From 7d1df06be992a30f948d40043b805b3437732535 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Thu, 12 Dec 2024 10:55:06 -0500 Subject: [PATCH 01/12] [nasa/cryptolib#365] Re-arrange to remove magic nums in tc_process --- src/core/crypto.c | 140 ++++++++++++++++++++++++------------------- src/core/crypto_tc.c | 18 +++--- 2 files changed, 88 insertions(+), 70 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index a25d2da1..aa27f074 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -21,6 +21,7 @@ */ #include "crypto.h" #include +#include /* ** Static Library Declaration @@ -772,99 +773,116 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uint8_t *ingest) { int32_t status = CRYPTO_LIB_SUCCESS; - int x; + ingest = ingest; // Suppress unused variable error depending on build + // Check for null pointers if (tc_sdls_processed_frame == NULL) { status = CRYPTO_LIB_ERR_NULL_BUFFER; } + + // Validate correct SA for EPs + bool valid_ep_sa = (tc_sdls_processed_frame->tc_sec_header.spi != SPI_MIN) && (tc_sdls_processed_frame->tc_sec_header.spi != SPI_MAX); if (status == CRYPTO_LIB_SUCCESS) { if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) { + // Check for speciic App ID for EPs - the CryptoLib Apid in this case if ((tc_sdls_processed_frame->tc_pdu[0] == 0x18) && (tc_sdls_processed_frame->tc_pdu[1] == 0x80)) - // Crypto Lib Application ID - { - #ifdef CRYPTO_EPROC +#ifdef CRYPTO_EPROC + // Check validity of SAs used for EP + if(valid_ep_sa) + { #ifdef DEBUG - printf(KGRN "Received SDLS command: " RESET); + printf(KGRN "Received SDLS command: " RESET); #endif - // CCSDS Header - sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; - sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; - sdls_frame.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; - sdls_frame.hdr.appID = - ((tc_sdls_processed_frame->tc_pdu[0] & 0x07) << 8) | tc_sdls_processed_frame->tc_pdu[1]; - sdls_frame.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; - sdls_frame.hdr.pktid = - ((tc_sdls_processed_frame->tc_pdu[2] & 0x3F) << 8) | tc_sdls_processed_frame->tc_pdu[3]; - sdls_frame.hdr.pkt_length = - (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; - - // CCSDS PUS - sdls_frame.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; - sdls_frame.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; - sdls_frame.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); - sdls_frame.pus.st = tc_sdls_processed_frame->tc_pdu[7]; - sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; - sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; - sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); - - // SDLS TLV PDU - sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; - sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; - sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; - sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); - sdls_frame.pdu.hdr.pdu_len = - (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; - for (x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) - { - sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; - } + // CCSDS Header + sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; + sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; + sdls_frame.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; + sdls_frame.hdr.appID = + ((tc_sdls_processed_frame->tc_pdu[0] & 0x07) << 8) | tc_sdls_processed_frame->tc_pdu[1]; + sdls_frame.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; + sdls_frame.hdr.pktid = + ((tc_sdls_processed_frame->tc_pdu[2] & 0x3F) << 8) | tc_sdls_processed_frame->tc_pdu[3]; + sdls_frame.hdr.pkt_length = + (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; + + // CCSDS PUS + sdls_frame.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; + sdls_frame.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; + sdls_frame.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); + sdls_frame.pus.st = tc_sdls_processed_frame->tc_pdu[7]; + sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; + sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; + sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); + + // SDLS TLV PDU + sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = + (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; + for (uint16_t x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + { + sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + } #ifdef CCSDS_DEBUG - Crypto_ccsdsPrint(&sdls_frame); + Crypto_ccsdsPrint(&sdls_frame); #endif - + // Determine type of PDU status = Crypto_PDU(ingest, tc_sdls_processed_frame); - #else + } + + #else // Received an EP command without EPs being built status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC } } else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) // TC SDLS PDU with no packet layer { + #ifdef CRYPTO_EPROC + // Check validity of SAs used for EP + if(valid_ep_sa) + { #ifdef DEBUG - printf(KGRN "Received SDLS command (No Packet Header or PUS): " RESET); + printf(KGRN "Received SDLS command (No Packet Header or PUS): " RESET); #endif - // No Packet HDR or PUS in these frames - // SDLS TLV PDU - sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; - sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; - sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; - sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); - sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; - for (x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) - { - // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most likely - // fails. Must consider Uplink Sessions (sequence numbers). - sdls_frame.pdu.data[x - 3] = tc_sdls_processed_frame->tc_pdu[x]; - } + // No Packet HDR or PUS in these frames + // SDLS TLV PDU + sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; + for (uint16_t x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) + { + // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most likely + // fails. Must consider Uplink Sessions (sequence numbers). + sdls_frame.pdu.data[x - 3] = tc_sdls_processed_frame->tc_pdu[x]; + } #ifdef CCSDS_DEBUG - Crypto_ccsdsPrint(&sdls_frame); + Crypto_ccsdsPrint(&sdls_frame); #endif - // Determine type of PDU - status = Crypto_PDU(ingest, tc_sdls_processed_frame); + // Determine type of PDU + status = Crypto_PDU(ingest, tc_sdls_processed_frame); + } + + #else // Received an EP command without EPs being built + status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; + #endif //CRYPTO_EPROC } - else - { - // TODO - Process SDLS PDU with Packet Layer without PUS_HDR + else + { + // TODO - Process SDLS PDU with Packet Layer without PUS_HDR + } } - } return status; } // End Process SDLS PDU diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 22a458e0..5236e290 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1967,17 +1967,17 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc if (status == CRYPTO_LIB_SUCCESS && crypto_config.process_sdls_pdus == TC_PROCESS_SDLS_PDUS_TRUE) { - if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) - { + // if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) + // { status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); - } - else - { + // } + // else + // { // Some Magic here to log that an inappropriate SA was attempted to be used for EP - status = CRYPTO_LIB_ERR_SPI_INDEX_OOB; - mc_if->mc_log(status); - status = CRYPTO_LIB_SUCCESS; - } + // status = CRYPTO_LIB_ERR_SPI_INDEX_OOB; + // mc_if->mc_log(status); + // status = CRYPTO_LIB_SUCCESS; + // } } Crypto_TC_Safe_Free_Ptr(aad); From bb1191ef74752a4044cf06dc934fa3eada8c53d2 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Fri, 13 Dec 2024 11:32:14 -0500 Subject: [PATCH 02/12] [nasa/cryptolib#365] Fix unused variable error in crypto.c depending on build --- src/core/crypto.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/src/core/crypto.c b/src/core/crypto.c index aa27f074..559dd615 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -839,6 +839,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } #else // Received an EP command without EPs being built + valid_ep_sa = valid_ep_sa; // Suppress build error status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC } @@ -875,6 +876,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } #else // Received an EP command without EPs being built + valid_ep_sa = valid_ep_sa; // Suppress build error status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC } From 59509799f3bbb911d161ed7668662fd6810c5763 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Fri, 13 Dec 2024 13:09:12 -0500 Subject: [PATCH 03/12] [nasa/Cryptolib#365] Adjust boolean logic for SPI assessment --- src/core/crypto.c | 14 +++++++++++--- src/core/crypto_tc.c | 12 +----------- 2 files changed, 12 insertions(+), 14 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 559dd615..724860b0 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -782,7 +782,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } // Validate correct SA for EPs - bool valid_ep_sa = (tc_sdls_processed_frame->tc_sec_header.spi != SPI_MIN) && (tc_sdls_processed_frame->tc_sec_header.spi != SPI_MAX); + bool valid_ep_sa = (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MIN) || (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MAX); if (status == CRYPTO_LIB_SUCCESS) { if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) @@ -793,7 +793,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin #ifdef CRYPTO_EPROC // Check validity of SAs used for EP if(valid_ep_sa) - { + { #ifdef DEBUG printf(KGRN "Received SDLS command: " RESET); #endif @@ -837,6 +837,12 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin // Determine type of PDU status = Crypto_PDU(ingest, tc_sdls_processed_frame); } + // Received EP PDU on invalid SA + else + { + printf(KRED "Received EP PDU on invalid SA! SPI %d\n" RESET, tc_sdls_processed_frame->tc_sec_header.spi); + status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; + } #else // Received an EP command without EPs being built valid_ep_sa = valid_ep_sa; // Suppress build error @@ -874,8 +880,10 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin // Determine type of PDU status = Crypto_PDU(ingest, tc_sdls_processed_frame); } - #else // Received an EP command without EPs being built +#ifdef CCSDS_DEBUG + printf(KRED "PDU DEBUG %s %d\n" RESET, __FILE__, __LINE__); +#endif valid_ep_sa = valid_ep_sa; // Suppress build error status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC diff --git a/src/core/crypto_tc.c b/src/core/crypto_tc.c index 5236e290..cca8a8fa 100644 --- a/src/core/crypto_tc.c +++ b/src/core/crypto_tc.c @@ -1967,17 +1967,7 @@ int32_t Crypto_TC_ProcessSecurity_Cam(uint8_t *ingest, int *len_ingest, TC_t *tc if (status == CRYPTO_LIB_SUCCESS && crypto_config.process_sdls_pdus == TC_PROCESS_SDLS_PDUS_TRUE) { - // if((sa_ptr->spi == SPI_MIN) || sa_ptr->spi == SPI_MAX) - // { - status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); - // } - // else - // { - // Some Magic here to log that an inappropriate SA was attempted to be used for EP - // status = CRYPTO_LIB_ERR_SPI_INDEX_OOB; - // mc_if->mc_log(status); - // status = CRYPTO_LIB_SUCCESS; - // } + status = Crypto_Process_Extended_Procedure_Pdu(tc_sdls_processed_frame, ingest); } Crypto_TC_Safe_Free_Ptr(aad); From f98c58b405f611a982f7a6477542a4f416cdf468 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Fri, 13 Dec 2024 13:14:43 -0500 Subject: [PATCH 04/12] [nasa/cryptolib#365] Fix security bot warnings --- src/core/crypto.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 724860b0..6feda2e1 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -825,7 +825,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; - for (uint16_t x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) { sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; } @@ -866,7 +866,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[0] & 0x0F); sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[1] << 8) | tc_sdls_processed_frame->tc_pdu[2]; - for (uint16_t x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) + for (int x = 3; x < (3 + tc_sdls_processed_frame->tc_header.fl); x++) { // Todo - Consider how this behaves with large OTAR PDUs that are larger than 1 TC in size. Most likely // fails. Must consider Uplink Sessions (sequence numbers). From 3a6a6f59313fce2f118dd83dcea41d5b655f5efc Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Mon, 16 Dec 2024 10:28:23 -0500 Subject: [PATCH 05/12] [nasa/cryptolib#365] Remove bool in favor of #defines --- src/core/crypto.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 6feda2e1..160fd498 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -21,7 +21,6 @@ */ #include "crypto.h" #include -#include /* ** Static Library Declaration @@ -782,7 +781,12 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } // Validate correct SA for EPs - bool valid_ep_sa = (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MIN) || (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MAX); + uint8_t valid_ep_sa = CRYPTO_TRUE; + if ((tc_sdls_processed_frame->tc_sec_header.spi == SPI_MIN) || (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MAX)) + { + valid_ep_sa = CRYPTO_FALSE; + } + if (status == CRYPTO_LIB_SUCCESS) { if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) From 8e1d5469dc71cdc0a050c9e005756c90ea9eb3cb Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Mon, 16 Dec 2024 11:40:36 -0500 Subject: [PATCH 06/12] [nasa/cryptolib#365] Fix reversed boolean logic --- src/core/crypto.c | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 160fd498..0821a5e9 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -781,10 +781,10 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin } // Validate correct SA for EPs - uint8_t valid_ep_sa = CRYPTO_TRUE; + uint8_t valid_ep_sa = CRYPTO_FALSE; if ((tc_sdls_processed_frame->tc_sec_header.spi == SPI_MIN) || (tc_sdls_processed_frame->tc_sec_header.spi == SPI_MAX)) { - valid_ep_sa = CRYPTO_FALSE; + valid_ep_sa = CRYPTO_TRUE; } if (status == CRYPTO_LIB_SUCCESS) @@ -796,7 +796,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin { #ifdef CRYPTO_EPROC // Check validity of SAs used for EP - if(valid_ep_sa) + if(valid_ep_sa == CRYPTO_TRUE) { #ifdef DEBUG printf(KGRN "Received SDLS command: " RESET); @@ -858,7 +858,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin { #ifdef CRYPTO_EPROC // Check validity of SAs used for EP - if(valid_ep_sa) + if(valid_ep_sa == CRYPTO_TRUE) { #ifdef DEBUG printf(KGRN "Received SDLS command (No Packet Header or PUS): " RESET); @@ -892,10 +892,10 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC } - else - { - // TODO - Process SDLS PDU with Packet Layer without PUS_HDR - } + else + { + // TODO - Process SDLS PDU with Packet Layer without PUS_HDR + } } return status; } // End Process SDLS PDU From 52a694d38b5b3f26f5295260addfc416d283b5c3 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Mon, 16 Dec 2024 11:51:06 -0500 Subject: [PATCH 07/12] [nasa/cryptolib#265] Believe this resolves the SDLS EP processing w or w/o PUS Header usage --- src/core/crypto.c | 102 ++++++++++++++++++++++------------------------ 1 file changed, 49 insertions(+), 53 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 0821a5e9..7149e23f 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -789,31 +789,31 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin if (status == CRYPTO_LIB_SUCCESS) { - if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) + // Check for speciic App ID for EPs - the CryptoLib Apid in this case + if ((tc_sdls_processed_frame->tc_pdu[0] == 0x18) && (tc_sdls_processed_frame->tc_pdu[1] == 0x80)) { - // Check for speciic App ID for EPs - the CryptoLib Apid in this case - if ((tc_sdls_processed_frame->tc_pdu[0] == 0x18) && (tc_sdls_processed_frame->tc_pdu[1] == 0x80)) - { #ifdef CRYPTO_EPROC - // Check validity of SAs used for EP - if(valid_ep_sa == CRYPTO_TRUE) - { + // Check validity of SAs used for EP + if(valid_ep_sa == CRYPTO_TRUE) + { #ifdef DEBUG - printf(KGRN "Received SDLS command: " RESET); + printf(KGRN "Received SDLS command: " RESET); #endif - // CCSDS Header - sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; - sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; - sdls_frame.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; - sdls_frame.hdr.appID = - ((tc_sdls_processed_frame->tc_pdu[0] & 0x07) << 8) | tc_sdls_processed_frame->tc_pdu[1]; - sdls_frame.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; - sdls_frame.hdr.pktid = - ((tc_sdls_processed_frame->tc_pdu[2] & 0x3F) << 8) | tc_sdls_processed_frame->tc_pdu[3]; - sdls_frame.hdr.pkt_length = - (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; - - // CCSDS PUS + // CCSDS Header + sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; + sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x10) >> 4; + sdls_frame.hdr.shdr = (tc_sdls_processed_frame->tc_pdu[0] & 0x08) >> 3; + sdls_frame.hdr.appID = + ((tc_sdls_processed_frame->tc_pdu[0] & 0x07) << 8) | tc_sdls_processed_frame->tc_pdu[1]; + sdls_frame.hdr.seq = (tc_sdls_processed_frame->tc_pdu[2] & 0xC0) >> 6; + sdls_frame.hdr.pktid = + ((tc_sdls_processed_frame->tc_pdu[2] & 0x3F) << 8) | tc_sdls_processed_frame->tc_pdu[3]; + sdls_frame.hdr.pkt_length = + (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; + + if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) + { + // If ECSS PUS Header is being used sdls_frame.pus.shf = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; sdls_frame.pus.pusv = (tc_sdls_processed_frame->tc_pdu[6] & 0x70) >> 4; sdls_frame.pus.ack = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); @@ -821,38 +821,38 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); - - // SDLS TLV PDU - sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; - sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; - sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; - sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); - sdls_frame.pdu.hdr.pdu_len = - (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; - for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) - { - sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; - } - -#ifdef CCSDS_DEBUG - Crypto_ccsdsPrint(&sdls_frame); -#endif - - // Determine type of PDU - status = Crypto_PDU(ingest, tc_sdls_processed_frame); } - // Received EP PDU on invalid SA - else + + // SDLS TLV PDU + sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = + (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; + for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) { - printf(KRED "Received EP PDU on invalid SA! SPI %d\n" RESET, tc_sdls_processed_frame->tc_sec_header.spi); - status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; + sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; } - #else // Received an EP command without EPs being built - valid_ep_sa = valid_ep_sa; // Suppress build error - status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; - #endif //CRYPTO_EPROC +#ifdef CCSDS_DEBUG + Crypto_ccsdsPrint(&sdls_frame); +#endif + + // Determine type of PDU + status = Crypto_PDU(ingest, tc_sdls_processed_frame); + } + // Received EP PDU on invalid SA + else + { + printf(KRED "Received EP PDU on invalid SA! SPI %d\n" RESET, tc_sdls_processed_frame->tc_sec_header.spi); + status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; } + + #else // Received an EP command without EPs being built + valid_ep_sa = valid_ep_sa; // Suppress build error + status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; + #endif //CRYPTO_EPROC } else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) // TC SDLS PDU with no packet layer { @@ -892,11 +892,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC } - else - { - // TODO - Process SDLS PDU with Packet Layer without PUS_HDR - } - } + } return status; } // End Process SDLS PDU From 9ae5e135846b5bc4c500499406159855231bd31b Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Mon, 16 Dec 2024 11:56:43 -0500 Subject: [PATCH 08/12] [nasa/cryptolib#365] Minor typo --- src/core/crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 7149e23f..e0da4993 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -789,7 +789,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin if (status == CRYPTO_LIB_SUCCESS) { - // Check for speciic App ID for EPs - the CryptoLib Apid in this case + // Check for specific App ID for EPs - the CryptoLib Apid in this case if ((tc_sdls_processed_frame->tc_pdu[0] == 0x18) && (tc_sdls_processed_frame->tc_pdu[1] == 0x80)) { #ifdef CRYPTO_EPROC From 6fe9516d8451443d3166c44a99608d26cb109ff0 Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Mon, 16 Dec 2024 16:51:03 -0500 Subject: [PATCH 09/12] [nasa/cryptolib#365] WIP on SDLS EP test with no PUS header. no working atm --- src/core/crypto.c | 40 ++++++++++++++----- src/core/crypto_key_mgmt.c | 2 +- src/core/crypto_print.c | 24 ++++++++---- test/unit/ut_ep_key_mgmt.c | 78 ++++++++++++++++++++++++++++++++++++++ 4 files changed, 125 insertions(+), 19 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index e0da4993..333fbf1d 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -797,7 +797,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin if(valid_ep_sa == CRYPTO_TRUE) { #ifdef DEBUG - printf(KGRN "Received SDLS command: " RESET); + printf(KGRN "Received SDLS command w/ packet header:\n\t " RESET); #endif // CCSDS Header sdls_frame.hdr.pvn = (tc_sdls_processed_frame->tc_pdu[0] & 0xE0) >> 5; @@ -821,20 +821,39 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pus.sst = tc_sdls_processed_frame->tc_pdu[8]; sdls_frame.pus.sid = (tc_sdls_processed_frame->tc_pdu[9] & 0xF0) >> 4; sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); - } // SDLS TLV PDU - sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; - sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; - sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; - sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); - sdls_frame.pdu.hdr.pdu_len = - (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; - for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + printf(KRED "WHOMP WHOMP 1\n" RESET); + sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = + (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; + for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + { + sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + } + } + // Not using PUS Header + else { - sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + // SDLS TLV PDU + printf(KRED "WHOMP WHOMP 2\n" RESET); + sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; + sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[6] & 0x40) >> 6; + sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[6] & 0x30) >> 4; + sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); + sdls_frame.pdu.hdr.pdu_len = + (tc_sdls_processed_frame->tc_pdu[7] << 8) | tc_sdls_processed_frame->tc_pdu[8]; + for (int x = 9; x < (9 + sdls_frame.hdr.pkt_length); x++) + { + sdls_frame.pdu.data[x - 9] = tc_sdls_processed_frame->tc_pdu[x]; + } } + + #ifdef CCSDS_DEBUG Crypto_ccsdsPrint(&sdls_frame); #endif @@ -865,6 +884,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin #endif // No Packet HDR or PUS in these frames // SDLS TLV PDU + printf(KRED "WHOMP WHOMP 3\n" RESET); sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; diff --git a/src/core/crypto_key_mgmt.c b/src/core/crypto_key_mgmt.c index 5d29af05..1a759cc6 100644 --- a/src/core/crypto_key_mgmt.c +++ b/src/core/crypto_key_mgmt.c @@ -224,7 +224,7 @@ int32_t Crypto_Key_update(uint8_t state) } #ifdef PDU_DEBUG - printf("Keys "); + printf("Key(s) "); #endif // Read in PDU for (x = 0; x < pdu_keys; x++) diff --git a/src/core/crypto_print.c b/src/core/crypto_print.c index 4fc5bb6e..ec78cc70 100644 --- a/src/core/crypto_print.c +++ b/src/core/crypto_print.c @@ -183,14 +183,22 @@ void Crypto_ccsdsPrint(CCSDS_t *sdls_frame) printf("\t\t seq = 0x%01x \n", sdls_frame->hdr.seq); printf("\t\t pktid = 0x%04x \n", sdls_frame->hdr.pktid); printf("\t\t pkt_length = 0x%04x \n", sdls_frame->hdr.pkt_length); - printf("\t PUS Header\n"); - printf("\t\t shf = 0x%01x \n", sdls_frame->pus.shf); - printf("\t\t pusv = 0x%01x \n", sdls_frame->pus.pusv); - printf("\t\t ack = 0x%01x \n", sdls_frame->pus.ack); - printf("\t\t st = 0x%02x \n", sdls_frame->pus.st); - printf("\t\t sst = 0x%02x \n", sdls_frame->pus.sst); - printf("\t\t sid = 0x%01x \n", sdls_frame->pus.sid); - printf("\t\t spare = 0x%01x \n", sdls_frame->pus.spare); + if(crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) + { + printf("\t PUS Header\n"); + printf("\t\t shf = 0x%01x \n", sdls_frame->pus.shf); + printf("\t\t pusv = 0x%01x \n", sdls_frame->pus.pusv); + printf("\t\t ack = 0x%01x \n", sdls_frame->pus.ack); + printf("\t\t st = 0x%02x \n", sdls_frame->pus.st); + printf("\t\t sst = 0x%02x \n", sdls_frame->pus.sst); + printf("\t\t sid = 0x%01x \n", sdls_frame->pus.sid); + printf("\t\t spare = 0x%01x \n", sdls_frame->pus.spare); + } + else + { + printf("\t PUS Header\n"); + printf("\t\t Config not configured for PUS Header, not printing\n"); + } printf("\t PDU \n"); printf("\t\t type = 0x%01x \n", sdls_frame->pdu.hdr.type); printf("\t\t uf = 0x%01x \n", sdls_frame->pdu.hdr.uf); diff --git a/test/unit/ut_ep_key_mgmt.c b/test/unit/ut_ep_key_mgmt.c index 0eaa113e..16d56f7a 100644 --- a/test/unit/ut_ep_key_mgmt.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -636,4 +636,82 @@ UTEST(EP_KEY_MGMT, OTAR_0_140_142_BAD_DECRYPT) free(buffer_OTAR_b); } +UTEST(EP_KEY_MGMT, DEACTIVATE_142_NO_PUS) +{ + remove("sa_save_file.bin"); + uint8_t *ptr_enc_frame = NULL; + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_NO_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_DEACTIVATE_h = "2003001c00ff000000001880d0390000030002008e1f6d21c4555555555555"; + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t *test_association; + + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + + // Activate SA 0 + sa_if->sa_get_from_spi(0, &test_association); + test_association->sa_state = SA_OPERATIONAL; + // test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(142); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + ekp->key_state = KEY_ACTIVE; + + // Convert frames that will be processed + hex_conversion(buffer_DEACTIVATE_h, (char **)&buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_SUCCESS, status); + + printf("\n"); + Crypto_Shutdown(); + free(ptr_enc_frame); + free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(buffer_DEACTIVATE_b); +} + UTEST_MAIN(); \ No newline at end of file From 0a853547f3ca2f34757ea73ed051a3e0736c6a8e Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Tue, 17 Dec 2024 15:46:19 -0500 Subject: [PATCH 10/12] [nasa/cryptolib#365] Adjust UT for key deactivation, No PUS Header --- src/core/crypto.c | 2 +- test/unit/ut_ep_key_mgmt.c | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index 333fbf1d..14a3de2d 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -811,6 +811,7 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.hdr.pkt_length = (tc_sdls_processed_frame->tc_pdu[4] << 8) | tc_sdls_processed_frame->tc_pdu[5]; + // Using PUS Header if (crypto_config.has_pus_hdr == TC_HAS_PUS_HDR) { // If ECSS PUS Header is being used @@ -839,7 +840,6 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin else { // SDLS TLV PDU - printf(KRED "WHOMP WHOMP 2\n" RESET); sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[6] & 0x80) >> 7; sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[6] & 0x40) >> 6; sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[6] & 0x30) >> 4; diff --git a/test/unit/ut_ep_key_mgmt.c b/test/unit/ut_ep_key_mgmt.c index 16d56f7a..7caa610f 100644 --- a/test/unit/ut_ep_key_mgmt.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -662,7 +662,7 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142_NO_PUS) // NOTE: Added Transfer Frame header to the plaintext char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA - char *buffer_DEACTIVATE_h = "2003001c00ff000000001880d0390000030002008e1f6d21c4555555555555"; + char *buffer_DEACTIVATE_h = "2003001c00ff000000001880d039000a030002008e1f6d21c4555555555555"; uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; From b5e5c8ce313dbdd83c26289681a1d71b9d40c39b Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Tue, 17 Dec 2024 17:03:08 -0500 Subject: [PATCH 11/12] [nasa/cryptolib#365] Add UTs with and without PUS Header for EPs --- include/crypto_error.h | 3 +- src/core/crypto.c | 32 ++++++-- src/core/crypto_error.c | 3 +- test/unit/ut_ep_key_mgmt.c | 159 +++++++++++++++++++++++++++++++++++++ 4 files changed, 189 insertions(+), 8 deletions(-) diff --git a/include/crypto_error.h b/include/crypto_error.h index de965747..d50b5150 100644 --- a/include/crypto_error.h +++ b/include/crypto_error.h @@ -134,8 +134,9 @@ #define CRYPTO_LIB_ERR_KEY_STATE_INVALID (-61) #define CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI (-62) #define CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT (-63) +#define CRYPTO_LIB_ERR_BAD_TLV_LENGTH (-64) -#define CRYPTO_CORE_ERROR_CODES_MAX -63 +#define CRYPTO_CORE_ERROR_CODES_MAX -64 // Define codes for returning MDB Strings, and determining error based on strings #define CAM_ERROR_CODES 600 diff --git a/src/core/crypto.c b/src/core/crypto.c index 14a3de2d..cd3b978a 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -824,16 +824,26 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pus.spare = (tc_sdls_processed_frame->tc_pdu[9] & 0x0F); // SDLS TLV PDU - printf(KRED "WHOMP WHOMP 1\n" RESET); sdls_frame.pdu.hdr.type = (tc_sdls_processed_frame->tc_pdu[10] & 0x80) >> 7; sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[10] & 0x40) >> 6; sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[10] & 0x30) >> 4; sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[10] & 0x0F); sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[11] << 8) | tc_sdls_processed_frame->tc_pdu[12]; - for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + + // Subtract headers from total frame length + // uint16_t max_tlv = tc_sdls_processed_frame->tc_header.fl - CCSDS_HDR_SIZE - CCSDS_PUS_SIZE - SDLS_TLV_HDR_SIZE; + if (sdls_frame.hdr.pkt_length < TLV_DATA_SIZE) // && (sdls_frame.hdr.pkt_length < max_tlv)) + { + for (int x = 13; x < (13 + sdls_frame.hdr.pkt_length); x++) + { + sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + } + } + else { - sdls_frame.pdu.data[x - 13] = tc_sdls_processed_frame->tc_pdu[x]; + status = CRYPTO_LIB_ERR_BAD_TLV_LENGTH; + return status; } } // Not using PUS Header @@ -846,9 +856,20 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin sdls_frame.pdu.hdr.pid = (tc_sdls_processed_frame->tc_pdu[6] & 0x0F); sdls_frame.pdu.hdr.pdu_len = (tc_sdls_processed_frame->tc_pdu[7] << 8) | tc_sdls_processed_frame->tc_pdu[8]; - for (int x = 9; x < (9 + sdls_frame.hdr.pkt_length); x++) + + // Make sure TLV isn't larger than we have allocated, and it is sane given total frame length + uint16_t max_tlv = tc_sdls_processed_frame->tc_header.fl - CCSDS_HDR_SIZE - SDLS_TLV_HDR_SIZE; + if ((sdls_frame.hdr.pkt_length < TLV_DATA_SIZE) && (sdls_frame.hdr.pkt_length < max_tlv)) + { + for (int x = 9; x < (9 + sdls_frame.hdr.pkt_length); x++) + { + sdls_frame.pdu.data[x - 9] = tc_sdls_processed_frame->tc_pdu[x]; + } + } + else { - sdls_frame.pdu.data[x - 9] = tc_sdls_processed_frame->tc_pdu[x]; + status = CRYPTO_LIB_ERR_BAD_TLV_LENGTH; + return status; } } @@ -884,7 +905,6 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin #endif // No Packet HDR or PUS in these frames // SDLS TLV PDU - printf(KRED "WHOMP WHOMP 3\n" RESET); sdls_frame.hdr.type = (tc_sdls_processed_frame->tc_pdu[0] & 0x80) >> 7; sdls_frame.pdu.hdr.uf = (tc_sdls_processed_frame->tc_pdu[0] & 0x40) >> 6; sdls_frame.pdu.hdr.sg = (tc_sdls_processed_frame->tc_pdu[0] & 0x30) >> 4; diff --git a/src/core/crypto_error.c b/src/core/crypto_error.c index d6f1b4dd..570528ca 100644 --- a/src/core/crypto_error.c +++ b/src/core/crypto_error.c @@ -84,7 +84,8 @@ char *crypto_enum_errlist_core[] = {(char *)"CRYPTO_LIB_SUCCESS", (char *)"CRYPTO_LIB_ERR_SPI_INDEX_MISMATCH", (char *)"CRYPTO_LIB_ERR_KEY_STATE_INVALID", (char *)"CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI", - (char *)"CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT"}; + (char *)"CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT", + (char *)"CRYPTO_LIB_ERR_BAD_TLV_LENGTH"}; char *crypto_enum_errlist_config[] = { (char *)"CRYPTO_CONFIGURATION_NOT_COMPLETE", diff --git a/test/unit/ut_ep_key_mgmt.c b/test/unit/ut_ep_key_mgmt.c index 7caa610f..fee64c54 100644 --- a/test/unit/ut_ep_key_mgmt.c +++ b/test/unit/ut_ep_key_mgmt.c @@ -714,4 +714,163 @@ UTEST(EP_KEY_MGMT, DEACTIVATE_142_NO_PUS) free(buffer_DEACTIVATE_b); } +/* +** Tests for overrun of the TLV field which could cause a segmentation fault +*/ +UTEST(EP_KEY_MGMT, DEACTIVATE_142_NO_PUS_BAD_TLV) +{ + remove("sa_save_file.bin"); + uint8_t *ptr_enc_frame = NULL; + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_NO_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_DEACTIVATE_h = "2003001c00ff000000001880d039FFFF030002008e1f6d21c4555555555555"; + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t *test_association; + + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + + // Activate SA 0 + sa_if->sa_get_from_spi(0, &test_association); + test_association->sa_state = SA_OPERATIONAL; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(142); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + ekp->key_state = KEY_ACTIVE; + + // Convert frames that will be processed + hex_conversion(buffer_DEACTIVATE_h, (char **)&buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_ERR_BAD_TLV_LENGTH, status); + + printf("\n"); + Crypto_Shutdown(); + free(ptr_enc_frame); + free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(buffer_DEACTIVATE_b); +} + + +UTEST(EP_KEY_MGMT, DEACTIVATE_142_PUS_BAD_TLV) +{ + remove("sa_save_file.bin"); + uint8_t *ptr_enc_frame = NULL; + // Setup & Initialize CryptoLib + Crypto_Config_CryptoLib(KEY_TYPE_INTERNAL, MC_TYPE_INTERNAL, SA_TYPE_INMEMORY, CRYPTOGRAPHY_TYPE_LIBGCRYPT, + IV_INTERNAL, CRYPTO_TC_CREATE_FECF_TRUE, TC_PROCESS_SDLS_PDUS_TRUE, TC_HAS_PUS_HDR, + TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE, TC_UNIQUE_SA_PER_MAP_ID_FALSE, + TC_CHECK_FECF_FALSE, 0x3F, SA_INCREMENT_NONTRANSMITTED_IV_TRUE); + + GvcidManagedParameters_t TC_0_Managed_Parameters = { + 0, 0x0003, 0, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_0_Managed_Parameters); + + GvcidManagedParameters_t TC_1_Managed_Parameters = { + 0, 0x0003, 1, TC_NO_FECF, AOS_FHEC_NA, AOS_IZ_NA, 0, TC_HAS_SEGMENT_HDRS, 1024, TC_OCF_NA, 1}; + Crypto_Config_Add_Gvcid_Managed_Parameters(TC_1_Managed_Parameters); + + Crypto_Init(); + SaInterface sa_if = get_sa_interface_inmemory(); + crypto_key_t *ekp = NULL; + int status = CRYPTO_LIB_SUCCESS; + + // NOTE: Added Transfer Frame header to the plaintext + char *buffer_nist_key_h = "000102030405060708090A0B0C0D0E0F000102030405060708090A0B0C0D0E0F"; + char *buffer_nist_iv_h = "b6ac8e4963f49207ffd6374b"; // The last valid IV that was seen by the SA + char *buffer_DEACTIVATE_h = "2003001c00ff000000001880d039FFFF197f0b00030002008e1f6d21c4555555555555"; + + uint8_t *buffer_nist_iv_b, *buffer_nist_key_b, *buffer_DEACTIVATE_b = NULL; + int buffer_nist_iv_len, buffer_nist_key_len, buffer_DEACTIVATE_len = 0; + + // Setup Processed Frame For Decryption + TC_t tc_nist_processed_frame; + + // Expose/setup SAs for testing + SecurityAssociation_t *test_association; + + // Deactivate SA 1 + sa_if->sa_get_from_spi(1, &test_association); + test_association->sa_state = SA_NONE; + + // Activate SA 0 + sa_if->sa_get_from_spi(0, &test_association); + test_association->sa_state = SA_OPERATIONAL; + // test_association->ecs_len = 1; + test_association->ecs = CRYPTO_CIPHER_NONE; + test_association->est = 0; + test_association->ast = 0; + test_association->iv_len = 12; + test_association->shsnf_len = 2; + test_association->arsn_len = 2; + test_association->arsnw = 5; + + // Insert key into keyring of SA 9 + hex_conversion(buffer_nist_key_h, (char **)&buffer_nist_key_b, &buffer_nist_key_len); + ekp = key_if->get_key(142); + memcpy(ekp->value, buffer_nist_key_b, buffer_nist_key_len); + ekp->key_state = KEY_ACTIVE; + + // Convert frames that will be processed + hex_conversion(buffer_DEACTIVATE_h, (char **)&buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len); + // Convert/Set input IV + hex_conversion(buffer_nist_iv_h, (char **)&buffer_nist_iv_b, &buffer_nist_iv_len); + memcpy(test_association->iv, buffer_nist_iv_b, buffer_nist_iv_len); + + // Expect success on next valid IV && ARSN + printf(KGRN "Checking next valid IV && valid ARSN... should be able to receive it... \n" RESET); + status = Crypto_TC_ProcessSecurity(buffer_DEACTIVATE_b, &buffer_DEACTIVATE_len, &tc_nist_processed_frame); + ASSERT_EQ(CRYPTO_LIB_ERR_BAD_TLV_LENGTH, status); + + printf("\n"); + Crypto_Shutdown(); + free(ptr_enc_frame); + free(buffer_nist_iv_b); + free(buffer_nist_key_b); + free(buffer_DEACTIVATE_b); +} + UTEST_MAIN(); \ No newline at end of file From 4567ceeeff10cc51871a340dc145b6428a39109f Mon Sep 17 00:00:00 2001 From: "D. Cody Cutright" Date: Wed, 18 Dec 2024 09:40:42 -0500 Subject: [PATCH 12/12] [nasa/cryptolib#365] Address a review comment, and update a code comment --- src/core/crypto.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/src/core/crypto.c b/src/core/crypto.c index cd3b978a..9bdc2d0f 100644 --- a/src/core/crypto.c +++ b/src/core/crypto.c @@ -768,6 +768,10 @@ int32_t Crypto_Get_Managed_Parameters_For_Gvcid(uint8_t tfvn, uint16_t scid, uin * @param ingest: uint8_t* * @return int32: Success/Failure * @note TODO - Actually update based on variable config + * @note Allows EPs to be processed one of two ways. + * @note - 1) By using a packet layer with APID 0x1880 + * @note - 2) By using a defined Virtual Channel ID + * @note Requires this to happen on either SPI_MIN (0) or SPI_MAX (configurable) **/ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uint8_t *ingest) { @@ -885,7 +889,9 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin // Received EP PDU on invalid SA else { +#ifdef CCSDS_DEBUG printf(KRED "Received EP PDU on invalid SA! SPI %d\n" RESET, tc_sdls_processed_frame->tc_sec_header.spi); +#endif status = CRYPTO_LIB_ERR_SDLS_EP_WRONG_SPI; } @@ -894,13 +900,15 @@ int32_t Crypto_Process_Extended_Procedure_Pdu(TC_t *tc_sdls_processed_frame, uin status = CRYPTO_LIB_ERR_SDLS_EP_NOT_BUILT; #endif //CRYPTO_EPROC } - else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) // TC SDLS PDU with no packet layer + + // If not a specific APID, check if using VCIDs for SDLS PDUs with no packet layer + else if (tc_sdls_processed_frame->tc_header.vcid == TC_SDLS_EP_VCID) { #ifdef CRYPTO_EPROC // Check validity of SAs used for EP if(valid_ep_sa == CRYPTO_TRUE) { -#ifdef DEBUG +#ifdef CCSDS_DEBUG printf(KGRN "Received SDLS command (No Packet Header or PUS): " RESET); #endif // No Packet HDR or PUS in these frames