RC v1.4.3

.github/pull_request_template.md

@@ -1,6 +1,6 @@
 ### All Submissions:
 
-* [ ] Have you followed the guidelines in our [Contributing](https://github.com/nasa/CryptoLib/blob/main/doc/CryptoLib_Indv_CLA.pdf) document?
+* [ ] Have you followed the guidelines in our [Contributing](https://github.com/nasa/CryptoLib/blob/main/docs/CryptoLib_Indv_CLA.pdf) document?
 * [ ] Have you checked to ensure there aren't other open [Pull Requests](https://github.com/nasa/cryptolib/pulls) for the same update/change?
 
 ### New Feature Submissions:
@@ -13,4 +13,3 @@
 
 ### How do you test these changes?
 
-<input type="text" id="explain" name="explain"/>

.github/workflows/codeql.yml

@@ -22,7 +22,7 @@ jobs:
     name: Analyze Build_Internal
     runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
     container:
-        image: ivvitc/cryptolib:20250108
+        image: ivvitc/cryptolib:dev
     permissions:
       # required for all workflows
       security-events: write
@@ -55,7 +55,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
       with:
         languages: ${{ matrix.language }}
         build-mode: ${{ matrix.build-mode }}
@@ -66,15 +66,15 @@ jobs:
         bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4
       with:
         category: "/language:${{matrix.language}}"
 
   build_minimal:
       name: Analyze Build_Minimal
       runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
       container:
-        image: ivvitc/cryptolib:20250108
+        image: ivvitc/cryptolib:dev
       permissions:
         # required for all workflows
         security-events: write
@@ -107,7 +107,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: ${{ matrix.language }}
           build-mode: ${{ matrix.build-mode }}
@@ -118,15 +118,15 @@ jobs:
           bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
         with:
           category: "/language:${{matrix.language}}"
 
   build_wolf:
       name: Analyze Build_Wolf
       runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
       container:
-        image: ivvitc/cryptolib:20250108
+        image: ivvitc/cryptolib:dev
       permissions:
         # required for all workflows
         security-events: write
@@ -185,7 +185,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: ${{ matrix.language }}
           build-mode: ${{ matrix.build-mode }}
@@ -196,15 +196,15 @@ jobs:
           bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
         with:
           category: "/language:${{matrix.language}}"
 
   build_rhel:
       name: Analyze Build_RHEL
       runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
       container:
-        image: ivvitc/cryptolib:20250108
+        image: ivvitc/cryptolib:dev
       permissions:
         # required for all workflows
         security-events: write
@@ -237,7 +237,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: ${{ matrix.language }}
           build-mode: ${{ matrix.build-mode }}
@@ -248,15 +248,15 @@ jobs:
           bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
         with:
           category: "/language:${{matrix.language}}"
 
   build_ep:
     name: Analyze Build_EP
     runs-on: ${{ (matrix.language == 'swift' && 'macos-latest') || 'ubuntu-latest' }}
     container:
-        image: ivvitc/cryptolib:20250108
+        image: ivvitc/cryptolib:dev
     permissions:
       # required for all workflows
       security-events: write
@@ -289,7 +289,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
       with:
         languages: ${{ matrix.language }}
         build-mode: ${{ matrix.build-mode }}
@@ -300,6 +300,6 @@ jobs:
         bash ${GITHUB_WORKSPACE}/support/scripts/$BUILD_STRING
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4
       with:
         category: "/language:${{matrix.language}}"

LICENSE

@@ -19,7 +19,7 @@ Government Agency Original Software Title:
 User Registration Requested. Please Visit 
   https://github.com/nasa/CryptoLib
 Government Agency Point of Contact for Original Software:
-  John.P.Lucas@nasa.gov
+  Justin.R.Morris@nasa.gov
 
 1. DEFINITIONS
 
@@ -260,4 +260,4 @@ Recipient hereby agrees to all terms and conditions herein.
 
 F. Point of Contact: Any Recipient contact with Government Agency is
 to be directed to the designated representative as follows:
-  John.P.Lucas@nasa.gov
+  Justin.R.Morris@nasa.gov

include/crypto.h

@@ -51,7 +51,7 @@
 */
 #define CRYPTO_LIB_MAJOR_VERSION 1
 #define CRYPTO_LIB_MINOR_VERSION 4
-#define CRYPTO_LIB_REVISION      1
+#define CRYPTO_LIB_REVISION      3
 #define CRYPTO_LIB_MISSION_REV   0
 
 #define GVCID_MAX_PARAM_SIZE 250
@@ -167,12 +167,12 @@ void     Crypto_Set_FSR(uint8_t *p_ingest, uint16_t byte_idx, uint16_t pdu_len,
 
 // Telemetry (TM)
 extern int32_t Crypto_TM_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest);
-extern int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_t **pp_processed_frame,
+extern int32_t Crypto_TM_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, TM_t *pp_processed_frame,
                                          uint16_t *p_decrypted_length);
 
 // Advanced Orbiting Systems (AOS)
 extern int32_t Crypto_AOS_ApplySecurity(uint8_t *pTfBuffer, uint16_t len_ingest);
-extern int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, uint8_t **pp_processed_frame,
+extern int32_t Crypto_AOS_ProcessSecurity(uint8_t *p_ingest, uint16_t len_ingest, AOS_t *pp_processed_frame,
                                           uint16_t *p_decrypted_length);
 
 // Crypo Error Support Functions
@@ -227,7 +227,7 @@ void    Crypto_TM_Calc_PDU_MAC(uint16_t *pdu_len, uint16_t byte_idx, SecurityAss
 int32_t Crypto_TM_Do_Decrypt(uint8_t sa_service_type, SecurityAssociation_t *sa_ptr, uint8_t ecs_is_aead_algorithm,
                              uint16_t byte_idx, uint8_t *p_new_dec_frame, uint16_t pdu_len, uint8_t *p_ingest,
                              crypto_key_t *ekp, crypto_key_t *akp, uint8_t iv_loc, int mac_loc, uint16_t aad_len,
-                             uint8_t *aad, uint8_t **pp_processed_frame, uint16_t *p_decrypted_length);
+                             uint8_t *aad, TM_t *pp_processed_frame, uint16_t *p_decrypted_length);
 void    Crypto_TM_Process_Debug_Print(uint16_t byte_idx, uint16_t pdu_len, SecurityAssociation_t *sa_ptr);
 
 extern int32_t Crypto_increment(uint8_t *num, int length);
@@ -318,7 +318,7 @@ extern CCSDS_t          sdls_frame;
 extern SDLS_KEYV_RPLY_t sdls_ep_keyv_reply;
 extern uint8_t          sdls_ep_reply[TC_MAX_FRAME_SIZE];
 // extern TM_t tm_frame;
-extern uint8_t                  tm_frame[1786];
+// extern uint8_t                  tm_frame[1786];
 extern TM_FramePrimaryHeader_t  tm_frame_pri_hdr;
 extern TM_FrameSecurityHeader_t tm_frame_sec_hdr; // Used to reduce bit math duplication
 // exterm AOS_t aos_frame
@@ -329,6 +329,7 @@ extern uint8_t                   parity[4];         // Used in FHECF calc
 // Global configuration structs
 extern CryptoConfig_t                        crypto_config;
 extern SadbMariaDBConfig_t                  *sa_mariadb_config;
+extern char                                 *mariadb_table_name;
 extern CryptographyKmcCryptoServiceConfig_t *cryptography_kmc_crypto_config;
 extern CamConfig_t                          *cam_config;
 extern GvcidManagedParameters_t             *gvcid_managed_parameters;
@@ -375,4 +376,4 @@ static const uint8_t crypto_gf_log[GF_SIZE] = {0, 0, 1, 4, 2, 8, 5, 10, 3, 14, 9
 // Generator polynomial coefficients for g(x) = x^4 + a^3x^3 + ax^2 + a^3x + 1
 static const uint8_t crypto_gen_poly[RS_PARITY + 1] = {1, 8, 2, 8, 1};
 
-#endif // CRYPTO_H
+#endif // CRYPTO_H

include/crypto_config.h

@@ -123,17 +123,18 @@
 #define FHECF_SIZE          2
 #define FECF_SIZE           2
 #define TC_SEGMENT_HDR_SIZE 1
-#define ECS_SIZE            4    /* bytes */
-#define ABM_SIZE            1786 /* bytes */
-#define ARSN_SIZE           20   /* total messages */
-#define ARSNW_SIZE          1    /* bytes */
-#define SN_SIZE             16   /* bytes */
-#define PAD_SIZE            32   /* bytes */
-#define CHALLENGE_SIZE      16   /* bytes */
-#define CHALLENGE_MAC_SIZE  16   /* bytes */
-#define BYTE_LEN            8    /* bits */
+#define ECS_SIZE            4             /* bytes */
+#define ABM_SIZE            1786          /* bytes */
+#define ARSN_SIZE           20            /* total messages */
+#define ARSNW_SIZE          1             /* bytes */
+#define SN_SIZE             16            /* bytes */
+#define PAD_SIZE            2 /* bytes */ // Max shplf len takes up 2 bytes
+#define CHALLENGE_SIZE      16            /* bytes */
+#define CHALLENGE_MAC_SIZE  16            /* bytes */
+#define BYTE_LEN            8             /* bits */
 #define CRYPTOLIB_APPID     128
 #define MAX_IV_LEN          32 /* bytes */
+#define MAX_IZ_LEN          32
 
 // Configurable via build flags
 #ifndef NUM_SA
@@ -268,4 +269,11 @@
 */
 #define TC_BLOCK_SIZE 16
 
+/*
+** MariaDB Defines
+*/
+#define MARIADB_TC_TABLE_NAME  "security_associations"
+#define MARIADB_TM_TABLE_NAME  "security_associations_tm"
+#define MARIADB_AOS_TABLE_NAME "security_associations_aos"
+
 #endif // CRYPTO_CONFIG_H

include/crypto_error.h

@@ -58,6 +58,7 @@
 #define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_EMPTY_RESPONSE             513
 #define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_DECRYPT_ERROR              514
 #define CRYPTOGRAHPY_KMC_CRYPTO_SERVICE_ENCRYPT_ERROR              515
+#define CRYPTOGRAHPY_KMC_BASE64_DECRYPT_ERROR                      516
 
 #define CAM_CONFIG_NOT_SUPPORTED_ERROR                      600
 #define CAM_INVALID_COOKIE_FILE_CONFIGURATION_NULL          601
@@ -156,15 +157,16 @@
 #define CRYPTO_LIB_ERR_TC_FRAME_LENGTH_MISMATCH                             (-82)
 #define CRYPTO_LIB_ERR_SHPLF_LEN_LESS_THAN_MIN_PAD_SIZE                     (-83)
 #define CRYPTO_LIB_ERR_INVALID_AOS_IZ_LENGTH                                (-84)
+#define CRYPTO_LIB_ERR_INVALID_AOS_FRAME_LENGTH                             (-85)
 
-#define CRYPTO_CORE_ERROR_CODES_MAX -84
+#define CRYPTO_CORE_ERROR_CODES_MAX -85
 
 // Define codes for returning MDB Strings, and determining error based on strings
 #define CAM_ERROR_CODES     600
 #define CAM_ERROR_CODES_MAX 610
 
 #define KMC_ERROR_CODES     500
-#define KMC_ERROR_CODES_MAX 515
+#define KMC_ERROR_CODES_MAX 516
 
 #define CRYPTO_INTERFACE_ERROR_CODES     400
 #define CRYPTO_INTERFACE_ERROR_CODES_MAX 402

include/crypto_print.h

@@ -43,6 +43,13 @@ void Crypto_tcPrint(TC_t *tc_frame);
  **/
 void Crypto_tmPrint(TM_t *tm_frame);
 
+/**
+ * @brief Function: Crypto_aosPrint
+ * Prints the current AOS in memory.
+ * @param aos_frame: AOS_t*
+ **/
+void Crypto_aosPrint(AOS_t *aos_frame);
+
 /**
  * @brief Function: Crypto_clcwPrint
  * @param clcw: Telemetry_Frame_Clcw_t*