refactor how don't use status is handled

We follow strictly what the ICD says: "navigation data shall not be authenticated with the provided OSNMA information". With this change, the only thing that is affected by the don't use status is whether authentication bits are added to the navigation data as a consequence of a successful tag verification. The receiver carries out all the other operations regardless of the don't use status.
daniestevez · Jan 26, 2024 · 4fdc0fe · 4fdc0fe
1 parent 2ed7680
commit 4fdc0fe
Show file tree

Hide file tree

Showing 2 changed files with 11 additions and 21 deletions.
diff --git a/src/navmessage.rs b/src/navmessage.rs
@@ -578,10 +578,16 @@ impl<S: StaticStorage> CollectNavMessage<S> {
                 tag_idx,
                 prna
             );
-            for to_add in to_add_authbits {
-                if navdata.svn() == to_add.svn() && navdata.message_bits() == to_add.message_bits()
-                {
-                    to_add.add_authbits(tag);
+            // This nma_status is known good because it has been used in the tag
+            // validation, so we can act on it to decide if we can add
+            // authentication bits.
+            if matches!(nma_status, NmaStatus::Operational | NmaStatus::Test) {
+                for to_add in to_add_authbits {
+                    if navdata.svn() == to_add.svn()
+                        && navdata.message_bits() == to_add.message_bits()
+                    {
+                        to_add.add_authbits(tag);
+                    }
                 }
             }
         } else {

diff --git a/src/osnma.rs b/src/osnma.rs
@@ -93,7 +93,6 @@ struct OsnmaData<S: StaticStorage> {
     pubkey: PubkeyStore,
     key: KeyStore,
     only_slowmac: bool,
-    dont_use: bool,
 }
 
 #[derive(Debug, Clone)]
@@ -137,7 +136,6 @@ impl<S: StaticStorage> Osnma<S> {
                         .map_or_else(PubkeyStore::empty, PubkeyStore::from_current_pubkey),
                     key: KeyStore::empty(),
                     only_slowmac,
-                    dont_use: false,
                 },
             },
         }
@@ -289,20 +287,15 @@ impl<S: StaticStorage> OsnmaData<S> {
 
     fn process_nma_header(&mut self, nma_header: NmaHeader<Validated>, pkid: u8) {
         match nma_header.nma_status() {
-            NmaStatus::Operational => {
-                self.dont_use = false;
-            }
+            NmaStatus::Operational => {}
             NmaStatus::Test => {
                 log::info!("NMA status is test");
-                self.dont_use = false;
             }
             NmaStatus::Reserved => {
                 log::error!("NMA status has a reserved value; assuming don't use");
-                self.set_dont_use();
             }
             NmaStatus::DontUse => {
                 log::warn!("NMA status is don't use");
-                self.set_dont_use();
                 match nma_header.chain_and_pubkey_status() {
                     ChainAndPubkeyStatus::ChainRevoked => {
                         // current chain is revoked
@@ -367,11 +360,6 @@ impl<S: StaticStorage> OsnmaData<S> {
         self.key = KeyStore::empty();
     }
 
-    fn set_dont_use(&mut self) {
-        self.dont_use = true;
-        self.navmessage.reset_authbits();
-    }
-
     fn process_dsm_pkr(&mut self, dsm_pkr: DsmPkr) {
         match dsm_pkr.new_public_key_type() {
             NewPublicKeyType::EcdsaKey(_) => self.process_dsm_pkr_npk(dsm_pkr),
@@ -457,10 +445,6 @@ impl<S: StaticStorage> OsnmaData<S> {
     }
 
     fn process_tags(&mut self, current_key: &Key<Validated>) {
-        if self.dont_use {
-            return;
-        }
-
         let gst_mack = current_key.gst_subframe().add_seconds(-30);
         let gst_slowmac = gst_mack.add_seconds(-300);
         // Try to re-generate the key that was used for the MACSEQ of the