search

nasa / CryptoLib

Provide a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station.
Other
69 stars 28 forks source link

Crypto_Key_OTAR - Fixed IV length #44

Open Peco602 opened 2 years ago

Peco602 commented 2 years ago

Currently, the Crypto_Key_OTAR works only with an IV with length 12 bytes.

As you can see below, the value 30 is calculating by summing the Session Key ID (2 bytes), the IV len (12 bytes) and the MAC len (16 bytes):

int pdu_keys = (sdls_frame.pdu.pdu_len - 30) / (2 + KEY_SIZE);

Moreover, keys are extracted from the 14th byte (2 bytes for Session Key ID and 12 bytes for IV): 

    gcry_error = gcry_cipher_decrypt(
        tmp_hd,
        &(sdls_frame.pdu.data[14]),                     // plaintext output
        pdu_keys * (2 + KEY_SIZE),                      // length of data
        NULL,                                           // in place decryption
        0                                               // in data length
    );
for (int count = 14; x < pdu_keys; x++)

The IV len for OTAR should be a managed parameter so I suggest to add it as a DEFINE.

rjbrown2 commented 11 months ago

Actual data needs to be extracted from the SA, rather than the hard-coding happening above.

rjbrown2 commented 1 week ago

Currently attached to #147 Donnie-Ice is currently working this now.