From b688f2bc36a5c3f6fee30a5115749ab872ce7f66 Mon Sep 17 00:00:00 2001 From: harindhu007 Date: Wed, 9 Jul 2025 14:58:19 -0600 Subject: [PATCH] Issue 136: Add a flag to Disable/Enable SVP functionality Reason for change: Disable/Enable SVP functionality using flag Risks: None Priority: P1 --- reference/CMakeLists.txt | 13 ++- reference/src/CMakeLists.txt | 6 +- reference/src/client/CMakeLists.txt | 33 ++++--- reference/src/client/include/sa_svp.h | 4 +- reference/src/client/include/sa_ta_types.h | 4 +- reference/src/client/include/sa_types.h | 8 +- .../src/client/test/client_test_helpers.cpp | 21 ++++- .../src/client/test/sa_client_thread_test.cpp | 4 +- .../client/test/sa_crypto_cipher_process.cpp | 10 +- .../test/sa_crypto_cipher_process_aes_gcm.cpp | 4 +- ...rypto_cipher_process_chacha20_poly1305.cpp | 4 +- .../test/sa_crypto_cipher_process_last.cpp | 11 ++- .../test/sa_process_common_encryption.cpp | 12 ++- .../test/sa_process_common_encryption.h | 5 +- .../src/client/test/sa_svp_buffer_alloc.cpp | 5 +- .../src/client/test/sa_svp_buffer_check.cpp | 5 +- .../src/client/test/sa_svp_buffer_copy.cpp | 5 +- .../src/client/test/sa_svp_buffer_create.cpp | 5 +- .../src/client/test/sa_svp_buffer_release.cpp | 5 +- .../src/client/test/sa_svp_buffer_write.cpp | 4 +- reference/src/client/test/sa_svp_common.cpp | 4 +- reference/src/client/test/sa_svp_common.h | 4 +- .../src/client/test/sa_svp_key_check.cpp | 5 +- reference/src/clientimpl/CMakeLists.txt | 32 ++++--- .../src/porting/sa_svp_memory_alloc.c | 5 +- .../src/porting/sa_svp_memory_free.c | 5 +- .../clientimpl/src/sa_crypto_cipher_process.c | 27 ++++-- .../src/sa_crypto_cipher_process_last.c | 28 ++++-- .../src/sa_process_common_encryption.c | 29 ++++-- .../src/clientimpl/src/sa_svp_buffer_alloc.c | 5 +- .../src/clientimpl/src/sa_svp_buffer_check.c | 5 +- .../src/clientimpl/src/sa_svp_buffer_copy.c | 5 +- .../src/clientimpl/src/sa_svp_buffer_create.c | 4 +- .../src/clientimpl/src/sa_svp_buffer_free.c | 3 +- .../clientimpl/src/sa_svp_buffer_release.c | 5 +- .../src/clientimpl/src/sa_svp_buffer_write.c | 5 +- .../src/clientimpl/src/sa_svp_key_check.c | 12 ++- .../src/clientimpl/src/sa_svp_supported.c | 6 +- reference/src/taimpl/CMakeLists.txt | 73 +++++++++------ .../taimpl/include/internal/client_store.h | 6 +- .../src/taimpl/include/internal/svp_store.h | 17 ++-- reference/src/taimpl/include/porting/memory.h | 4 +- reference/src/taimpl/include/porting/svp.h | 9 +- reference/src/taimpl/include/ta_sa_svp.h | 10 +- reference/src/taimpl/src/internal/buffer.c | 60 ++++++------ reference/src/taimpl/src/internal/cenc.c | 31 ++++--- .../src/taimpl/src/internal/client_store.c | 30 ++++-- reference/src/taimpl/src/internal/svp_store.c | 16 ++-- reference/src/taimpl/src/internal/ta.c | 93 +++++++++++++------ reference/src/taimpl/src/porting/memory.c | 4 +- reference/src/taimpl/src/porting/svp.c | 7 +- .../src/taimpl/src/porting/video_output.c | 7 +- .../taimpl/src/ta_sa_crypto_cipher_process.c | 27 ++++-- .../src/ta_sa_crypto_cipher_process_last.c | 29 ++++-- .../src/ta_sa_process_common_encryption.c | 7 +- .../src/taimpl/src/ta_sa_svp_buffer_check.c | 5 +- .../src/taimpl/src/ta_sa_svp_buffer_copy.c | 5 +- .../src/taimpl/src/ta_sa_svp_buffer_create.c | 4 +- .../src/taimpl/src/ta_sa_svp_buffer_release.c | 5 +- .../src/taimpl/src/ta_sa_svp_buffer_write.c | 5 +- .../src/taimpl/src/ta_sa_svp_key_check.c | 7 +- .../src/taimpl/src/ta_sa_svp_supported.c | 7 +- .../taimpl/test/ta_sa_svp_buffer_check.cpp | 4 +- .../src/taimpl/test/ta_sa_svp_buffer_copy.cpp | 5 +- .../taimpl/test/ta_sa_svp_buffer_write.cpp | 5 +- .../src/taimpl/test/ta_sa_svp_common.cpp | 6 +- reference/src/taimpl/test/ta_sa_svp_common.h | 7 +- .../src/taimpl/test/ta_sa_svp_crypto.cpp | 15 +-- reference/src/taimpl/test/ta_sa_svp_crypto.h | 4 +- .../src/taimpl/test/ta_sa_svp_key_check.cpp | 5 +- reference/src/taimpl/test/ta_test_helpers.cpp | 12 ++- reference/src/taimpl/test/ta_test_helpers.h | 5 +- reference/src/util/CMakeLists.txt | 5 +- .../include/test_process_common_encryption.h | 4 +- .../src/test_process_common_encryption.cpp | 7 +- 75 files changed, 600 insertions(+), 309 deletions(-) diff --git a/reference/CMakeLists.txt b/reference/CMakeLists.txt index df4d9fe4..d2ec95a6 100644 --- a/reference/CMakeLists.txt +++ b/reference/CMakeLists.txt @@ -1,5 +1,5 @@ # -# Copyright 2020-2023 Comcast Cable Communications Management, LLC +# Copyright 2020-2025 Comcast Cable Communications Management, LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -19,8 +19,15 @@ cmake_minimum_required(VERSION 3.16) project(tasecureapi) -option(BUILD_TESTS "Builds and installs the unit tests" ON) -option(BUILD_DOC "Build documentation" ON) +option(BUILD_TESTS "Builds and installs the unit tests" ON) +option(BUILD_DOC "Build documentation" ON) +option(ENABLE_SVP "Build SecAPI with SVP" OFF) + +if(ENABLE_SVP) + message(STATUS "ENABLE_SVP is ON: Building SecAPI SVP functionality") +else() + message(STATUS "ENABLE_SVP is OFF: Building SecAPI without SVP functionality") +endif() if(${BUILD_TESTS}) # Download and unpack googletest at configure time diff --git a/reference/src/CMakeLists.txt b/reference/src/CMakeLists.txt index 97f2098c..94a9b226 100644 --- a/reference/src/CMakeLists.txt +++ b/reference/src/CMakeLists.txt @@ -1,5 +1,5 @@ # -# Copyright 2020-2023 Comcast Cable Communications Management, LLC +# Copyright 2020-2025 Comcast Cable Communications Management, LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -44,6 +44,10 @@ if (DEFINED DISABLE_CENC_TIMING) set(CMAKE_C_FLAGS "-DDISABLE_CENC_TIMING ${CMAKE_C_FLAGS}") endif () +if (ENABLE_SVP) + set(CMAKE_CXX_FLAGS "-DENABLE_SVP ${CMAKE_CXX_FLAGS}") + set(CMAKE_C_FLAGS "-DENABLE_SVP ${CMAKE_C_FLAGS}") +endif () add_subdirectory(client) add_subdirectory(clientimpl) add_subdirectory(taimpl) diff --git a/reference/src/client/CMakeLists.txt b/reference/src/client/CMakeLists.txt index 224aebb4..aaa1d630 100644 --- a/reference/src/client/CMakeLists.txt +++ b/reference/src/client/CMakeLists.txt @@ -1,5 +1,5 @@ # -# Copyright 2020-2023 Comcast Cable Communications Management, LLC +# Copyright 2020-2025 Comcast Cable Communications Management, LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -128,11 +128,10 @@ target_clangformat_setup(saclient) if (BUILD_TESTS) # Google test - add_executable(saclienttest + set(SACLIENT_TEST_SOURCES test/client_test_helpers.cpp test/client_test_helpers.h test/environment.cpp - test/sa_client_thread_test.cpp test/sa_crypto_cipher_common.h test/sa_crypto_cipher_common.cpp test/sa_crypto_cipher_init.cpp @@ -277,15 +276,25 @@ if (BUILD_TESTS) test/sa_provider_mac.cpp test/sa_provider_pkcs7.cpp test/sa_provider_signature.cpp - test/sa_svp_buffer_alloc.cpp - test/sa_svp_buffer_check.cpp - test/sa_svp_buffer_copy.cpp - test/sa_svp_buffer_create.cpp - test/sa_svp_buffer_release.cpp - test/sa_svp_buffer_write.cpp - test/sa_svp_key_check.cpp - test/sa_svp_common.cpp - test/sa_svp_common.h) + ) + # Conditionally add files if ENABLE_SVP is defined + if(ENABLE_SVP) + list(APPEND SACLIENT_TEST_SOURCES + test/sa_client_thread_test.cpp + test/sa_svp_buffer_alloc.cpp + test/sa_svp_buffer_check.cpp + test/sa_svp_buffer_copy.cpp + test/sa_svp_buffer_create.cpp + test/sa_svp_buffer_release.cpp + test/sa_svp_buffer_write.cpp + test/sa_svp_key_check.cpp + test/sa_svp_common.cpp + test/sa_svp_common.h + ) + endif() + + + add_executable(saclienttest ${SACLIENT_TEST_SOURCES}) target_compile_options(saclienttest PRIVATE -Werror -Wall -Wextra -Wno-type-limits -Wno-unused-parameter -Wno-deprecated-declarations) diff --git a/reference/src/client/include/sa_svp.h b/reference/src/client/include/sa_svp.h index a14e3b70..eeed365b 100644 --- a/reference/src/client/include/sa_svp.h +++ b/reference/src/client/include/sa_svp.h @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -45,6 +45,7 @@ extern "C" { */ sa_status sa_svp_supported(); +#ifdef ENABLE_SVP /** * Allocate an SVP memory block. * @@ -255,6 +256,7 @@ sa_status sa_svp_buffer_check( const void* hash, size_t hash_length); +#endif // ENABLE_SVP #ifdef __cplusplus } #endif diff --git a/reference/src/client/include/sa_ta_types.h b/reference/src/client/include/sa_ta_types.h index 8053ebd2..04aeddda 100644 --- a/reference/src/client/include/sa_ta_types.h +++ b/reference/src/client/include/sa_ta_types.h @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -470,6 +470,7 @@ typedef struct { uint8_t api_version; } sa_svp_supported_s; +#ifdef ENABLE_SVP // sa_svp_buffer_create // param[0] INOUT - sa_svp_buffer typedef struct { @@ -534,6 +535,7 @@ typedef struct { uint64_t length; uint32_t digest_algorithm; } sa_svp_buffer_check_s; +#endif // ENABLE_SVP // sa_process_common_encryption (1 sample per call) // param[0] INOUT - sa_process_common_encryption_s diff --git a/reference/src/client/include/sa_types.h b/reference/src/client/include/sa_types.h index 03bf8994..d53470a9 100644 --- a/reference/src/client/include/sa_types.h +++ b/reference/src/client/include/sa_types.h @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -107,10 +107,12 @@ typedef uint64_t sa_handle; // NOLINT */ typedef sa_handle sa_key; +#ifdef ENABLE_SVP /** * SVP buffer opaque data structure. */ typedef sa_handle sa_svp_buffer; +#endif // ENABLE_SVP /** * Cipher context handle. @@ -559,6 +561,7 @@ typedef struct { size_t offset; } clear; +#if ENABLE_SVP /** SVP buffer information */ struct { /** SVP buffer handle */ @@ -566,6 +569,7 @@ typedef struct { /** Current offset into the buffer */ size_t offset; } svp; +#endif // ENABLE_SVP } context; } sa_buffer; @@ -1023,6 +1027,7 @@ typedef struct { /** * Structure to use in sa_svp_buffer_copy_blocks */ +#ifdef ENABLE_SVP typedef struct { /** offset into the output buffer. */ size_t out_offset; @@ -1031,6 +1036,7 @@ typedef struct { /** numbers of bytes to copy or write. */ size_t length; } sa_svp_offset; +#endif /** TA Key Type Definition */ diff --git a/reference/src/client/test/client_test_helpers.cpp b/reference/src/client/test/client_test_helpers.cpp index e10a3924..da3822a6 100644 --- a/reference/src/client/test/client_test_helpers.cpp +++ b/reference/src/client/test/client_test_helpers.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -4362,10 +4362,15 @@ namespace client_test_helpers { if (buffer_type == SA_BUFFER_TYPE_CLEAR) { if (buffer->context.clear.buffer != nullptr) free(buffer->context.clear.buffer); - } else { + } +#ifdef ENABLE_SVP + else if (buffer_type == SA_BUFFER_TYPE_SVP) { if (buffer->context.svp.buffer != INVALID_HANDLE) + { sa_svp_buffer_free(buffer->context.svp.buffer); + } } +#endif } delete buffer; @@ -4380,7 +4385,9 @@ namespace client_test_helpers { ERROR("malloc failed"); return nullptr; } - } else if (buffer_type == SA_BUFFER_TYPE_SVP) { + } +#ifdef ENABLE_SVP + else if (buffer_type == SA_BUFFER_TYPE_SVP) { buffer->buffer_type = SA_BUFFER_TYPE_SVP; buffer->context.svp.buffer = INVALID_HANDLE; sa_svp_buffer svp_buffer; @@ -4392,6 +4399,7 @@ namespace client_test_helpers { buffer->context.svp.buffer = svp_buffer; buffer->context.svp.offset = 0; } +#endif // ENABLE_SVP return buffer; } @@ -4406,7 +4414,10 @@ namespace client_test_helpers { if (buffer_type == SA_BUFFER_TYPE_CLEAR) { memcpy(buffer->context.clear.buffer, initial_value.data(), initial_value.size()); - } else { + } + +#ifdef ENABLE_SVP + else if (buffer_type == SA_BUFFER_TYPE_SVP) { sa_svp_offset offsets = {0, 0, initial_value.size()}; if (sa_svp_buffer_write(buffer->context.svp.buffer, initial_value.data(), initial_value.size(), &offsets, 1) != SA_STATUS_OK) { @@ -4416,7 +4427,7 @@ namespace client_test_helpers { buffer->context.svp.offset = 0; } - +#endif // ENABLE_SVP return buffer; } diff --git a/reference/src/client/test/sa_client_thread_test.cpp b/reference/src/client/test/sa_client_thread_test.cpp index 1f128e6c..ae92060e 100644 --- a/reference/src/client/test/sa_client_thread_test.cpp +++ b/reference/src/client/test/sa_client_thread_test.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2022-2023 Comcast Cable Communications Management, LLC + * Copyright 2022-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,6 +16,7 @@ * SPDX-License-Identifier: Apache-2.0 */ +#ifdef ENABLE_SVP #include "client_test_helpers.h" #include "sa.h" #include "gtest/gtest.h" // NOLINT @@ -134,3 +135,4 @@ namespace { ASSERT_EQ(SA_STATUS_OK, future.get()); } } // namespace +#endif // ENABLE_SVP diff --git a/reference/src/client/test/sa_crypto_cipher_process.cpp b/reference/src/client/test/sa_crypto_cipher_process.cpp index fd1b30a4..b9e64354 100644 --- a/reference/src/client/test/sa_crypto_cipher_process.cpp +++ b/reference/src/client/test/sa_crypto_cipher_process.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -175,8 +175,10 @@ namespace { ASSERT_NE(out_buffer, nullptr); if (buffer_type == SA_BUFFER_TYPE_CLEAR) out_buffer->context.clear.offset = SIZE_MAX - 4; - else +#ifdef ENABLE_SVP + else if (buffer_type == SA_BUFFER_TYPE_SVP) out_buffer->context.svp.offset = SIZE_MAX - 4; +#endif // ENABLE_SVP status = sa_crypto_cipher_process(out_buffer.get(), *cipher, in_buffer.get(), &bytes_to_process); ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); @@ -210,8 +212,10 @@ namespace { ASSERT_NE(out_buffer, nullptr); if (buffer_type == SA_BUFFER_TYPE_CLEAR) in_buffer->context.clear.offset = SIZE_MAX - 4; - else +#ifdef ENABLE_SVP + else if (buffer_type == SA_BUFFER_TYPE_SVP) in_buffer->context.svp.offset = SIZE_MAX - 4; +#endif // ENABLE_SVP status = sa_crypto_cipher_process(out_buffer.get(), *cipher, in_buffer.get(), &bytes_to_process); ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); diff --git a/reference/src/client/test/sa_crypto_cipher_process_aes_gcm.cpp b/reference/src/client/test/sa_crypto_cipher_process_aes_gcm.cpp index 3f83988f..ad6d13fa 100644 --- a/reference/src/client/test/sa_crypto_cipher_process_aes_gcm.cpp +++ b/reference/src/client/test/sa_crypto_cipher_process_aes_gcm.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -345,6 +345,7 @@ namespace { ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } +#ifdef ENABLE_SVP TEST_F(SaCryptoCipherWithoutSvpTest, initAesGcmFailsSvpIn) { if (sa_svp_supported() == SA_STATUS_OPERATION_NOT_SUPPORTED) GTEST_SKIP() << "SVP not supported. Skipping all SVP tests"; @@ -418,4 +419,5 @@ namespace { status = sa_crypto_cipher_process(out_buffer.get(), *cipher, in_buffer.get(), &bytes_to_process); ASSERT_EQ(status, SA_STATUS_OPERATION_NOT_ALLOWED); } +#endif // ENABLE_SVP } // namespace diff --git a/reference/src/client/test/sa_crypto_cipher_process_chacha20_poly1305.cpp b/reference/src/client/test/sa_crypto_cipher_process_chacha20_poly1305.cpp index b0b0aff5..9a111d1b 100644 --- a/reference/src/client/test/sa_crypto_cipher_process_chacha20_poly1305.cpp +++ b/reference/src/client/test/sa_crypto_cipher_process_chacha20_poly1305.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -234,6 +234,7 @@ namespace { ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } +#ifdef ENABLE_SVP TEST_F(SaCryptoCipherWithoutSvpTest, initAChacha20Poly1305FailsSvpIn) { auto clear_key = random(SYM_256_KEY_SIZE); @@ -301,4 +302,5 @@ namespace { status = sa_crypto_cipher_process(out_buffer.get(), *cipher, in_buffer.get(), &bytes_to_process); ASSERT_EQ(status, SA_STATUS_OPERATION_NOT_ALLOWED); } +#endif // ENABLE_SVP } // namespace diff --git a/reference/src/client/test/sa_crypto_cipher_process_last.cpp b/reference/src/client/test/sa_crypto_cipher_process_last.cpp index 2b49e732..f297594f 100644 --- a/reference/src/client/test/sa_crypto_cipher_process_last.cpp +++ b/reference/src/client/test/sa_crypto_cipher_process_last.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -175,9 +175,11 @@ namespace { ASSERT_NE(out_buffer, nullptr); if (buffer_type == SA_BUFFER_TYPE_CLEAR) out_buffer->context.clear.offset = SIZE_MAX - 4; - else +#ifdef ENABLE_SVP + else if (buffer_type == SA_BUFFER_TYPE_SVP) out_buffer->context.svp.offset = SIZE_MAX - 4; +#endif // ENABLE_SVP status = sa_crypto_cipher_process_last(out_buffer.get(), *cipher, in_buffer.get(), &bytes_to_process, nullptr); ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } @@ -210,9 +212,12 @@ namespace { ASSERT_NE(out_buffer, nullptr); if (buffer_type == SA_BUFFER_TYPE_CLEAR) in_buffer->context.clear.offset = SIZE_MAX - 4; - else +#ifdef ENABLE_SVP + else if (buffer_type == SA_BUFFER_TYPE_SVP) in_buffer->context.svp.offset = SIZE_MAX - 4; +#endif // ENABLE_SVP + ERROR("Buffer type =%d\n", buffer_type); status = sa_crypto_cipher_process_last(out_buffer.get(), *cipher, in_buffer.get(), &bytes_to_process, nullptr); ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } diff --git a/reference/src/client/test/sa_process_common_encryption.cpp b/reference/src/client/test/sa_process_common_encryption.cpp index 285ffebb..33eb9e7d 100644 --- a/reference/src/client/test/sa_process_common_encryption.cpp +++ b/reference/src/client/test/sa_process_common_encryption.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -25,6 +25,7 @@ using namespace client_test_helpers; +#ifdef ENABLE_SVP sa_status SaProcessCommonEncryptionBase::svp_buffer_write( sa_svp_buffer out, const void* in, @@ -32,6 +33,7 @@ sa_status SaProcessCommonEncryptionBase::svp_buffer_write( sa_svp_offset offsets = {0, 0, in_length}; return sa_svp_buffer_write(out, in, in_length, &offsets, 1); } +#endif // ENABLE_SVP void SaProcessCommonEncryptionTest::SetUp() { if (sa_svp_supported() == SA_STATUS_OPERATION_NOT_SUPPORTED) { @@ -43,6 +45,7 @@ void SaProcessCommonEncryptionTest::SetUp() { } } + TEST_P(SaProcessCommonEncryptionTest, nominal) { auto sample_size_and_time = std::get<0>(GetParam()); auto sample_size = std::get<0>(sample_size_and_time); @@ -467,6 +470,7 @@ TEST_F(SaProcessCommonEncryptionNegativeTest, nullOutBuffer) { ASSERT_EQ(status, SA_STATUS_NULL_PARAMETER); } +#ifdef ENABLE_SVP TEST_F(SaProcessCommonEncryptionNegativeTest, invalidOutSvpBuffer) { if (sa_svp_supported() == SA_STATUS_OPERATION_NOT_SUPPORTED) GTEST_SKIP() << "SVP not supported. Skipping all SVP tests"; @@ -506,6 +510,7 @@ TEST_F(SaProcessCommonEncryptionNegativeTest, invalidOutSvpBuffer) { sa_status const status = sa_process_common_encryption(1, &sample); ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } +#endif // ENABLE_SVP TEST_F(SaProcessCommonEncryptionNegativeTest, nullIn) { cipher_parameters parameters; @@ -576,6 +581,7 @@ TEST_F(SaProcessCommonEncryptionNegativeTest, nullInBuffer) { ASSERT_EQ(status, SA_STATUS_NULL_PARAMETER); } +#ifdef ENABLE_SVP TEST_F(SaProcessCommonEncryptionNegativeTest, nullInSvpBuffer) { if (sa_svp_supported() == SA_STATUS_OPERATION_NOT_SUPPORTED) GTEST_SKIP() << "SVP not supported. Skipping all SVP tests"; @@ -613,6 +619,7 @@ TEST_F(SaProcessCommonEncryptionNegativeTest, nullInSvpBuffer) { sa_status const status = sa_process_common_encryption(1, &sample); ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } +#endif TEST_F(SaProcessCommonEncryptionNegativeTest, invalidSkipByteBlock) { cipher_parameters parameters; @@ -824,6 +831,7 @@ TEST_F(SaProcessCommonEncryptionNegativeTest, invalidCipherAlgorithm) { ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } +#ifdef ENABLE_SVP TEST_F(SaProcessCommonEncryptionNegativeTest, invalidBufferTypeCombo) { if (sa_svp_supported() == SA_STATUS_OPERATION_NOT_SUPPORTED) GTEST_SKIP() << "SVP not supported. Skipping all SVP tests"; @@ -911,7 +919,7 @@ TEST_F(SaProcessCommonEncryptionNegativeTest, outBufferTypeDisallowed) { status = sa_process_common_encryption(1, &sample); ASSERT_EQ(status, SA_STATUS_OPERATION_NOT_ALLOWED); } - +#endif // ENABLE_SVP TEST_F(SaProcessCommonEncryptionNegativeTest, outBufferTooShort) { cipher_parameters parameters; parameters.cipher_algorithm = SA_CIPHER_ALGORITHM_AES_CBC; diff --git a/reference/src/client/test/sa_process_common_encryption.h b/reference/src/client/test/sa_process_common_encryption.h index 41650597..65e87029 100644 --- a/reference/src/client/test/sa_process_common_encryption.h +++ b/reference/src/client/test/sa_process_common_encryption.h @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -32,10 +32,13 @@ typedef std::tuple, size_t, size_t, size_t, sa_ciphe class SaProcessCommonEncryptionBase : public ProcessCommonEncryptionBase { protected: + +#ifdef ENABLE_SVP sa_status svp_buffer_write( sa_svp_buffer out, const void* in, size_t in_length) override; +#endif // ENABLE_SVP ~SaProcessCommonEncryptionBase() = default; }; diff --git a/reference/src/client/test/sa_svp_buffer_alloc.cpp b/reference/src/client/test/sa_svp_buffer_alloc.cpp index 71828454..5f9575e9 100644 --- a/reference/src/client/test/sa_svp_buffer_alloc.cpp +++ b/reference/src/client/test/sa_svp_buffer_alloc.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client_test_helpers.h" #include "sa.h" #include "sa_svp_common.h" @@ -62,3 +62,4 @@ namespace { ASSERT_EQ(status, SA_STATUS_NULL_PARAMETER); } } // namespace +#endif // ENABLE_SVP diff --git a/reference/src/client/test/sa_svp_buffer_check.cpp b/reference/src/client/test/sa_svp_buffer_check.cpp index 28b921b0..4625b942 100644 --- a/reference/src/client/test/sa_svp_buffer_check.cpp +++ b/reference/src/client/test/sa_svp_buffer_check.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client_test_helpers.h" #include "sa.h" #include "sa_svp_common.h" @@ -33,3 +33,4 @@ namespace { ASSERT_EQ(status, SA_STATUS_OPERATION_NOT_ALLOWED); } } // namespace +#endif diff --git a/reference/src/client/test/sa_svp_buffer_copy.cpp b/reference/src/client/test/sa_svp_buffer_copy.cpp index 52c8d8aa..8a2ba996 100644 --- a/reference/src/client/test/sa_svp_buffer_copy.cpp +++ b/reference/src/client/test/sa_svp_buffer_copy.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client_test_helpers.h" #include "sa.h" #include "sa_svp_common.h" @@ -108,3 +108,4 @@ namespace { ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } } // namespace +#endif // ENABLE_SVP diff --git a/reference/src/client/test/sa_svp_buffer_create.cpp b/reference/src/client/test/sa_svp_buffer_create.cpp index 326f0bf3..70c63c24 100644 --- a/reference/src/client/test/sa_svp_buffer_create.cpp +++ b/reference/src/client/test/sa_svp_buffer_create.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client_test_helpers.h" #include "sa.h" #include "sa_svp_common.h" @@ -57,3 +57,4 @@ namespace { ASSERT_EQ(status, SA_STATUS_NULL_PARAMETER); } } // namespace +#endif //ENABLE_SVP diff --git a/reference/src/client/test/sa_svp_buffer_release.cpp b/reference/src/client/test/sa_svp_buffer_release.cpp index afcf21d1..441cca07 100644 --- a/reference/src/client/test/sa_svp_buffer_release.cpp +++ b/reference/src/client/test/sa_svp_buffer_release.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client_test_helpers.h" #include "sa.h" #include "sa_svp_common.h" @@ -45,3 +45,4 @@ namespace { ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } } // namespace +#endif // ENABLE_SVP diff --git a/reference/src/client/test/sa_svp_buffer_write.cpp b/reference/src/client/test/sa_svp_buffer_write.cpp index c33c47eb..54de8557 100644 --- a/reference/src/client/test/sa_svp_buffer_write.cpp +++ b/reference/src/client/test/sa_svp_buffer_write.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,6 +23,7 @@ using namespace client_test_helpers; +#ifdef ENABLE_SVP namespace { TEST_P(SaSvpBufferWriteTest, nominal) { auto offset_length = std::get<0>(GetParam()); @@ -97,3 +98,4 @@ namespace { ASSERT_EQ(status, SA_STATUS_NULL_PARAMETER); } } // namespace +#endif //ENABLE_SVP diff --git a/reference/src/client/test/sa_svp_common.cpp b/reference/src/client/test/sa_svp_common.cpp index ecfb30d0..ead42969 100644 --- a/reference/src/client/test/sa_svp_common.cpp +++ b/reference/src/client/test/sa_svp_common.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,6 +16,7 @@ * SPDX-License-Identifier: Apache-2.0 */ +#ifdef ENABLE_SVP #include "sa_svp_common.h" // NOLINT #include "client_test_helpers.h" @@ -57,3 +58,4 @@ INSTANTIATE_TEST_SUITE_P( SaSvpBufferWriteTests, SaSvpBufferWriteTest, ::testing::Values(1, 3, 10)); +#endif //ENABLE_SVP diff --git a/reference/src/client/test/sa_svp_common.h b/reference/src/client/test/sa_svp_common.h index 944e2cc8..39a77a85 100644 --- a/reference/src/client/test/sa_svp_common.h +++ b/reference/src/client/test/sa_svp_common.h @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -18,6 +18,7 @@ #ifndef SA_SVP_COMMON_H #define SA_SVP_COMMON_H +#ifdef ENABLE_SVP #include "sa.h" #include // NOLINT @@ -46,4 +47,5 @@ class SaSvpBufferWriteTest : public ::testing::WithParamInterfacecontext.clear.buffer) + out->context.clear.offset, param1_size); - } else { + } +#ifdef ENABLE_SVP + else { cipher_process->out_offset = out->context.svp.offset; param1_size = sizeof(sa_svp_buffer); param1_type = TA_PARAM_IN; CREATE_PARAM(param1, &out->context.svp.buffer, param1_size); } +#endif // ENABLE_SVP } else { cipher_process->out_offset = 0; param1 = NULL; @@ -91,7 +94,7 @@ sa_status sa_crypto_cipher_process( param1_type = TA_PARAM_NULL; } - size_t param2_size; + size_t param2_size = 0; uint32_t param2_type = TA_PARAM_IN; if (in->buffer_type == SA_BUFFER_TYPE_CLEAR) { if (in->context.clear.buffer == NULL) { @@ -109,12 +112,15 @@ sa_status sa_crypto_cipher_process( cipher_process->in_offset = 0; param2_size = in->context.clear.length - in->context.clear.offset; CREATE_PARAM(param2, ((uint8_t*) in->context.clear.buffer) + in->context.clear.offset, param2_size); - } else { + } +#ifdef ENABLE_SVP + else { cipher_process->in_offset = in->context.svp.offset; param2_size = sizeof(sa_svp_buffer); CREATE_PARAM(param2, &in->context.svp.buffer, param2_size); } +#endif // ENABLE_SVP // clang-format off uint32_t param_types[NUM_TA_PARAMS] = {TA_PARAM_INOUT, param1_type, param2_type, TA_PARAM_NULL}; @@ -134,17 +140,26 @@ sa_status sa_crypto_cipher_process( COPY_OUT_PARAM(((uint8_t*) out->context.clear.buffer) + out->context.clear.offset, param1, cipher_process->out_offset); out->context.clear.offset += cipher_process->out_offset; - } else { + } +#ifdef ENABLE_SVP + else { out->context.svp.offset = cipher_process->out_offset; } +#endif // ENABLE_SVP } if (in->buffer_type == SA_BUFFER_TYPE_CLEAR) + { in->context.clear.offset += cipher_process->in_offset; - else + } +#ifdef ENABLE_SVP + else if (in->buffer_type == SA_BUFFER_TYPE_SVP) { in->context.svp.offset = cipher_process->in_offset; + } +#endif // ENABLE_SVP *bytes_to_process = cipher_process->bytes_to_process; + ERROR("bytes_to_process = %d\n", cipher_process->bytes_to_process); } while (false); RELEASE_COMMAND(cipher_process); diff --git a/reference/src/clientimpl/src/sa_crypto_cipher_process_last.c b/reference/src/clientimpl/src/sa_crypto_cipher_process_last.c index e99bc8b6..8997f5fa 100644 --- a/reference/src/clientimpl/src/sa_crypto_cipher_process_last.c +++ b/reference/src/clientimpl/src/sa_crypto_cipher_process_last.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -79,12 +79,16 @@ sa_status sa_crypto_cipher_process_last( param1_type = TA_PARAM_OUT; CREATE_OUT_PARAM(param1, ((uint8_t*) out->context.clear.buffer) + out->context.clear.offset, param1_size); - } else { + } +#ifdef ENABLE_SVP + else if (out->buffer_type == SA_BUFFER_TYPE_SVP) + { cipher_process->out_offset = out->context.svp.offset; param1_size = sizeof(sa_svp_buffer); param1_type = TA_PARAM_IN; CREATE_PARAM(param1, &out->context.svp.buffer, param1_size); - } + } +#endif // ENABLE_SVP } else { cipher_process->out_offset = 0; param1 = NULL; @@ -110,12 +114,16 @@ sa_status sa_crypto_cipher_process_last( cipher_process->in_offset = 0; param2_size = in->context.clear.length - in->context.clear.offset; CREATE_PARAM(param2, ((uint8_t*) in->context.clear.buffer) + in->context.clear.offset, param2_size); - } else { + } +#ifdef ENABLE_SVP + else if (out->buffer_type == SA_BUFFER_TYPE_SVP) + { cipher_process->in_offset = in->context.svp.offset; param2_size = sizeof(sa_svp_buffer); CREATE_PARAM(param2, &in->context.svp.buffer, param2_size); } +#endif // ENABLE_SVP size_t param3_size; uint32_t param3_type; @@ -154,16 +162,22 @@ sa_status sa_crypto_cipher_process_last( COPY_OUT_PARAM(((uint8_t*) out->context.clear.buffer) + out->context.clear.offset, param1, cipher_process->bytes_to_process); out->context.clear.offset += cipher_process->out_offset; - } else { + } +#ifdef ENABLE_SVP + else if (out->buffer_type == SA_BUFFER_TYPE_SVP) { out->context.svp.offset = cipher_process->out_offset; } + +#endif // ENABLE_SVP } if (in->buffer_type == SA_BUFFER_TYPE_CLEAR) in->context.clear.offset += cipher_process->in_offset; - else +#ifdef ENABLE_SVP + else if (in->buffer_type == SA_BUFFER_TYPE_SVP) { in->context.svp.offset = cipher_process->in_offset; - + } +#endif // ENABLE_SVP if (parameters != NULL) COPY_OUT_PARAM(((sa_cipher_end_parameters_aes_gcm*) parameters)->tag, param3, ((sa_cipher_end_parameters_aes_gcm*) parameters)->tag_length); diff --git a/reference/src/clientimpl/src/sa_process_common_encryption.c b/reference/src/clientimpl/src/sa_process_common_encryption.c index 5b6800cc..8d2d165e 100644 --- a/reference/src/clientimpl/src/sa_process_common_encryption.c +++ b/reference/src/clientimpl/src/sa_process_common_encryption.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -127,14 +127,17 @@ sa_status sa_process_common_encryption( CREATE_OUT_PARAM(param2, ((uint8_t*) samples[i].out->context.clear.buffer) + samples[i].out->context.clear.offset, param2_size); - } else { + } +#ifdef ENABLE_SVP + else { process_common_encryption->out_offset = samples[i].out->context.svp.offset; param2_size = sizeof(sa_svp_buffer); param2_type = TA_PARAM_IN; CREATE_PARAM(param2, &samples[i].out->context.svp.buffer, param2_size); } +#endif // ENABLE_SVP - size_t param3_size; + size_t param3_size = 0; uint32_t param3_type = TA_PARAM_IN; if (samples[i].in->buffer_type == SA_BUFFER_TYPE_CLEAR) { if (samples[i].in->context.clear.buffer == NULL) { @@ -154,11 +157,14 @@ sa_status sa_process_common_encryption( CREATE_PARAM(param3, ((uint8_t*) samples[i].in->context.clear.buffer) + samples[i].in->context.clear.offset, param3_size); - } else { + } +#ifdef ENABLE_SVP + else { process_common_encryption->in_offset = samples[i].in->context.svp.offset; param3_size = sizeof(sa_svp_buffer); CREATE_PARAM(param3, &samples[i].in->context.svp.buffer, param3_size); } +#endif // clang-format off uint32_t param_types[NUM_TA_PARAMS] = {TA_PARAM_INOUT, param1_type, param2_type, param3_type}; @@ -177,14 +183,21 @@ sa_status sa_process_common_encryption( COPY_OUT_PARAM(((uint8_t*) samples[i].out->context.clear.buffer) + samples[i].out->context.clear.offset, param2, process_common_encryption->out_offset); samples[i].out->context.clear.offset += process_common_encryption->out_offset; - } else + } +#ifdef ENABLE_SVP + else if (samples[i].out->buffer_type == SA_BUFFER_TYPE_SVP) { samples[i].out->context.svp.offset = process_common_encryption->out_offset; + } +#endif // ENABLE_SVP - if (samples[i].in->buffer_type == SA_BUFFER_TYPE_CLEAR) + if (samples[i].in->buffer_type == SA_BUFFER_TYPE_CLEAR) { samples[i].in->context.clear.offset += process_common_encryption->in_offset; - else + } +#ifdef ENABLE_SVP + else if (samples[i].in->buffer_type == SA_BUFFER_TYPE_SVP) { samples[i].in->context.svp.offset = process_common_encryption->in_offset; - + } +#endif // ENABLE_SVP if (subsample_length_s != NULL) free(subsample_length_s); diff --git a/reference/src/clientimpl/src/sa_svp_buffer_alloc.c b/reference/src/clientimpl/src/sa_svp_buffer_alloc.c index 8041584c..36bb173b 100644 --- a/reference/src/clientimpl/src/sa_svp_buffer_alloc.c +++ b/reference/src/clientimpl/src/sa_svp_buffer_alloc.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "log.h" #include "sa.h" @@ -47,3 +47,4 @@ sa_status sa_svp_buffer_alloc( return status; } +#endif // ENABLE_SVP diff --git a/reference/src/clientimpl/src/sa_svp_buffer_check.c b/reference/src/clientimpl/src/sa_svp_buffer_check.c index 2bd390f0..1929d98b 100644 --- a/reference/src/clientimpl/src/sa_svp_buffer_check.c +++ b/reference/src/clientimpl/src/sa_svp_buffer_check.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client.h" #include "log.h" #include "sa.h" @@ -74,3 +74,4 @@ sa_status sa_svp_buffer_check( RELEASE_PARAM(param1); return status; } +#endif // ENABLE_SVP diff --git a/reference/src/clientimpl/src/sa_svp_buffer_copy.c b/reference/src/clientimpl/src/sa_svp_buffer_copy.c index fb1599e3..edd291ba 100644 --- a/reference/src/clientimpl/src/sa_svp_buffer_copy.c +++ b/reference/src/clientimpl/src/sa_svp_buffer_copy.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client.h" #include "log.h" #include "sa.h" @@ -87,3 +87,4 @@ sa_status sa_svp_buffer_copy( RELEASE_PARAM(param1); return status; } +#endif // ENABLE_SVP diff --git a/reference/src/clientimpl/src/sa_svp_buffer_create.c b/reference/src/clientimpl/src/sa_svp_buffer_create.c index 59519348..477f800b 100644 --- a/reference/src/clientimpl/src/sa_svp_buffer_create.c +++ b/reference/src/clientimpl/src/sa_svp_buffer_create.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,6 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ +#ifdef ENABLE_SVP #include "client.h" #include "log.h" #include "sa.h" @@ -70,3 +71,4 @@ sa_status sa_svp_buffer_create( RELEASE_COMMAND(svp_buffer_create); return status; } +#endif // ENABLE_SVP diff --git a/reference/src/clientimpl/src/sa_svp_buffer_free.c b/reference/src/clientimpl/src/sa_svp_buffer_free.c index 7585d657..535a0a09 100644 --- a/reference/src/clientimpl/src/sa_svp_buffer_free.c +++ b/reference/src/clientimpl/src/sa_svp_buffer_free.c @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "log.h" #include "sa.h" @@ -40,3 +40,4 @@ sa_status sa_svp_buffer_free(sa_svp_buffer svp_buffer) { return status; } +#endif //ENABLE_SVP diff --git a/reference/src/clientimpl/src/sa_svp_buffer_release.c b/reference/src/clientimpl/src/sa_svp_buffer_release.c index 25ed95f1..94c47562 100644 --- a/reference/src/clientimpl/src/sa_svp_buffer_release.c +++ b/reference/src/clientimpl/src/sa_svp_buffer_release.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client.h" #include "log.h" #include "sa.h" @@ -70,3 +70,4 @@ sa_status sa_svp_buffer_release( RELEASE_COMMAND(svp_buffer_release); return status; } +#endif // ENABLE_SVP diff --git a/reference/src/clientimpl/src/sa_svp_buffer_write.c b/reference/src/clientimpl/src/sa_svp_buffer_write.c index 30d97380..5bc1eb31 100644 --- a/reference/src/clientimpl/src/sa_svp_buffer_write.c +++ b/reference/src/clientimpl/src/sa_svp_buffer_write.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client.h" #include "log.h" #include "sa.h" @@ -96,3 +96,4 @@ sa_status sa_svp_buffer_write( RELEASE_PARAM(param2); return status; } +#endif // ENABLE_SVP diff --git a/reference/src/clientimpl/src/sa_svp_key_check.c b/reference/src/clientimpl/src/sa_svp_key_check.c index 42bf21aa..19ab5830 100644 --- a/reference/src/clientimpl/src/sa_svp_key_check.c +++ b/reference/src/clientimpl/src/sa_svp_key_check.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client.h" #include "log.h" #include "sa.h" @@ -56,8 +56,8 @@ sa_status sa_svp_key_check( svp_key_check->in_buffer_type = in->buffer_type; svp_key_check->bytes_to_process = bytes_to_process; - size_t param1_size; - uint32_t param1_type; + size_t param1_size = 0; + uint32_t param1_type = 0; if (in->buffer_type == SA_BUFFER_TYPE_CLEAR) { if (in->context.clear.buffer == NULL) { ERROR("NULL in.context.clear.buffer"); @@ -95,8 +95,9 @@ sa_status sa_svp_key_check( if (in->buffer_type == SA_BUFFER_TYPE_CLEAR) in->context.clear.offset = svp_key_check->in_offset; - else + else { in->context.svp.offset = svp_key_check->in_offset; + } } while (false); RELEASE_COMMAND(svp_key_check); @@ -104,3 +105,4 @@ sa_status sa_svp_key_check( RELEASE_PARAM(param2); return status; } +#endif // ENABLE_SVP diff --git a/reference/src/clientimpl/src/sa_svp_supported.c b/reference/src/clientimpl/src/sa_svp_supported.c index b248b0eb..cce3a7bc 100644 --- a/reference/src/clientimpl/src/sa_svp_supported.c +++ b/reference/src/clientimpl/src/sa_svp_supported.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,6 +23,10 @@ #include sa_status sa_svp_supported() { +#ifndef ENABLE_SVP + ERROR("SA_STATUS_OPERATION_NOT_SUPPORTED"); + return SA_STATUS_OPERATION_NOT_SUPPORTED; +#endif // ENABLE_SVP void* session = client_session(); if (session == NULL) { diff --git a/reference/src/taimpl/CMakeLists.txt b/reference/src/taimpl/CMakeLists.txt index 890222c1..b32073b1 100644 --- a/reference/src/taimpl/CMakeLists.txt +++ b/reference/src/taimpl/CMakeLists.txt @@ -1,5 +1,5 @@ # -# Copyright 2020-2023 Comcast Cable Communications Management, LLC +# Copyright 2020-2025 Comcast Cable Communications Management, LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -49,25 +49,24 @@ include_directories(AFTER SYSTEM ${CMAKE_CURRENT_SOURCE_DIR}/../../include) find_package(Threads REQUIRED) find_package(YAJL REQUIRED) -add_library(taimpl STATIC +set(TAIMPL_SOURCES include/porting/init.h include/porting/memory.h include/porting/otp.h include/porting/otp_internal.h include/porting/overflow.h include/porting/rand.h - include/porting/svp.h + include/porting/svp.h include/porting/transport.h - include/porting/video_output.h - + include/porting/video_output.h src/porting/init.c src/porting/memory.c src/porting/otp.c src/porting/overflow.c src/porting/rand.c - src/porting/svp.c - src/porting/transport.c - src/porting/video_output.c + src/porting/svp.c + src/porting/transport.c + src/porting/video_output.c include/internal/buffer.h include/internal/cenc.h @@ -95,13 +94,13 @@ add_library(taimpl STATIC include/internal/soc_key_container.h include/internal/stored_key.h include/internal/stored_key_internal.h - include/internal/svp_store.h + include/internal/svp_store.h include/internal/symmetric.h include/internal/typej.h include/internal/unwrap.h - src/internal/buffer.c - src/internal/cenc.c + src/internal/buffer.c + src/internal/cenc.c src/internal/cipher_store.c src/internal/client_store.c src/internal/cmac_context.c @@ -123,7 +122,7 @@ add_library(taimpl STATIC src/internal/slots.c src/internal/soc_key_container.c src/internal/stored_key.c - src/internal/svp_store.c + src/internal/svp_store.c src/internal/symmetric.c src/internal/ta.c src/internal/typej.c @@ -139,8 +138,8 @@ add_library(taimpl STATIC src/ta_sa_close.c src/ta_sa_crypto_cipher_init.c - src/ta_sa_crypto_cipher_process.c - src/ta_sa_crypto_cipher_process_last.c + src/ta_sa_crypto_cipher_process.c + src/ta_sa_crypto_cipher_process_last.c src/ta_sa_crypto_cipher_release.c src/ta_sa_crypto_cipher_update_iv.c src/ta_sa_crypto_mac_compute.c @@ -166,14 +165,22 @@ add_library(taimpl STATIC src/ta_sa_key_provision.c src/ta_sa_key_release.c src/ta_sa_key_unwrap.c - src/ta_sa_process_common_encryption.c - src/ta_sa_svp_buffer_check.c - src/ta_sa_svp_buffer_copy.c - src/ta_sa_svp_buffer_create.c - src/ta_sa_svp_buffer_release.c - src/ta_sa_svp_buffer_write.c - src/ta_sa_svp_key_check.c - src/ta_sa_svp_supported.c) + src/ta_sa_process_common_encryption.c + src/ta_sa_svp_supported.c + ) +if(ENABLE_SVP) + list(APPEND TAIMPL_SOURCES + src/ta_sa_svp_buffer_check.c + src/ta_sa_svp_buffer_copy.c + src/ta_sa_svp_buffer_create.c + src/ta_sa_svp_buffer_release.c + src/ta_sa_svp_buffer_write.c + src/ta_sa_svp_key_check.c + ) +endif() + + +add_library(taimpl STATIC ${TAIMPL_SOURCES}) target_include_directories(taimpl PUBLIC @@ -209,7 +216,7 @@ target_clangformat_setup(taimpl) if (BUILD_TESTS) # Google test - add_executable(taimpltest + set(TAIMPLTEST_SOURCES test/environment.cpp test/ta_test_helpers.cpp test/json.cpp @@ -217,13 +224,19 @@ if (BUILD_TESTS) test/rights.cpp test/slots.cpp test/ta_sa_init.cpp - test/ta_sa_svp_buffer_check.cpp - test/ta_sa_svp_buffer_copy.cpp - test/ta_sa_svp_buffer_write.cpp - test/ta_sa_svp_common.cpp - test/ta_sa_svp_crypto.cpp - test/ta_sa_svp_crypto.h - test/ta_sa_svp_key_check.cpp) + test/ta_sa_svp_crypto.cpp + test/ta_sa_svp_crypto.h + ) + if(NOT ENABLE_SVP) + list(APPEND TAIMPLTEST_SOURCES + test/ta_sa_svp_key_check.cpp + test/ta_sa_svp_buffer_check.cpp + test/ta_sa_svp_buffer_copy.cpp + test/ta_sa_svp_buffer_write.cpp + test/ta_sa_svp_common.cpp + ) + endif() + add_executable(taimpltest ${TAIMPLTEST_SOURCES}) target_include_directories(taimpltest PRIVATE diff --git a/reference/src/taimpl/include/internal/client_store.h b/reference/src/taimpl/include/internal/client_store.h index a34b1b0f..7a3ca7aa 100644 --- a/reference/src/taimpl/include/internal/client_store.h +++ b/reference/src/taimpl/include/internal/client_store.h @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -32,7 +32,9 @@ #include "mac_store.h" #include "object_store.h" #include "sa_types.h" +#ifdef ENABLE_SVP #include "svp_store.h" +#endif // ENABLE_SVP #include "ta_sa_types.h" #ifdef __cplusplus @@ -65,6 +67,7 @@ cipher_store_t* client_get_cipher_store(const client_t* client); */ mac_store_t* client_get_mac_store(const client_t* client); +#ifdef ENABLE_SVP /** * Get the svp store. * @@ -72,6 +75,7 @@ mac_store_t* client_get_mac_store(const client_t* client); * @return svp store. */ svp_store_t* client_get_svp_store(const client_t* client); +#endif //ENABLE_SVP typedef object_store_t client_store_t; diff --git a/reference/src/taimpl/include/internal/svp_store.h b/reference/src/taimpl/include/internal/svp_store.h index 12727b98..4a14b9ca 100644 --- a/reference/src/taimpl/include/internal/svp_store.h +++ b/reference/src/taimpl/include/internal/svp_store.h @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -24,7 +24,6 @@ * is stored. This mechanism allows applications to reference SVP buffer objects stored in a TA * without having explicit pointers to them. */ - #ifndef SVP_STORE_H #define SVP_STORE_H @@ -38,7 +37,14 @@ extern "C" { #endif typedef struct svp_s svp_t; +/** + * Identifies if SVP is supported. + * + * @return SA_STATUS_OK if supported. SA_STATUS_OPERATION_NOT_SUPPORTED if not supported. + */ +sa_status svp_supported(); +#ifdef ENABLE_SVP typedef object_store_t svp_store_t; /** @@ -64,12 +70,6 @@ svp_store_t* svp_store_init(size_t size); */ void svp_store_shutdown(svp_store_t* store); -/** - * Identifies if SVP is supported. - * - * @return SA_STATUS_OK if supported. SA_STATUS_OPERATION_NOT_SUPPORTED if not supported. - */ -sa_status svp_supported(); /** * Takes a previously allocated SVP region and adds it to the SVP store. @@ -137,6 +137,7 @@ sa_status svp_store_release_exclusive( svp_t* svp, const sa_uuid* caller_uuid); +#endif // ENABLE_SVP #ifdef __cplusplus } #endif diff --git a/reference/src/taimpl/include/porting/memory.h b/reference/src/taimpl/include/porting/memory.h index e4eda63b..46165975 100644 --- a/reference/src/taimpl/include/porting/memory.h +++ b/reference/src/taimpl/include/porting/memory.h @@ -1,5 +1,5 @@ /* - * Copyright 2019-2023 Comcast Cable Communications Management, LLC + * Copyright 2019-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -121,6 +121,7 @@ void* memory_memset_unoptimizable( uint8_t value, size_t size); +#ifdef ENABLE_SVP /** * Checks if all of the bytes between memory_location and memory_location+size are in SVP memory. * @@ -131,6 +132,7 @@ void* memory_memset_unoptimizable( bool memory_is_valid_svp( void* memory_location, size_t size); +#endif // ENABLE_SVP /** * Checks if all of the bytes between memory_location and memory_location+size are in non-SVP memory. diff --git a/reference/src/taimpl/include/porting/svp.h b/reference/src/taimpl/include/porting/svp.h index 9ccbb8eb..8859434e 100644 --- a/reference/src/taimpl/include/porting/svp.h +++ b/reference/src/taimpl/include/porting/svp.h @@ -1,5 +1,5 @@ /* - * Copyright 2019-2023 Comcast Cable Communications Management, LLC + * Copyright 2019-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -23,10 +23,8 @@ * video pipeline buffers. Implementors shall replace this functionality with platform dependent * functionality. */ - #ifndef SVP_H #define SVP_H - #include "sa_types.h" #ifdef __cplusplus @@ -43,6 +41,7 @@ extern "C" { typedef struct svp_buffer_s svp_buffer_t; +#ifdef ENABLE_SVP /** * Creates a protected SVP buffer from a previously allocated SVP memory region and its size. * @@ -111,6 +110,7 @@ bool svp_copy( * @param stored_key the key to use in the decryption. * @return true if the decrypted bytes match the expected bytes. */ +#endif // ENABLE_SVP bool svp_key_check( uint8_t* in_bytes, size_t bytes_to_process, @@ -128,6 +128,7 @@ bool svp_key_check( * @param[in] length the number of bytes in the SVP buffer to include in the digest. * @return the digest of the SBP buffer. */ +#ifdef ENABLE_SVP bool svp_digest( void* out, size_t* out_length, @@ -151,7 +152,7 @@ void* svp_get_svp_memory(const svp_buffer_t* svp_buffer); * @return the buffer length. */ size_t svp_get_size(const svp_buffer_t* svp_buffer); - +#endif // ENABLE_SVP #ifdef __cplusplus } #endif diff --git a/reference/src/taimpl/include/ta_sa_svp.h b/reference/src/taimpl/include/ta_sa_svp.h index ab182482..36eaa27f 100644 --- a/reference/src/taimpl/include/ta_sa_svp.h +++ b/reference/src/taimpl/include/ta_sa_svp.h @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -53,6 +53,7 @@ sa_status ta_sa_svp_supported( ta_client client_slot, const sa_uuid* caller_uuid); +#ifdef ENABLE_SVP /** * Create an SVP buffer handle. Buffer passed in is validated to be wholly contained within the * restricted SVP memory region. SecAPI does not provide functionality for allocating and @@ -158,7 +159,7 @@ sa_status ta_sa_svp_buffer_copy( size_t offsets_length, ta_client client_slot, const sa_uuid* caller_uuid); - +#endif // ENABLE_SVP /** * Perform a key check by decrypting input data with an AES ECB into restricted memory and comparing with reference * value. This operation allows validation of keys that cannot decrypt into non-SVP buffers. @@ -189,7 +190,7 @@ sa_status ta_sa_svp_key_check( size_t expected_length, ta_client client_slot, const sa_uuid* caller_uuid); - +#ifdef ENABLE_SVP /** * Perform a buffer check by digesting the data in the buffer at the offset and length and comparing it with the input * hash. @@ -222,8 +223,11 @@ sa_status ta_sa_svp_buffer_check( ta_client client_slot, const sa_uuid* caller_uuid); +#endif // ENABLE_SVP #ifdef __cplusplus } #endif #endif // TA_SA_SVP_H + + diff --git a/reference/src/taimpl/src/internal/buffer.c b/reference/src/taimpl/src/internal/buffer.c index 159f755d..f4c4ad74 100644 --- a/reference/src/taimpl/src/internal/buffer.c +++ b/reference/src/taimpl/src/internal/buffer.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2023 Comcast Cable Communications Management, LLC + * Copyright 2019-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -55,7 +55,36 @@ sa_status convert_buffer( return SA_STATUS_NULL_PARAMETER; } - if (buffer->buffer_type == SA_BUFFER_TYPE_SVP) { + if (buffer->buffer_type == SA_BUFFER_TYPE_CLEAR) { + if (buffer->context.clear.buffer == NULL) { + ERROR("NULL buffer"); + return SA_STATUS_NULL_PARAMETER; + } + + size_t memory_range; + if (add_overflow(buffer->context.clear.offset, bytes_to_process, &memory_range)) { + ERROR("Integer overflow"); + return SA_STATUS_INVALID_PARAMETER; + } + + if (memory_range > buffer->context.clear.length) { + ERROR("buffer not large enough"); + return SA_STATUS_INVALID_PARAMETER; + } + + if (!memory_is_valid_clear(buffer->context.clear.buffer, buffer->context.clear.length)) { + ERROR("memory range is not within clear memory"); + return SA_STATUS_INVALID_PARAMETER; + } + + if (add_overflow((unsigned long) buffer->context.clear.buffer, buffer->context.clear.offset, + (unsigned long*) bytes)) { + ERROR("Integer overflow"); + return SA_STATUS_INVALID_PARAMETER; + } + } +#ifdef ENABLE_SVP + else if (buffer->buffer_type == SA_BUFFER_TYPE_SVP) { svp_store_t* svp_store = client_get_svp_store(client); sa_status status = svp_store_acquire_exclusive(svp, svp_store, buffer->context.svp.buffer, caller_uuid); if (status != SA_STATUS_OK) { @@ -88,34 +117,9 @@ sa_status convert_buffer( ERROR("Integer overflow"); return SA_STATUS_INVALID_PARAMETER; } - } else { - if (buffer->context.clear.buffer == NULL) { - ERROR("NULL buffer"); - return SA_STATUS_NULL_PARAMETER; - } - - size_t memory_range; - if (add_overflow(buffer->context.clear.offset, bytes_to_process, &memory_range)) { - ERROR("Integer overflow"); - return SA_STATUS_INVALID_PARAMETER; - } - - if (memory_range > buffer->context.clear.length) { - ERROR("buffer not large enough"); - return SA_STATUS_INVALID_PARAMETER; - } - if (!memory_is_valid_clear(buffer->context.clear.buffer, buffer->context.clear.length)) { - ERROR("memory range is not within clear memory"); - return SA_STATUS_INVALID_PARAMETER; - } - - if (add_overflow((unsigned long) buffer->context.clear.buffer, buffer->context.clear.offset, - (unsigned long*) bytes)) { - ERROR("Integer overflow"); - return SA_STATUS_INVALID_PARAMETER; - } } +#endif // ENABLE_SVP return SA_STATUS_OK; } diff --git a/reference/src/taimpl/src/internal/cenc.c b/reference/src/taimpl/src/internal/cenc.c index 84af6b36..d8f1a2d6 100644 --- a/reference/src/taimpl/src/internal/cenc.c +++ b/reference/src/taimpl/src/internal/cenc.c @@ -1,5 +1,5 @@ /* - * Copyright 2022-2023 Comcast Cable Communications Management, LLC + * Copyright 2022-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,6 @@ * * SPDX-License-Identifier: Apache-2.0 */ - #include "cenc.h" // NOLINT #include "buffer.h" #include "common.h" @@ -301,25 +300,33 @@ sa_status cenc_process_sample( } if (status == SA_STATUS_OK) { - if (sample->in->buffer_type == SA_BUFFER_TYPE_SVP) - sample->in->context.svp.offset += offset; - else - sample->in->context.clear.offset += offset; - - if (sample->out->buffer_type == SA_BUFFER_TYPE_SVP) - sample->out->context.svp.offset += offset; - else + if (sample->in->buffer_type == SA_BUFFER_TYPE_CLEAR) { + sample->in->context.clear.offset += offset; + } +#ifdef ENABLE_SVP + else if( sample->in->buffer_type == SA_BUFFER_TYPE_SVP) { + sample->in->context.svp.offset += offset; + } +#endif // ENABLE_SVP + + if (sample->out->buffer_type == SA_BUFFER_TYPE_CLEAR) { sample->out->context.clear.offset += offset; + } +#ifdef ENABLE_SVP + else if (sample->out->buffer_type == SA_BUFFER_TYPE_SVP) { + sample->out->context.svp.offset += offset; + } +#endif // ENABLE_SVP } } while (false); - +#ifdef ENABLE_SVP if (in_svp != NULL) svp_store_release_exclusive(client_get_svp_store(client), sample->in->context.svp.buffer, in_svp, caller_uuid); if (out_svp != NULL) svp_store_release_exclusive(client_get_svp_store(client), sample->out->context.svp.buffer, out_svp, caller_uuid); - +#endif // ENABLE_SVP if (cipher != NULL) cipher_store_release_exclusive(cipher_store, sample->context, cipher, caller_uuid); diff --git a/reference/src/taimpl/src/internal/client_store.c b/reference/src/taimpl/src/internal/client_store.c index 39a749e1..b44b9e88 100644 --- a/reference/src/taimpl/src/internal/client_store.c +++ b/reference/src/taimpl/src/internal/client_store.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -26,8 +26,9 @@ #define NUM_KEY_SLOTS 256 #define NUM_CIPHER_SLOTS 256 #define NUM_MAC_SLOTS 256 +#ifdef ENABLE_SVP #define NUM_SVP_SLOTS 256 - +#endif // ENABLE_SVP static once_flag flag = ONCE_FLAG_INIT; static mtx_t mutex; static bool global_shutdown = false; @@ -36,7 +37,9 @@ struct client_s { key_store_t* key_store; cipher_store_t* cipher_store; mac_store_t* mac_store; +#ifdef ENABLE_SVP svp_store_t* svp_store; +#endif // ENABLE_SVP }; key_store_t* client_get_key_store(const client_t* client) { @@ -66,6 +69,7 @@ mac_store_t* client_get_mac_store(const client_t* client) { return client->mac_store; } +#ifdef ENABLE_SVP svp_store_t* client_get_svp_store(const client_t* client) { if (client == NULL) { ERROR("NULL client"); @@ -74,6 +78,7 @@ svp_store_t* client_get_svp_store(const client_t* client) { return client->svp_store; } +#endif // ENABLE_SVP static void client_free(void* object) { if (object == NULL) { @@ -85,18 +90,25 @@ static void client_free(void* object) { key_store_shutdown(client->key_store); cipher_store_shutdown(client->cipher_store); mac_store_shutdown(client->mac_store); +#ifdef ENABLE_SVP svp_store_shutdown(client->svp_store); - +#endif // ENABLE_SVP memory_internal_free(client); } - +#ifdef ENABLE_SVP static client_t* client_init( const sa_uuid* uuid, size_t key_store_size, size_t cipher_store_size, size_t mac_store_size, size_t svp_store_size) { - +#else +static client_t* client_init( + const sa_uuid* uuid, + size_t key_store_size, + size_t cipher_store_size, + size_t mac_store_size) { +#endif // ENABLE_SVP if (uuid == NULL) { ERROR("NULL uuid"); return NULL; @@ -129,13 +141,13 @@ static client_t* client_init( ERROR("mac_store_init failed"); break; } - +#ifdef ENABLE_SVP client->svp_store = svp_store_init(svp_store_size); if (client->svp_store == NULL) { ERROR("svp_store_init failed"); break; } - +#endif // ENABLE_SVP status = true; } while (false); @@ -240,7 +252,11 @@ sa_status client_store_add( sa_status status = SA_STATUS_INTERNAL_ERROR; client_t* client = NULL; do { +#ifdef ENABLE_SVP client = client_init(caller_uuid, NUM_KEY_SLOTS, NUM_CIPHER_SLOTS, NUM_MAC_SLOTS, NUM_SVP_SLOTS); +#else + client = client_init(caller_uuid, NUM_KEY_SLOTS, NUM_CIPHER_SLOTS, NUM_MAC_SLOTS); +#endif // ENABLE_SVP if (client == NULL) { ERROR("client_init failed"); break; diff --git a/reference/src/taimpl/src/internal/svp_store.c b/reference/src/taimpl/src/internal/svp_store.c index bc04ffee..89f89cb7 100644 --- a/reference/src/taimpl/src/internal/svp_store.c +++ b/reference/src/taimpl/src/internal/svp_store.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,18 +15,24 @@ * * SPDX-License-Identifier: Apache-2.0 */ - #include "svp_store.h" // NOLINT #include "log.h" #include "porting/memory.h" #include "porting/svp.h" #include +sa_status svp_supported() { +#ifdef ENABLE_SVP + return SA_STATUS_OK; +#else + return SA_STATUS_OPERATION_NOT_SUPPORTED; +#endif // ENABLE_SVP +} +#ifdef ENABLE_SVP struct svp_s { svp_buffer_t* buffer; mtx_t mutex; }; - static void svp_free(void* object) { if (object == NULL) { return; @@ -131,9 +137,6 @@ void svp_store_shutdown(svp_store_t* store) { object_store_shutdown(store); } -sa_status svp_supported() { - return SA_STATUS_OK; -} sa_status svp_store_create( sa_svp_buffer* svp_buffer, @@ -329,3 +332,4 @@ sa_status svp_store_release_exclusive( return SA_STATUS_OK; } +#endif // ENABLE_SVP diff --git a/reference/src/taimpl/src/internal/ta.c b/reference/src/taimpl/src/internal/ta.c index 134d07f4..5ff94f54 100644 --- a/reference/src/taimpl/src/internal/ta.c +++ b/reference/src/taimpl/src/internal/ta.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -1191,7 +1191,6 @@ static sa_status ta_invoke_crypto_cipher_update_iv( return ta_sa_crypto_cipher_update_iv(cipher_update_iv->context, params[1].mem_ref, params[1].mem_ref_size, context->client, uuid); } - static sa_status ta_invoke_crypto_cipher_process( bool last, sa_crypto_cipher_process_s* crypto_cipher_process, @@ -1227,10 +1226,13 @@ static sa_status ta_invoke_crypto_cipher_process( out.context.clear.buffer = params[1].mem_ref; out.context.clear.length = params[1].mem_ref_size; out.context.clear.offset = crypto_cipher_process->out_offset; - } else { + } +#ifdef ENABLE_SVP + else if (crypto_cipher_process->out_buffer_type == SA_BUFFER_TYPE_SVP) { out.context.svp.buffer = *(sa_svp_buffer*) params[1].mem_ref; out.context.svp.offset = crypto_cipher_process->out_offset; } +#endif // ENABLE_SVP sa_buffer in; in.buffer_type = crypto_cipher_process->in_buffer_type; @@ -1238,11 +1240,14 @@ static sa_status ta_invoke_crypto_cipher_process( in.context.clear.buffer = params[2].mem_ref; in.context.clear.length = params[2].mem_ref_size; in.context.clear.offset = crypto_cipher_process->in_offset; - } else { + } +#ifdef ENABLE_SVP + else if (crypto_cipher_process->in_buffer_type == SA_BUFFER_TYPE_SVP) { in.buffer_type = crypto_cipher_process->in_buffer_type; in.context.svp.buffer = *(sa_svp_buffer*) params[2].mem_ref; in.context.svp.offset = crypto_cipher_process->in_offset; } +#endif // ENABLE_SVP sa_status status; if (last) { @@ -1268,12 +1273,21 @@ static sa_status ta_invoke_crypto_cipher_process( } // clang-format off - if (params[1].mem_ref != NULL) + if (params[1].mem_ref != NULL) { +#ifdef ENABLE_SVP crypto_cipher_process->out_offset = (crypto_cipher_process->out_buffer_type == SA_BUFFER_TYPE_CLEAR) ? out.context.clear.offset : out.context.svp.offset; +#else + crypto_cipher_process->out_offset = out.context.clear.offset; +#endif // ENABLE_SVP + } +#ifdef ENABLE_SVP crypto_cipher_process->in_offset = (crypto_cipher_process->in_buffer_type == SA_BUFFER_TYPE_CLEAR) ? in.context.clear.offset : in.context.svp.offset; +#else + crypto_cipher_process->in_offset = in.context.clear.offset; +#endif // ENABLE_SVP // clang-format on return status; } @@ -1508,7 +1522,6 @@ static sa_status ta_invoke_crypto_sign( crypto_sign->out_length = out_length; return status; } - static sa_status ta_invoke_svp_supported( sa_svp_supported_s* svp_supported, const uint32_t param_types[NUM_TA_PARAMS], @@ -1532,6 +1545,7 @@ static sa_status ta_invoke_svp_supported( return ta_sa_svp_supported(context->client, uuid); } +#ifdef ENABLE_SVP static sa_status ta_invoke_svp_buffer_create( sa_svp_buffer_create_s* svp_buffer_create, const uint32_t param_types[NUM_TA_PARAMS], @@ -1556,7 +1570,6 @@ static sa_status ta_invoke_svp_buffer_create( return ta_sa_svp_buffer_create(&svp_buffer_create->svp_buffer, (void*) svp_buffer_create->svp_memory, // NOLINT svp_buffer_create->size, context->client, uuid); } - static sa_status ta_invoke_svp_buffer_release( sa_svp_buffer_release_s* svp_buffer_release, const uint32_t param_types[NUM_TA_PARAMS], @@ -1693,7 +1706,6 @@ static sa_status ta_invoke_svp_buffer_copy( return status; } - static sa_status ta_invoke_svp_key_check( sa_svp_key_check_s* svp_key_check, const uint32_t param_types[NUM_TA_PARAMS], @@ -1726,7 +1738,8 @@ static sa_status ta_invoke_svp_key_check( in.context.clear.buffer = params[1].mem_ref; in.context.clear.length = params[1].mem_ref_size; in.context.clear.offset = svp_key_check->in_offset; - } else { + } + else if (svp_key_check->in_buffer_type == SA_BUFFER_TYPE_SVP) { in.buffer_type = svp_key_check->in_buffer_type; in.context.svp.buffer = *(sa_svp_buffer*) params[1].mem_ref; in.context.svp.offset = svp_key_check->in_offset; @@ -1736,6 +1749,8 @@ static sa_status ta_invoke_svp_key_check( params[2].mem_ref_size, context->client, uuid); svp_key_check->in_offset = (svp_key_check->in_buffer_type == SA_BUFFER_TYPE_CLEAR) ? in.context.clear.offset : in.context.svp.offset; + svp_key_check->in_offset = svp_key_check->in_buffer_type = in.context.clear.offset; + return status; } @@ -1774,6 +1789,7 @@ static sa_status ta_invoke_svp_buffer_check( svp_buffer_check->digest_algorithm, params[1].mem_ref, params[1].mem_ref_size, context->client, uuid); } +#endif // ENABLE_SVP static sa_status ta_invoke_process_common_encryption( sa_process_common_encryption_s* process_common_encryption, @@ -1842,10 +1858,18 @@ static sa_status ta_invoke_process_common_encryption( out.context.clear.buffer = params[2].mem_ref; out.context.clear.length = params[2].mem_ref_size; out.context.clear.offset = process_common_encryption->out_offset; - } else { + } +#ifdef ENABLE_SVP + else if (process_common_encryption->out_buffer_type == SA_BUFFER_TYPE_SVP) { out.context.svp.buffer = *(sa_svp_buffer*) params[2].mem_ref; out.context.svp.offset = process_common_encryption->out_offset; } +#else + else if (process_common_encryption->out_buffer_type == SA_BUFFER_TYPE_SVP) { + ERROR("SVP is not supported when ENABLE_SVP flag is enabled"); + return SA_STATUS_OPERATION_NOT_SUPPORTED; + } +#endif // ENABLE_SVP sa_buffer in; sample.in = ∈ @@ -1854,18 +1878,31 @@ static sa_status ta_invoke_process_common_encryption( in.context.clear.buffer = params[3].mem_ref; in.context.clear.length = params[3].mem_ref_size; in.context.clear.offset = process_common_encryption->in_offset; - } else { + } +#ifdef ENABLE_SVP + else if (process_common_encryption->in_buffer_type == SA_BUFFER_TYPE_SVP) { in.buffer_type = process_common_encryption->in_buffer_type; in.context.svp.buffer = *(sa_svp_buffer*) params[3].mem_ref; in.context.svp.offset = process_common_encryption->in_offset; } +#endif status = ta_sa_process_common_encryption(1, &sample, context->client, uuid); +#ifdef ENABLE_SVP process_common_encryption->out_offset = (out.buffer_type == SA_BUFFER_TYPE_CLEAR) ? out.context.clear.offset : out.context.svp.offset; +#else + process_common_encryption->out_offset = out.context.clear.offset; +#endif // ENABLE_SVP + +#ifdef ENABLE_SVP process_common_encryption->in_offset = (in.buffer_type == SA_BUFFER_TYPE_CLEAR) ? in.context.clear.offset : in.context.svp.offset; +#else + process_common_encryption->in_offset = in.context.clear.offset; +#endif // ENABLE_SVP + } while (false); if (sample.subsample_lengths != NULL) @@ -2026,7 +2063,6 @@ sa_status ta_invoke_command_handler( status = ta_invoke_crypto_cipher_process(true, (sa_crypto_cipher_process_s*) command_parameter, param_types, params, context, &uuid); break; - case SA_CRYPTO_CIPHER_RELEASE: status = ta_invoke_crypto_cipher_release((sa_crypto_cipher_release_s*) command_parameter, param_types, params, context, &uuid); @@ -2061,12 +2097,27 @@ sa_status ta_invoke_command_handler( status = ta_invoke_crypto_sign((sa_crypto_sign_s*) command_parameter, param_types, params, context, &uuid); break; - case SA_SVP_SUPPORTED: status = ta_invoke_svp_supported((sa_svp_supported_s*) command_parameter, param_types, params, context, &uuid); break; + case SA_PROCESS_COMMON_ENCRYPTION: + status = ta_invoke_process_common_encryption((sa_process_common_encryption_s*) command_parameter, + param_types, params, context, &uuid); + break; + +#ifdef ENABLE_SVP + case SA_SVP_KEY_CHECK: + status = ta_invoke_svp_key_check((sa_svp_key_check_s*) command_parameter, param_types, params, context, + &uuid); + break; + + case SA_SVP_BUFFER_CHECK: + status = ta_invoke_svp_buffer_check((sa_svp_buffer_check_s*) command_parameter, param_types, params, + context, &uuid); + break; + case SA_SVP_BUFFER_CREATE: status = ta_invoke_svp_buffer_create((sa_svp_buffer_create_s*) command_parameter, param_types, params, context, &uuid); @@ -2087,21 +2138,7 @@ sa_status ta_invoke_command_handler( context, &uuid); break; - case SA_SVP_KEY_CHECK: - status = ta_invoke_svp_key_check((sa_svp_key_check_s*) command_parameter, param_types, params, context, - &uuid); - break; - - case SA_SVP_BUFFER_CHECK: - status = ta_invoke_svp_buffer_check((sa_svp_buffer_check_s*) command_parameter, param_types, params, - context, &uuid); - break; - - case SA_PROCESS_COMMON_ENCRYPTION: - status = ta_invoke_process_common_encryption((sa_process_common_encryption_s*) command_parameter, - param_types, params, context, &uuid); - break; - +#endif // ENABLE_SVP default: status = SA_STATUS_OPERATION_NOT_SUPPORTED; } diff --git a/reference/src/taimpl/src/porting/memory.c b/reference/src/taimpl/src/porting/memory.c index e58fd433..a09e7552 100644 --- a/reference/src/taimpl/src/porting/memory.c +++ b/reference/src/taimpl/src/porting/memory.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -67,6 +67,7 @@ void* memory_memset_unoptimizable(void* destination, uint8_t value, size_t size) return destination; } +#ifdef ENABLE_SVP bool memory_is_valid_svp( void* memory_location, size_t size) { @@ -86,6 +87,7 @@ bool memory_is_valid_svp( // space. return true; } +#endif // ENABLE_SVP bool memory_is_valid_clear( void* memory_location, diff --git a/reference/src/taimpl/src/porting/svp.c b/reference/src/taimpl/src/porting/svp.c index 7dfb5c41..45aa778d 100644 --- a/reference/src/taimpl/src/porting/svp.c +++ b/reference/src/taimpl/src/porting/svp.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2023 Comcast Cable Communications Management, LLC + * Copyright 2019-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "porting/svp.h" // NOLINT #include "digest.h" #include "log.h" @@ -234,7 +234,6 @@ bool svp_copy( } return true; } - bool svp_key_check( uint8_t* in_bytes, size_t bytes_to_process, @@ -292,7 +291,6 @@ bool svp_key_check( return status; } - bool svp_digest( void* out, size_t* out_length, @@ -349,3 +347,4 @@ size_t svp_get_size(const svp_buffer_t* svp_buffer) { return svp_buffer->size; } +#endif // ENABLE_SVP diff --git a/reference/src/taimpl/src/porting/video_output.c b/reference/src/taimpl/src/porting/video_output.c index 28868db2..d9250e51 100644 --- a/reference/src/taimpl/src/porting/video_output.c +++ b/reference/src/taimpl/src/porting/video_output.c @@ -1,5 +1,5 @@ /* - * Copyright 2019-2023 Comcast Cable Communications Management, LLC + * Copyright 2019-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,6 @@ * * SPDX-License-Identifier: Apache-2.0 */ - #include "porting/video_output.h" // NOLINT #include "log.h" #include @@ -29,7 +28,11 @@ static struct { .digital_unprotected_count = 0, .digital_hdcp14_count = 0, .digital_hdcp22_count = 1, +#ifdef ENABLE_SVP .svp_enabled = true}}; +#else + .svp_enabled = false}}; +#endif bool video_output_poll(video_output_state_t* state) { diff --git a/reference/src/taimpl/src/ta_sa_crypto_cipher_process.c b/reference/src/taimpl/src/ta_sa_crypto_cipher_process.c index d47c986b..e42b90d4 100644 --- a/reference/src/taimpl/src/ta_sa_crypto_cipher_process.c +++ b/reference/src/taimpl/src/ta_sa_crypto_cipher_process.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -217,7 +217,6 @@ static sa_status ta_sa_crypto_cipher_process_rsa_pkcs1v15( *bytes_to_process = out_length; return status; } - static sa_status ta_sa_crypto_cipher_process_rsa_oaep( void* out, size_t out_length, @@ -522,24 +521,34 @@ sa_status ta_sa_crypto_cipher_process( } if (out != NULL) { - if (in->buffer_type == SA_BUFFER_TYPE_SVP) - in->context.svp.offset += in_length; - else + if (in->buffer_type == SA_BUFFER_TYPE_CLEAR) { in->context.clear.offset += in_length; + } +#ifdef ENABLE_SVP + else if ( in->buffer_type == SA_BUFFER_TYPE_SVP) { + in->context.svp.offset += in_length; + } +#endif - if (out->buffer_type == SA_BUFFER_TYPE_SVP) - out->context.svp.offset += *bytes_to_process; - else + if (out->buffer_type == SA_BUFFER_TYPE_CLEAR) { out->context.clear.offset += *bytes_to_process; + } +#ifdef ENABLE_SVP + else if ( out->buffer_type == SA_BUFFER_TYPE_SVP) { + //in->context.svp.offset += in_length; + out->context.svp.offset += *bytes_to_process; + } +#endif } } while (false); +#ifdef ENABLE_SVP if (in_svp != NULL) svp_store_release_exclusive(client_get_svp_store(client), in->context.svp.buffer, in_svp, caller_uuid); if (out_svp != NULL) svp_store_release_exclusive(client_get_svp_store(client), out->context.svp.buffer, out_svp, caller_uuid); - +#endif if (cipher != NULL) cipher_store_release_exclusive(cipher_store, context, cipher, caller_uuid); diff --git a/reference/src/taimpl/src/ta_sa_crypto_cipher_process_last.c b/reference/src/taimpl/src/ta_sa_crypto_cipher_process_last.c index 7612d871..f432733b 100644 --- a/reference/src/taimpl/src/ta_sa_crypto_cipher_process_last.c +++ b/reference/src/taimpl/src/ta_sa_crypto_cipher_process_last.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -651,24 +651,33 @@ sa_status ta_sa_crypto_cipher_process_last( } if (out != NULL) { - if (in->buffer_type == SA_BUFFER_TYPE_SVP) - in->context.svp.offset += in_length; - else + if (in->buffer_type == SA_BUFFER_TYPE_CLEAR) { in->context.clear.offset += in_length; - - if (out->buffer_type == SA_BUFFER_TYPE_SVP) - out->context.svp.offset += *bytes_to_process; - else + } +#ifdef ENABLE_SVP + else if (in->buffer_type == SA_BUFFER_TYPE_SVP) + { + in->context.svp.offset += in_length; + } +#endif + if (out->buffer_type == SA_BUFFER_TYPE_CLEAR) { out->context.clear.offset += *bytes_to_process; + } +#ifdef ENABLE_SVP + else if (out->buffer_type == SA_BUFFER_TYPE_SVP) + { + out->context.svp.offset += *bytes_to_process; + } +#endif } } while (false); - +#ifdef ENABLE_SVP if (in_svp != NULL) svp_store_release_exclusive(client_get_svp_store(client), in->context.svp.buffer, in_svp, caller_uuid); if (out_svp != NULL) svp_store_release_exclusive(client_get_svp_store(client), out->context.svp.buffer, out_svp, caller_uuid); - +#endif if (cipher != NULL) cipher_store_release_exclusive(cipher_store, context, cipher, caller_uuid); diff --git a/reference/src/taimpl/src/ta_sa_process_common_encryption.c b/reference/src/taimpl/src/ta_sa_process_common_encryption.c index 449b84f8..aa14df18 100644 --- a/reference/src/taimpl/src/ta_sa_process_common_encryption.c +++ b/reference/src/taimpl/src/ta_sa_process_common_encryption.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -21,7 +21,6 @@ #include "common.h" #include "log.h" #include "rights.h" - static sa_status verify_sample( sa_sample* sample, client_t* client, @@ -161,14 +160,14 @@ static sa_status verify_sample( break; } } while (false); - +#ifdef ENABLE_SVP if (in_svp != NULL) svp_store_release_exclusive(client_get_svp_store(client), sample->in->context.svp.buffer, in_svp, caller_uuid); if (out_svp != NULL) svp_store_release_exclusive(client_get_svp_store(client), sample->out->context.svp.buffer, out_svp, caller_uuid); - +#endif // ENABLE_SVP if (cipher != NULL) cipher_store_release_exclusive(cipher_store, sample->context, cipher, caller_uuid); diff --git a/reference/src/taimpl/src/ta_sa_svp_buffer_check.c b/reference/src/taimpl/src/ta_sa_svp_buffer_check.c index 94c8de83..cb72e3d5 100644 --- a/reference/src/taimpl/src/ta_sa_svp_buffer_check.c +++ b/reference/src/taimpl/src/ta_sa_svp_buffer_check.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client_store.h" #include "digest_util.h" #include "log.h" @@ -94,3 +94,4 @@ sa_status ta_sa_svp_buffer_check( return status; } +#endif // ENABLE_SVP diff --git a/reference/src/taimpl/src/ta_sa_svp_buffer_copy.c b/reference/src/taimpl/src/ta_sa_svp_buffer_copy.c index 90091715..54d53944 100644 --- a/reference/src/taimpl/src/ta_sa_svp_buffer_copy.c +++ b/reference/src/taimpl/src/ta_sa_svp_buffer_copy.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client_store.h" #include "log.h" #include "ta_sa.h" @@ -83,3 +83,4 @@ sa_status ta_sa_svp_buffer_copy( return status; } +#endif // ENABLE_SVP diff --git a/reference/src/taimpl/src/ta_sa_svp_buffer_create.c b/reference/src/taimpl/src/ta_sa_svp_buffer_create.c index 6d616c76..7758a32c 100644 --- a/reference/src/taimpl/src/ta_sa_svp_buffer_create.c +++ b/reference/src/taimpl/src/ta_sa_svp_buffer_create.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,6 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ +#ifdef ENABLE_SVP #include "client_store.h" #include "log.h" @@ -60,3 +61,4 @@ sa_status ta_sa_svp_buffer_create( return status; } +#endif diff --git a/reference/src/taimpl/src/ta_sa_svp_buffer_release.c b/reference/src/taimpl/src/ta_sa_svp_buffer_release.c index 0a3c7bda..ae18c356 100644 --- a/reference/src/taimpl/src/ta_sa_svp_buffer_release.c +++ b/reference/src/taimpl/src/ta_sa_svp_buffer_release.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client_store.h" #include "log.h" #include "ta_sa.h" @@ -64,3 +64,4 @@ sa_status ta_sa_svp_buffer_release( return status; } +#endif // ENABLE_SVP diff --git a/reference/src/taimpl/src/ta_sa_svp_buffer_write.c b/reference/src/taimpl/src/ta_sa_svp_buffer_write.c index 76e9fdc1..2432db02 100644 --- a/reference/src/taimpl/src/ta_sa_svp_buffer_write.c +++ b/reference/src/taimpl/src/ta_sa_svp_buffer_write.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "client_store.h" #include "log.h" #include "ta_sa.h" @@ -78,3 +78,4 @@ sa_status ta_sa_svp_buffer_write( return status; } +#endif // ENABLE_SVP diff --git a/reference/src/taimpl/src/ta_sa_svp_key_check.c b/reference/src/taimpl/src/ta_sa_svp_key_check.c index 0e8d181b..8e370bf3 100644 --- a/reference/src/taimpl/src/ta_sa_svp_key_check.c +++ b/reference/src/taimpl/src/ta_sa_svp_key_check.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "buffer.h" #include "client_store.h" #include "common.h" @@ -125,12 +125,11 @@ sa_status ta_sa_svp_key_check( status = SA_STATUS_OK; } while (false); - if (in_svp != NULL) svp_store_release_exclusive(client_get_svp_store(client), in->context.svp.buffer, in_svp, caller_uuid); - stored_key_free(stored_key); client_store_release(client_store, client_slot, client, caller_uuid); return status; } +#endif // ENABLE_SVP diff --git a/reference/src/taimpl/src/ta_sa_svp_supported.c b/reference/src/taimpl/src/ta_sa_svp_supported.c index 7715a5f9..f3a763bf 100644 --- a/reference/src/taimpl/src/ta_sa_svp_supported.c +++ b/reference/src/taimpl/src/ta_sa_svp_supported.c @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,6 @@ * * SPDX-License-Identifier: Apache-2.0 */ - #include "log.h" #include "svp_store.h" #include "ta_sa.h" @@ -23,7 +22,9 @@ sa_status ta_sa_svp_supported( ta_client client_slot, const sa_uuid* caller_uuid) { - +#ifndef ENABLE_SVP + return SA_STATUS_OPERATION_NOT_SUPPORTED; +#endif // ENABLE_SVP if (caller_uuid == NULL) { ERROR("NULL caller_uuid: client_slot %d", client_slot); return SA_STATUS_NULL_PARAMETER; diff --git a/reference/src/taimpl/test/ta_sa_svp_buffer_check.cpp b/reference/src/taimpl/test/ta_sa_svp_buffer_check.cpp index 4529587f..095cb8ef 100644 --- a/reference/src/taimpl/test/ta_sa_svp_buffer_check.cpp +++ b/reference/src/taimpl/test/ta_sa_svp_buffer_check.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,6 +16,7 @@ * SPDX-License-Identifier: Apache-2.0 */ +#ifdef ENABLE_SVP #include "common.h" #include "digest_util.h" #include "ta_sa.h" @@ -93,3 +94,4 @@ namespace { ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } } // namespace +#endif // ENABLE_SVP diff --git a/reference/src/taimpl/test/ta_sa_svp_buffer_copy.cpp b/reference/src/taimpl/test/ta_sa_svp_buffer_copy.cpp index 30736376..15acb6f3 100644 --- a/reference/src/taimpl/test/ta_sa_svp_buffer_copy.cpp +++ b/reference/src/taimpl/test/ta_sa_svp_buffer_copy.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "common.h" #include "ta_sa.h" #include "ta_sa_svp_common.h" @@ -113,3 +113,4 @@ namespace { ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } } // namespace +#endif // ENABLE_SVP diff --git a/reference/src/taimpl/test/ta_sa_svp_buffer_write.cpp b/reference/src/taimpl/test/ta_sa_svp_buffer_write.cpp index a6609c0f..3855d241 100644 --- a/reference/src/taimpl/test/ta_sa_svp_buffer_write.cpp +++ b/reference/src/taimpl/test/ta_sa_svp_buffer_write.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "common.h" #include "ta_sa.h" #include "ta_sa_svp_common.h" @@ -107,3 +107,4 @@ namespace { ASSERT_EQ(status, SA_STATUS_NULL_PARAMETER); } } // namespace +#endif // ENABLE_SVP diff --git a/reference/src/taimpl/test/ta_sa_svp_common.cpp b/reference/src/taimpl/test/ta_sa_svp_common.cpp index 060990b8..00d44c14 100644 --- a/reference/src/taimpl/test/ta_sa_svp_common.cpp +++ b/reference/src/taimpl/test/ta_sa_svp_common.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -15,7 +15,7 @@ * * SPDX-License-Identifier: Apache-2.0 */ - +#ifdef ENABLE_SVP #include "ta_sa_svp_common.h" // NOLINT #include "log.h" #include "ta_test_helpers.h" @@ -77,3 +77,5 @@ INSTANTIATE_TEST_SUITE_P( TaSvpBufferWriteTests, TaSvpBufferWriteTest, ::testing::Values(1, 3, 10)); + +#endif // ENABLE_SVP diff --git a/reference/src/taimpl/test/ta_sa_svp_common.h b/reference/src/taimpl/test/ta_sa_svp_common.h index 2cfcb048..f4d86711 100644 --- a/reference/src/taimpl/test/ta_sa_svp_common.h +++ b/reference/src/taimpl/test/ta_sa_svp_common.h @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -16,6 +16,8 @@ * SPDX-License-Identifier: Apache-2.0 */ +#ifdef ENABLE_SVP + #ifndef TA_SA_SVP_COMMON_H #define TA_SA_SVP_COMMON_H @@ -42,3 +44,6 @@ class TaSvpBufferCopyTest : public ::testing::WithParamInterface, public TaSvpBase {}; #endif // TA_SA_SVP_COMMON_H + +#endif // ENABLE_SVP + diff --git a/reference/src/taimpl/test/ta_sa_svp_crypto.cpp b/reference/src/taimpl/test/ta_sa_svp_crypto.cpp index b6c2dffa..dfd8e3ca 100644 --- a/reference/src/taimpl/test/ta_sa_svp_crypto.cpp +++ b/reference/src/taimpl/test/ta_sa_svp_crypto.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -28,6 +28,7 @@ #define PADDED_SIZE(size) AES_BLOCK_SIZE*(((size) / AES_BLOCK_SIZE) + 1) #define SUBSAMPLE_SIZE 256UL +GTEST_ALLOW_UNINSTANTIATED_PARAMETERIZED_TEST(TaProcessCommonEncryptionTest); using namespace ta_test_helpers; std::shared_ptr TaCryptoCipherBase::import_key( @@ -193,7 +194,7 @@ void TaCryptoCipherTest::SetUp() { GTEST_SKIP() << "SVP not supported. Skipping all SVP tests"; } } - +#ifdef ENABLE_SVP sa_status TaProcessCommonEncryptionTest::svp_buffer_write( sa_svp_buffer out, const void* in, @@ -201,7 +202,7 @@ sa_status TaProcessCommonEncryptionTest::svp_buffer_write( sa_svp_offset offsets = {0, 0, in_length}; return ta_sa_svp_buffer_write(out, in, in_length, &offsets, 1, client(), ta_uuid()); } - +#endif namespace { void get_cipher_parameters( sa_cipher_algorithm cipher_algorithm, @@ -243,6 +244,7 @@ namespace { } } +#ifdef ENABLE_SVP size_t get_required_length( sa_cipher_algorithm cipher_algorithm, sa_cipher_mode cipher_mode, @@ -283,7 +285,6 @@ namespace { return ta_sa_svp_buffer_check(buffer->context.svp.buffer, 0, data.size(), SA_DIGEST_ALGORITHM_SHA256, hash.data(), hash.size(), client(), ta_uuid()) == SA_STATUS_OK; } - TEST_P(TaCryptoCipherTest, processNominal) { auto cipher_algorithm = std::get<0>(GetParam()); auto cipher_mode = std::get<1>(GetParam()); @@ -371,7 +372,7 @@ namespace { ASSERT_TRUE(verify(out_buffer.get(), clear)); } } - +#endif //ENABLE_SVP TEST_P(TaCryptoCipherTest, processFailsOutOffsetOverflow) { auto cipher_algorithm = std::get<0>(GetParam()); auto cipher_mode = std::get<1>(GetParam()); @@ -446,7 +447,7 @@ namespace { ta_uuid()); ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } - +#ifdef ENABLE_SVP TEST_P(TaProcessCommonEncryptionTest, nominal) { auto sample_size_and_time = std::get<0>(GetParam()); auto sample_size = std::get<0>(sample_size_and_time); @@ -513,7 +514,6 @@ namespace { ASSERT_LE(duration.count(), sample_time); #endif } - TEST_F(TaProcessCommonEncryptionTest, failsOutBufferOverflow) { std::shared_ptr parameters; std::vector iv; @@ -607,6 +607,7 @@ namespace { status = ta_sa_process_common_encryption(1, &sample, client(), ta_uuid()); ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER); } +#endif // ENABLE_SVP } // namespace diff --git a/reference/src/taimpl/test/ta_sa_svp_crypto.h b/reference/src/taimpl/test/ta_sa_svp_crypto.h index d6220d4a..0bb2b6c6 100644 --- a/reference/src/taimpl/test/ta_sa_svp_crypto.h +++ b/reference/src/taimpl/test/ta_sa_svp_crypto.h @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -51,10 +51,12 @@ class TaProcessCommonEncryptionTest : public ::testing::TestWithParam create_uninitialized_sa_key() { return {new sa_key(INVALID_HANDLE), [](const sa_key* p) { @@ -117,6 +117,7 @@ namespace ta_test_helpers { if (buffer->context.clear.buffer != nullptr) free(buffer->context.clear.buffer); } else { +#ifdef ENABLE_SVP if (buffer->context.svp.buffer != INVALID_HANDLE) { void* svp_memory; size_t svp_memory_size; @@ -124,6 +125,7 @@ namespace ta_test_helpers { buffer->context.svp.buffer, client(), ta_uuid()) == SA_STATUS_OK) ta_sa_svp_memory_free(svp_memory); } +#endif } } @@ -140,6 +142,7 @@ namespace ta_test_helpers { return nullptr; } } else if (buffer_type == SA_BUFFER_TYPE_SVP) { +#ifdef ENABLE_SVP buffer->buffer_type = SA_BUFFER_TYPE_SVP; buffer->context.svp.buffer = INVALID_HANDLE; void* svp_memory; @@ -151,6 +154,7 @@ namespace ta_test_helpers { } buffer->context.svp.offset = 0; +#endif // ENABLE_SVP } return buffer; @@ -167,6 +171,7 @@ namespace ta_test_helpers { if (buffer_type == SA_BUFFER_TYPE_CLEAR) { memcpy(buffer->context.clear.buffer, initial_value.data(), initial_value.size()); } else { +#ifdef ENABLE_SVP sa_svp_offset offsets = {0, 0, initial_value.size()}; if (ta_sa_svp_buffer_write(buffer->context.svp.buffer, initial_value.data(), initial_value.size(), &offsets, 1, client(), ta_uuid()) != SA_STATUS_OK) { @@ -175,6 +180,7 @@ namespace ta_test_helpers { } buffer->context.svp.offset = 0; +#endif //ENABLE_SVP } return buffer; diff --git a/reference/src/taimpl/test/ta_test_helpers.h b/reference/src/taimpl/test/ta_test_helpers.h index cd64bd90..78733b5c 100644 --- a/reference/src/taimpl/test/ta_test_helpers.h +++ b/reference/src/taimpl/test/ta_test_helpers.h @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -80,7 +80,7 @@ namespace ta_test_helpers { std::shared_ptr buffer_alloc( sa_buffer_type buffer_type, std::vector& initial_value); - +#ifdef ENABLE_SVP /** * Allocates SVP memory from inside the test TA. * @@ -99,6 +99,7 @@ namespace ta_test_helpers { * @return the status of the operation. */ sa_status ta_sa_svp_memory_free(void* svp_memory); +#endif // ENABLE_SVP } // namespace ta_test_helpers #endif // TA_TEST_HELPERS_H diff --git a/reference/src/util/CMakeLists.txt b/reference/src/util/CMakeLists.txt index 8aff4ab9..651be175 100644 --- a/reference/src/util/CMakeLists.txt +++ b/reference/src/util/CMakeLists.txt @@ -1,5 +1,5 @@ # -# Copyright 2020-2023 Comcast Cable Communications Management, LLC +# Copyright 2020-2025 Comcast Cable Communications Management, LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. @@ -103,4 +103,5 @@ if (BUILD_TESTS) ${CMAKE_CURRENT_BINARY_DIR}/root_keystore.p12) gtest_discover_tests(utiltest) -endif () \ No newline at end of file +endif () + diff --git a/reference/src/util/include/test_process_common_encryption.h b/reference/src/util/include/test_process_common_encryption.h index 8ceeb2e7..998c54d8 100644 --- a/reference/src/util/include/test_process_common_encryption.h +++ b/reference/src/util/include/test_process_common_encryption.h @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -46,11 +46,13 @@ class ProcessCommonEncryptionBase { sample_data& sample_data, std::vector& samples); +#ifdef ENABLE_SVP virtual sa_status svp_buffer_write( sa_svp_buffer out, const void* in, size_t in_length) = 0; +#endif ~ProcessCommonEncryptionBase() = default; private: diff --git a/reference/src/util/src/test_process_common_encryption.cpp b/reference/src/util/src/test_process_common_encryption.cpp index b514d571..bc6527af 100644 --- a/reference/src/util/src/test_process_common_encryption.cpp +++ b/reference/src/util/src/test_process_common_encryption.cpp @@ -1,5 +1,5 @@ /* - * Copyright 2020-2023 Comcast Cable Communications Management, LLC + * Copyright 2020-2025 Comcast Cable Communications Management, LLC * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -265,7 +265,9 @@ bool ProcessCommonEncryptionBase::build_samples( if (sample_data.in->buffer_type == SA_BUFFER_TYPE_CLEAR) { memcpy(sample_data.in->context.clear.buffer, in.data(), in.size()); - } else { + } +#ifdef ENABLE_SVP + else { if (svp_buffer_write(sample_data.in->context.svp.buffer, in.data(), in.size()) != SA_STATUS_OK) { ERROR("svp_buffer_write"); return false; @@ -273,6 +275,7 @@ bool ProcessCommonEncryptionBase::build_samples( sample_data.in->context.svp.offset = 0; } +#endif // ENABLE_SVP for (sa_sample& sample : samples) sample.in = sample_data.in.get();