nasa · rjbrown2 · Sep 11, 2024 · Feb 22, 2024 · Feb 22, 2024 · Feb 26, 2024
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -18,9 +18,26 @@ jobs:
     - name: Update
       run: sudo apt-get update
     - name: Install Dependencies
-      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat libgcrypt20-dev python3 
+      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 
     - name: Install Python Libraries
       run: sudo pip install pycryptodome
+    - name: Install Libgcrypt
+      run: >
+        curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
+        -o /tmp/libgpg-error-1.50.tar.bz2 
+        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgpg-error-1.50 
+        && sudo ./configure 
+        && sudo make install 
+        && curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
+        -o /tmp/libgcrypt-1.11.0.tar.bz2 
+        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgcrypt-1.11.0 
+        && sudo ./configure 
+        && sudo make install
+        && sudo ldconfig
     # End Container Setup
 
     - name: Minimal Build Script
@@ -38,9 +55,26 @@ jobs:
     - name: Update
       run: sudo apt-get update
     - name: Install Dependencies
-      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat libgcrypt20-dev python3
+      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3
     - name: Install Python Libraries
       run: sudo pip install pycryptodome
+    - name: Install Libgcrypt
+      run: >
+        curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
+        -o /tmp/libgpg-error-1.50.tar.bz2 
+        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgpg-error-1.50 
+        && sudo ./configure 
+        && sudo make install 
+        && curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
+        -o /tmp/libgcrypt-1.11.0.tar.bz2 
+        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgcrypt-1.11.0 
+        && sudo ./configure 
+        && sudo make install
+        && sudo ldconfig
     # End Container Setup
 
     - name: Internal Build Script
@@ -52,31 +86,61 @@ jobs:
       run: make gcov
 
     - name: Upload 
-      uses: codecov/codecov-action@v3
+      uses: codecov/codecov-action@v4
       env:
         CODECOV_TOKEN: 71699f25-12a3-44a4-8a83-be777b9e577a
       with:
         files: 'coverage/*.c.gcov'
+        verbose: true
 
   #
   # KMC Build
   #
-  kmc_build:
-    # Container Setup
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@v2
-    - name: Update
-      run: sudo apt-get update
-    - name: Install Dependencies
-      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat libgcrypt20-dev python3
-    - name: Install Python Libraries
-      run: sudo pip install pycryptodome
-    # End Container Setup
+  # kmc_build:
+  #   # Container Setup
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #   - uses: actions/checkout@v2
+  #   - name: Update
+  #     run: sudo apt-get update
+  #   - name: Install Dependencies
+  #     run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3
+  #   - name: Install Python Libraries
+  #     run: sudo pip install pycryptodome
+  #   - name: Install Libgcrypt
+  #     run: >
+  #       curl  
+  #       -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
+  #       -o /tmp/libgpg-error-1.50.tar.bz2 
+  #       && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
+  #       && cd /tmp/libgpg-error-1.50 
+  #       && sudo ./configure 
+  #       && sudo make install 
+  #       && curl  
+  #       -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
+  #       -o /tmp/libgcrypt-1.11.0.tar.bz2 
+  #       && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
+  #       && cd /tmp/libgcrypt-1.11.0 
+  #       && sudo ./configure 
+  #       && sudo make install
+  #       && sudo ldconfig
+  #   # End Container Setup
 
-    - name: KMC Build Script
-      working-directory: ${{github.workspace}}
-      run: bash ${GITHUB_WORKSPACE}/support/scripts/build_kmc.sh
+  #   - name: KMC Build Script
+  #     working-directory: ${{github.workspace}}
+  #     run: bash ${GITHUB_WORKSPACE}/support/scripts/build_kmc.sh
+
+  #   - name: Code-Coverage
+  #     working-directory: ${{github.workspace}}
+  #     run: make gcov
+
+  #   - name: Upload 
+  #     uses: codecov/codecov-action@v4
+  #     env:
+  #       CODECOV_TOKEN: 71699f25-12a3-44a4-8a83-be777b9e577a
+  #     with:
+  #       files: 'coverage/*.c.gcov'
+  #       verbose: true
 
   #
   # Wolf Build
@@ -89,9 +153,26 @@ jobs:
     - name: Update
       run: sudo apt-get update
     - name: Install Dependencies
-      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat libgcrypt20-dev python3 autoconf libtool
+      run: sudo apt-get install -y lcov libcurl4-openssl-dev libmariadb-dev libmariadb-dev-compat python3 autoconf libtool
     - name: Install Python Libraries
       run: sudo pip install pycryptodome
+    - name: Install Libgcrypt
+      run: >
+        curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
+        -o /tmp/libgpg-error-1.50.tar.bz2 
+        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgpg-error-1.50 
+        && sudo ./configure 
+        && sudo make install 
+        && curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
+        -o /tmp/libgcrypt-1.11.0.tar.bz2 
+        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgcrypt-1.11.0 
+        && sudo ./configure 
+        && sudo make install
+        && sudo ldconfig
     - name: Clone WolfSSL
       run: git clone --depth 1 --branch v5.6.0-stable https://github.com/wolfSSL/wolfssl.git /tmp/wolfssl
 
@@ -101,7 +182,7 @@ jobs:
       #run: cd /tmp/wolfssl/;
       #     sudo chown -R runner /usr/local; 
       #     ./autogen.sh;
-      #     ./configure --enable-aesccm --enable-aessiv --enable-cmac;
+      #     sudo ./configure --enable-aesccm --enable-aessiv --enable-cmac;
       #     make;
       #     make install;
       #sudo chown -R runner /usr/local;
@@ -116,3 +197,71 @@ jobs:
     - name: Wolf Build Script
       working-directory: ${{github.workspace}}
       run: bash ${GITHUB_WORKSPACE}/support/scripts/build_wolf.sh
+
+    - name: Code-Coverage
+      working-directory: ${{github.workspace}}
+      run: make gcov
+
+    - name: Upload 
+      uses: codecov/codecov-action@v4
+      env:
+        CODECOV_TOKEN: 71699f25-12a3-44a4-8a83-be777b9e577a
+      with:
+        files: 'coverage/*.c.gcov'
+        verbose: true
+
+  #
+  # RHEL Build
+  #
+  rhel_build:
+    # Container Setup
+    runs-on: ubuntu-latest
+    container:
+      image: rockylinux/rockylinux:8
+    steps:
+    - uses: actions/checkout@v2
+    - name: Update
+      run: yum update -y
+    - name: Install Dependencies
+      run: yum install -y epel-release python38-devel libcurl-devel git cmake gcc java-11-openjdk-devel openssl wget bzip2 ldconfig mariadb-devel mariadb-common mariadb-connector-c mariadb-connector-c-config mariadb-errmsg mariadb-gssapi-server
+      # Might want to trim this down, but these dependencies should work for KMC
+    - name: install lcov
+      run: yum install -y --enablerepo=epel lcov
+    - name: Install Python Dependencies
+      run: pip3 install pycryptodome
+    - name: Install Libgcrypt
+      run: >
+        curl 
+        -LS https://www.gnupg.org/ftp/gcrypt/libgpg-error/libgpg-error-1.50.tar.bz2 
+        -o /tmp/libgpg-error-1.50.tar.bz2 
+        && tar -xjf /tmp/libgpg-error-1.50.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgpg-error-1.50 
+        && ./configure 
+        && make install 
+        && curl  
+        -LS https://www.gnupg.org/ftp/gcrypt/libgcrypt/libgcrypt-1.11.0.tar.bz2 
+        -o /tmp/libgcrypt-1.11.0.tar.bz2 
+        && tar -xjf /tmp/libgcrypt-1.11.0.tar.bz2 -C /tmp/ 
+        && cd /tmp/libgcrypt-1.11.0 
+        && ./configure 
+        && make install  
+        && echo "export LD_LIBRARY_PATH=/usr/local/lib/:/usr/local/include:$LD_LIBRARY_PATH" >> ~/.bashrc 
+        && source ~/.bashrc 
+        && ldconfig
+    # End Container Setup
+
+    - name: RHEL Build Script
+      working-directory: ${{github.workspace}}
+      run: source ~/.bashrc && ${GITHUB_WORKSPACE}/support/scripts/build_rhel.sh
+
+    - name: Code-Coverage
+      working-directory: ${{github.workspace}}
+      run: source ~/.bashrc && make gcov
+
+    - name: Upload 
+      uses: codecov/codecov-action@v4
+      env:
+        CODECOV_TOKEN: 71699f25-12a3-44a4-8a83-be777b9e577a
+      with:
+        files: 'coverage/*.c.gcov'
+        verbose: true
diff --git a/CMakeLists.txt b/CMakeLists.txt
@@ -18,6 +18,17 @@
 cmake_minimum_required(VERSION 3.14.0)
 project(crypto C)
 
+#
+# CUSTOM PATH Definiton
+#
+set(SA_CUSTOM_PATH_DEFAULT "../../sa/custom")
+set(KEY_CUSTOM_PATH_DEFAULT "../../key/custom")
+set(MC_CUSTOM_PATH_DEFAULT "../../mc/custom")
+set(MC_LOG_PATH_DEFAULT "log.txt")
+set(CRYPTO_CUSTOM_PATH_DEFAULT "../../crypto/custom")
+
+
+
 #
 # Define Build Flags
 # The default value is captured in line, change with flag `-DXYZ=1`
@@ -27,37 +38,96 @@ option(CODECOV "Code Coverage" OFF)
 option(CRYPTO_LIBGCRYPT "Cryptography Module - Libgcrypt" ON)
 option(CRYPTO_KMC "Cryptography Module - KMC" OFF)
 option(CRYPTO_WOLFSSL "Cryptography Module - WolfSSL" OFF)
+option(CRYPTO_CUSTOM "Cryptography Module - CUSTOM" OFF)
+option(CRYPTO_CUSTOM_PATH "Cryptography Module - CUSTOM PATH" OFF)
 option(DEBUG "Debug" OFF)
 option(KEY_CUSTOM "Key Module - Custom" OFF)
+option(KEY_CUSTOM_PATH "Custom Key Path" OFF)
 option(KEY_INTERNAL "Key Module - Internal" ON)
 option(KEY_KMC "Key Module - KMC" OFF)
 option(MC_CUSTOM "Monitoring and Control - Custom" OFF)
+option(MC_CUSTOM_PATH "Custom Monitoring and Control path" OFF)
 option(MC_DISABLED "Monitoring and Control - Disabled" OFF)
 option(MC_INTERNAL "Monitoring and Control - Internal" ON)
 option(SA_CUSTOM "Security Association - Custom" OFF)
+option(SA_CUSTOM_PATH "Custom Security Association Path" OFF)
 option(SA_INTERNAL "Security Association - Internal" ON)
 option(SA_MARIADB "Security Association - MariaDB" OFF)
 option(SUPPORT "Support" OFF)
 option(SYSTEM_INSTALL "SystemInstall" OFF)
 option(TEST "Test" OFF)
 option(TEST_ENC "Tests - Encryption" OFF)
+option(SA_FILE "Save Security Association to File" OFF)
+option(KEY_VALIDATION "Validate existance of key duplication" OFF)
 
 OPTION(KMC_MDB_RH "KMC-MDB-RedHat-Integration-Testing" OFF) #Disabled by default, enable with: -DKMC_MDB_RH=ON
 OPTION(KMC_MDB_DB "KMC-MDB-Debian-Integration-Testing" OFF) #Disabled by default, enable with: -DKMC_MDB_DB=ON
 OPTION(KMC_CFFI_EXCLUDE "KMC-Exclude-Problematic-CFFI-Code" OFF) #Disabled by default, enable with: -DKMC_CFFI_EXCLUDE=ON
 
+
+#
+# Custom Module Paths
+#
+if(KEY_CUSTOM)
+    if(NOT DEFINED KEY_CUSTOM_PATH)
+        set(KEY_CUSTOM_PATH ${KEY_CUSTOM_PATH_DEFAULT})
+        message(STATUS "Default path set for KEY_CUSTOM_PATH")
+    endif()
+    message(STATUS "KEY_CUSTOM being utilized.  Path set to: ${KEY_CUSTOM_PATH}")
+endif()
+
+if(MC_CUSTOM)
+    if(NOT DEFINED MC_CUSTOM_PATH)
+        set(MC_CUSTOM_PATH ${MC_CUSTOM_PATH_DEFAULT})
+        message(STATUS "Default path set for MC_CUSTOM_PATH")
+    endif()
+    message(STATUS "MC_CUSTOM being utilized.  Path set to: ${MC_CUSTOM_PATH}")
+endif()
+
+if(SA_CUSTOM)
+    if(NOT DEFINED SA_CUSTOM_PATH)
+        set(SA_CUSTOM_PATH ${SA_CUSTOM_PATH_DEFAULT})
+        message(STATUS "Default path set for SA_CUSTOM_PATH")
+    endif()
+    message(STATUS "SA_CUSTOM being utilized.  Path set to: ${SA_CUSTOM_PATH}")
+endif()
+
+if(CRYPTO_CUSTOM)
+    if(NOT DEFINED CRYPTO_CUSTOM_PATH)
+        set(CRYPTO_CUSTOM_PATH ${CRYPTO_CUSTOM_PATH_DEFAULT})
+        message(STATUS "Default path set for CRYPTO_CUSTOM_PATH")
+    endif()
+    message(STATUS "CRYPTO_CUSTOM being utilized.  Path set to: ${CRYPTO_CUSTOM_PATH}")
+endif()
+
+
 #
 # Build Flag Logic
 #
 if(CODECOV)
     set(CMAKE_C_FLAGS "${CMAKE_C_FLAGS} -fprofile-arcs -ftest-coverage")
 endif()
 
+if(SA_FILE)
+    add_definitions(-DSA_FILE)
+endif()
+
+if(KEY_VALIDATION)
+    add_definitions(-DKEY_VALIDATION)
+endif()
+
 if(DEBUG)
     add_definitions(-DDEBUG -DOCF_DEBUG -DFECF_DEBUG -DSA_DEBUG -DPDU_DEBUG -DCCSDS_DEBUG -DTC_DEBUG -DMAC_DEBUG -DTM_DEBUG -DAOS_DEBUG)
     add_compile_options(-ggdb)
 endif()
 
+if(DEFINED MC_LOG_CUSTOM_PATH)
+    message(STATUS "MC_LOG_CUSTOM_PATH set to: ${MC_LOG_CUSTOM_PATH}")
+    add_compile_definitions(MC_LOG_PATH="${MC_LOG_CUSTOM_PATH}")
+else()
+    add_compile_definitions(MC_LOG_PATH="${MC_LOG_PATH_DEFAULT}")
+endif()
+
 IF(KMC_MDB_RH)
     ADD_DEFINITIONS(-DKMC_MDB_RH)
     ADD_DEFINITIONS(-DKMC_CFFI_EXCLUDE)
@@ -69,7 +139,9 @@ IF(KMC_MDB_DB)
 ENDIF(KMC_MDB_DB)
 
 if(SYSTEM_INSTALL)
-    set(CMAKE_INSTALL_PREFIX /usr/local)
+    # The library will be installed to /usr/local unless overridden with
+    # -DCMAKE_INSTALL_PREFIX=/some/path
+    # See https://cmake.org/cmake/help/latest/variable/CMAKE_INSTALL_PREFIX.html
 elseif(NOT DEFINED CFE_SYSTEM_PSPNAME)
     # Not cFE / cFS
     set(CMAKE_INSTALL_RPATH "$ORIGIN/../lib")