Merge pull request #7 from nasa/AKMC-113

AKMC-113: Add SADB Interfaces for MySQL/Inmemory configurability and basic implementation.
nasa · Nov 16, 2021 · 82560ff · 82560ff
2 parents df9d07d + cb7b5b5
commit 82560ff
Show file tree

Hide file tree

Showing 20 changed files with 2,105 additions and 1,468 deletions.
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -20,7 +20,9 @@ project(CRYPTO C)
 
 set(CMAKE_INSTALL_RPATH "$ORIGIN/../lib")
 
-OPTION(DEBUG "Debug" OFF) # Disabled by default
+OPTION(DEBUG "Debug" OFF) # Disabled by default, enable with: -DDEBUG=ON
+OPTION(MYSQL "Mysql" OFF) # Disabled by default, enable with: -DMYSQL=ON
+
 IF(DEBUG)
     ADD_DEFINITIONS(-DDEBUG -DOCF_DEBUG -DFECF_DEBUG -DSA_DEBUG -DPDU_DEBUG -DCCSDS_DEBUG -DTC_DEBUG -DMAC_DEBUG -DTM_DEBUG)
     add_compile_options(-ggdb)

diff --git a/fsw/CMakeLists.txt b/fsw/CMakeLists.txt
@@ -17,6 +17,11 @@
 include_directories(public_inc)
 
 aux_source_directory(src LIB_SRC_FILES)
+if(MYSQL)
+    aux_source_directory(src_mysql LIB_SRC_MYSQL_FILES)
+    list(APPEND LIB_SRC_FILES ${LIB_SRC_MYSQL_FILES})
+endif()
+
 
 if(CMAKE_PROJECT_NAME STREQUAL PROJECT_NAME)
     include(CTest)
@@ -30,6 +35,16 @@ else() #standalone build
     add_library(Crypto SHARED ${LIB_SRC_FILES})
 endif()
 
+if(MYSQL)
+    execute_process(COMMAND mysql_config --cflags
+            OUTPUT_VARIABLE MYSQL_CFLAGS OUTPUT_STRIP_TRAILING_WHITESPACE)
+    execute_process(COMMAND mysql_config --libs
+            OUTPUT_VARIABLE MYSQL_LIBS OUTPUT_STRIP_TRAILING_WHITESPACE)
+
+    target_compile_options(Crypto PUBLIC ${MYSQL_CFLAGS})
+    target_link_libraries(Crypto ${MYSQL_LIBS})
+endif()
+
 # Add libgcrypt
 target_link_libraries(Crypto gcrypt)
 

diff --git a/fsw/crypto_sadb/sadb_mariadb_admin_scripts/create_sadb.sql b/fsw/crypto_sadb/sadb_mariadb_admin_scripts/create_sadb.sql
@@ -0,0 +1,36 @@
+CREATE DATABASE IF NOT EXISTS sadb;
+
+USE sadb;
+
+-- IV_LEN should probably not have that default -- to be reviewed.
+
+CREATE TABLE security_associations
+(
+  spi INT NOT NULL
+  ,ekid MEDIUMINT NOT NULL DEFAULT spi
+  ,akid MEDIUMINT NOT NULL DEFAULT spi
+  ,sa_state SMALLINT NOT NULL DEFAULT 0
+  ,tfvn TINYINT
+  ,scid SMALLINT
+  ,vcid TINYINT
+  ,mapid TINYINT
+  ,lpid SMALLINT
+  ,est SMALLINT
+  ,ast SMALLINT
+  ,shivf_len SMALLINT
+  ,shsnf_len SMALLINT
+  ,shplf_len SMALLINT
+  ,stmacf_len SMALLINT
+  ,ecs_len SMALLINT
+  ,ecs SMALLINT NOT NULL DEFAULT 0
+  ,iv_len SMALLINT NOT NULL DEFAULT 12
+  ,iv BINARY(12) NOT NULL DEFAULT 0 -- IV_SIZE=12
+  ,acs_len SMALLINT NOT NULL DEFAULT 0
+  ,acs SMALLINT NOT NULL DEFAULT 0
+  ,abm_len MEDIUMINT
+  ,abm SMALLINT
+  ,arc_len SMALLINT NOT NULL DEFAULT 0
+  ,arc BINARY(20) NOT NULL DEFAULT 0 -- ARC_LEN=20 , TBD why so large...
+  ,arcw_len SMALLINT
+  ,arcw SMALLINT
+);
diff --git a/fsw/crypto_sadb/sadb_mariadb_admin_scripts/create_sadb_unit_test_security_associations.sql b/fsw/crypto_sadb/sadb_mariadb_admin_scripts/create_sadb_unit_test_security_associations.sql
@@ -0,0 +1,33 @@
+USE sadb;
+
+-- SA 1 - CLEAR MODE
+INSERT INTO security_associations (spi,sa_state,est,ast,arc_len,arc,arcw_len,arcw,tfvn,scid,vcid,mapid)
+VALUES (1,3,0,0,1,0,1,5,0,3,0,0);
+
+-- SA 2 - KEYED;  ARCW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 128
+INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len)
+VALUES (2,128,2,1,1,12,12,0,20,0,1,5,11);
+
+-- SA 3 - KEYED;   ARCW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 129
+INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,stmacf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len)
+VALUES (3,129,2,1,1,12,16,12,0,20,0,1,5,11);
+
+-- SA 4 - KEYED;  ARCW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 130
+INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len,tfvn,scid,vcid,mapid)
+VALUES (4,130,2,1,1,12,12,0,20,0,1,5,11,0,3,0,0);
+
+-- SA 5 - KEYED;   ARCW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 131
+INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len)
+VALUES (5,131,2,1,1,12,12,0,20,0,1,5,11);
+
+-- SA 6 - UNKEYED; ARCW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: -
+INSERT INTO security_associations (spi,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len)
+VALUES (6,1,1,1,12,12,0,20,0,1,5,11);
+
+-- SA 7 - KEYED;  ARCW:5; AES-GCM; IV:00...00; IV-len:12; MAC-len:16; Key-ID: 130
+INSERT INTO security_associations (spi,ekid,sa_state,est,ast,shivf_len,iv_len,iv,abm_len,abm,arcw_len,arcw,arc_len,tfvn,scid,vcid,mapid)
+VALUES (7,130,2,1,1,12,12,0,20,0,1,5,11,0,3,1,0);
+
+-- SA 8 - CLEAR MODE
+INSERT INTO security_associations (spi,sa_state,est,ast,arc_len,arc,arcw_len,arcw,tfvn,scid,vcid,mapid)
+VALUES (8,3,0,0,1,0,1,5,0,3,1,0);
diff --git a/fsw/crypto_sadb/sadb_mariadb_admin_scripts/create_sadb_user_grant_permissions.sql b/fsw/crypto_sadb/sadb_mariadb_admin_scripts/create_sadb_user_grant_permissions.sql
@@ -0,0 +1,4 @@
+DROP USER IF EXISTS 'sadb_user';
+CREATE USER IF NOT EXISTS sadb_user IDENTIFIED BY 'sadb_password';
+
+GRANT ALL PRIVILEGES ON sadb.* TO 'sadb_user'@'%';
diff --git a/fsw/crypto_sadb/sadb_mariadb_admin_scripts/delete_sadb.sql b/fsw/crypto_sadb/sadb_mariadb_admin_scripts/delete_sadb.sql
@@ -0,0 +1 @@
+DROP DATABASE IF EXISTS sadb;