_h = "80d2c70008197f0b003100000000b1fe"; - uint8_t* truth_data_b = NULL; - int truth_data_l = 0; - - hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); - //printf("Decrypted Frame:\n"); - for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) - { - printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - //ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - } - printf("\n"); - +// free(test_frame_pt_b); +// Crypto_Shutdown(); +// } + +// /** +// * @brief Unit Test: Nominal Decryption CBC MDB KMC, NULL IV +// **/ +// UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_NULL_IV) +// { +// Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, +// IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, +// TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, +// TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); +// Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); +// Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); +// Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); +// int32_t status = Crypto_Init(); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + +// TC_t* tc_sdls_processed_frame; +// tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); +// memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); +// //2003102E00000006DDB12ADB9F880659AD5703EF6D45BD4A0001EF2BD095982BC3AC58B8AB92484662E000000026F3 +// char* test_frame_pt_h = "2003102C00000006703809AED191A8041A6DCEB4C030894400120218AB4508A560430D644DE39E35011E454755"; +// uint8_t *test_frame_pt_b = NULL; +// int test_frame_pt_len = 0; + +// // Expose/setup SAs for testing +// SecurityAssociation_t* test_association = NULL; +// test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); +// sa_if->sa_get_from_spi(1, &test_association); +// test_association->arsn_len = 0; +// test_association->shsnf_len = 0; + +// // Convert input test frame +// hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); - free(test_frame_pt_b); - Crypto_Shutdown(); -} - -/** - * @brief Unit Test: Nominal Decryption CBC MDB KMC, NULL IV - **/ -UTEST(TC_PROCESS, DECRYPT_CBC_MDB_KMC_NULL_IV) -{ - Crypto_Config_CryptoLib(KEY_TYPE_KMC, MC_TYPE_DISABLED, SA_TYPE_MARIADB, CRYPTOGRAPHY_TYPE_KMCCRYPTO, - IV_CRYPTO_MODULE, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_FALSE, TC_NO_PUS_HDR, - TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, - TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); - Crypto_Config_MariaDB("db-itc-kmc.nasa.gov","sadb", 3306,CRYPTO_TRUE,CRYPTO_TRUE, "/certs/ammos-ca-bundle.crt", NULL, CLIENT_CERTIFICATE, CLIENT_CERTIFICATE_KEY, NULL, "root", NULL); - Crypto_Config_Kmc_Crypto_Service("https", "itc-kmc.nasa.gov", 8443, "crypto-service","/certs/ammos-ca-bundle.crt",NULL, CRYPTO_TRUE, CLIENT_CERTIFICATE, "PEM", CLIENT_CERTIFICATE_KEY, NULL, NULL); - Crypto_Config_Add_Gvcid_Managed_Parameter(0, 0x0003, 4, TC_HAS_FECF, TC_HAS_SEGMENT_HDRS, 1024, AOS_FHEC_NA, AOS_IZ_NA, 0); - int32_t status = Crypto_Init(); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - - TC_t* tc_sdls_processed_frame; - tc_sdls_processed_frame = malloc(sizeof(uint8_t) * TC_SIZE); - memset(tc_sdls_processed_frame, 0, (sizeof(uint8_t) * TC_SIZE)); - //2003102E00000006DDB12ADB9F880659AD5703EF6D45BD4A0001EF2BD095982BC3AC58B8AB92484662E000000026F3 - char* test_frame_pt_h = "2003102C00000006703809AED191A8041A6DCEB4C030894400120218AB4508A560430D644DE39E35011E454755"; - uint8_t *test_frame_pt_b = NULL; - int test_frame_pt_len = 0; - - // Expose/setup SAs for testing - SecurityAssociation_t* test_association = NULL; - test_association = malloc(sizeof(SecurityAssociation_t) * sizeof(uint8_t)); - sa_if->sa_get_from_spi(1, &test_association); - test_association->arsn_len = 0; - test_association->shsnf_len = 0; - - // Convert input test frame - hex_conversion(test_frame_pt_h, (char**) &test_frame_pt_b, &test_frame_pt_len); +// status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - status = Crypto_TC_ProcessSecurity(test_frame_pt_b, &test_frame_pt_len, tc_sdls_processed_frame); - - // char* truth_data_h = "80d2c70008197f0b00310000b1fe"; - // uint8_t* truth_data_b = NULL; - // int truth_data_l = 0; - - // hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); - // //printf("Decrypted Frame:\n"); - // for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) - // { - // //printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - // ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); - // } - // //printf("\n"); - - ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); - free(test_frame_pt_b); - Crypto_Shutdown(); -} +// // char* truth_data_h = "80d2c70008197f0b00310000b1fe"; +// // uint8_t* truth_data_b = NULL; +// // int truth_data_l = 0; + +// // hex_conversion(truth_data_h, (char**) &truth_data_b, &truth_data_l); +// // //printf("Decrypted Frame:\n"); +// // for(int i = 0; i < tc_sdls_processed_frame->tc_pdu_len; i++) +// // { +// // //printf("%02x -> %02x ", tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// // ASSERT_EQ(tc_sdls_processed_frame->tc_pdu[i], truth_data_b[i]); +// // } +// // //printf("\n"); + +// ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); +// free(test_frame_pt_b); +// Crypto_Shutdown(); +// } UTEST_MAIN(); \ No newline at end of file diff --git a/test/unit/ut_aos_apply.c b/test/unit/ut_aos_apply.c index 0e6dcd18..68e89c08 100644 --- a/test/unit/ut_aos_apply.c +++ b/test/unit/ut_aos_apply.c @@ -302,7 +302,7 @@ UTEST(AOS_APPLY, HAPPY_PATH_CLEAR_FHEC_OID_FECF) TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, AOS_CHECK_FECF_TRUE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); // AOS Tests - GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x0003, 0, AOS_HAS_FECF, AOS_HAS_FECF, AOS_HAS_IZ, 6, AOS_SEGMENT_HDRS_NA, 1786, AOS_HAS_OCF, 1}; + GvcidManagedParameters_t AOS_UT_Managed_Parameters = {1, 0x0003, 0, AOS_HAS_FECF, AOS_HAS_FHEC, AOS_HAS_IZ, 6, AOS_SEGMENT_HDRS_NA, 1786, AOS_HAS_OCF, 1}; Crypto_Config_Add_Gvcid_Managed_Parameters(AOS_UT_Managed_Parameters); //Crypto_Config_Add_Gvcid_Managed_Parameter(1, 0x0003, 0, AOS_HAS_FECF, AOS_SEGMENT_HDRS_NA, AOS_HAS_OCF, 1786, AOS_HAS_FHEC, AOS_HAS_IZ, 6); status = Crypto_Init();