Fix etdt test after Managed Params Changes (#29)

* WIP - fixing ET DT test after Managed Params changes * More ET test WIP length calculation changes * More WIP Unit Test fixes and length calculation adjustments * Modified Encryption test to not use Seg Header * Continuing Unit Test fixes with Seg Headers * Fixed ETDT Tests Co-authored-by: Robert Brown <Robert.Brown@tmctechnologies.com>
nasa · Dec 10, 2021 · 09c30fe · 09c30fe
1 parent d2c19a4
commit 09c30fe
Show file tree

Hide file tree

Showing 8 changed files with 169 additions and 85 deletions.
diff --git a/fsw/crypto_util/app/et_dt_validation.c b/fsw/crypto_util/app/et_dt_validation.c
diff --git a/fsw/crypto_util/app/ut_tc_apply.c b/fsw/crypto_util/app/ut_tc_apply.c
@@ -39,7 +39,7 @@ UTEST(TC_APPLY_SECURITY, NO_CRYPTO_INIT)
     int raw_tc_sdls_ping_len = 0;
 
     hex_conversion(raw_tc_sdls_ping_h, &raw_tc_sdls_ping_b, &raw_tc_sdls_ping_len);
-    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE,0x3F);
+    Crypto_Config_CryptoLib(SADB_TYPE_INMEMORY,CRYPTO_TC_CREATE_FECF_TRUE,TC_PROCESS_SDLS_PDUS_TRUE,TC_HAS_PUS_HDR,TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_ANTI_REPLAY_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE, 0x3F);
     Crypto_Config_Add_Gvcid_Managed_Parameter(0,0x0003,0,TC_HAS_FECF,TC_HAS_SEGMENT_HDRS);
 
     uint8 *ptr_enc_frame = NULL;

diff --git a/fsw/public_inc/crypto.h b/fsw/public_inc/crypto.h
@@ -41,7 +41,7 @@
 */
 
 // Crypto Library Configuration functions
-extern int32 Crypto_Config_CryptoLib(uint8 sadb_type, uint8 crypto_create_fecf, uint8 process_sdls_pdus, uint8 has_pus_hdr, uint8 ignore_sa_state, uint8 ignore_anti_replay, uint8 vcid_bitmask);
+extern int32 Crypto_Config_CryptoLib(uint8 sadb_type, uint8 crypto_create_fecf, uint8 process_sdls_pdus, uint8 has_pus_hdr, uint8 ignore_sa_state, uint8 ignore_anti_replay, uint8 unique_sa_per_mapid, uint8 vcid_bitmask);
 extern int32 Crypto_Config_MariaDB(char* mysql_username, char* mysql_password, char* mysql_hostname, char* mysql_database, uint16 mysql_port);
 extern int32 Crypto_Config_Add_Gvcid_Managed_Parameter(uint8 tfvn, uint16 scid, uint8 vcid, uint8 has_fecf, uint8 has_segmentation_hdr);
 

diff --git a/fsw/public_inc/crypto_config_structs.h b/fsw/public_inc/crypto_config_structs.h
@@ -35,6 +35,7 @@ typedef enum { TC_PROCESS_SDLS_PDUS_FALSE, TC_PROCESS_SDLS_PDUS_TRUE } TcProcess
 typedef enum { TC_NO_PUS_HDR, TC_HAS_PUS_HDR } TcPusHdrPresent;
 typedef enum { TC_IGNORE_SA_STATE_FALSE, TC_IGNORE_SA_STATE_TRUE } TcIgnoreSaState;
 typedef enum { TC_IGNORE_ANTI_REPLAY_FALSE, TC_IGNORE_ANTI_REPLAY_TRUE } TcIgnoreAntiReplay;
+typedef enum { TC_UNIQUE_SA_PER_MAP_ID_FALSE, TC_UNIQUE_SA_PER_MAP_ID_TRUE } TcUniqueSaPerMapId;
 
 /*
 ** Main Crypto Configuration Block
@@ -47,6 +48,7 @@ typedef struct
     TcPusHdrPresent has_pus_hdr;
     TcIgnoreSaState ignore_sa_state; //TODO - add logic that uses this configuration
     TcIgnoreAntiReplay ignore_anti_replay; //TODO - add logic that uses this configuration
+    TcUniqueSaPerMapId unique_sa_per_mapid;
     uint8 vcid_bitmask;
 } CryptoConfig_t;
 #define CRYPTO_CONFIG_SIZE (sizeof(CryptoConfig_t))

diff --git a/fsw/public_inc/crypto_structs.h b/fsw/public_inc/crypto_structs.h
@@ -250,7 +250,8 @@ typedef struct
     uint16	fl		:10;		// The whole transfer frame length (max 1024)
     uint8	fsn		:8;			// Frame sequence number, also N(S), zeroed on Type-B frames
 } TC_FramePrimaryHeader_t;
-#define TC_FRAME_PRIMARYHEADER_SIZE     (sizeof(TC_FramePrimaryHeader_t))
+#define TC_FRAME_PRIMARYHEADER_STRUCT_SIZE     (sizeof(TC_FramePrimaryHeader_t))
+#define TC_FRAME_HEADER_SIZE    5
 
 typedef struct
 {

diff --git a/fsw/src/crypto.c b/fsw/src/crypto.c
diff --git a/fsw/src/sadb_routine_inmemory.template.c b/fsw/src/sadb_routine_inmemory.template.c
@@ -290,7 +290,8 @@ static int32 sadb_get_operational_sa_from_gvcid(uint8 tfvn,uint16 scid,uint16 vc
 
     for (int i=0; i<10; i++)
     {
-        if ((sa[i].gvcid_tc_blk.tfvn == tfvn) && (sa[i].gvcid_tc_blk.scid == scid) && (sa[i].gvcid_tc_blk.vcid == vcid) && (sa[i].gvcid_tc_blk.mapid == mapid && sa[i].sa_state == SA_OPERATIONAL))
+        if ((sa[i].gvcid_tc_blk.tfvn == tfvn) && (sa[i].gvcid_tc_blk.scid == scid) && (sa[i].gvcid_tc_blk.vcid == vcid) && (sa[i].sa_state == SA_OPERATIONAL) &&
+                (crypto_config->unique_sa_per_mapid==TC_UNIQUE_SA_PER_MAP_ID_FALSE || sa[i].gvcid_tc_blk.mapid == mapid)) //only require MapID match is unique SA per MapID set (only relevant when using segmentation hdrs)
         {
             *security_association = &sa[i];
 

diff --git a/python/encryption_test.py b/python/encryption_test.py
@@ -2,7 +2,13 @@
 import codecs
 import sys
 
-
+"""
+Function: crc16
+Calculates the CRC16 for a set of byte data
+@param data: byte array
+@param offset: int
+@param length: int
+"""
 def crc16(data : bytearray, offset , length):
     if data is None or offset < 0 or offset > len(data)- 1 and offset+length > len(data):
         return 0
@@ -16,6 +22,11 @@ def crc16(data : bytearray, offset , length):
                 crc = crc << 1
     return crc & 0xFFFF
 
+"""
+Class: Encryption
+This class is used to perform AES, GCM encryption in order to provide a truth baseline.
+The baseline is compared against output created by gcrypt within TC_ApplySecurity
+"""
 class Encryption:
     def __init__(self):
         self.results = 0x00
@@ -51,6 +62,7 @@ def encrypt(self, data, key, iv, header, bitmask):
         check_sum = crc16(bytearray(final_val), 0, len(final_val))
         final_val += check_sum.to_bytes(2, byteorder = "big")
 
+        print(final_val.hex())
         # Padding for Later
         # while (len(final_val.hex()) %8) != 0:
         #     final_val += bytes.fromhex("00")