CryptoLib icon indicating copy to clipboard operation
CryptoLib copied to clipboard
verified publisher icon nasa

SDLS-EP Baseline: Key Management

Open jlucas9 opened this issue 2 years ago • 5 comments

jlucas9 avatar Mar 24 '23 12:03 jlucas9

https://public.ccsds.org/Pubs/355x1b1.pdf (Page 3-1)

Donnie-Ice avatar Aug 05 '24 17:08 Donnie-Ice

Closes #44

rjbrown2 avatar Sep 04 '24 17:09 rjbrown2

For reference / my starting point on this: There are issues with the UTs in ut_ep_key_validation.c that involve memory corruption.

dccutrig avatar Sep 12 '24 14:09 dccutrig

According to @dccutrig, all Key Management unit tests are passing with no changes to the code. Can now resume work on this.

Donnie-Ice avatar Sep 13 '24 20:09 Donnie-Ice

After much debate, we're jotting down our thoughts about how to proceed with this:

Note: We are able to create a buffer and gather the expected output.

  • The ingest from TC_Process is the raw frame that TC is processing. This ingest is passed several levels and winds up passed into Crypto_Key_mgmt.c-> Crypto_Key_Verify ca. line 430.

  • The core of the issue is we receive a static frame (Say, 40 bytes). The PDU Reply will be larger, it will have an encrypted challenge PLUS a Mac for each challenge, this causes a buffer overflow / stomps things.

  • So, the output needs to be something besides the ingest. Crypto_key_verify needs a way to access / or generate / a TM_Frame to get this reply to the ground. Unfortunately, nominally, the aggregation and building of a frame is handled outside and above CryptoLib. This means that likely a semaphore/mutex is needed for CryptoLib to grab a clean TM_Frame, fill it with a reply, and send the reply. A mutex is needed because The Reply happens nominally as part of a CI library call, whereas Telemetry is generally created as part of a TO library call.

dccutrig avatar Sep 19 '24 20:09 dccutrig