Skip to content

Commit 772bee2

Browse files
authored
Merge branch 'dev' into 492-update-crypto-config-and-managed-parameters-major-changes
2 parents 84c674a + f1c0381 commit 772bee2

20 files changed

Lines changed: 436 additions & 92 deletions

.github/workflows/codeql.yml

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ jobs:
2222
name: Analyze Build_Internal
2323
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
2424
container:
25-
image: ivvitc/cryptolib:20250108
25+
image: ivvitc/cryptolib:dev
2626
permissions:
2727
# required for all workflows
2828
security-events: write
@@ -55,7 +55,7 @@ jobs:
5555
5656
# Initializes the CodeQL tools for scanning.
5757
- name: Initialize CodeQL
58-
uses: github/codeql-action/init@v3
58+
uses: github/codeql-action/init@v4
5959
with:
6060
languages: ${{ matrix.language }}
6161
build-mode: ${{ matrix.build-mode }}
@@ -66,15 +66,15 @@ jobs:
6666
bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING
6767
6868
- name: Perform CodeQL Analysis
69-
uses: github/codeql-action/analyze@v3
69+
uses: github/codeql-action/analyze@v4
7070
with:
7171
category: "/language:${{matrix.language}}"
7272

7373
build_minimal:
7474
name: Analyze Build_Minimal
7575
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
7676
container:
77-
image: ivvitc/cryptolib:20250108
77+
image: ivvitc/cryptolib:dev
7878
permissions:
7979
# required for all workflows
8080
security-events: write
@@ -107,7 +107,7 @@ jobs:
107107
108108
# Initializes the CodeQL tools for scanning.
109109
- name: Initialize CodeQL
110-
uses: github/codeql-action/init@v3
110+
uses: github/codeql-action/init@v4
111111
with:
112112
languages: ${{ matrix.language }}
113113
build-mode: ${{ matrix.build-mode }}
@@ -118,15 +118,15 @@ jobs:
118118
bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING
119119
120120
- name: Perform CodeQL Analysis
121-
uses: github/codeql-action/analyze@v3
121+
uses: github/codeql-action/analyze@v4
122122
with:
123123
category: "/language:${{matrix.language}}"
124124

125125
build_wolf:
126126
name: Analyze Build_Wolf
127127
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
128128
container:
129-
image: ivvitc/cryptolib:20250108
129+
image: ivvitc/cryptolib:dev
130130
permissions:
131131
# required for all workflows
132132
security-events: write
@@ -185,7 +185,7 @@ jobs:
185185

186186
# Initializes the CodeQL tools for scanning.
187187
- name: Initialize CodeQL
188-
uses: github/codeql-action/init@v3
188+
uses: github/codeql-action/init@v4
189189
with:
190190
languages: ${{ matrix.language }}
191191
build-mode: ${{ matrix.build-mode }}
@@ -196,15 +196,15 @@ jobs:
196196
bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING
197197
198198
- name: Perform CodeQL Analysis
199-
uses: github/codeql-action/analyze@v3
199+
uses: github/codeql-action/analyze@v4
200200
with:
201201
category: "/language:${{matrix.language}}"
202202

203203
build_rhel:
204204
name: Analyze Build_RHEL
205205
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
206206
container:
207-
image: ivvitc/cryptolib:20250108
207+
image: ivvitc/cryptolib:dev
208208
permissions:
209209
# required for all workflows
210210
security-events: write
@@ -237,7 +237,7 @@ jobs:
237237
238238
# Initializes the CodeQL tools for scanning.
239239
- name: Initialize CodeQL
240-
uses: github/codeql-action/init@v3
240+
uses: github/codeql-action/init@v4
241241
with:
242242
languages: ${{ matrix.language }}
243243
build-mode: ${{ matrix.build-mode }}
@@ -248,15 +248,15 @@ jobs:
248248
bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING
249249
250250
- name: Perform CodeQL Analysis
251-
uses: github/codeql-action/analyze@v3
251+
uses: github/codeql-action/analyze@v4
252252
with:
253253
category: "/language:${{matrix.language}}"
254254

255255
build_ep:
256256
name: Analyze Build_EP
257257
runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
258258
container:
259-
image: ivvitc/cryptolib:20250108
259+
image: ivvitc/cryptolib:dev
260260
permissions:
261261
# required for all workflows
262262
security-events: write
@@ -289,7 +289,7 @@ jobs:
289289
290290
# Initializes the CodeQL tools for scanning.
291291
- name: Initialize CodeQL
292-
uses: github/codeql-action/init@v3
292+
uses: github/codeql-action/init@v4
293293
with:
294294
languages: ${{ matrix.language }}
295295
build-mode: ${{ matrix.build-mode }}
@@ -300,6 +300,6 @@ jobs:
300300
bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING
301301
302302
- name: Perform CodeQL Analysis
303-
uses: github/codeql-action/analyze@v3
303+
uses: github/codeql-action/analyze@v4
304304
with:
305305
category: "/language:${{matrix.language}}"

LICENSE

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -19,7 +19,7 @@ Government Agency Original Software Title:
1919
User Registration Requested. Please Visit
2020
https://github.com/nasa/CryptoLib
2121
Government Agency Point of Contact for Original Software:
22-
John.P.Lucas@nasa.gov
22+
Justin.R.Morris@nasa.gov
2323

2424
1. DEFINITIONS
2525

@@ -260,4 +260,4 @@ Recipient hereby agrees to all terms and conditions herein.
260260

261261
F. Point of Contact: Any Recipient contact with Government Agency is
262262
to be directed to the designated representative as follows:
263-
John.P.Lucas@nasa.gov
263+
Justin.R.Morris@nasa.gov

include/crypto.h

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -350,7 +350,7 @@ extern CryptoConfigTC_t crypto_config_tc;
350350
extern CryptoConfigTM_t crypto_config_tm;
351351
extern CryptoConfigAOS_t crypto_config_aos;
352352
extern SadbMariaDBConfig_t *sa_mariadb_config;
353-
extern char *mariadb_table_name;
353+
extern char mariadb_table_name[26];
354354
extern CryptographyKmcCryptoServiceConfig_t *cryptography_kmc_crypto_config;
355355
extern CamConfig_t *cam_config;
356356
extern TCGvcidManagedParameters_t tc_gvcid_managed_parameters_array[GVCID_MAX_PARAM_SIZE];
@@ -397,4 +397,4 @@ static const uint8_t crypto_gf_log[GF_SIZE] = {0, 0, 1, 4, 2, 8, 5, 10, 3, 14, 9
397397
// Generator polynomial coefficients for g(x) = x^4 + a^3x^3 + ax^2 + a^3x + 1
398398
static const uint8_t crypto_gen_poly[RS_PARITY + 1] = {1, 8, 2, 8, 1};
399399

400-
#endif // CRYPTO_H
400+
#endif // CRYPTO_H

include/crypto_error.h

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -58,6 +58,7 @@
5858
#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE 513
5959
#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_DECRYPT_ERROR 514
6060
#define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_ENCRYPT_ERROR 515
61+
#define CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR 516
6162

6263
#define CAM_CONFIG_NOT_SUPPORTED_ERROR 600
6364
#define CAM_INVALID_COOKIE_FILE_CONFIGURATION_NULL 601
@@ -165,7 +166,7 @@
165166
#define CAM_ERROR_CODES_MAX 610
166167

167168
#define KMC_ERROR_CODES 500
168-
#define KMC_ERROR_CODES_MAX 515
169+
#define KMC_ERROR_CODES_MAX 516
169170

170171
#define CRYPTO_INTERFACE_ERROR_CODES 400
171172
#define CRYPTO_INTERFACE_ERROR_CODES_MAX 402

src/core/crypto.c

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -50,9 +50,9 @@ CCSDS_t sdls_frame;
5050
TM_FramePrimaryHeader_t tm_frame_pri_hdr; // Used to reduce bit math duplication
5151
TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication
5252
// AOS
53-
uint8_t aos_frame[AOS_MAX_FRAME_SIZE]; // AOS Global Frame
54-
AOS_FramePrimaryHeader_t aos_frame_pri_hdr; // Used to reduce bit math duplication
55-
AOS_FrameSecurityHeader_t aos_frame_sec_hdr; // Used to reduce bit math duplication
53+
// uint8_t aos_frame[AOS_MAX_FRAME_SIZE]; // AOS Global Frame
54+
AOS_FramePrimaryHeader_t aos_frame_pri_hdr; // Used to reduce bit math duplication
55+
AOS_FrameSecurityHeader_t aos_frame_sec_hdr; // Used to reduce bit math duplication
5656
// OCF
5757
uint8_t ocf = 0;
5858
Telemetry_Frame_Ocf_Fsr_t report;
@@ -73,7 +73,7 @@ uint8_t parity[RS_PARITY];
7373
uint32_t crc32Table[CRC32TBL_SIZE];
7474
uint16_t crc16Table[CRC16TBL_SIZE];
7575
// Mariadb
76-
char *mariadb_table_name = "security_associations";
76+
char mariadb_table_name[] = "security_associations";
7777

7878
/*
7979
** Assisting Functions

src/core/crypto_aos.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -109,7 +109,7 @@ int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest)
109109

110110
if (crypto_config_global.sa_type == SA_TYPE_MARIADB)
111111
{
112-
mariadb_table_name = MARIADB_AOS_TABLE_NAME;
112+
strncpy(mariadb_table_name, MARIADB_AOS_TABLE_NAME, sizeof(mariadb_table_name));
113113
}
114114
status = sa_if->sa_get_operational_sa_from_gvcid(tfvn, scid, vcid, 0, &sa_ptr);
115115

@@ -1053,7 +1053,7 @@ int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t
10531053

10541054
if (crypto_config_global.sa_type == SA_TYPE_MARIADB)
10551055
{
1056-
mariadb_table_name = MARIADB_AOS_TABLE_NAME;
1056+
strncpy(mariadb_table_name, MARIADB_AOS_TABLE_NAME, sizeof(mariadb_table_name));
10571057
}
10581058
status = sa_if->sa_get_from_spi(spi, &sa_ptr);
10591059
// If no valid SPI, return

src/core/crypto_config.c

Lines changed: 3 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -134,7 +134,8 @@ int32_t Crypto_SC_Init(void)
134134
SecurityAssociation_t *sa_ptr = NULL;
135135
if (crypto_config_global.sa_type == SA_TYPE_MARIADB)
136136
{
137-
mariadb_table_name = MARIADB_TC_TABLE_NAME;
137+
// mariadb_table_name = MARIADB_TC_TABLE_NAME;
138+
strncpy(mariadb_table_name, MARIADB_TC_TABLE_NAME, sizeof(mariadb_table_name));
138139
}
139140
sa_if->sa_get_from_spi(1, &sa_ptr);
140141
sa_ptr->gvcid_blk.vcid = 0;
@@ -149,7 +150,7 @@ int32_t Crypto_SC_Init(void)
149150
sa_ptr->iv_len = 0;
150151
if (crypto_config_global.sa_type == SA_TYPE_MARIADB)
151152
{
152-
mariadb_table_name = MARIADB_TM_TABLE_NAME;
153+
strncpy(mariadb_table_name, MARIADB_TM_TABLE_NAME, sizeof(mariadb_table_name));
153154
}
154155
sa_if->sa_get_from_spi(5, &sa_ptr);
155156
sa_ptr->sa_state = SA_OPERATIONAL;

src/core/crypto_error.c

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -155,6 +155,7 @@ char *crypto_enum_errlist_crypto_kmc[] = {
155155
(char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE",
156156
(char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_DECRYPT_ERROR",
157157
(char *)"CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_ENCRYPT_ERROR",
158+
(char *)"CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR",
158159
};
159160

160161
char *crypto_enum_errlist_crypto_cam[] = {

src/core/crypto_mc.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -294,7 +294,7 @@ int32_t Crypto_SA_readARSN(uint8_t *ingest)
294294
// TODO: This is not correct
295295
if (crypto_config_global.sa_type == SA_TYPE_MARIADB)
296296
{
297-
mariadb_table_name = MARIADB_TC_TABLE_NAME;
297+
strncpy(mariadb_table_name, MARIADB_TC_TABLE_NAME, sizeof(mariadb_table_name));
298298
}
299299
status = sa_if->sa_get_from_spi(spi, &sa_ptr);
300300

src/core/crypto_tc.c

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -841,7 +841,7 @@ int32_t Crytpo_TC_Validate_TC_Temp_Header(const uint16_t in_frame_length, TC_Fra
841841
}
842842
if (crypto_config_global.sa_type == SA_TYPE_MARIADB)
843843
{
844-
mariadb_table_name = MARIADB_TC_TABLE_NAME;
844+
strncpy(mariadb_table_name, MARIADB_TC_TABLE_NAME, sizeof(mariadb_table_name));
845845
}
846846
status = sa_if->sa_get_operational_sa_from_gvcid(temp_tc_header.tfvn, temp_tc_header.scid, temp_tc_header.vcid,
847847
*map_id, sa_ptr);
@@ -1832,7 +1832,7 @@ uint32_t Crypto_TC_Sanity_Validations(TC_t *tc_sdls_processed_frame, SecurityAss
18321832

18331833
if (crypto_config_global.sa_type == SA_TYPE_MARIADB)
18341834
{
1835-
mariadb_table_name = MARIADB_TC_TABLE_NAME;
1835+
strncpy(mariadb_table_name, MARIADB_TC_TABLE_NAME, sizeof(mariadb_table_name));
18361836
}
18371837
status = sa_if->sa_get_from_spi(tc_sdls_processed_frame->tc_sec_header.spi, sa_ptr);
18381838
// If no valid SPI, return

0 commit comments

Comments
 (0)