Issue 136: Add a flag to disable SVP functionality

reference/CMakeLists.txt

@@ -1,5 +1,5 @@
 #
-# Copyright 2020-2023 Comcast Cable Communications Management, LLC
+# Copyright 2020-2025 Comcast Cable Communications Management, LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -19,8 +19,15 @@ cmake_minimum_required(VERSION 3.16)
 
 project(tasecureapi)
 
-option(BUILD_TESTS "Builds and installs the unit tests" ON)
-option(BUILD_DOC   "Build documentation" ON)
+option(BUILD_TESTS  "Builds and installs the unit tests" ON)
+option(BUILD_DOC    "Build documentation" ON)
+option(ENABLE_SVP  "Build SecAPI with SVP" OFF)
+
+if(ENABLE_SVP)
+    message(STATUS "ENABLE_SVP is ON: Building SecAPI  SVP functionality")
+else()
+    message(STATUS "ENABLE_SVP is OFF: Building SecAPI without SVP functionality")
+endif()
 
 if(${BUILD_TESTS})
     # Download and unpack googletest at configure time

reference/src/CMakeLists.txt

@@ -1,5 +1,5 @@
 #
-# Copyright 2020-2023 Comcast Cable Communications Management, LLC
+# Copyright 2020-2025 Comcast Cable Communications Management, LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -44,6 +44,10 @@ if (DEFINED DISABLE_CENC_TIMING)
     set(CMAKE_C_FLAGS "-DDISABLE_CENC_TIMING ${CMAKE_C_FLAGS}")
 endif ()
 
+if (ENABLE_SVP)
+    set(CMAKE_CXX_FLAGS "-DENABLE_SVP ${CMAKE_CXX_FLAGS}")
+    set(CMAKE_C_FLAGS "-DENABLE_SVP ${CMAKE_C_FLAGS}")
+endif ()
 add_subdirectory(client)
 add_subdirectory(clientimpl)
 add_subdirectory(taimpl)

reference/src/client/CMakeLists.txt

@@ -1,5 +1,5 @@
 #
-# Copyright 2020-2023 Comcast Cable Communications Management, LLC
+# Copyright 2020-2025 Comcast Cable Communications Management, LLC
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
@@ -128,11 +128,10 @@ target_clangformat_setup(saclient)
 
 if (BUILD_TESTS)
     # Google test
-    add_executable(saclienttest
+    set(SACLIENT_TEST_SOURCES
             test/client_test_helpers.cpp
             test/client_test_helpers.h
             test/environment.cpp
-            test/sa_client_thread_test.cpp
             test/sa_crypto_cipher_common.h
             test/sa_crypto_cipher_common.cpp
             test/sa_crypto_cipher_init.cpp
@@ -277,15 +276,25 @@ if (BUILD_TESTS)
             test/sa_provider_mac.cpp
             test/sa_provider_pkcs7.cpp
             test/sa_provider_signature.cpp
-            test/sa_svp_buffer_alloc.cpp
-            test/sa_svp_buffer_check.cpp
-            test/sa_svp_buffer_copy.cpp
-            test/sa_svp_buffer_create.cpp
-            test/sa_svp_buffer_release.cpp
-            test/sa_svp_buffer_write.cpp
-            test/sa_svp_key_check.cpp
-            test/sa_svp_common.cpp
-            test/sa_svp_common.h)
+            )
+    # Conditionally add files if ENABLE_SVP is defined
+    if(ENABLE_SVP)
+         list(APPEND SACLIENT_TEST_SOURCES
+	    test/sa_client_thread_test.cpp
+	    test/sa_svp_buffer_alloc.cpp
+	    test/sa_svp_buffer_check.cpp
+	    test/sa_svp_buffer_copy.cpp
+	    test/sa_svp_buffer_create.cpp
+	    test/sa_svp_buffer_release.cpp
+	    test/sa_svp_buffer_write.cpp
+	    test/sa_svp_key_check.cpp
+	    test/sa_svp_common.cpp
+	    test/sa_svp_common.h
+            )
+    endif()
+
+
+    add_executable(saclienttest ${SACLIENT_TEST_SOURCES})
 
     target_compile_options(saclienttest PRIVATE -Werror -Wall -Wextra -Wno-type-limits -Wno-unused-parameter
             -Wno-deprecated-declarations)

reference/src/client/include/sa_svp.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2023 Comcast Cable Communications Management, LLC
+ * Copyright 2020-2025 Comcast Cable Communications Management, LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -45,6 +45,7 @@ extern "C" {
  */
 sa_status sa_svp_supported();
 
+#ifdef ENABLE_SVP
 /**
  * Allocate an SVP memory block.
  *
@@ -255,6 +256,7 @@ sa_status sa_svp_buffer_check(
         const void* hash,
         size_t hash_length);
 
+#endif // ENABLE_SVP
 #ifdef __cplusplus
 }
 #endif

reference/src/client/include/sa_ta_types.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2023 Comcast Cable Communications Management, LLC
+ * Copyright 2020-2025 Comcast Cable Communications Management, LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -470,6 +470,7 @@ typedef struct {
     uint8_t api_version;
 } sa_svp_supported_s;
 
+#ifdef ENABLE_SVP
 // sa_svp_buffer_create
 // param[0] INOUT - sa_svp_buffer
 typedef struct {
@@ -534,6 +535,7 @@ typedef struct {
     uint64_t length;
     uint32_t digest_algorithm;
 } sa_svp_buffer_check_s;
+#endif // ENABLE_SVP
 
 // sa_process_common_encryption (1 sample per call)
 // param[0] INOUT - sa_process_common_encryption_s

reference/src/client/include/sa_types.h

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2023 Comcast Cable Communications Management, LLC
+ * Copyright 2020-2025 Comcast Cable Communications Management, LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -107,10 +107,12 @@ typedef uint64_t sa_handle; // NOLINT
  */
 typedef sa_handle sa_key;
 
+#ifdef ENABLE_SVP
 /**
  * SVP buffer opaque data structure.
  */
 typedef sa_handle sa_svp_buffer;
+#endif // ENABLE_SVP
 
 /**
  * Cipher context handle.
@@ -559,13 +561,15 @@ typedef struct {
             size_t offset;
         } clear;
 
+#if ENABLE_SVP
         /** SVP buffer information */
         struct {
             /** SVP buffer handle */
             sa_svp_buffer buffer;
             /** Current offset into the buffer */
             size_t offset;
         } svp;
+#endif // ENABLE_SVP
     } context;
 } sa_buffer;
 
@@ -1023,6 +1027,7 @@ typedef struct {
 /**
  * Structure to use in sa_svp_buffer_copy_blocks
  */
+#ifdef ENABLE_SVP
 typedef struct {
     /** offset into the output buffer. */
     size_t out_offset;
@@ -1031,6 +1036,7 @@ typedef struct {
     /** numbers of bytes to copy or write. */
     size_t length;
 } sa_svp_offset;
+#endif
 
 /** TA Key Type Definition */
 

reference/src/client/test/client_test_helpers.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2023 Comcast Cable Communications Management, LLC
+ * Copyright 2020-2025 Comcast Cable Communications Management, LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -4362,10 +4362,15 @@ namespace client_test_helpers {
                         if (buffer_type == SA_BUFFER_TYPE_CLEAR) {
                             if (buffer->context.clear.buffer != nullptr)
                                 free(buffer->context.clear.buffer);
-                        } else {
+                        }
+#ifdef ENABLE_SVP	
+			else if (buffer_type == SA_BUFFER_TYPE_SVP) {
                             if (buffer->context.svp.buffer != INVALID_HANDLE)
+			    {
                                 sa_svp_buffer_free(buffer->context.svp.buffer);
+                            }
                         }
+#endif
                     }
 
                     delete buffer;
@@ -4380,7 +4385,9 @@ namespace client_test_helpers {
                 ERROR("malloc failed");
                 return nullptr;
             }
-        } else if (buffer_type == SA_BUFFER_TYPE_SVP) {
+        } 
+#ifdef ENABLE_SVP
+	else if (buffer_type == SA_BUFFER_TYPE_SVP) {
             buffer->buffer_type = SA_BUFFER_TYPE_SVP;
             buffer->context.svp.buffer = INVALID_HANDLE;
             sa_svp_buffer svp_buffer;
@@ -4392,6 +4399,7 @@ namespace client_test_helpers {
             buffer->context.svp.buffer = svp_buffer;
             buffer->context.svp.offset = 0;
         }
+#endif // ENABLE_SVP
 
         return buffer;
     }
@@ -4406,7 +4414,10 @@ namespace client_test_helpers {
 
         if (buffer_type == SA_BUFFER_TYPE_CLEAR) {
             memcpy(buffer->context.clear.buffer, initial_value.data(), initial_value.size());
-        } else {
+        }
+
+#ifdef ENABLE_SVP	
+	else if (buffer_type == SA_BUFFER_TYPE_SVP) {
             sa_svp_offset offsets = {0, 0, initial_value.size()};
             if (sa_svp_buffer_write(buffer->context.svp.buffer, initial_value.data(), initial_value.size(),
                         &offsets, 1) != SA_STATUS_OK) {
@@ -4416,7 +4427,7 @@ namespace client_test_helpers {
 
             buffer->context.svp.offset = 0;
         }
-
+#endif // ENABLE_SVP
         return buffer;
     }
 

reference/src/client/test/sa_client_thread_test.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright 2022-2023 Comcast Cable Communications Management, LLC
+ * Copyright 2022-2025 Comcast Cable Communications Management, LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -16,6 +16,7 @@
  * SPDX-License-Identifier: Apache-2.0
  */
 
+#ifdef ENABLE_SVP
 #include "client_test_helpers.h"
 #include "sa.h"
 #include "gtest/gtest.h" // NOLINT
@@ -134,3 +135,4 @@ namespace {
         ASSERT_EQ(SA_STATUS_OK, future.get());
     }
 } // namespace
+#endif // ENABLE_SVP

reference/src/client/test/sa_crypto_cipher_process.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2023 Comcast Cable Communications Management, LLC
+ * Copyright 2020-2025 Comcast Cable Communications Management, LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -175,8 +175,10 @@ namespace {
         ASSERT_NE(out_buffer, nullptr);
         if (buffer_type == SA_BUFFER_TYPE_CLEAR)
             out_buffer->context.clear.offset = SIZE_MAX - 4;
-        else
+#ifdef ENABLE_SVP
+        else if (buffer_type == SA_BUFFER_TYPE_SVP)
             out_buffer->context.svp.offset = SIZE_MAX - 4;
+#endif // ENABLE_SVP
 
         status = sa_crypto_cipher_process(out_buffer.get(), *cipher, in_buffer.get(), &bytes_to_process);
         ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER);
@@ -210,8 +212,10 @@ namespace {
         ASSERT_NE(out_buffer, nullptr);
         if (buffer_type == SA_BUFFER_TYPE_CLEAR)
             in_buffer->context.clear.offset = SIZE_MAX - 4;
-        else
+#ifdef ENABLE_SVP
+        else if (buffer_type == SA_BUFFER_TYPE_SVP)
             in_buffer->context.svp.offset = SIZE_MAX - 4;
+#endif // ENABLE_SVP
 
         status = sa_crypto_cipher_process(out_buffer.get(), *cipher, in_buffer.get(), &bytes_to_process);
         ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER);

reference/src/client/test/sa_crypto_cipher_process_aes_gcm.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2023 Comcast Cable Communications Management, LLC
+ * Copyright 2020-2025 Comcast Cable Communications Management, LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -345,6 +345,7 @@ namespace {
         ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER);
     }
 
+#ifdef ENABLE_SVP
     TEST_F(SaCryptoCipherWithoutSvpTest, initAesGcmFailsSvpIn) {
         if (sa_svp_supported() == SA_STATUS_OPERATION_NOT_SUPPORTED)
             GTEST_SKIP() << "SVP not supported. Skipping all SVP tests";
@@ -418,4 +419,5 @@ namespace {
         status = sa_crypto_cipher_process(out_buffer.get(), *cipher, in_buffer.get(), &bytes_to_process);
         ASSERT_EQ(status, SA_STATUS_OPERATION_NOT_ALLOWED);
     }
+#endif // ENABLE_SVP
 } // namespace

reference/src/client/test/sa_crypto_cipher_process_chacha20_poly1305.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2023 Comcast Cable Communications Management, LLC
+ * Copyright 2020-2025 Comcast Cable Communications Management, LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -234,6 +234,7 @@ namespace {
         ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER);
     }
 
+#ifdef ENABLE_SVP
     TEST_F(SaCryptoCipherWithoutSvpTest, initAChacha20Poly1305FailsSvpIn) {
         auto clear_key = random(SYM_256_KEY_SIZE);
 
@@ -301,4 +302,5 @@ namespace {
         status = sa_crypto_cipher_process(out_buffer.get(), *cipher, in_buffer.get(), &bytes_to_process);
         ASSERT_EQ(status, SA_STATUS_OPERATION_NOT_ALLOWED);
     }
+#endif // ENABLE_SVP
 } // namespace

reference/src/client/test/sa_crypto_cipher_process_last.cpp

@@ -1,5 +1,5 @@
 /*
- * Copyright 2020-2023 Comcast Cable Communications Management, LLC
+ * Copyright 2020-2025 Comcast Cable Communications Management, LLC
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
@@ -175,9 +175,11 @@ namespace {
         ASSERT_NE(out_buffer, nullptr);
         if (buffer_type == SA_BUFFER_TYPE_CLEAR)
             out_buffer->context.clear.offset = SIZE_MAX - 4;
-        else
+#ifdef ENABLE_SVP
+        else if (buffer_type == SA_BUFFER_TYPE_SVP) 
             out_buffer->context.svp.offset = SIZE_MAX - 4;
 
+#endif // ENABLE_SVP
         status = sa_crypto_cipher_process_last(out_buffer.get(), *cipher, in_buffer.get(), &bytes_to_process, nullptr);
         ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER);
     }
@@ -210,9 +212,12 @@ namespace {
         ASSERT_NE(out_buffer, nullptr);
         if (buffer_type == SA_BUFFER_TYPE_CLEAR)
             in_buffer->context.clear.offset = SIZE_MAX - 4;
-        else
+#ifdef ENABLE_SVP
+        else if (buffer_type == SA_BUFFER_TYPE_SVP)
             in_buffer->context.svp.offset = SIZE_MAX - 4;
 
+#endif // ENABLE_SVP
+	ERROR("Buffer type =%d\n", buffer_type);
         status = sa_crypto_cipher_process_last(out_buffer.get(), *cipher, in_buffer.get(), &bytes_to_process, nullptr);
         ASSERT_EQ(status, SA_STATUS_INVALID_PARAMETER);
     }