diff -Nru libsrtp2-2.1.0/CHANGES libsrtp2-2.2.0/CHANGES --- libsrtp2-2.1.0/CHANGES 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/CHANGES 2018-05-15 19:33:24.000000000 +0000 @@ -1,5 +1,65 @@ Changelog +2.2.0-pre (This version) + +Major changes + +All code has been reformatted to be consistent. A .clang-format file and format.sh script has been added that can be use to verify and enforce consistent formatting. An automated check on code formatting is now part of travis build. + +Other changes + +PR #409 - Compatibilty with LibreSSL + +PR #406 - Fix unprotect when pktlen < (2*mki_size + tag_len) + +PR #405 - Prevent potential double free + +PR #404 - Add back extern to global variables + +PR #403 - Set gcm IV directly with EVP_CipherInit_ex + +PR #401 - Fix memory access issue in srtp_get_session_keys() + +PR #398 - Fix memory access fixes when invalid profiles where used + +PR #391 - Return NULL when allocating memory of size zero + +PR #390 - Bitvector of length zero is not valid + +PR #385 - Treat warnings as errors on travis builds + +PR #388 - Moved externs from crypto_kernel into its own header + +PR #379 - Fixed several compiler warnings from Firefox builds + +PR #377 - Removed variable init code in rdbx which never gets used + +PR #381 - Added error in case the platform is not detected + +PR #376 - Add coverity scan to travis builds + +PR #374 - Add a big endian build on travis + +PR #373 - Fixed buffer size issue in test/srtp_driver.c + +PR #372 - Make rtp_decoder compile on MinGW + +PR #367 - Rename configure.in to configure.ac + +PR #365 - Replace calls to free() with srtp_crypto_free() + +PR #364 - Add valgrind to travis and fix leaks in tests + +PR #363 - Change smtp_crypto_alloc to initialize memory to zero + +PR #354 - Fix potential leak if cloning of stream fails + +PR #340 - Fix potential leak in srtp_add_stream() + +PR #323 - Fix running test in out of source builds + +Issue #316 - Remove VERSION file + 2.1.0 Compatibility changes @@ -164,4 +224,4 @@ PR #302 - Fix warning regarding unused variable - PR #303 - Makefile.in: Add gnu as match for shared lib suffix \ No newline at end of file + PR #303 - Makefile.in: Add gnu as match for shared lib suffix diff -Nru libsrtp2-2.1.0/.clang-format libsrtp2-2.2.0/.clang-format --- libsrtp2-2.1.0/.clang-format 1970-01-01 00:00:00.000000000 +0000 +++ libsrtp2-2.2.0/.clang-format 2018-05-15 19:33:24.000000000 +0000 @@ -0,0 +1,79 @@ +AccessModifierOffset: -4 + +AlignAfterOpenBracket: Align +AlignConsecutiveAssignments: false +AlignConsecutiveDeclarations: false +AlignEscapedNewlinesLeft: false +AlignOperands: true +AlignTrailingComments: true + +AllowAllParametersOfDeclarationOnNextLine: false + +AllowShortBlocksOnASingleLine: false +AllowShortCaseLabelsOnASingleLine: false +AllowShortFunctionsOnASingleLine: Inline +AllowShortIfStatementsOnASingleLine: false +AllowShortLoopsOnASingleLine: false + +AlwaysBreakAfterDefinitionReturnType: None +AlwaysBreakBeforeMultilineStrings: false +AlwaysBreakTemplateDeclarations: false + +BinPackArguments: true +BinPackParameters: false +BraceWrapping: + AfterControlStatement: false + AfterEnum: false + AfterFunction: true + AfterStruct: false + AfterUnion: false + BeforeCatch: false + BeforeElse: false + IndentBraces: false + +BreakBeforeBinaryOperators: None +BreakBeforeBraces: Custom +BreakBeforeTernaryOperators: true + +ColumnLimit: 80 +CommentPragmas: '^ IWYU pragma:' +ContinuationIndentWidth: 4 +DerivePointerAlignment: false +DisableFormat: false +ExperimentalAutoDetectBinPacking: false + +IndentCaseLabels: false +IndentWidth: 4 +IndentWrappedFunctionNames: false + +KeepEmptyLinesAtTheStartOfBlocks: false + +MaxEmptyLinesToKeep: 1 + +PenaltyBreakBeforeFirstCallParameter: 16 +PenaltyBreakComment: 300 +PenaltyBreakFirstLessLess: 120 +PenaltyBreakString: 1000 +PenaltyExcessCharacter: 1000 +PenaltyReturnTypeOnItsOwnLine: 9000 + +Cpp11BracedListStyle: false + +PointerAlignment: Right + +ReflowComments: true + +SortIncludes: false + +SpaceAfterCStyleCast: false +SpaceBeforeAssignmentOperators: true +SpaceBeforeParens: ControlStatements +SpaceInEmptyParentheses: false +SpacesBeforeTrailingComments: 1 +SpacesInAngles: false +SpacesInContainerLiterals: true +SpacesInCStyleCastParentheses: false +SpacesInParentheses: false +SpacesInSquareBrackets: false +TabWidth: 4 +UseTab: Never diff -Nru libsrtp2-2.1.0/config_in.h libsrtp2-2.2.0/config_in.h --- libsrtp2-2.1.0/config_in.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/config_in.h 2018-05-15 19:33:24.000000000 +0000 @@ -1,4 +1,4 @@ -/* config_in.h. Generated from configure.in by autoheader. */ +/* config_in.h. Generated from configure.ac by autoheader. */ /* Define if building universal (internal helper macro) */ #undef AC_APPLE_UNIVERSAL_BUILD @@ -57,7 +57,7 @@ /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IN_H -/* Define to 1 if you have the `pcap' library (-lpcap) */ +/* Define to 1 if you have the `winpcap' library (-lwpcap) */ #undef HAVE_PCAP /* Define to 1 if you have the `sigaction' function. */ diff -Nru libsrtp2-2.1.0/configure libsrtp2-2.2.0/configure --- libsrtp2-2.1.0/configure 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/configure 2018-05-15 19:33:24.000000000 +0000 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for libsrtp2 2.1.0. +# Generated by GNU Autoconf 2.69 for libsrtp2 2.2.0. # # Report bugs to . # @@ -580,8 +580,8 @@ # Identity of this package. PACKAGE_NAME='libsrtp2' PACKAGE_TARNAME='libsrtp2' -PACKAGE_VERSION='2.1.0' -PACKAGE_STRING='libsrtp2 2.1.0' +PACKAGE_VERSION='2.2.0' +PACKAGE_STRING='libsrtp2 2.2.0' PACKAGE_BUGREPORT='https://github.com/cisco/libsrtp/issues' PACKAGE_URL='' @@ -623,6 +623,7 @@ ac_subst_vars='LTLIBOBJS LIBOBJS +PCAP_LIB HAVE_PCAP HMAC_OBJS AES_ICM_OBJS @@ -678,6 +679,7 @@ docdir oldincludedir includedir +runstatedir localstatedir sharedstatedir sysconfdir @@ -760,6 +762,7 @@ sysconfdir='${prefix}/etc' sharedstatedir='${prefix}/com' localstatedir='${prefix}/var' +runstatedir='${localstatedir}/run' includedir='${prefix}/include' oldincludedir='/usr/include' docdir='${datarootdir}/doc/${PACKAGE_TARNAME}' @@ -1012,6 +1015,15 @@ | -silent | --silent | --silen | --sile | --sil) silent=yes ;; + -runstatedir | --runstatedir | --runstatedi | --runstated \ + | --runstate | --runstat | --runsta | --runst | --runs \ + | --run | --ru | --r) + ac_prev=runstatedir ;; + -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \ + | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \ + | --run=* | --ru=* | --r=*) + runstatedir=$ac_optarg ;; + -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb) ac_prev=sbindir ;; -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \ @@ -1149,7 +1161,7 @@ for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ - libdir localedir mandir + libdir localedir mandir runstatedir do eval ac_val=\$$ac_var # Remove trailing slashes. @@ -1262,7 +1274,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures libsrtp2 2.1.0 to adapt to many kinds of systems. +\`configure' configures libsrtp2 2.2.0 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1302,6 +1314,7 @@ --sysconfdir=DIR read-only single-machine data [PREFIX/etc] --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run] --libdir=DIR object code libraries [EPREFIX/lib] --includedir=DIR C header files [PREFIX/include] --oldincludedir=DIR C header files for non-gcc [/usr/include] @@ -1327,7 +1340,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of libsrtp2 2.1.0:";; + short | recursive ) echo "Configuration of libsrtp2 2.2.0:";; esac cat <<\_ACEOF @@ -1433,7 +1446,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -libsrtp2 configure 2.1.0 +libsrtp2 configure 2.2.0 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -1948,7 +1961,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by libsrtp2 $as_me 2.1.0, which was +It was created by libsrtp2 $as_me 2.2.0, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3229,8 +3242,37 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu -# expand $ac_aux_dir to an absolute path -am_aux_dir=`cd $ac_aux_dir && pwd` +ac_aux_dir= +for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do + if test -f "$ac_dir/install-sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f "$ac_dir/install.sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + elif test -f "$ac_dir/shtool"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/shtool install -c" + break + fi +done +if test -z "$ac_aux_dir"; then + as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 +fi + +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. +ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. +ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. + + +# Expand $ac_aux_dir to an absolute path. +am_aux_dir=`cd "$ac_aux_dir" && pwd` if test -n "$ac_tool_prefix"; then @@ -3496,35 +3538,6 @@ RANLIB="$ac_cv_prog_RANLIB" fi -ac_aux_dir= -for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do - if test -f "$ac_dir/install-sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install-sh -c" - break - elif test -f "$ac_dir/install.sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install.sh -c" - break - elif test -f "$ac_dir/shtool"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/shtool install -c" - break - fi -done -if test -z "$ac_aux_dir"; then - as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5 -fi - -# These three variables are undocumented and unsupported, -# and are intended to be withdrawn in a future Autoconf release. -# They can cause serious problems if a builder's source tree is in a directory -# whose full name contains unusual characters. -ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. -ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. -ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. - - # Find a good install program. We prefer a C program (faster), # so one script is as good as another. But avoid the broken or # incompatible versions: @@ -5636,6 +5649,8 @@ + +PCAP_LIB="" { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pcap_create in -lpcap" >&5 $as_echo_n "checking for pcap_create in -lpcap... " >&6; } if ${ac_cv_lib_pcap_pcap_create+:} false; then : @@ -5673,7 +5688,53 @@ { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pcap_pcap_create" >&5 $as_echo "$ac_cv_lib_pcap_pcap_create" >&6; } if test "x$ac_cv_lib_pcap_pcap_create" = xyes; then : - LIBS="-lpcap $LIBS" + PCAP_LIB="-lpcap" + +$as_echo "#define HAVE_PCAP 1" >>confdefs.h + + HAVE_PCAP=1 + +fi + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for pcap_create in -lwpcap" >&5 +$as_echo_n "checking for pcap_create in -lwpcap... " >&6; } +if ${ac_cv_lib_wpcap_pcap_create+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lwpcap $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pcap_create (); +int +main () +{ +return pcap_create (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_wpcap_pcap_create=yes +else + ac_cv_lib_wpcap_pcap_create=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_wpcap_pcap_create" >&5 +$as_echo "$ac_cv_lib_wpcap_pcap_create" >&6; } +if test "x$ac_cv_lib_wpcap_pcap_create" = xyes; then : + PCAP_LIB="-lwpcap" $as_echo "#define HAVE_PCAP 1" >>confdefs.h @@ -5682,6 +5743,7 @@ fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to redirect logging to stdout" >&5 $as_echo_n "checking whether to redirect logging to stdout... " >&6; } # Check whether --enable-log-stdout was given. @@ -6268,7 +6330,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by libsrtp2 $as_me 2.1.0, which was +This file was extended by libsrtp2 $as_me 2.2.0, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -6330,7 +6392,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -libsrtp2 config.status 2.1.0 +libsrtp2 config.status 2.2.0 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff -Nru libsrtp2-2.1.0/configure.ac libsrtp2-2.2.0/configure.ac --- libsrtp2-2.1.0/configure.ac 1970-01-01 00:00:00.000000000 +0000 +++ libsrtp2-2.2.0/configure.ac 2018-05-15 19:33:24.000000000 +0000 @@ -0,0 +1,337 @@ +dnl Process this file with autoconf to produce a configure script. +AC_INIT([libsrtp2], [2.2.0], [https://github.com/cisco/libsrtp/issues]) + +dnl Must come before AC_PROG_CC +EMPTY_CFLAGS="no" +if test "x$CFLAGS" = "x"; then + dnl Default value for CFLAGS if not specified. + EMPTY_CFLAGS="yes" +fi + +dnl Checks for programs. +AC_PROG_CC +AC_PROG_CPP +AC_ARG_VAR( + [EXTRA_CFLAGS], + [C compiler flags appended to the regular C compiler flags instead of overriding them]) +AM_PROG_AR +AC_PROG_RANLIB +AC_PROG_INSTALL +AC_PROG_SED + +dnl Check the byte order +AC_C_BIGENDIAN + +AC_CANONICAL_HOST + +dnl check host_cpu type, set defines appropriately +case $host_cpu in + i*86 | x86_64 ) + AC_DEFINE([CPU_CISC], [1], [Define if building for a CISC machine (e.g. Intel).]) + AC_DEFINE([HAVE_X86], [1], [Define to use X86 inlined assembly code]) + ;; + * ) + AC_DEFINE([CPU_RISC], [1], [Define if building for a RISC machine (assume slow byte access).]) + ;; +esac + +dnl Check if we are on a Windows platform. +case $host_os in + *cygwin*|*mingw* ) + EXE=.exe + ;; + * ) + EXE="" + ;; +esac +AC_SUBST([EXE]) # define executable suffix; this is needed for `make clean' + +dnl Checks for supported compiler flags. +supported_cflags="" +if test "$EMPTY_CFLAGS" = "no"; then + supported_cflags="$CFLAGS" +fi + +dnl For accurate detection, we need warnings as errors. +dnl I.e. Clang will issue a warning about unsupported flags. +dnl For the compilation to fail, those warnings needs to be upgraded to errors. +dnl This will be removed again once the tests are complete (see below). +WERROR="" +for w in -Werror -errwarn; do + if test "x$WERROR" = "x"; then + AC_MSG_CHECKING([whether ${CC-c} accepts $w]) + save_cflags="$CFLAGS" + AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$w"], [CFLAGS="$CFLAGS $w"]) + AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])], + [WERROR="$w" + AC_MSG_RESULT([yes])], + [CFLAGS="$save_cflags" + AC_MSG_RESULT([no])]) + fi +done + +dnl Note that -fPIC is not explicitly added to LDFLAGS. +dnl Since the compiler is used as the link driver, CFLAGS will be part of the +dnl link line as well and the linker will get the flag from there. +dnl Adding it to LDFLAGS explicitly would duplicate the flag on the link line, +dnl but otherwise do no harm. +AC_MSG_CHECKING([whether ${CC-c} accepts -fPIC]) +save_cflags="$CFLAGS" +AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="-fPIC"], [CFLAGS="$CFLAGS -fPIC"]) +AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])], + [AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="-fPIC"], [supported_cflags="$supported_cflags -fPIC"]) + AC_MSG_RESULT([yes])], + [CFLAGS="$save_cflags" + AC_MSG_RESULT([no])]) + +if test "$EMPTY_CFLAGS" = "yes"; then + for f in -Wall -pedantic -Wstrict-prototypes; do + AC_MSG_CHECKING([whether ${CC-c} accepts $f]) + save_cflags="$CFLAGS" + AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$f"], [CFLAGS="$CFLAGS $f"]) + AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])], + [AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="$f"], [supported_cflags="$supported_cflags $f"]) + AC_MSG_RESULT([yes])], + [CFLAGS="$save_cflags" + AC_MSG_RESULT([no])]) + done + + OOPT="" + for f in -O4 -O3; do + if test "x$OOPT" = "x"; then + AC_MSG_CHECKING([whether ${CC-c} accepts $f]) + save_cflags="$CFLAGS" + AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$f"], [CFLAGS="$CFLAGS $f"]) + AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])], + [AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="$f"], [supported_cflags="$supported_cflags $f"]) + OOPT="$f" + AC_MSG_RESULT([yes])], + [CFLAGS="$save_cflags" + AC_MSG_RESULT([no])]) + fi + done + + for f in -fexpensive-optimizations -funroll-loops; do + AC_MSG_CHECKING([whether ${CC-c} accepts $f]) + save_cflags="$CFLAGS" + AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$f"], [CFLAGS="$CFLAGS $f"]) + AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])], + [AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="$f"], [supported_cflags="$supported_cflags $f"]) + AC_MSG_RESULT([yes])], + [CFLAGS="$save_cflags" + AC_MSG_RESULT([no])]) + done +fi + +dnl When turning off warnigns, we're expecting unrecognized command line option errors if they're not +dnl supported. However, the -Wno- form isn't consulted unless a warning is triggered. +dnl At least that's the case for GCC. So to check which warnings we can turn off, we need to check +dnl if they can be turned on, thereby forcing GCC to take the argument into account right away. +for f in -Wno-language-extension-token; do + AC_MSG_CHECKING([whether ${CC-c} accepts $f]) + save_cflags="$CFLAGS" + testf=$(echo "$f" | $SED 's|-Wno-\(.*\)|-W\1|g') + AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$testf"], [CFLAGS="$CFLAGS $testf"]) + AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])], + [AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="$f"], [supported_cflags="$supported_cflags $f"]) + AC_MSG_RESULT([yes])], + [CFLAGS="$save_cflags" + AC_MSG_RESULT([no])]) +done + +dnl Remowing -Werror again +CFLAGS="$supported_cflags" + +dnl Checks for header files. +AC_HEADER_STDC +AC_CHECK_HEADERS( + [unistd.h byteswap.h stdint.h sys/uio.h inttypes.h sys/types.h machine/types.h sys/int_types.h], + [], [], [AC_INCLUDES_DEFAULT]) + +dnl socket() and friends +AC_CHECK_HEADERS([sys/socket.h netinet/in.h arpa/inet.h], [], [], [AC_INCLUDES_DEFAULT]) +AC_CHECK_HEADERS( + [windows.h], + [AC_CHECK_HEADERS([winsock2.h], [], [], [AC_INCLUDES_DEFAULT])], + [], [AC_INCLUDES_DEFAULT]) + +AC_CHECK_TYPES([int8_t, uint8_t, int16_t, uint16_t, int32_t, uint32_t, uint64_t]) +AC_CHECK_SIZEOF([unsigned long]) +AC_CHECK_SIZEOF([unsigned long long]) + +dnl Checks for typedefs, structures, and compiler characteristics. +AC_C_CONST +AC_C_INLINE +AC_TYPE_SIZE_T + +dnl Checks for library functions. +AC_CHECK_FUNCS([socket inet_aton usleep sigaction]) + +dnl Find socket function if not found yet. +if test "x$ac_cv_func_socket" = "xno"; then + AC_CHECK_LIB([socket], [socket]) + AC_MSG_CHECKING([for socket in -lwsock32]) + SAVELIBS="$LIBS" + LIBS="$LIBS -lwsock32" + AC_LINK_IFELSE( + [AC_LANG_SOURCE([ +#include +int main(void) +{ + int fd = socket(0, 0, 0); + if (fd < 0) + return -1; + else + return 0; +} + ])], + [ac_cv_func_socket=yes + AC_MSG_RESULT([yes])], + [LIBS="$SAVELIBS" + AC_MSG_RESULT([no])]) +fi + +AC_MSG_CHECKING([whether to enable debug logging in all modules]) +AC_ARG_ENABLE([debug-logging], + [AS_HELP_STRING([--enable-debug-logging], [Enable debug logging in all modules])], + [], enable_debug_logging=no) +if test "$enable_debug_logging" = "yes"; then + AC_DEFINE([ENABLE_DEBUG_LOGGING], [1], [Define to enabled debug logging for all mudules.]) +fi +AC_MSG_RESULT([$enable_debug_logging]) + +PKG_PROG_PKG_CONFIG +AS_IF([test "x$PKG_CONFIG" != "x"], [PKG_CONFIG="$PKG_CONFIG --static"]) + +AC_MSG_CHECKING([whether to leverage OpenSSL crypto]) +AC_ARG_ENABLE([openssl], + [AS_HELP_STRING([--enable-openssl], [compile in OpenSSL crypto engine])], + [], [enable_openssl=no]) +AC_MSG_RESULT([$enable_openssl]) +if test "$enable_openssl" = "yes"; then + AC_MSG_CHECKING([for user specified OpenSSL directory]) + AC_ARG_WITH([openssl-dir], + [AS_HELP_STRING([--with-openssl-dir], [Location of OpenSSL installation])], + [if test "x$PKG_CONFIG" != "x" && test -f $with_openssl_dir/lib/pkgconfig/libcrypto.pc; then + if test "x$PKG_CONFIG_PATH" = "x"; then + export PKG_CONFIG_PATH="$with_openssl_dir/lib/pkgconfig" + else + export PKG_CONFIG_PATH="$with_openssl_dir/lib/pkgconfig:$PKG_CONFIG_PATH" + fi + AC_MSG_RESULT([$with_openssl_dir]) + elif test -d $with_openssl_dir/lib; then + CFLAGS="$CFLAGS -I$with_openssl_dir/include" + if test "x$LDFLAGS" = "x"; then + LDFLAGS="-L$with_openssl_dir/lib" + else + LDFLAGS="$LDFLAGS -L$with_openssl_dir/lib" + fi + AC_MSG_RESULT([$with_openssl_dir]) + else + AC_MSG_RESULT([invalid]) + AC_MSG_FAILURE([Invalid OpenSSL location: $with_openssl_dir]) + fi], + [AC_MSG_RESULT([no])]) + + if test "x$PKG_CONFIG" != "x"; then + PKG_CHECK_MODULES([crypto], [libcrypto >= 1.0.1], + [CFLAGS="$CFLAGS $crypto_CFLAGS" + LIBS="$crypto_LIBS $LIBS"]) + else + AC_CHECK_LIB([dl], [dlopen], [], [AC_MSG_WARN([can't find libdl])]) + AC_CHECK_LIB([z], [inflate], [], [AC_MSG_WARN([can't find libz])]) + fi + + AC_SEARCH_LIBS([EVP_EncryptInit], [crypto], + [], [AC_MSG_FAILURE([can't find openssl >= 1.0.1 crypto lib])]) + AC_SEARCH_LIBS([EVP_aes_128_ctr], [crypto], + [], [AC_MSG_FAILURE([can't find openssl >= 1.0.1 crypto lib])]) + AC_SEARCH_LIBS([EVP_aes_128_gcm], [crypto], + [], [AC_MSG_FAILURE([can't find openssl >= 1.0.1 crypto lib])]) + + AC_DEFINE([OPENSSL], [1], [Define this to use OpenSSL crypto.]) + AES_ICM_OBJS="crypto/cipher/aes_icm_ossl.o crypto/cipher/aes_gcm_ossl.o" + HMAC_OBJS=crypto/hash/hmac_ossl.o + AC_SUBST([USE_OPENSSL], [1]) + + AC_MSG_CHECKING([whether to leverage OpenSSL KDF algorithm]) + AC_ARG_ENABLE([openssl-kdf], + [AS_HELP_STRING([--enable-openssl-kdf], [Use OpenSSL KDF algorithm])], + [], [enable_openssl_kdf=no]) + AC_MSG_RESULT([$enable_openssl_kdf]) + if test "$enable_openssl_kdf" = "yes"; then + AC_SEARCH_LIBS([kdf_srtp], [crypto], + [], [AC_MSG_FAILURE([can't find openssl KDF lib])]) + AC_DEFINE([OPENSSL_KDF], [1], [Define this to use OpenSSL KDF for SRTP.]) + fi +else + AES_ICM_OBJS="crypto/cipher/aes_icm.o crypto/cipher/aes.o" + HMAC_OBJS="crypto/hash/hmac.o crypto/hash/sha1.o" +fi +AC_SUBST([AES_ICM_OBJS]) +AC_SUBST([HMAC_OBJS]) + +dnl Checking for PCAP + +PCAP_LIB="" +AC_CHECK_LIB([pcap], [pcap_create], + [PCAP_LIB="-lpcap" + AC_DEFINE([HAVE_PCAP], [1], [Define to 1 if you have the `pcap' library (-lpcap)]) + AC_SUBST([HAVE_PCAP], [1])]) + +AC_CHECK_LIB([wpcap], [pcap_create], + [PCAP_LIB="-lwpcap" + AC_DEFINE([HAVE_PCAP], [1], [Define to 1 if you have the `winpcap' library (-lwpcap)]) + AC_SUBST([HAVE_PCAP], [1])]) +AC_SUBST([PCAP_LIB]) + +AC_MSG_CHECKING([whether to redirect logging to stdout]) +AC_ARG_ENABLE([log-stdout], + [AS_HELP_STRING([--enable-log-stdout], [redirecting logging to stdout])], + [], [enable_log_stdout=no]) +if test "$enable_log_stdout" = "yes"; then + AC_DEFINE([ERR_REPORTING_STDOUT], [1], [Define to redirect logging to stdout.]) +fi +AC_MSG_RESULT([$enable_log_stdout]) + +AC_MSG_CHECKING([wheather to use a file for logging]) +AC_ARG_WITH([log-file], + [AS_HELP_STRING([--with-log-file], [Use file for logging])], + [AS_CASE([x$with_log_file], + [x], [valid_with_log_file="no"], + [xyes], [valid_with_log_file="no"], + [valid_with_error_file="yes"]) + AS_IF([test "$valid_with_log_file" = "no"], + [AC_MSG_RESULT([invalid]) + AC_MSG_FAILURE([Invalid value for --with-log-file: "$with_log_file"])], + [AC_DEFINE_UNQUOTED([ERR_REPORTING_FILE], ["$with_log_file"], [Logging statments will be writen to this file.]) + AC_MSG_RESULT([using log file: "$with_log_file"])])], + [AC_MSG_RESULT([no])]) + +AS_IF( + [test "$enable_log_stdout" = "yes" && test "x$with_log_file" != "x"], + [AC_MSG_FAILURE([Can only use one of --enable-log-stdout and --with-log-file; they are mutually exclusive])]) + +dnl Appending EXTRA_CFLAGS, if given +AC_MSG_CHECKING([for extra C compiler flags]) +AS_IF([test "x$EXTRA_CFLAGS" != "x"], + [AS_IF([test "x$CFLAGS" = "x"], + [CFLAGS="$EXTRA_CFLAGS"], [CFLAGS="$CFLAGS $EXTRA_CFLAGS"]) + AC_MSG_RESULT([$EXTRA_CFLAGS])], + [AC_MSG_RESULT(no)]) + +AC_CONFIG_HEADER([crypto/include/config.h:config_in.h]) + +AC_CONFIG_FILES([Makefile crypto/Makefile doc/Makefile libsrtp2.pc]) +AC_OUTPUT + +# This is needed when building outside the source dir. +AS_MKDIR_P([crypto/cipher]) +AS_MKDIR_P([crypto/hash]) +AS_MKDIR_P([crypto/kernel]) +AS_MKDIR_P([crypto/math]) +AS_MKDIR_P([crypto/replay]) +AS_MKDIR_P([crypto/test]) +AS_MKDIR_P([doc]) +AS_MKDIR_P([srtp]) +AS_MKDIR_P([test]) diff -Nru libsrtp2-2.1.0/configure.in libsrtp2-2.2.0/configure.in --- libsrtp2-2.1.0/configure.in 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/configure.in 1970-01-01 00:00:00.000000000 +0000 @@ -1,329 +0,0 @@ -dnl Process this file with autoconf to produce a configure script. -AC_INIT([libsrtp2], [2.1.0], [https://github.com/cisco/libsrtp/issues]) - -dnl Must come before AC_PROG_CC -EMPTY_CFLAGS="no" -if test "x$CFLAGS" = "x"; then - dnl Default value for CFLAGS if not specified. - EMPTY_CFLAGS="yes" -fi - -dnl Checks for programs. -AC_PROG_CC -AC_PROG_CPP -AC_ARG_VAR( - [EXTRA_CFLAGS], - [C compiler flags appended to the regular C compiler flags instead of overriding them]) -AM_PROG_AR -AC_PROG_RANLIB -AC_PROG_INSTALL -AC_PROG_SED - -dnl Check the byte order -AC_C_BIGENDIAN - -AC_CANONICAL_HOST - -dnl check host_cpu type, set defines appropriately -case $host_cpu in - i*86 | x86_64 ) - AC_DEFINE([CPU_CISC], [1], [Define if building for a CISC machine (e.g. Intel).]) - AC_DEFINE([HAVE_X86], [1], [Define to use X86 inlined assembly code]) - ;; - * ) - AC_DEFINE([CPU_RISC], [1], [Define if building for a RISC machine (assume slow byte access).]) - ;; -esac - -dnl Check if we are on a Windows platform. -case $host_os in - *cygwin*|*mingw* ) - EXE=.exe - ;; - * ) - EXE="" - ;; -esac -AC_SUBST([EXE]) # define executable suffix; this is needed for `make clean' - -dnl Checks for supported compiler flags. -supported_cflags="" -if test "$EMPTY_CFLAGS" = "no"; then - supported_cflags="$CFLAGS" -fi - -dnl For accurate detection, we need warnings as errors. -dnl I.e. Clang will issue a warning about unsupported flags. -dnl For the compilation to fail, those warnings needs to be upgraded to errors. -dnl This will be removed again once the tests are complete (see below). -WERROR="" -for w in -Werror -errwarn; do - if test "x$WERROR" = "x"; then - AC_MSG_CHECKING([whether ${CC-c} accepts $w]) - save_cflags="$CFLAGS" - AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$w"], [CFLAGS="$CFLAGS $w"]) - AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])], - [WERROR="$w" - AC_MSG_RESULT([yes])], - [CFLAGS="$save_cflags" - AC_MSG_RESULT([no])]) - fi -done - -dnl Note that -fPIC is not explicitly added to LDFLAGS. -dnl Since the compiler is used as the link driver, CFLAGS will be part of the -dnl link line as well and the linker will get the flag from there. -dnl Adding it to LDFLAGS explicitly would duplicate the flag on the link line, -dnl but otherwise do no harm. -AC_MSG_CHECKING([whether ${CC-c} accepts -fPIC]) -save_cflags="$CFLAGS" -AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="-fPIC"], [CFLAGS="$CFLAGS -fPIC"]) -AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])], - [AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="-fPIC"], [supported_cflags="$supported_cflags -fPIC"]) - AC_MSG_RESULT([yes])], - [CFLAGS="$save_cflags" - AC_MSG_RESULT([no])]) - -if test "$EMPTY_CFLAGS" = "yes"; then - for f in -Wall -pedantic -Wstrict-prototypes; do - AC_MSG_CHECKING([whether ${CC-c} accepts $f]) - save_cflags="$CFLAGS" - AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$f"], [CFLAGS="$CFLAGS $f"]) - AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])], - [AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="$f"], [supported_cflags="$supported_cflags $f"]) - AC_MSG_RESULT([yes])], - [CFLAGS="$save_cflags" - AC_MSG_RESULT([no])]) - done - - OOPT="" - for f in -O4 -O3; do - if test "x$OOPT" = "x"; then - AC_MSG_CHECKING([whether ${CC-c} accepts $f]) - save_cflags="$CFLAGS" - AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$f"], [CFLAGS="$CFLAGS $f"]) - AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])], - [AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="$f"], [supported_cflags="$supported_cflags $f"]) - OOPT="$f" - AC_MSG_RESULT([yes])], - [CFLAGS="$save_cflags" - AC_MSG_RESULT([no])]) - fi - done - - for f in -fexpensive-optimizations -funroll-loops; do - AC_MSG_CHECKING([whether ${CC-c} accepts $f]) - save_cflags="$CFLAGS" - AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$f"], [CFLAGS="$CFLAGS $f"]) - AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])], - [AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="$f"], [supported_cflags="$supported_cflags $f"]) - AC_MSG_RESULT([yes])], - [CFLAGS="$save_cflags" - AC_MSG_RESULT([no])]) - done -fi - -dnl When turning off warnigns, we're expecting unrecognized command line option errors if they're not -dnl supported. However, the -Wno- form isn't consulted unless a warning is triggered. -dnl At least that's the case for GCC. So to check which warnings we can turn off, we need to check -dnl if they can be turned on, thereby forcing GCC to take the argument into account right away. -for f in -Wno-language-extension-token; do - AC_MSG_CHECKING([whether ${CC-c} accepts $f]) - save_cflags="$CFLAGS" - testf=$(echo "$f" | $SED 's|-Wno-\(.*\)|-W\1|g') - AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$testf"], [CFLAGS="$CFLAGS $testf"]) - AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])], - [AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="$f"], [supported_cflags="$supported_cflags $f"]) - AC_MSG_RESULT([yes])], - [CFLAGS="$save_cflags" - AC_MSG_RESULT([no])]) -done - -dnl Remowing -Werror again -CFLAGS="$supported_cflags" - -dnl Checks for header files. -AC_HEADER_STDC -AC_CHECK_HEADERS( - [unistd.h byteswap.h stdint.h sys/uio.h inttypes.h sys/types.h machine/types.h sys/int_types.h], - [], [], [AC_INCLUDES_DEFAULT]) - -dnl socket() and friends -AC_CHECK_HEADERS([sys/socket.h netinet/in.h arpa/inet.h], [], [], [AC_INCLUDES_DEFAULT]) -AC_CHECK_HEADERS( - [windows.h], - [AC_CHECK_HEADERS([winsock2.h], [], [], [AC_INCLUDES_DEFAULT])], - [], [AC_INCLUDES_DEFAULT]) - -AC_CHECK_TYPES([int8_t, uint8_t, int16_t, uint16_t, int32_t, uint32_t, uint64_t]) -AC_CHECK_SIZEOF([unsigned long]) -AC_CHECK_SIZEOF([unsigned long long]) - -dnl Checks for typedefs, structures, and compiler characteristics. -AC_C_CONST -AC_C_INLINE -AC_TYPE_SIZE_T - -dnl Checks for library functions. -AC_CHECK_FUNCS([socket inet_aton usleep sigaction]) - -dnl Find socket function if not found yet. -if test "x$ac_cv_func_socket" = "xno"; then - AC_CHECK_LIB([socket], [socket]) - AC_MSG_CHECKING([for socket in -lwsock32]) - SAVELIBS="$LIBS" - LIBS="$LIBS -lwsock32" - AC_LINK_IFELSE( - [AC_LANG_SOURCE([ -#include -int main(void) -{ - int fd = socket(0, 0, 0); - if (fd < 0) - return -1; - else - return 0; -} - ])], - [ac_cv_func_socket=yes - AC_MSG_RESULT([yes])], - [LIBS="$SAVELIBS" - AC_MSG_RESULT([no])]) -fi - -AC_MSG_CHECKING([whether to enable debug logging in all modules]) -AC_ARG_ENABLE([debug-logging], - [AS_HELP_STRING([--enable-debug-logging], [Enable debug logging in all modules])], - [], enable_debug_logging=no) -if test "$enable_debug_logging" = "yes"; then - AC_DEFINE([ENABLE_DEBUG_LOGGING], [1], [Define to enabled debug logging for all mudules.]) -fi -AC_MSG_RESULT([$enable_debug_logging]) - -PKG_PROG_PKG_CONFIG -AS_IF([test "x$PKG_CONFIG" != "x"], [PKG_CONFIG="$PKG_CONFIG --static"]) - -AC_MSG_CHECKING([whether to leverage OpenSSL crypto]) -AC_ARG_ENABLE([openssl], - [AS_HELP_STRING([--enable-openssl], [compile in OpenSSL crypto engine])], - [], [enable_openssl=no]) -AC_MSG_RESULT([$enable_openssl]) -if test "$enable_openssl" = "yes"; then - AC_MSG_CHECKING([for user specified OpenSSL directory]) - AC_ARG_WITH([openssl-dir], - [AS_HELP_STRING([--with-openssl-dir], [Location of OpenSSL installation])], - [if test "x$PKG_CONFIG" != "x" && test -f $with_openssl_dir/lib/pkgconfig/libcrypto.pc; then - if test "x$PKG_CONFIG_PATH" = "x"; then - export PKG_CONFIG_PATH="$with_openssl_dir/lib/pkgconfig" - else - export PKG_CONFIG_PATH="$with_openssl_dir/lib/pkgconfig:$PKG_CONFIG_PATH" - fi - AC_MSG_RESULT([$with_openssl_dir]) - elif test -d $with_openssl_dir/lib; then - CFLAGS="$CFLAGS -I$with_openssl_dir/include" - if test "x$LDFLAGS" = "x"; then - LDFLAGS="-L$with_openssl_dir/lib" - else - LDFLAGS="$LDFLAGS -L$with_openssl_dir/lib" - fi - AC_MSG_RESULT([$with_openssl_dir]) - else - AC_MSG_RESULT([invalid]) - AC_MSG_FAILURE([Invalid OpenSSL location: $with_openssl_dir]) - fi], - [AC_MSG_RESULT([no])]) - - if test "x$PKG_CONFIG" != "x"; then - PKG_CHECK_MODULES([crypto], [libcrypto >= 1.0.1], - [CFLAGS="$CFLAGS $crypto_CFLAGS" - LIBS="$crypto_LIBS $LIBS"]) - else - AC_CHECK_LIB([dl], [dlopen], [], [AC_MSG_WARN([can't find libdl])]) - AC_CHECK_LIB([z], [inflate], [], [AC_MSG_WARN([can't find libz])]) - fi - - AC_SEARCH_LIBS([EVP_EncryptInit], [crypto], - [], [AC_MSG_FAILURE([can't find openssl >= 1.0.1 crypto lib])]) - AC_SEARCH_LIBS([EVP_aes_128_ctr], [crypto], - [], [AC_MSG_FAILURE([can't find openssl >= 1.0.1 crypto lib])]) - AC_SEARCH_LIBS([EVP_aes_128_gcm], [crypto], - [], [AC_MSG_FAILURE([can't find openssl >= 1.0.1 crypto lib])]) - - AC_DEFINE([OPENSSL], [1], [Define this to use OpenSSL crypto.]) - AES_ICM_OBJS="crypto/cipher/aes_icm_ossl.o crypto/cipher/aes_gcm_ossl.o" - HMAC_OBJS=crypto/hash/hmac_ossl.o - AC_SUBST([USE_OPENSSL], [1]) - - AC_MSG_CHECKING([whether to leverage OpenSSL KDF algorithm]) - AC_ARG_ENABLE([openssl-kdf], - [AS_HELP_STRING([--enable-openssl-kdf], [Use OpenSSL KDF algorithm])], - [], [enable_openssl_kdf=no]) - AC_MSG_RESULT([$enable_openssl_kdf]) - if test "$enable_openssl_kdf" = "yes"; then - AC_SEARCH_LIBS([kdf_srtp], [crypto], - [], [AC_MSG_FAILURE([can't find openssl KDF lib])]) - AC_DEFINE([OPENSSL_KDF], [1], [Define this to use OpenSSL KDF for SRTP.]) - fi -else - AES_ICM_OBJS="crypto/cipher/aes_icm.o crypto/cipher/aes.o" - HMAC_OBJS="crypto/hash/hmac.o crypto/hash/sha1.o" -fi -AC_SUBST([AES_ICM_OBJS]) -AC_SUBST([HMAC_OBJS]) - -dnl Checking for PCAP -AC_CHECK_LIB([pcap], [pcap_create], - [LIBS="-lpcap $LIBS" - AC_DEFINE([HAVE_PCAP], [1], [Define to 1 if you have the `pcap' library (-lpcap)]) - AC_SUBST([HAVE_PCAP], [1])]) - -AC_MSG_CHECKING([whether to redirect logging to stdout]) -AC_ARG_ENABLE([log-stdout], - [AS_HELP_STRING([--enable-log-stdout], [redirecting logging to stdout])], - [], [enable_log_stdout=no]) -if test "$enable_log_stdout" = "yes"; then - AC_DEFINE([ERR_REPORTING_STDOUT], [1], [Define to redirect logging to stdout.]) -fi -AC_MSG_RESULT([$enable_log_stdout]) - -AC_MSG_CHECKING([wheather to use a file for logging]) -AC_ARG_WITH([log-file], - [AS_HELP_STRING([--with-log-file], [Use file for logging])], - [AS_CASE([x$with_log_file], - [x], [valid_with_log_file="no"], - [xyes], [valid_with_log_file="no"], - [valid_with_error_file="yes"]) - AS_IF([test "$valid_with_log_file" = "no"], - [AC_MSG_RESULT([invalid]) - AC_MSG_FAILURE([Invalid value for --with-log-file: "$with_log_file"])], - [AC_DEFINE_UNQUOTED([ERR_REPORTING_FILE], ["$with_log_file"], [Logging statments will be writen to this file.]) - AC_MSG_RESULT([using log file: "$with_log_file"])])], - [AC_MSG_RESULT([no])]) - -AS_IF( - [test "$enable_log_stdout" = "yes" && test "x$with_log_file" != "x"], - [AC_MSG_FAILURE([Can only use one of --enable-log-stdout and --with-log-file; they are mutually exclusive])]) - -dnl Appending EXTRA_CFLAGS, if given -AC_MSG_CHECKING([for extra C compiler flags]) -AS_IF([test "x$EXTRA_CFLAGS" != "x"], - [AS_IF([test "x$CFLAGS" = "x"], - [CFLAGS="$EXTRA_CFLAGS"], [CFLAGS="$CFLAGS $EXTRA_CFLAGS"]) - AC_MSG_RESULT([$EXTRA_CFLAGS])], - [AC_MSG_RESULT(no)]) - -AC_CONFIG_HEADER([crypto/include/config.h:config_in.h]) - -AC_CONFIG_FILES([Makefile crypto/Makefile doc/Makefile libsrtp2.pc]) -AC_OUTPUT - -# This is needed when building outside the source dir. -AS_MKDIR_P([crypto/cipher]) -AS_MKDIR_P([crypto/hash]) -AS_MKDIR_P([crypto/kernel]) -AS_MKDIR_P([crypto/math]) -AS_MKDIR_P([crypto/replay]) -AS_MKDIR_P([crypto/test]) -AS_MKDIR_P([doc]) -AS_MKDIR_P([srtp]) -AS_MKDIR_P([test]) diff -Nru libsrtp2-2.1.0/crypto/cipher/aes.c libsrtp2-2.2.0/crypto/cipher/aes.c --- libsrtp2-2.1.0/crypto/cipher/aes.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/cipher/aes.c 2018-05-15 19:33:24.000000000 +0000 @@ -44,7 +44,7 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "aes.h" @@ -63,7 +63,7 @@ */ #ifndef WORDS_BIGENDIAN - +/* clang-format off */ static const uint32_t T0[256] = { 0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0xdf2f2ff, 0xbd6b6bd6, 0xb16f6fde, 0x54c5c591, @@ -130,7 +130,9 @@ 0xc3414182, 0xb0999929, 0x772d2d5a, 0x110f0f1e, 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 0x3a16162c, }; +/* clang-format on */ +/* clang-format off */ static const uint32_t T1[256] = { 0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d, 0xf2f2ff0d, 0x6b6bd6bd, 0x6f6fdeb1, 0xc5c59154, @@ -197,7 +199,9 @@ 0x414182c3, 0x999929b0, 0x2d2d5a77, 0xf0f1e11, 0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 0x16162c3a, }; +/* clang-format on */ +/* clang-format off */ static const uint32_t T2[256] = { 0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b, 0xf2ff0df2, 0x6bd6bd6b, 0x6fdeb16f, 0xc59154c5, @@ -264,7 +268,9 @@ 0x4182c341, 0x9929b099, 0x2d5a772d, 0xf1e110f, 0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 0x162c3a16, }; +/* clang-format on */ +/* clang-format off */ static const uint32_t T3[256] = { 0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b, 0xff0df2f2, 0xd6bd6b6b, 0xdeb16f6f, 0x9154c5c5, @@ -331,7 +337,9 @@ 0x82c34141, 0x29b09999, 0x5a772d2d, 0x1e110f0f, 0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 0x2c3a1616, }; +/* clang-format on */ +/* clang-format off */ static const uint32_t U0[256] = { 0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b, 0xf1459d1f, 0xab58faac, 0x9303e34b, @@ -398,7 +406,9 @@ 0x7101a839, 0xdeb30c08, 0x9ce4b4d8, 0x90c15664, 0x6184cb7b, 0x70b632d5, 0x745c6c48, 0x4257b8d0, }; +/* clang-format on */ +/* clang-format off */ static const uint32_t U1[256] = { 0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96, 0x6bab3bcb, 0x459d1ff1, 0x58faacab, 0x3e34b93, @@ -465,7 +475,9 @@ 0x1a83971, 0xb30c08de, 0xe4b4d89c, 0xc1566490, 0x84cb7b61, 0xb632d570, 0x5c6c4874, 0x57b8d042, }; +/* clang-format on */ +/* clang-format off */ static const uint32_t U2[256] = { 0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e, 0xab3bcb6b, 0x9d1ff145, 0xfaacab58, 0xe34b9303, @@ -532,7 +544,9 @@ 0xa8397101, 0xc08deb3, 0xb4d89ce4, 0x566490c1, 0xcb7b6184, 0x32d570b6, 0x6c48745c, 0xb8d04257, }; +/* clang-format on */ +/* clang-format off */ static const uint32_t U3[256] = { 0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27, 0x3bcb6bab, 0x1ff1459d, 0xacab58fa, 0x4b9303e3, @@ -599,9 +613,10 @@ 0x397101a8, 0x8deb30c, 0xd89ce4b4, 0x6490c156, 0x7b6184cb, 0xd570b632, 0x48745c6c, 0xd04257b8, }; +/* clang-format on */ #else /* assume big endian */ - +/* clang-format off */ static const uint32_t T0[256] = { 0xc66363a5, 0xf87c7c84, 0xee777799, 0xf67b7b8d, 0xfff2f20d, 0xd66b6bbd, 0xde6f6fb1, 0x91c5c554, @@ -668,7 +683,9 @@ 0x824141c3, 0x299999b0, 0x5a2d2d77, 0x1e0f0f11, 0x7bb0b0cb, 0xa85454fc, 0x6dbbbbd6, 0x2c16163a, }; +/* clang-format on */ +/* clang-format off */ static const uint32_t T1[256] = { 0xa5c66363, 0x84f87c7c, 0x99ee7777, 0x8df67b7b, 0xdfff2f2, 0xbdd66b6b, 0xb1de6f6f, 0x5491c5c5, @@ -735,7 +752,9 @@ 0xc3824141, 0xb0299999, 0x775a2d2d, 0x111e0f0f, 0xcb7bb0b0, 0xfca85454, 0xd66dbbbb, 0x3a2c1616, }; +/* clang-format on */ +/* clang-format off */ static const uint32_t T2[256] = { 0x63a5c663, 0x7c84f87c, 0x7799ee77, 0x7b8df67b, 0xf20dfff2, 0x6bbdd66b, 0x6fb1de6f, 0xc55491c5, @@ -802,7 +821,9 @@ 0x41c38241, 0x99b02999, 0x2d775a2d, 0xf111e0f, 0xb0cb7bb0, 0x54fca854, 0xbbd66dbb, 0x163a2c16, }; +/* clang-format on */ +/* clang-format off */ static const uint32_t T3[256] = { 0x6363a5c6, 0x7c7c84f8, 0x777799ee, 0x7b7b8df6, 0xf2f20dff, 0x6b6bbdd6, 0x6f6fb1de, 0xc5c55491, @@ -869,7 +890,9 @@ 0x4141c382, 0x9999b029, 0x2d2d775a, 0xf0f111e, 0xb0b0cb7b, 0x5454fca8, 0xbbbbd66d, 0x16163a2c, }; +/* clang-format on */ +/* clang-format off */ static const uint32_t U0[256] = { 0x51f4a750, 0x7e416553, 0x1a17a4c3, 0x3a275e96, 0x3bab6bcb, 0x1f9d45f1, 0xacfa58ab, 0x4be30393, @@ -936,7 +959,9 @@ 0x39a80171, 0x80cb3de, 0xd8b4e49c, 0x6456c190, 0x7bcb8461, 0xd532b670, 0x486c5c74, 0xd0b85742 }; +/* clang-format on */ +/* clang-format off */ static const uint32_t U1[256] = { 0x5051f4a7, 0x537e4165, 0xc31a17a4, 0x963a275e, 0xcb3bab6b, 0xf11f9d45, 0xabacfa58, 0x934be303, @@ -1003,7 +1028,9 @@ 0x7139a801, 0xde080cb3, 0x9cd8b4e4, 0x906456c1, 0x617bcb84, 0x70d532b6, 0x74486c5c, 0x42d0b857 }; +/* clang-format on */ +/* clang-format off */ static const uint32_t U2[256] = { 0xa75051f4, 0x65537e41, 0xa4c31a17, 0x5e963a27, 0x6bcb3bab, 0x45f11f9d, 0x58abacfa, 0x3934be3, @@ -1070,7 +1097,9 @@ 0x17139a8, 0xb3de080c, 0xe49cd8b4, 0xc1906456, 0x84617bcb, 0xb670d532, 0x5c74486c, 0x5742d0b8 }; +/* clang-format on */ +/* clang-format off */ static const uint32_t U3[256] = { 0xf4a75051, 0x4165537e, 0x17a4c31a, 0x275e963a, 0xab6bcb3b, 0x9d45f11f, 0xfa58abac, 0xe303934b, @@ -1137,16 +1166,15 @@ 0xa8017139, 0xcb3de08, 0xb4e49cd8, 0x56c19064, 0xcb84617b, 0x32b670d5, 0x6c5c7448, 0xb85742d0 }; - +/* clang-format on */ #endif /* * the following tables (aes_sbox, aes_inv_sbox, T4, U4) are * endian-neutral */ - -static const uint8_t - aes_sbox[256] = { +/* clang-format off */ +static const uint8_t aes_sbox[256] = { 0x63, 0x7c, 0x77, 0x7b, 0xf2, 0x6b, 0x6f, 0xc5, 0x30, 0x01, 0x67, 0x2b, 0xfe, 0xd7, 0xab, 0x76, 0xca, 0x82, 0xc9, 0x7d, 0xfa, 0x59, 0x47, 0xf0, @@ -1180,10 +1208,11 @@ 0x8c, 0xa1, 0x89, 0x0d, 0xbf, 0xe6, 0x42, 0x68, 0x41, 0x99, 0x2d, 0x0f, 0xb0, 0x54, 0xbb, 0x16 }; +/* clang-format on */ #ifndef CPU_RISC -static const uint8_t - aes_inv_sbox[256] = { +/* clang-format off */ +static const uint8_t aes_inv_sbox[256] = { 0x52, 0x09, 0x6a, 0xd5, 0x30, 0x36, 0xa5, 0x38, 0xbf, 0x40, 0xa3, 0x9e, 0x81, 0xf3, 0xd7, 0xfb, 0x7c, 0xe3, 0x39, 0x82, 0x9b, 0x2f, 0xff, 0x87, @@ -1217,11 +1246,12 @@ 0x17, 0x2b, 0x04, 0x7e, 0xba, 0x77, 0xd6, 0x26, 0xe1, 0x69, 0x14, 0x63, 0x55, 0x21, 0x0c, 0x7d }; +/* clang-format on */ #endif /* ! CPU_RISC */ #ifdef CPU_RISC -static const uint32_t - T4[256] = { +/* clang-format off */ +static const uint32_t T4[256] = { 0x63636363, 0x7c7c7c7c, 0x77777777, 0x7b7b7b7b, 0xf2f2f2f2, 0x6b6b6b6b, 0x6f6f6f6f, 0xc5c5c5c5, 0x30303030, 0x01010101, 0x67676767, 0x2b2b2b2b, @@ -1287,7 +1317,9 @@ 0x41414141, 0x99999999, 0x2d2d2d2d, 0x0f0f0f0f, 0xb0b0b0b0, 0x54545454, 0xbbbbbbbb, 0x16161616 }; +/* clang-format on */ +/* clang-format off */ static const uint32_t U4[256] = { 0x52525252, 0x9090909, 0x6a6a6a6a, 0xd5d5d5d5, 0x30303030, 0x36363636, 0xa5a5a5a5, 0x38383838, @@ -1354,6 +1386,7 @@ 0xe1e1e1e1, 0x69696969, 0x14141414, 0x63636363, 0x55555555, 0x21212121, 0xc0c0c0c, 0x7d7d7d7d }; +/* clang-format on */ #endif /* CPU_RISC */ #define gf2_8_field_polynomial 0x1B @@ -1363,16 +1396,13 @@ * next gf2_8 value in the cyclic representation of that field. The * value z should be an uint8_t. */ -#define gf2_8_shift(z) (((z) & 128) ? \ - (((z) << 1) ^ gf2_8_field_polynomial) : ((z) << 1)) +#define gf2_8_shift(z) \ + (((z)&128) ? (((z) << 1) ^ gf2_8_field_polynomial) : ((z) << 1)) /* aes internals */ -extern srtp_debug_module_t srtp_mod_aes_icm; - -static void -aes_128_expand_encryption_key (const uint8_t *key, - srtp_aes_expanded_key_t *expanded_key) +static void aes_128_expand_encryption_key(const uint8_t *key, + srtp_aes_expanded_key_t *expanded_key) { int i; uint8_t rc; @@ -1391,14 +1421,17 @@ /* loop over round keys */ for (i = 1; i < 11; i++) { - /* munge first word of round key */ - expanded_key->round[i].v8[0] = aes_sbox[expanded_key->round[i - 1].v8[13]] ^ rc; - expanded_key->round[i].v8[1] = aes_sbox[expanded_key->round[i - 1].v8[14]]; - expanded_key->round[i].v8[2] = aes_sbox[expanded_key->round[i - 1].v8[15]]; - expanded_key->round[i].v8[3] = aes_sbox[expanded_key->round[i - 1].v8[12]]; + expanded_key->round[i].v8[0] = + aes_sbox[expanded_key->round[i - 1].v8[13]] ^ rc; + expanded_key->round[i].v8[1] = + aes_sbox[expanded_key->round[i - 1].v8[14]]; + expanded_key->round[i].v8[2] = + aes_sbox[expanded_key->round[i - 1].v8[15]]; + expanded_key->round[i].v8[3] = + aes_sbox[expanded_key->round[i - 1].v8[12]]; - expanded_key->round[i].v32[0] ^= expanded_key->round[i - 1].v32[0]; + expanded_key->round[i].v32[0] ^= expanded_key->round[i - 1].v32[0]; /* set remaining 32 bit words to the exor of the one previous with * the one four words previous */ @@ -1419,13 +1452,11 @@ /* modify round constant */ rc = gf2_8_shift(rc); - } } -static void -aes_256_expand_encryption_key (const unsigned char *key, - srtp_aes_expanded_key_t *expanded_key) +static void aes_256_expand_encryption_key(const unsigned char *key, + srtp_aes_expanded_key_t *expanded_key) { int i; uint8_t rc; @@ -1447,24 +1478,31 @@ /* loop over rest of round keys */ for (i = 2; i < 15; i++) { - /* munge first word of round key */ if ((i & 1) == 0) { - expanded_key->round[i].v8[0] = aes_sbox[expanded_key->round[i - 1].v8[13]] ^ rc; - expanded_key->round[i].v8[1] = aes_sbox[expanded_key->round[i - 1].v8[14]]; - expanded_key->round[i].v8[2] = aes_sbox[expanded_key->round[i - 1].v8[15]]; - expanded_key->round[i].v8[3] = aes_sbox[expanded_key->round[i - 1].v8[12]]; + expanded_key->round[i].v8[0] = + aes_sbox[expanded_key->round[i - 1].v8[13]] ^ rc; + expanded_key->round[i].v8[1] = + aes_sbox[expanded_key->round[i - 1].v8[14]]; + expanded_key->round[i].v8[2] = + aes_sbox[expanded_key->round[i - 1].v8[15]]; + expanded_key->round[i].v8[3] = + aes_sbox[expanded_key->round[i - 1].v8[12]]; /* modify round constant */ rc = gf2_8_shift(rc); - }else { - expanded_key->round[i].v8[0] = aes_sbox[expanded_key->round[i - 1].v8[12]]; - expanded_key->round[i].v8[1] = aes_sbox[expanded_key->round[i - 1].v8[13]]; - expanded_key->round[i].v8[2] = aes_sbox[expanded_key->round[i - 1].v8[14]]; - expanded_key->round[i].v8[3] = aes_sbox[expanded_key->round[i - 1].v8[15]]; + } else { + expanded_key->round[i].v8[0] = + aes_sbox[expanded_key->round[i - 1].v8[12]]; + expanded_key->round[i].v8[1] = + aes_sbox[expanded_key->round[i - 1].v8[13]]; + expanded_key->round[i].v8[2] = + aes_sbox[expanded_key->round[i - 1].v8[14]]; + expanded_key->round[i].v8[3] = + aes_sbox[expanded_key->round[i - 1].v8[15]]; } - expanded_key->round[i].v32[0] ^= expanded_key->round[i - 2].v32[0]; + expanded_key->round[i].v32[0] ^= expanded_key->round[i - 2].v32[0]; /* set remaining 32 bit words to the exor of the one previous with * the one eight words previous */ @@ -1482,31 +1520,32 @@ debug_print2(srtp_mod_aes_icm, "expanded key[%d]: %s", i, v128_hex_string(&expanded_key->round[i])); #endif - } } -srtp_err_status_t srtp_aes_expand_encryption_key (const uint8_t *key, - int key_len, - srtp_aes_expanded_key_t *expanded_key) +srtp_err_status_t srtp_aes_expand_encryption_key( + const uint8_t *key, + int key_len, + srtp_aes_expanded_key_t *expanded_key) { if (key_len == 16) { aes_128_expand_encryption_key(key, expanded_key); return srtp_err_status_ok; - }else if (key_len == 24) { + } else if (key_len == 24) { /* AES-192 not yet supported */ return srtp_err_status_bad_param; - }else if (key_len == 32) { + } else if (key_len == 32) { aes_256_expand_encryption_key(key, expanded_key); return srtp_err_status_ok; - }else { + } else { return srtp_err_status_bad_param; } } -srtp_err_status_t srtp_aes_expand_decryption_key (const uint8_t *key, - int key_len, - srtp_aes_expanded_key_t *expanded_key) +srtp_err_status_t srtp_aes_expand_decryption_key( + const uint8_t *key, + int key_len, + srtp_aes_expanded_key_t *expanded_key) { int i; srtp_err_status_t status; @@ -1521,7 +1560,8 @@ for (i = 0; i < num_rounds / 2; i++) { v128_t tmp; v128_copy(&tmp, &expanded_key->round[num_rounds - i]); - v128_copy(&expanded_key->round[num_rounds - i], &expanded_key->round[i]); + v128_copy(&expanded_key->round[num_rounds - i], + &expanded_key->round[i]); v128_copy(&expanded_key->round[i], &tmp); } @@ -1538,6 +1578,7 @@ uint32_t tmp; #ifdef WORDS_BIGENDIAN + /* clang-format off */ tmp = expanded_key->round[i].v32[0]; expanded_key->round[i].v32[0] = U0[T4[(tmp >> 24) ] & 0xff] ^ @@ -1593,31 +1634,32 @@ U2[T4[(tmp >> 16) & 0xff] & 0xff] ^ U1[T4[(tmp >> 8) & 0xff] & 0xff] ^ U0[T4[(tmp) & 0xff] & 0xff]; -#endif /* WORDS_BIGENDIAN */ +/* clang-format on */ +#endif /* WORDS_BIGENDIAN */ #else /* assume CPU_CISC */ uint32_t c0, c1, c2, c3; - c0 = U0[aes_sbox[expanded_key->round[i].v8[0]]] - ^ U1[aes_sbox[expanded_key->round[i].v8[1]]] - ^ U2[aes_sbox[expanded_key->round[i].v8[2]]] - ^ U3[aes_sbox[expanded_key->round[i].v8[3]]]; - - c1 = U0[aes_sbox[expanded_key->round[i].v8[4]]] - ^ U1[aes_sbox[expanded_key->round[i].v8[5]]] - ^ U2[aes_sbox[expanded_key->round[i].v8[6]]] - ^ U3[aes_sbox[expanded_key->round[i].v8[7]]]; - - c2 = U0[aes_sbox[expanded_key->round[i].v8[8]]] - ^ U1[aes_sbox[expanded_key->round[i].v8[9]]] - ^ U2[aes_sbox[expanded_key->round[i].v8[10]]] - ^ U3[aes_sbox[expanded_key->round[i].v8[11]]]; - - c3 = U0[aes_sbox[expanded_key->round[i].v8[12]]] - ^ U1[aes_sbox[expanded_key->round[i].v8[13]]] - ^ U2[aes_sbox[expanded_key->round[i].v8[14]]] - ^ U3[aes_sbox[expanded_key->round[i].v8[15]]]; + c0 = U0[aes_sbox[expanded_key->round[i].v8[0]]] ^ + U1[aes_sbox[expanded_key->round[i].v8[1]]] ^ + U2[aes_sbox[expanded_key->round[i].v8[2]]] ^ + U3[aes_sbox[expanded_key->round[i].v8[3]]]; + + c1 = U0[aes_sbox[expanded_key->round[i].v8[4]]] ^ + U1[aes_sbox[expanded_key->round[i].v8[5]]] ^ + U2[aes_sbox[expanded_key->round[i].v8[6]]] ^ + U3[aes_sbox[expanded_key->round[i].v8[7]]]; + + c2 = U0[aes_sbox[expanded_key->round[i].v8[8]]] ^ + U1[aes_sbox[expanded_key->round[i].v8[9]]] ^ + U2[aes_sbox[expanded_key->round[i].v8[10]]] ^ + U3[aes_sbox[expanded_key->round[i].v8[11]]]; + + c3 = U0[aes_sbox[expanded_key->round[i].v8[12]]] ^ + U1[aes_sbox[expanded_key->round[i].v8[13]]] ^ + U2[aes_sbox[expanded_key->round[i].v8[14]]] ^ + U3[aes_sbox[expanded_key->round[i].v8[15]]]; expanded_key->round[i].v32[0] = c0; expanded_key->round[i].v32[1] = c1; @@ -1632,61 +1674,57 @@ #ifdef CPU_CISC - -static inline void aes_round (v128_t *state, const v128_t *round_key) +static inline void aes_round(v128_t *state, const v128_t *round_key) { uint32_t column0, column1, column2, column3; /* compute the columns of the output square in terms of the octets of state, using the tables T0, T1, T2, T3 */ - column0 = T0[state->v8[0]] ^ T1[state->v8[5]] - ^ T2[state->v8[10]] ^ T3[state->v8[15]]; + column0 = T0[state->v8[0]] ^ T1[state->v8[5]] ^ T2[state->v8[10]] ^ + T3[state->v8[15]]; - column1 = T0[state->v8[4]] ^ T1[state->v8[9]] - ^ T2[state->v8[14]] ^ T3[state->v8[3]]; + column1 = T0[state->v8[4]] ^ T1[state->v8[9]] ^ T2[state->v8[14]] ^ + T3[state->v8[3]]; - column2 = T0[state->v8[8]] ^ T1[state->v8[13]] - ^ T2[state->v8[2]] ^ T3[state->v8[7]]; + column2 = T0[state->v8[8]] ^ T1[state->v8[13]] ^ T2[state->v8[2]] ^ + T3[state->v8[7]]; - column3 = T0[state->v8[12]] ^ T1[state->v8[1]] - ^ T2[state->v8[6]] ^ T3[state->v8[11]]; + column3 = T0[state->v8[12]] ^ T1[state->v8[1]] ^ T2[state->v8[6]] ^ + T3[state->v8[11]]; state->v32[0] = column0 ^ round_key->v32[0]; state->v32[1] = column1 ^ round_key->v32[1]; state->v32[2] = column2 ^ round_key->v32[2]; state->v32[3] = column3 ^ round_key->v32[3]; - } - -static inline void aes_inv_round (v128_t *state, const v128_t *round_key) +static inline void aes_inv_round(v128_t *state, const v128_t *round_key) { uint32_t column0, column1, column2, column3; /* compute the columns of the output square in terms of the octets of state, using the tables U0, U1, U2, U3 */ - column0 = U0[state->v8[0]] ^ U1[state->v8[13]] - ^ U2[state->v8[10]] ^ U3[state->v8[7]]; + column0 = U0[state->v8[0]] ^ U1[state->v8[13]] ^ U2[state->v8[10]] ^ + U3[state->v8[7]]; - column1 = U0[state->v8[4]] ^ U1[state->v8[1]] - ^ U2[state->v8[14]] ^ U3[state->v8[11]]; + column1 = U0[state->v8[4]] ^ U1[state->v8[1]] ^ U2[state->v8[14]] ^ + U3[state->v8[11]]; - column2 = U0[state->v8[8]] ^ U1[state->v8[5]] - ^ U2[state->v8[2]] ^ U3[state->v8[15]]; + column2 = U0[state->v8[8]] ^ U1[state->v8[5]] ^ U2[state->v8[2]] ^ + U3[state->v8[15]]; - column3 = U0[state->v8[12]] ^ U1[state->v8[9]] - ^ U2[state->v8[6]] ^ U3[state->v8[3]]; + column3 = U0[state->v8[12]] ^ U1[state->v8[9]] ^ U2[state->v8[6]] ^ + U3[state->v8[3]]; state->v32[0] = column0 ^ round_key->v32[0]; state->v32[1] = column1 ^ round_key->v32[1]; state->v32[2] = column2 ^ round_key->v32[2]; state->v32[3] = column3 ^ round_key->v32[3]; - } -static inline void aes_final_round (v128_t *state, const v128_t *round_key) +static inline void aes_final_round(v128_t *state, const v128_t *round_key) { uint8_t tmp; @@ -1722,7 +1760,7 @@ v128_xor_eq(state, round_key); } -static inline void aes_inv_final_round (v128_t *state, const v128_t *round_key) +static inline void aes_inv_final_round(v128_t *state, const v128_t *round_key) { uint8_t tmp; @@ -1758,201 +1796,205 @@ v128_xor_eq(state, round_key); } - #elif CPU_RISC -static inline void aes_round (v128_t *state, const v128_t *round_key) +static inline void aes_round(v128_t *state, const v128_t *round_key) { uint32_t column0, column1, column2, column3; - /* compute the columns of the output square in terms of the octets - of state, using the tables T0, T1, T2, T3 */ +/* compute the columns of the output square in terms of the octets + of state, using the tables T0, T1, T2, T3 */ #ifdef WORDS_BIGENDIAN - column0 = T0[state->v32[0] >> 24] ^ T1[(state->v32[1] >> 16) & 0xff] - ^ T2[(state->v32[2] >> 8) & 0xff] ^ T3[state->v32[3] & 0xff]; + column0 = T0[state->v32[0] >> 24] ^ T1[(state->v32[1] >> 16) & 0xff] ^ + T2[(state->v32[2] >> 8) & 0xff] ^ T3[state->v32[3] & 0xff]; - column1 = T0[state->v32[1] >> 24] ^ T1[(state->v32[2] >> 16) & 0xff] - ^ T2[(state->v32[3] >> 8) & 0xff] ^ T3[state->v32[0] & 0xff]; + column1 = T0[state->v32[1] >> 24] ^ T1[(state->v32[2] >> 16) & 0xff] ^ + T2[(state->v32[3] >> 8) & 0xff] ^ T3[state->v32[0] & 0xff]; - column2 = T0[state->v32[2] >> 24] ^ T1[(state->v32[3] >> 16) & 0xff] - ^ T2[(state->v32[0] >> 8) & 0xff] ^ T3[state->v32[1] & 0xff]; + column2 = T0[state->v32[2] >> 24] ^ T1[(state->v32[3] >> 16) & 0xff] ^ + T2[(state->v32[0] >> 8) & 0xff] ^ T3[state->v32[1] & 0xff]; - column3 = T0[state->v32[3] >> 24] ^ T1[(state->v32[0] >> 16) & 0xff] - ^ T2[(state->v32[1] >> 8) & 0xff] ^ T3[state->v32[2] & 0xff]; + column3 = T0[state->v32[3] >> 24] ^ T1[(state->v32[0] >> 16) & 0xff] ^ + T2[(state->v32[1] >> 8) & 0xff] ^ T3[state->v32[2] & 0xff]; #else - column0 = T0[state->v32[0] & 0xff] ^ T1[(state->v32[1] >> 8) & 0xff] - ^ T2[(state->v32[2] >> 16) & 0xff] ^ T3[state->v32[3] >> 24]; + column0 = T0[state->v32[0] & 0xff] ^ T1[(state->v32[1] >> 8) & 0xff] ^ + T2[(state->v32[2] >> 16) & 0xff] ^ T3[state->v32[3] >> 24]; - column1 = T0[state->v32[1] & 0xff] ^ T1[(state->v32[2] >> 8) & 0xff] - ^ T2[(state->v32[3] >> 16) & 0xff] ^ T3[state->v32[0] >> 24]; + column1 = T0[state->v32[1] & 0xff] ^ T1[(state->v32[2] >> 8) & 0xff] ^ + T2[(state->v32[3] >> 16) & 0xff] ^ T3[state->v32[0] >> 24]; - column2 = T0[state->v32[2] & 0xff] ^ T1[(state->v32[3] >> 8) & 0xff] - ^ T2[(state->v32[0] >> 16) & 0xff] ^ T3[state->v32[1] >> 24]; + column2 = T0[state->v32[2] & 0xff] ^ T1[(state->v32[3] >> 8) & 0xff] ^ + T2[(state->v32[0] >> 16) & 0xff] ^ T3[state->v32[1] >> 24]; - column3 = T0[state->v32[3] & 0xff] ^ T1[(state->v32[0] >> 8) & 0xff] - ^ T2[(state->v32[1] >> 16) & 0xff] ^ T3[state->v32[2] >> 24]; + column3 = T0[state->v32[3] & 0xff] ^ T1[(state->v32[0] >> 8) & 0xff] ^ + T2[(state->v32[1] >> 16) & 0xff] ^ T3[state->v32[2] >> 24]; #endif /* WORDS_BIGENDIAN */ state->v32[0] = column0 ^ round_key->v32[0]; state->v32[1] = column1 ^ round_key->v32[1]; state->v32[2] = column2 ^ round_key->v32[2]; state->v32[3] = column3 ^ round_key->v32[3]; - } -static inline void aes_inv_round (v128_t *state, const v128_t *round_key) +static inline void aes_inv_round(v128_t *state, const v128_t *round_key) { uint32_t column0, column1, column2, column3; - /* compute the columns of the output square in terms of the octets - of state, using the tables U0, U1, U2, U3 */ +/* compute the columns of the output square in terms of the octets + of state, using the tables U0, U1, U2, U3 */ #ifdef WORDS_BIGENDIAN - column0 = U0[state->v32[0] >> 24] ^ U1[(state->v32[3] >> 16) & 0xff] - ^ U2[(state->v32[2] >> 8) & 0xff] ^ U3[state->v32[1] & 0xff]; + column0 = U0[state->v32[0] >> 24] ^ U1[(state->v32[3] >> 16) & 0xff] ^ + U2[(state->v32[2] >> 8) & 0xff] ^ U3[state->v32[1] & 0xff]; - column1 = U0[state->v32[1] >> 24] ^ U1[(state->v32[0] >> 16) & 0xff] - ^ U2[(state->v32[3] >> 8) & 0xff] ^ U3[state->v32[2] & 0xff]; + column1 = U0[state->v32[1] >> 24] ^ U1[(state->v32[0] >> 16) & 0xff] ^ + U2[(state->v32[3] >> 8) & 0xff] ^ U3[state->v32[2] & 0xff]; - column2 = U0[state->v32[2] >> 24] ^ U1[(state->v32[1] >> 16) & 0xff] - ^ U2[(state->v32[0] >> 8) & 0xff] ^ U3[state->v32[3] & 0xff]; + column2 = U0[state->v32[2] >> 24] ^ U1[(state->v32[1] >> 16) & 0xff] ^ + U2[(state->v32[0] >> 8) & 0xff] ^ U3[state->v32[3] & 0xff]; - column3 = U0[state->v32[3] >> 24] ^ U1[(state->v32[2] >> 16) & 0xff] - ^ U2[(state->v32[1] >> 8) & 0xff] ^ U3[state->v32[0] & 0xff]; + column3 = U0[state->v32[3] >> 24] ^ U1[(state->v32[2] >> 16) & 0xff] ^ + U2[(state->v32[1] >> 8) & 0xff] ^ U3[state->v32[0] & 0xff]; #else - column0 = U0[state->v32[0] & 0xff] ^ U1[(state->v32[3] >> 8) & 0xff] - ^ U2[(state->v32[2] >> 16) & 0xff] ^ U3[(state->v32[1] >> 24) & 0xff]; - - column1 = U0[state->v32[1] & 0xff] ^ U1[(state->v32[0] >> 8) & 0xff] - ^ U2[(state->v32[3] >> 16) & 0xff] ^ U3[(state->v32[2] >> 24) & 0xff]; - - column2 = U0[state->v32[2] & 0xff] ^ U1[(state->v32[1] >> 8) & 0xff] - ^ U2[(state->v32[0] >> 16) & 0xff] ^ U3[(state->v32[3] >> 24) & 0xff]; - - column3 = U0[state->v32[3] & 0xff] ^ U1[(state->v32[2] >> 8) & 0xff] - ^ U2[(state->v32[1] >> 16) & 0xff] ^ U3[(state->v32[0] >> 24) & 0xff]; + column0 = U0[state->v32[0] & 0xff] ^ U1[(state->v32[3] >> 8) & 0xff] ^ + U2[(state->v32[2] >> 16) & 0xff] ^ + U3[(state->v32[1] >> 24) & 0xff]; + + column1 = U0[state->v32[1] & 0xff] ^ U1[(state->v32[0] >> 8) & 0xff] ^ + U2[(state->v32[3] >> 16) & 0xff] ^ + U3[(state->v32[2] >> 24) & 0xff]; + + column2 = U0[state->v32[2] & 0xff] ^ U1[(state->v32[1] >> 8) & 0xff] ^ + U2[(state->v32[0] >> 16) & 0xff] ^ + U3[(state->v32[3] >> 24) & 0xff]; + + column3 = U0[state->v32[3] & 0xff] ^ U1[(state->v32[2] >> 8) & 0xff] ^ + U2[(state->v32[1] >> 16) & 0xff] ^ + U3[(state->v32[0] >> 24) & 0xff]; #endif /* WORDS_BIGENDIAN */ state->v32[0] = column0 ^ round_key->v32[0]; state->v32[1] = column1 ^ round_key->v32[1]; state->v32[2] = column2 ^ round_key->v32[2]; state->v32[3] = column3 ^ round_key->v32[3]; - } -static inline void aes_final_round (v128_t *state, const v128_t *round_key) +static inline void aes_final_round(v128_t *state, const v128_t *round_key) { uint32_t tmp0, tmp1, tmp2, tmp3; #ifdef WORDS_BIGENDIAN - tmp0 = (T4[(state->v32[0] >> 24)] & 0xff000000) - ^ (T4[(state->v32[1] >> 16) & 0xff] & 0x00ff0000) - ^ (T4[(state->v32[2] >> 8) & 0xff] & 0x0000ff00) - ^ (T4[(state->v32[3] ) & 0xff] & 0x000000ff) - ^ round_key->v32[0]; - - tmp1 = (T4[(state->v32[1] >> 24)] & 0xff000000) - ^ (T4[(state->v32[2] >> 16) & 0xff] & 0x00ff0000) - ^ (T4[(state->v32[3] >> 8) & 0xff] & 0x0000ff00) - ^ (T4[(state->v32[0] ) & 0xff] & 0x000000ff) - ^ round_key->v32[1]; - - tmp2 = (T4[(state->v32[2] >> 24)] & 0xff000000) - ^ (T4[(state->v32[3] >> 16) & 0xff] & 0x00ff0000) - ^ (T4[(state->v32[0] >> 8) & 0xff] & 0x0000ff00) - ^ (T4[(state->v32[1] ) & 0xff] & 0x000000ff) - ^ round_key->v32[2]; - - tmp3 = (T4[(state->v32[3] >> 24)] & 0xff000000) - ^ (T4[(state->v32[0] >> 16) & 0xff] & 0x00ff0000) - ^ (T4[(state->v32[1] >> 8) & 0xff] & 0x0000ff00) - ^ (T4[(state->v32[2] ) & 0xff] & 0x000000ff) - ^ round_key->v32[3]; + /* clang-format off */ + tmp0 = (T4[(state->v32[0] >> 24)] & 0xff000000) ^ + (T4[(state->v32[1] >> 16) & 0xff] & 0x00ff0000) ^ + (T4[(state->v32[2] >> 8) & 0xff] & 0x0000ff00) ^ + (T4[(state->v32[3] ) & 0xff] & 0x000000ff) ^ + round_key->v32[0]; + + tmp1 = (T4[(state->v32[1] >> 24)] & 0xff000000) ^ + (T4[(state->v32[2] >> 16) & 0xff] & 0x00ff0000) ^ + (T4[(state->v32[3] >> 8) & 0xff] & 0x0000ff00) ^ + (T4[(state->v32[0] ) & 0xff] & 0x000000ff) ^ + round_key->v32[1]; + + tmp2 = (T4[(state->v32[2] >> 24)] & 0xff000000) ^ + (T4[(state->v32[3] >> 16) & 0xff] & 0x00ff0000) ^ + (T4[(state->v32[0] >> 8) & 0xff] & 0x0000ff00) ^ + (T4[(state->v32[1] ) & 0xff] & 0x000000ff) ^ + round_key->v32[2]; + + tmp3 = (T4[(state->v32[3] >> 24)] & 0xff000000) ^ + (T4[(state->v32[0] >> 16) & 0xff] & 0x00ff0000) ^ + (T4[(state->v32[1] >> 8) & 0xff] & 0x0000ff00) ^ + (T4[(state->v32[2] ) & 0xff] & 0x000000ff) ^ + round_key->v32[3]; #else - tmp0 = (T4[(state->v32[3] >> 24)] & 0xff000000) - ^ (T4[(state->v32[2] >> 16) & 0xff] & 0x00ff0000) - ^ (T4[(state->v32[1] >> 8) & 0xff] & 0x0000ff00) - ^ (T4[(state->v32[0] ) & 0xff] & 0x000000ff) - ^ round_key->v32[0]; - - tmp1 = (T4[(state->v32[0] >> 24)] & 0xff000000) - ^ (T4[(state->v32[3] >> 16) & 0xff] & 0x00ff0000) - ^ (T4[(state->v32[2] >> 8) & 0xff] & 0x0000ff00) - ^ (T4[(state->v32[1] ) & 0xff] & 0x000000ff) - ^ round_key->v32[1]; - - tmp2 = (T4[(state->v32[1] >> 24)] & 0xff000000) - ^ (T4[(state->v32[0] >> 16) & 0xff] & 0x00ff0000) - ^ (T4[(state->v32[3] >> 8) & 0xff] & 0x0000ff00) - ^ (T4[(state->v32[2] ) & 0xff] & 0x000000ff) - ^ round_key->v32[2]; - - tmp3 = (T4[(state->v32[2] >> 24)] & 0xff000000) - ^ (T4[(state->v32[1] >> 16) & 0xff] & 0x00ff0000) - ^ (T4[(state->v32[0] >> 8) & 0xff] & 0x0000ff00) - ^ (T4[(state->v32[3] ) & 0xff] & 0x000000ff) - ^ round_key->v32[3]; + tmp0 = (T4[(state->v32[3] >> 24)] & 0xff000000) ^ + (T4[(state->v32[2] >> 16) & 0xff] & 0x00ff0000) ^ + (T4[(state->v32[1] >> 8) & 0xff] & 0x0000ff00) ^ + (T4[(state->v32[0] ) & 0xff] & 0x000000ff) ^ + round_key->v32[0]; + + tmp1 = (T4[(state->v32[0] >> 24)] & 0xff000000) ^ + (T4[(state->v32[3] >> 16) & 0xff] & 0x00ff0000) ^ + (T4[(state->v32[2] >> 8) & 0xff] & 0x0000ff00) ^ + (T4[(state->v32[1] ) & 0xff] & 0x000000ff) ^ + round_key->v32[1]; + + tmp2 = (T4[(state->v32[1] >> 24)] & 0xff000000) ^ + (T4[(state->v32[0] >> 16) & 0xff] & 0x00ff0000) ^ + (T4[(state->v32[3] >> 8) & 0xff] & 0x0000ff00) ^ + (T4[(state->v32[2] ) & 0xff] & 0x000000ff) ^ + round_key->v32[2]; + + tmp3 = (T4[(state->v32[2] >> 24)] & 0xff000000) ^ + (T4[(state->v32[1] >> 16) & 0xff] & 0x00ff0000) ^ + (T4[(state->v32[0] >> 8) & 0xff] & 0x0000ff00) ^ + (T4[(state->v32[3] ) & 0xff] & 0x000000ff) ^ + round_key->v32[3]; +/* clang-format on */ #endif /* WORDS_BIGENDIAN */ state->v32[0] = tmp0; state->v32[1] = tmp1; state->v32[2] = tmp2; state->v32[3] = tmp3; - } -static inline void aes_inv_final_round (v128_t *state, const v128_t *round_key) +static inline void aes_inv_final_round(v128_t *state, const v128_t *round_key) { uint32_t tmp0, tmp1, tmp2, tmp3; #ifdef WORDS_BIGENDIAN - tmp0 = (U4[(state->v32[0] >> 24)] & 0xff000000) - ^ (U4[(state->v32[3] >> 16) & 0xff] & 0x00ff0000) - ^ (U4[(state->v32[2] >> 8) & 0xff] & 0x0000ff00) - ^ (U4[(state->v32[1] ) & 0xff] & 0x000000ff) - ^ round_key->v32[0]; - - tmp1 = (U4[(state->v32[1] >> 24)] & 0xff000000) - ^ (U4[(state->v32[0] >> 16) & 0xff] & 0x00ff0000) - ^ (U4[(state->v32[3] >> 8) & 0xff] & 0x0000ff00) - ^ (U4[(state->v32[2] ) & 0xff] & 0x000000ff) - ^ round_key->v32[1]; - - tmp2 = (U4[(state->v32[2] >> 24)] & 0xff000000) - ^ (U4[(state->v32[1] >> 16) & 0xff] & 0x00ff0000) - ^ (U4[(state->v32[0] >> 8) & 0xff] & 0x0000ff00) - ^ (U4[(state->v32[3] ) & 0xff] & 0x000000ff) - ^ round_key->v32[2]; - - tmp3 = (U4[(state->v32[3] >> 24)] & 0xff000000) - ^ (U4[(state->v32[2] >> 16) & 0xff] & 0x00ff0000) - ^ (U4[(state->v32[1] >> 8) & 0xff] & 0x0000ff00) - ^ (U4[(state->v32[0] ) & 0xff] & 0x000000ff) - ^ round_key->v32[3]; + /* clang-format off */ + tmp0 = (U4[(state->v32[0] >> 24)] & 0xff000000) ^ + (U4[(state->v32[3] >> 16) & 0xff] & 0x00ff0000) ^ + (U4[(state->v32[2] >> 8) & 0xff] & 0x0000ff00) ^ + (U4[(state->v32[1] ) & 0xff] & 0x000000ff) ^ + round_key->v32[0]; + + tmp1 = (U4[(state->v32[1] >> 24)] & 0xff000000) ^ + (U4[(state->v32[0] >> 16) & 0xff] & 0x00ff0000) ^ + (U4[(state->v32[3] >> 8) & 0xff] & 0x0000ff00) ^ + (U4[(state->v32[2] ) & 0xff] & 0x000000ff) ^ + round_key->v32[1]; + + tmp2 = (U4[(state->v32[2] >> 24)] & 0xff000000) ^ + (U4[(state->v32[1] >> 16) & 0xff] & 0x00ff0000) ^ + (U4[(state->v32[0] >> 8) & 0xff] & 0x0000ff00) ^ + (U4[(state->v32[3] ) & 0xff] & 0x000000ff) ^ + round_key->v32[2]; + + tmp3 = (U4[(state->v32[3] >> 24)] & 0xff000000) ^ + (U4[(state->v32[2] >> 16) & 0xff] & 0x00ff0000) ^ + (U4[(state->v32[1] >> 8) & 0xff] & 0x0000ff00) ^ + (U4[(state->v32[0] ) & 0xff] & 0x000000ff) ^ + round_key->v32[3]; #else - tmp0 = (U4[(state->v32[1] >> 24)] & 0xff000000) - ^ (U4[(state->v32[2] >> 16) & 0xff] & 0x00ff0000) - ^ (U4[(state->v32[3] >> 8) & 0xff] & 0x0000ff00) - ^ (U4[(state->v32[0] ) & 0xff] & 0x000000ff) - ^ round_key->v32[0]; - - tmp1 = (U4[(state->v32[2] >> 24)] & 0xff000000) - ^ (U4[(state->v32[3] >> 16) & 0xff] & 0x00ff0000) - ^ (U4[(state->v32[0] >> 8) & 0xff] & 0x0000ff00) - ^ (U4[(state->v32[1] ) & 0xff] & 0x000000ff) - ^ round_key->v32[1]; - - tmp2 = (U4[(state->v32[3] >> 24)] & 0xff000000) - ^ (U4[(state->v32[0] >> 16) & 0xff] & 0x00ff0000) - ^ (U4[(state->v32[1] >> 8) & 0xff] & 0x0000ff00) - ^ (U4[(state->v32[2] ) & 0xff] & 0x000000ff) - ^ round_key->v32[2]; - - tmp3 = (U4[(state->v32[0] >> 24)] & 0xff000000) - ^ (U4[(state->v32[1] >> 16) & 0xff] & 0x00ff0000) - ^ (U4[(state->v32[2] >> 8) & 0xff] & 0x0000ff00) - ^ (U4[(state->v32[3] ) & 0xff] & 0x000000ff) - ^ round_key->v32[3]; + tmp0 = (U4[(state->v32[1] >> 24)] & 0xff000000) ^ + (U4[(state->v32[2] >> 16) & 0xff] & 0x00ff0000) ^ + (U4[(state->v32[3] >> 8) & 0xff] & 0x0000ff00) ^ + (U4[(state->v32[0] ) & 0xff] & 0x000000ff) ^ + round_key->v32[0]; + + tmp1 = (U4[(state->v32[2] >> 24)] & 0xff000000) ^ + (U4[(state->v32[3] >> 16) & 0xff] & 0x00ff0000) ^ + (U4[(state->v32[0] >> 8) & 0xff] & 0x0000ff00) ^ + (U4[(state->v32[1] ) & 0xff] & 0x000000ff) ^ + round_key->v32[1]; + + tmp2 = (U4[(state->v32[3] >> 24)] & 0xff000000) ^ + (U4[(state->v32[0] >> 16) & 0xff] & 0x00ff0000) ^ + (U4[(state->v32[1] >> 8) & 0xff] & 0x0000ff00) ^ + (U4[(state->v32[2] ) & 0xff] & 0x000000ff) ^ + round_key->v32[2]; + + tmp3 = (U4[(state->v32[0] >> 24)] & 0xff000000) ^ + (U4[(state->v32[1] >> 16) & 0xff] & 0x00ff0000) ^ + (U4[(state->v32[2] >> 8) & 0xff] & 0x0000ff00) ^ + (U4[(state->v32[3] ) & 0xff] & 0x000000ff) ^ + round_key->v32[3]; +/* clang-format on */ #endif /* WORDS_BIGENDIAN */ state->v32[0] = tmp0; @@ -1961,62 +2003,58 @@ state->v32[3] = tmp3; } -#elif CPU_16 /* assume 16-bit word size on processor */ +#elif CPU_16 /* assume 16-bit word size on processor */ -static inline void aes_round (v128_t *state, const v128_t *round_key) +static inline void aes_round(v128_t *state, const v128_t *round_key) { uint32_t column0, column1, column2, column3; - uint16_t c /* compute the columns of the output square in terms of the octets of state, using the tables T0, T1, T2, T3 */ - column0 = T0[state->v8[0]] ^ T1[state->v8[5]] - ^ T2[state->v8[10]] ^ T3[state->v8[15]]; + column0 = T0[state->v8[0]] ^ T1[state->v8[5]] ^ T2[state->v8[10]] ^ + T3[state->v8[15]]; - column1 = T0[state->v8[4]] ^ T1[state->v8[9]] - ^ T2[state->v8[14]] ^ T3[state->v8[3]]; + column1 = T0[state->v8[4]] ^ T1[state->v8[9]] ^ T2[state->v8[14]] ^ + T3[state->v8[3]]; - column2 = T0[state->v8[8]] ^ T1[state->v8[13]] - ^ T2[state->v8[2]] ^ T3[state->v8[7]]; + column2 = T0[state->v8[8]] ^ T1[state->v8[13]] ^ T2[state->v8[2]] ^ + T3[state->v8[7]]; - column3 = T0[state->v8[12]] ^ T1[state->v8[1]] - ^ T2[state->v8[6]] ^ T3[state->v8[11]]; + column3 = T0[state->v8[12]] ^ T1[state->v8[1]] ^ T2[state->v8[6]] ^ + T3[state->v8[11]]; state->v32[0] = column0 ^ round_key->v32[0]; state->v32[1] = column1 ^ round_key->v32[1]; state->v32[2] = column2 ^ round_key->v32[2]; state->v32[3] = column3 ^ round_key->v32[3]; - } - -static inline void aes_inv_round (v128_t *state, const v128_t *round_key) +static inline void aes_inv_round(v128_t *state, const v128_t *round_key) { uint32_t column0, column1, column2, column3; /* compute the columns of the output square in terms of the octets of state, using the tables U0, U1, U2, U3 */ - column0 = U0[state->v8[0]] ^ U1[state->v8[5]] - ^ U2[state->v8[10]] ^ U3[state->v8[15]]; + column0 = U0[state->v8[0]] ^ U1[state->v8[5]] ^ U2[state->v8[10]] ^ + U3[state->v8[15]]; - column1 = U0[state->v8[4]] ^ U1[state->v8[9]] - ^ U2[state->v8[14]] ^ U3[state->v8[3]]; + column1 = U0[state->v8[4]] ^ U1[state->v8[9]] ^ U2[state->v8[14]] ^ + U3[state->v8[3]]; - column2 = U0[state->v8[8]] ^ U1[state->v8[13]] - ^ U2[state->v8[2]] ^ U3[state->v8[7]]; + column2 = U0[state->v8[8]] ^ U1[state->v8[13]] ^ U2[state->v8[2]] ^ + U3[state->v8[7]]; - column3 = U0[state->v8[12]] ^ U1[state->v8[1]] - ^ U2[state->v8[6]] ^ U3[state->v8[11]]; + column3 = U0[state->v8[12]] ^ U1[state->v8[1]] ^ U2[state->v8[6]] ^ + U3[state->v8[11]]; state->v32[0] = column0 ^ round_key->v32[0]; state->v32[1] = column1 ^ round_key->v32[1]; state->v32[2] = column2 ^ round_key->v32[2]; state->v32[3] = column3 ^ round_key->v32[3]; - } -static inline void aes_final_round (v128_t *state, const v128_t *round_key) +static inline void aes_final_round(v128_t *state, const v128_t *round_key) { uint8_t tmp; @@ -2052,7 +2090,7 @@ v128_xor_eq(state, round_key); } -static inline void aes_inv_final_round (v128_t *state, const v128_t *round_key) +static inline void aes_inv_final_round(v128_t *state, const v128_t *round_key) { uint8_t tmp; @@ -2088,12 +2126,10 @@ v128_xor_eq(state, round_key); } -#endif /* CPU type */ +#endif /* CPU type */ - -void srtp_aes_encrypt (v128_t *plaintext, const srtp_aes_expanded_key_t *exp_key) +void srtp_aes_encrypt(v128_t *plaintext, const srtp_aes_expanded_key_t *exp_key) { - /* add in the subkey */ v128_xor_eq(plaintext, &exp_key->round[0]); @@ -2109,11 +2145,11 @@ aes_round(plaintext, &exp_key->round[9]); if (exp_key->num_rounds == 10) { aes_final_round(plaintext, &exp_key->round[10]); - }else if (exp_key->num_rounds == 12) { + } else if (exp_key->num_rounds == 12) { aes_round(plaintext, &exp_key->round[10]); aes_round(plaintext, &exp_key->round[11]); aes_final_round(plaintext, &exp_key->round[12]); - }else if (exp_key->num_rounds == 14) { + } else if (exp_key->num_rounds == 14) { aes_round(plaintext, &exp_key->round[10]); aes_round(plaintext, &exp_key->round[11]); aes_round(plaintext, &exp_key->round[12]); @@ -2122,9 +2158,8 @@ } } -void srtp_aes_decrypt (v128_t *plaintext, const srtp_aes_expanded_key_t *exp_key) +void srtp_aes_decrypt(v128_t *plaintext, const srtp_aes_expanded_key_t *exp_key) { - /* add in the subkey */ v128_xor_eq(plaintext, &exp_key->round[0]); @@ -2140,11 +2175,11 @@ aes_inv_round(plaintext, &exp_key->round[9]); if (exp_key->num_rounds == 10) { aes_inv_final_round(plaintext, &exp_key->round[10]); - }else if (exp_key->num_rounds == 12) { + } else if (exp_key->num_rounds == 12) { aes_inv_round(plaintext, &exp_key->round[10]); aes_inv_round(plaintext, &exp_key->round[11]); aes_inv_final_round(plaintext, &exp_key->round[12]); - }else if (exp_key->num_rounds == 14) { + } else if (exp_key->num_rounds == 14) { aes_inv_round(plaintext, &exp_key->round[10]); aes_inv_round(plaintext, &exp_key->round[11]); aes_inv_round(plaintext, &exp_key->round[12]); diff -Nru libsrtp2-2.1.0/crypto/cipher/aes_gcm_ossl.c libsrtp2-2.2.0/crypto/cipher/aes_gcm_ossl.c --- libsrtp2-2.1.0/crypto/cipher/aes_gcm_ossl.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/cipher/aes_gcm_ossl.c 2018-05-15 19:33:24.000000000 +0000 @@ -45,36 +45,28 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include #include "aes_icm_ossl.h" #include "aes_gcm_ossl.h" #include "alloc.h" -#include "err.h" /* for srtp_debug */ +#include "err.h" /* for srtp_debug */ #include "crypto_types.h" - +#include "cipher_types.h" srtp_debug_module_t srtp_mod_aes_gcm = { - 0, /* debugging is off by default */ - "aes gcm" /* printable module name */ + 0, /* debugging is off by default */ + "aes gcm" /* printable module name */ }; /* - * The following are the global singleton instances for the - * 128-bit and 256-bit GCM ciphers. - */ -extern const srtp_cipher_type_t srtp_aes_gcm_128_openssl; -extern const srtp_cipher_type_t srtp_aes_gcm_256_openssl; - -/* * For now we only support 8 and 16 octet tags. The spec allows for * optional 12 byte tag, which may be supported in the future. */ -#define GCM_AUTH_TAG_LEN 16 -#define GCM_AUTH_TAG_LEN_8 8 - +#define GCM_AUTH_TAG_LEN 16 +#define GCM_AUTH_TAG_LEN_8 8 /* * This function allocates a new instance of this crypto engine. @@ -83,11 +75,14 @@ * key length includes the 14 byte salt value that is used when * initializing the KDF. */ -static srtp_err_status_t srtp_aes_gcm_openssl_alloc (srtp_cipher_t **c, int key_len, int tlen) +static srtp_err_status_t srtp_aes_gcm_openssl_alloc(srtp_cipher_t **c, + int key_len, + int tlen) { srtp_aes_gcm_ctx_t *gcm; - debug_print(srtp_mod_aes_gcm, "allocating cipher with key length %d", key_len); + debug_print(srtp_mod_aes_gcm, "allocating cipher with key length %d", + key_len); debug_print(srtp_mod_aes_gcm, "allocating cipher with tag length %d", tlen); /* @@ -98,8 +93,7 @@ return (srtp_err_status_bad_param); } - if (tlen != GCM_AUTH_TAG_LEN && - tlen != GCM_AUTH_TAG_LEN_8) { + if (tlen != GCM_AUTH_TAG_LEN && tlen != GCM_AUTH_TAG_LEN_8) { return (srtp_err_status_bad_param); } @@ -108,15 +102,13 @@ if (*c == NULL) { return (srtp_err_status_alloc_fail); } - memset(*c, 0x0, sizeof(srtp_cipher_t)); gcm = (srtp_aes_gcm_ctx_t *)srtp_crypto_alloc(sizeof(srtp_aes_gcm_ctx_t)); if (gcm == NULL) { - srtp_crypto_free(*c); - *c = NULL; + srtp_crypto_free(*c); + *c = NULL; return (srtp_err_status_alloc_fail); } - memset(gcm, 0x0, sizeof(srtp_aes_gcm_ctx_t)); gcm->ctx = EVP_CIPHER_CTX_new(); if (gcm->ctx == NULL) { @@ -151,15 +143,14 @@ return (srtp_err_status_ok); } - /* * This function deallocates a GCM session */ -static srtp_err_status_t srtp_aes_gcm_openssl_dealloc (srtp_cipher_t *c) +static srtp_err_status_t srtp_aes_gcm_openssl_dealloc(srtp_cipher_t *c) { srtp_aes_gcm_ctx_t *ctx; - ctx = (srtp_aes_gcm_ctx_t*)c->state; + ctx = (srtp_aes_gcm_ctx_t *)c->state; if (ctx) { EVP_CIPHER_CTX_free(ctx->ctx); /* zeroize the key material */ @@ -179,14 +170,16 @@ * * the key is the secret key */ -static srtp_err_status_t srtp_aes_gcm_openssl_context_init (void* cv, const uint8_t *key) +static srtp_err_status_t srtp_aes_gcm_openssl_context_init(void *cv, + const uint8_t *key) { srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv; const EVP_CIPHER *evp; c->dir = srtp_direction_any; - debug_print(srtp_mod_aes_gcm, "key: %s", srtp_octet_string_hex_string(key, c->key_size)); + debug_print(srtp_mod_aes_gcm, "key: %s", + srtp_octet_string_hex_string(key, c->key_size)); switch (c->key_size) { case SRTP_AES_256_KEY_LEN: @@ -207,35 +200,32 @@ return (srtp_err_status_ok); } - /* * aes_gcm_openssl_set_iv(c, iv) sets the counter value to the exor of iv with * the offset */ -static srtp_err_status_t srtp_aes_gcm_openssl_set_iv (void *cv, uint8_t *iv, srtp_cipher_direction_t direction) +static srtp_err_status_t srtp_aes_gcm_openssl_set_iv( + void *cv, + uint8_t *iv, + srtp_cipher_direction_t direction) { srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv; - if (direction != srtp_direction_encrypt && direction != srtp_direction_decrypt) { + if (direction != srtp_direction_encrypt && + direction != srtp_direction_decrypt) { return (srtp_err_status_bad_param); } c->dir = direction; - debug_print(srtp_mod_aes_gcm, "setting iv: %s", v128_hex_string((v128_t*)iv)); + debug_print(srtp_mod_aes_gcm, "setting iv: %s", + v128_hex_string((v128_t *)iv)); - if (!EVP_CipherInit_ex(c->ctx, NULL, NULL, NULL, - NULL, (c->dir == srtp_direction_encrypt ? 1 : 0))) { - return (srtp_err_status_init_fail); - } - - /* set IV len and the IV value, the followiong 3 calls are required */ if (!EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_IVLEN, 12, 0)) { return (srtp_err_status_init_fail); } - if (!EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_IV_FIXED, -1, (void*)iv)) { - return (srtp_err_status_init_fail); - } - if (!EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_IV_GEN, 0, (void*)iv)) { + + if (!EVP_CipherInit_ex(c->ctx, NULL, NULL, NULL, iv, + (c->dir == srtp_direction_encrypt ? 1 : 0))) { return (srtp_err_status_init_fail); } @@ -250,7 +240,9 @@ * aad Additional data to process for AEAD cipher suites * aad_len length of aad buffer */ -static srtp_err_status_t srtp_aes_gcm_openssl_set_aad (void *cv, const uint8_t *aad, uint32_t aad_len) +static srtp_err_status_t srtp_aes_gcm_openssl_set_aad(void *cv, + const uint8_t *aad, + uint32_t aad_len) { srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv; int rv; @@ -262,8 +254,8 @@ /* * OpenSSL never write to address pointed by the last parameter of - * EVP_CIPHER_CTX_ctrl while EVP_CTRL_GCM_SET_TAG (in reality, - * OpenSSL copy its content to the context), so we can make + * EVP_CIPHER_CTX_ctrl while EVP_CTRL_GCM_SET_TAG (in reality, + * OpenSSL copy its content to the context), so we can make * aad read-only in this function and all its wrappers. */ unsigned char dummy_tag[GCM_AUTH_TAG_LEN]; @@ -286,7 +278,9 @@ * buf data to encrypt * enc_len length of encrypt buffer */ -static srtp_err_status_t srtp_aes_gcm_openssl_encrypt (void *cv, unsigned char *buf, unsigned int *enc_len) +static srtp_err_status_t srtp_aes_gcm_openssl_encrypt(void *cv, + unsigned char *buf, + unsigned int *enc_len) { srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv; if (c->dir != srtp_direction_encrypt && c->dir != srtp_direction_decrypt) { @@ -312,7 +306,9 @@ * buf data to encrypt * len length of encrypt buffer */ -static srtp_err_status_t srtp_aes_gcm_openssl_get_tag (void *cv, uint8_t *buf, uint32_t *len) +static srtp_err_status_t srtp_aes_gcm_openssl_get_tag(void *cv, + uint8_t *buf, + uint32_t *len) { srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv; /* @@ -333,7 +329,6 @@ return (srtp_err_status_ok); } - /* * This function decrypts a buffer using AES GCM mode * @@ -342,7 +337,9 @@ * buf data to encrypt * enc_len length of encrypt buffer */ -static srtp_err_status_t srtp_aes_gcm_openssl_decrypt (void *cv, unsigned char *buf, unsigned int *enc_len) +static srtp_err_status_t srtp_aes_gcm_openssl_decrypt(void *cv, + unsigned char *buf, + unsigned int *enc_len) { srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv; if (c->dir != srtp_direction_encrypt && c->dir != srtp_direction_decrypt) { @@ -372,32 +369,36 @@ return (srtp_err_status_ok); } - - /* * Name of this crypto engine */ -static const char srtp_aes_gcm_128_openssl_description[] = "AES-128 GCM using openssl"; -static const char srtp_aes_gcm_256_openssl_description[] = "AES-256 GCM using openssl"; - +static const char srtp_aes_gcm_128_openssl_description[] = + "AES-128 GCM using openssl"; +static const char srtp_aes_gcm_256_openssl_description[] = + "AES-256 GCM using openssl"; /* * KAT values for AES self-test. These * values we're derived from independent test code * using OpenSSL. */ +/* clang-format off */ static const uint8_t srtp_aes_gcm_test_case_0_key[SRTP_AES_GCM_128_KEY_LEN_WSALT] = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, }; +/* clang-format on */ +/* clang-format off */ static uint8_t srtp_aes_gcm_test_case_0_iv[12] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88 }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_gcm_test_case_0_plaintext[60] = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, @@ -409,12 +410,15 @@ 0xba, 0x63, 0x7b, 0x39 }; +/* clang-format off */ static const uint8_t srtp_aes_gcm_test_case_0_aad[20] = { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2 }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_gcm_test_case_0_ciphertext[76] = { 0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24, 0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c, @@ -428,6 +432,7 @@ 0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb, 0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47, }; +/* clang-format on */ static const srtp_cipher_test_case_t srtp_aes_gcm_test_case_0a = { SRTP_AES_GCM_128_KEY_LEN_WSALT, /* octets in key */ @@ -439,7 +444,7 @@ srtp_aes_gcm_test_case_0_ciphertext, /* ciphertext + tag */ 20, /* octets in AAD */ srtp_aes_gcm_test_case_0_aad, /* AAD */ - GCM_AUTH_TAG_LEN_8, + GCM_AUTH_TAG_LEN_8, /* */ NULL /* pointer to next testcase */ }; @@ -453,10 +458,11 @@ srtp_aes_gcm_test_case_0_ciphertext, /* ciphertext + tag */ 20, /* octets in AAD */ srtp_aes_gcm_test_case_0_aad, /* AAD */ - GCM_AUTH_TAG_LEN, + GCM_AUTH_TAG_LEN, /* */ &srtp_aes_gcm_test_case_0a /* pointer to next testcase */ }; +/* clang-format off */ static const uint8_t srtp_aes_gcm_test_case_1_key[SRTP_AES_GCM_256_KEY_LEN_WSALT] = { 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, 0xa5, 0x59, 0x09, 0xc5, 0x54, 0x66, 0x93, 0x1c, @@ -464,14 +470,17 @@ 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, - }; +/* clang-format on */ +/* clang-format off */ static uint8_t srtp_aes_gcm_test_case_1_iv[12] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, 0xde, 0xca, 0xf8, 0x88 }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_gcm_test_case_1_plaintext[60] = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, @@ -482,13 +491,17 @@ 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39 }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_gcm_test_case_1_aad[20] = { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2 }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_gcm_test_case_1_ciphertext[76] = { 0x0b, 0x11, 0xcf, 0xaf, 0x68, 0x4d, 0xae, 0x46, 0xc7, 0x90, 0xb8, 0x8e, 0xb7, 0x6a, 0x76, 0x2a, @@ -502,6 +515,7 @@ 0x45, 0xbc, 0x03, 0xe6, 0xe1, 0xac, 0x0a, 0x9f, 0x81, 0xcb, 0x8e, 0x5b, 0x46, 0x65, 0x63, 0x1d, }; +/* clang-format on */ static const srtp_cipher_test_case_t srtp_aes_gcm_test_case_1a = { SRTP_AES_GCM_256_KEY_LEN_WSALT, /* octets in key */ @@ -513,7 +527,7 @@ srtp_aes_gcm_test_case_1_ciphertext, /* ciphertext + tag */ 20, /* octets in AAD */ srtp_aes_gcm_test_case_1_aad, /* AAD */ - GCM_AUTH_TAG_LEN_8, + GCM_AUTH_TAG_LEN_8, /* */ NULL /* pointer to next testcase */ }; @@ -527,7 +541,7 @@ srtp_aes_gcm_test_case_1_ciphertext, /* ciphertext + tag */ 20, /* octets in AAD */ srtp_aes_gcm_test_case_1_aad, /* AAD */ - GCM_AUTH_TAG_LEN, + GCM_AUTH_TAG_LEN, /* */ &srtp_aes_gcm_test_case_1a /* pointer to next testcase */ }; @@ -564,4 +578,3 @@ &srtp_aes_gcm_test_case_1, SRTP_AES_GCM_256 }; - diff -Nru libsrtp2-2.1.0/crypto/cipher/aes_icm.c libsrtp2-2.2.0/crypto/cipher/aes_icm.c --- libsrtp2-2.1.0/crypto/cipher/aes_icm.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/cipher/aes_icm.c 2018-05-15 19:33:24.000000000 +0000 @@ -44,21 +44,19 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #define ALIGN_32 0 #include "aes_icm.h" #include "alloc.h" - +#include "cipher_types.h" srtp_debug_module_t srtp_mod_aes_icm = { - 0, /* debugging is off by default */ - "aes icm" /* printable module name */ + 0, /* debugging is off by default */ + "aes icm" /* printable module name */ }; -extern const srtp_cipher_type_t srtp_aes_icm_128; -extern const srtp_cipher_type_t srtp_aes_icm_256; /* * integer counter mode works as follows: @@ -94,12 +92,14 @@ * */ -static srtp_err_status_t srtp_aes_icm_alloc (srtp_cipher_t **c, int key_len, int tlen) +static srtp_err_status_t srtp_aes_icm_alloc(srtp_cipher_t **c, + int key_len, + int tlen) { srtp_aes_icm_ctx_t *icm; - debug_print(srtp_mod_aes_icm, - "allocating cipher with key length %d", key_len); + debug_print(srtp_mod_aes_icm, "allocating cipher with key length %d", + key_len); /* * The check for key_len = 30/46 does not apply. Our usage @@ -107,7 +107,8 @@ * has not broken anything. Don't know what would be the * effect of skipping this check for srtp in general. */ - if (key_len != SRTP_AES_ICM_128_KEY_LEN_WSALT && key_len != SRTP_AES_ICM_256_KEY_LEN_WSALT) { + if (key_len != SRTP_AES_ICM_128_KEY_LEN_WSALT && + key_len != SRTP_AES_ICM_256_KEY_LEN_WSALT) { return srtp_err_status_bad_param; } @@ -116,14 +117,13 @@ if (*c == NULL) { return srtp_err_status_alloc_fail; } - memset(*c, 0x0, sizeof(srtp_cipher_t)); icm = (srtp_aes_icm_ctx_t *)srtp_crypto_alloc(sizeof(srtp_aes_icm_ctx_t)); if (icm == NULL) { - srtp_crypto_free(*c); + srtp_crypto_free(*c); + *c = NULL; return srtp_err_status_alloc_fail; } - memset(icm, 0x0, sizeof(srtp_aes_icm_ctx_t)); /* set pointers */ (*c)->state = icm; @@ -146,7 +146,7 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_aes_icm_dealloc (srtp_cipher_t *c) +static srtp_err_status_t srtp_aes_icm_dealloc(srtp_cipher_t *c) { srtp_aes_icm_ctx_t *ctx; @@ -167,7 +167,6 @@ return srtp_err_status_ok; } - /* * aes_icm_context_init(...) initializes the aes_icm_context * using the value in key[]. @@ -178,15 +177,16 @@ * randomizes the starting point in the keystream */ -static srtp_err_status_t srtp_aes_icm_context_init (void *cv, const uint8_t *key) +static srtp_err_status_t srtp_aes_icm_context_init(void *cv, const uint8_t *key) { srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv; srtp_err_status_t status; int base_key_len, copy_len; - if (c->key_size == SRTP_AES_ICM_128_KEY_LEN_WSALT || c->key_size == SRTP_AES_ICM_256_KEY_LEN_WSALT) { + if (c->key_size == SRTP_AES_ICM_128_KEY_LEN_WSALT || + c->key_size == SRTP_AES_ICM_256_KEY_LEN_WSALT) { base_key_len = c->key_size - SRTP_SALT_LEN; - } else{ + } else { return srtp_err_status_bad_param; } @@ -198,7 +198,8 @@ v128_set_to_zero(&c->offset); copy_len = c->key_size - base_key_len; - /* force last two octets of the offset to be left zero (for srtp compatibility) */ + /* force last two octets of the offset to be left zero (for srtp + * compatibility) */ if (copy_len > SRTP_SALT_LEN) { copy_len = SRTP_SALT_LEN; } @@ -206,13 +207,13 @@ memcpy(&c->counter, key + base_key_len, copy_len); memcpy(&c->offset, key + base_key_len, copy_len); - debug_print(srtp_mod_aes_icm, - "key: %s", srtp_octet_string_hex_string(key, base_key_len)); - debug_print(srtp_mod_aes_icm, - "offset: %s", v128_hex_string(&c->offset)); + debug_print(srtp_mod_aes_icm, "key: %s", + srtp_octet_string_hex_string(key, base_key_len)); + debug_print(srtp_mod_aes_icm, "offset: %s", v128_hex_string(&c->offset)); /* expand key */ - status = srtp_aes_expand_encryption_key(key, base_key_len, &c->expanded_key); + status = + srtp_aes_expand_encryption_key(key, base_key_len, &c->expanded_key); if (status) { v128_set_to_zero(&c->counter); v128_set_to_zero(&c->offset); @@ -230,7 +231,9 @@ * the offset */ -static srtp_err_status_t srtp_aes_icm_set_iv (void *cv, uint8_t *iv, srtp_cipher_direction_t direction) +static srtp_err_status_t srtp_aes_icm_set_iv(void *cv, + uint8_t *iv, + srtp_cipher_direction_t direction) { srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv; v128_t nonce; @@ -238,13 +241,12 @@ /* set nonce (for alignment) */ v128_copy_octet_string(&nonce, iv); - debug_print(srtp_mod_aes_icm, - "setting iv: %s", v128_hex_string(&nonce)); + debug_print(srtp_mod_aes_icm, "setting iv: %s", v128_hex_string(&nonce)); v128_xor(&c->counter, &c->offset, &nonce); - debug_print(srtp_mod_aes_icm, - "set_counter: %s", v128_hex_string(&c->counter)); + debug_print(srtp_mod_aes_icm, "set_counter: %s", + v128_hex_string(&c->counter)); /* indicate that the keystream_buffer is empty */ c->bytes_in_buffer = 0; @@ -252,15 +254,13 @@ return srtp_err_status_ok; } - - /* * aes_icm_advance(...) refills the keystream_buffer and * advances the block index of the sicm_context forward by one * * this is an internal, hopefully inlined function */ -static void srtp_aes_icm_advance (srtp_aes_icm_ctx_t *c) +static void srtp_aes_icm_advance(srtp_aes_icm_ctx_t *c) { /* fill buffer with new keystream */ v128_copy(&c->keystream_buffer, &c->counter); @@ -278,7 +278,7 @@ } } -/*e +/* * icm_encrypt deals with the following cases: * * bytes_to_encr < bytes_in_buffer @@ -291,10 +291,11 @@ * - fill buffer then add in remaining (< 16) bytes of keystream */ -static srtp_err_status_t srtp_aes_icm_encrypt (void *cv, - unsigned char *buf, unsigned int *enc_len) +static srtp_err_status_t srtp_aes_icm_encrypt(void *cv, + unsigned char *buf, + unsigned int *enc_len) { - srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t*)cv; + srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv; unsigned int bytes_to_encr = *enc_len; unsigned int i; uint32_t *b; @@ -304,10 +305,8 @@ return srtp_err_status_terminus; } - debug_print(srtp_mod_aes_icm, "block index: %d", - htons(c->counter.v16[7])); + debug_print(srtp_mod_aes_icm, "block index: %d", htons(c->counter.v16[7])); if (bytes_to_encr <= (unsigned int)c->bytes_in_buffer) { - /* deal with odd case of small bytes_to_encr */ for (i = (sizeof(v128_t) - c->bytes_in_buffer); i < (sizeof(v128_t) - c->bytes_in_buffer + bytes_to_encr); i++) { @@ -320,37 +319,35 @@ return srtp_err_status_ok; } else { - /* encrypt bytes until the remaining data is 16-byte aligned */ - for (i = (sizeof(v128_t) - c->bytes_in_buffer); i < sizeof(v128_t); i++) { + for (i = (sizeof(v128_t) - c->bytes_in_buffer); i < sizeof(v128_t); + i++) { *buf++ ^= c->keystream_buffer.v8[i]; } bytes_to_encr -= c->bytes_in_buffer; c->bytes_in_buffer = 0; - } /* now loop over entire 16-byte blocks of keystream */ for (i = 0; i < (bytes_to_encr / sizeof(v128_t)); i++) { - /* fill buffer with new keystream */ srtp_aes_icm_advance(c); - /* - * add keystream into the data buffer (this would be a lot faster - * if we could assume 32-bit alignment!) - */ +/* + * add keystream into the data buffer (this would be a lot faster + * if we could assume 32-bit alignment!) + */ #if ALIGN_32 - b = (uint32_t*)buf; + b = (uint32_t *)buf; *b++ ^= c->keystream_buffer.v32[0]; *b++ ^= c->keystream_buffer.v32[1]; *b++ ^= c->keystream_buffer.v32[2]; *b++ ^= c->keystream_buffer.v32[3]; - buf = (uint8_t*)b; + buf = (uint8_t *)b; #else - if ((((unsigned long)buf) & 0x03) != 0) { + if ((((uintptr_t)buf) & 0x03) != 0) { *buf++ ^= c->keystream_buffer.v8[0]; *buf++ ^= c->keystream_buffer.v8[1]; *buf++ ^= c->keystream_buffer.v8[2]; @@ -368,20 +365,18 @@ *buf++ ^= c->keystream_buffer.v8[14]; *buf++ ^= c->keystream_buffer.v8[15]; } else { - b = (uint32_t*)buf; + b = (uint32_t *)buf; *b++ ^= c->keystream_buffer.v32[0]; *b++ ^= c->keystream_buffer.v32[1]; *b++ ^= c->keystream_buffer.v32[2]; *b++ ^= c->keystream_buffer.v32[3]; - buf = (uint8_t*)b; + buf = (uint8_t *)b; } -#endif /* #if ALIGN_32 */ - +#endif /* #if ALIGN_32 */ } /* if there is a tail end of the data, process it */ if ((bytes_to_encr & 0xf) != 0) { - /* fill buffer with new keystream */ srtp_aes_icm_advance(c); @@ -392,58 +387,67 @@ /* reset the keystream buffer size to right value */ c->bytes_in_buffer = sizeof(v128_t) - i; } else { - /* no tail, so just reset the keystream buffer size to zero */ c->bytes_in_buffer = 0; - } return srtp_err_status_ok; } -static const char srtp_aes_icm_128_description[] = "AES-128 integer counter mode"; -static const char srtp_aes_icm_256_description[] = "AES-256 integer counter mode"; +static const char srtp_aes_icm_128_description[] = + "AES-128 integer counter mode"; +static const char srtp_aes_icm_256_description[] = + "AES-256 integer counter mode"; +/* clang-format off */ static const uint8_t srtp_aes_icm_128_test_case_0_key[SRTP_AES_ICM_128_KEY_LEN_WSALT] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd }; +/* clang-format on */ +/* clang-format off */ static uint8_t srtp_aes_icm_128_test_case_0_nonce[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_icm_128_test_case_0_plaintext[32] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_icm_128_test_case_0_ciphertext[32] = { 0xe0, 0x3e, 0xad, 0x09, 0x35, 0xc9, 0x5e, 0x80, 0xe1, 0x66, 0xb1, 0x6d, 0xd9, 0x2b, 0x4e, 0xb4, 0xd2, 0x35, 0x13, 0x16, 0x2b, 0x02, 0xd0, 0xf7, 0x2a, 0x43, 0xa2, 0xfe, 0x4a, 0x5f, 0x97, 0xab }; +/* clang-format on */ static const srtp_cipher_test_case_t srtp_aes_icm_128_test_case_0 = { - SRTP_AES_ICM_128_KEY_LEN_WSALT, /* octets in key */ + SRTP_AES_ICM_128_KEY_LEN_WSALT, /* octets in key */ srtp_aes_icm_128_test_case_0_key, /* key */ srtp_aes_icm_128_test_case_0_nonce, /* packet index */ - 32, /* octets in plaintext */ + 32, /* octets in plaintext */ srtp_aes_icm_128_test_case_0_plaintext, /* plaintext */ - 32, /* octets in ciphertext */ + 32, /* octets in ciphertext */ srtp_aes_icm_128_test_case_0_ciphertext, /* ciphertext */ - 0, - NULL, - 0, - NULL /* pointer to next testcase */ + 0, /* */ + NULL, /* */ + 0, /* */ + NULL /* pointer to next testcase */ }; +/* clang-format off */ static const uint8_t srtp_aes_icm_256_test_case_0_key[SRTP_AES_ICM_256_KEY_LEN_WSALT] = { 0x57, 0xf8, 0x2f, 0xe3, 0x61, 0x3f, 0xd1, 0x70, 0xa8, 0x5e, 0xc9, 0x3c, 0x40, 0xb1, 0xf0, 0x92, @@ -452,70 +456,75 @@ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd }; +/* clang-format on */ +/* clang-format off */ static uint8_t srtp_aes_icm_256_test_case_0_nonce[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_icm_256_test_case_0_plaintext[32] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_icm_256_test_case_0_ciphertext[32] = { 0x92, 0xbd, 0xd2, 0x8a, 0x93, 0xc3, 0xf5, 0x25, 0x11, 0xc6, 0x77, 0xd0, 0x8b, 0x55, 0x15, 0xa4, 0x9d, 0xa7, 0x1b, 0x23, 0x78, 0xa8, 0x54, 0xf6, 0x70, 0x50, 0x75, 0x6d, 0xed, 0x16, 0x5b, 0xac }; +/* clang-format on */ static const srtp_cipher_test_case_t srtp_aes_icm_256_test_case_0 = { - SRTP_AES_ICM_256_KEY_LEN_WSALT, /* octets in key */ + SRTP_AES_ICM_256_KEY_LEN_WSALT, /* octets in key */ srtp_aes_icm_256_test_case_0_key, /* key */ srtp_aes_icm_256_test_case_0_nonce, /* packet index */ - 32, /* octets in plaintext */ + 32, /* octets in plaintext */ srtp_aes_icm_256_test_case_0_plaintext, /* plaintext */ - 32, /* octets in ciphertext */ + 32, /* octets in ciphertext */ srtp_aes_icm_256_test_case_0_ciphertext, /* ciphertext */ - 0, - NULL, - 0, - NULL, /* pointer to next testcase */ + 0, /* */ + NULL, /* */ + 0, /* */ + NULL, /* pointer to next testcase */ }; - - /* * note: the encrypt function is identical to the decrypt function */ const srtp_cipher_type_t srtp_aes_icm_128 = { - srtp_aes_icm_alloc, - srtp_aes_icm_dealloc, - srtp_aes_icm_context_init, - 0, /* set_aad */ - srtp_aes_icm_encrypt, - srtp_aes_icm_encrypt, - srtp_aes_icm_set_iv, - 0, /* get_tag */ - srtp_aes_icm_128_description, - &srtp_aes_icm_128_test_case_0, - SRTP_AES_ICM_128 + srtp_aes_icm_alloc, /* */ + srtp_aes_icm_dealloc, /* */ + srtp_aes_icm_context_init, /* */ + 0, /* set_aad */ + srtp_aes_icm_encrypt, /* */ + srtp_aes_icm_encrypt, /* */ + srtp_aes_icm_set_iv, /* */ + 0, /* get_tag */ + srtp_aes_icm_128_description, /* */ + &srtp_aes_icm_128_test_case_0, /* */ + SRTP_AES_ICM_128 /* */ }; const srtp_cipher_type_t srtp_aes_icm_256 = { - srtp_aes_icm_alloc, - srtp_aes_icm_dealloc, - srtp_aes_icm_context_init, - 0, /* set_aad */ - srtp_aes_icm_encrypt, - srtp_aes_icm_encrypt, - srtp_aes_icm_set_iv, - 0, /* get_tag */ - srtp_aes_icm_256_description, - &srtp_aes_icm_256_test_case_0, - SRTP_AES_ICM_256 + srtp_aes_icm_alloc, /* */ + srtp_aes_icm_dealloc, /* */ + srtp_aes_icm_context_init, /* */ + 0, /* set_aad */ + srtp_aes_icm_encrypt, /* */ + srtp_aes_icm_encrypt, /* */ + srtp_aes_icm_set_iv, /* */ + 0, /* get_tag */ + srtp_aes_icm_256_description, /* */ + &srtp_aes_icm_256_test_case_0, /* */ + SRTP_AES_ICM_256 /* */ }; diff -Nru libsrtp2-2.1.0/crypto/cipher/aes_icm_ossl.c libsrtp2-2.2.0/crypto/cipher/aes_icm_ossl.c --- libsrtp2-2.1.0/crypto/cipher/aes_icm_ossl.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/cipher/aes_icm_ossl.c 2018-05-15 19:33:24.000000000 +0000 @@ -49,23 +49,20 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include #include "aes_icm_ossl.h" #include "crypto_types.h" -#include "err.h" /* for srtp_debug */ +#include "err.h" /* for srtp_debug */ #include "alloc.h" - +#include "cipher_types.h" srtp_debug_module_t srtp_mod_aes_icm = { - 0, /* debugging is off by default */ - "aes icm ossl" /* printable module name */ + 0, /* debugging is off by default */ + "aes icm ossl" /* printable module name */ }; -extern const srtp_cipher_type_t srtp_aes_icm_128; -extern const srtp_cipher_type_t srtp_aes_icm_192; -extern const srtp_cipher_type_t srtp_aes_icm_256; /* * integer counter mode works as follows: @@ -109,16 +106,20 @@ * value. The tlen argument is for the AEAD tag length, which * isn't used in counter mode. */ -static srtp_err_status_t srtp_aes_icm_openssl_alloc (srtp_cipher_t **c, int key_len, int tlen) +static srtp_err_status_t srtp_aes_icm_openssl_alloc(srtp_cipher_t **c, + int key_len, + int tlen) { srtp_aes_icm_ctx_t *icm; - debug_print(srtp_mod_aes_icm, "allocating cipher with key length %d", key_len); + debug_print(srtp_mod_aes_icm, "allocating cipher with key length %d", + key_len); /* * Verify the key_len is valid for one of: AES-128/192/256 */ - if (key_len != SRTP_AES_ICM_128_KEY_LEN_WSALT && key_len != SRTP_AES_ICM_192_KEY_LEN_WSALT && + if (key_len != SRTP_AES_ICM_128_KEY_LEN_WSALT && + key_len != SRTP_AES_ICM_192_KEY_LEN_WSALT && key_len != SRTP_AES_ICM_256_KEY_LEN_WSALT) { return srtp_err_status_bad_param; } @@ -128,15 +129,13 @@ if (*c == NULL) { return srtp_err_status_alloc_fail; } - memset(*c, 0x0, sizeof(srtp_cipher_t)); icm = (srtp_aes_icm_ctx_t *)srtp_crypto_alloc(sizeof(srtp_aes_icm_ctx_t)); if (icm == NULL) { - srtp_crypto_free(*c); - *c = NULL; + srtp_crypto_free(*c); + *c = NULL; return srtp_err_status_alloc_fail; } - memset(icm, 0x0, sizeof(srtp_aes_icm_ctx_t)); icm->ctx = EVP_CIPHER_CTX_new(); if (icm->ctx == NULL) { @@ -174,11 +173,10 @@ return srtp_err_status_ok; } - /* * This function deallocates an instance of this engine */ -static srtp_err_status_t srtp_aes_icm_openssl_dealloc (srtp_cipher_t *c) +static srtp_err_status_t srtp_aes_icm_openssl_dealloc(srtp_cipher_t *c) { srtp_aes_icm_ctx_t *ctx; @@ -189,7 +187,7 @@ /* * Free the EVP context */ - ctx = (srtp_aes_icm_ctx_t*)c->state; + ctx = (srtp_aes_icm_ctx_t *)c->state; if (ctx != NULL) { EVP_CIPHER_CTX_free(ctx->ctx); /* zeroize the key material */ @@ -212,7 +210,8 @@ * the salt is unpredictable (but not necessarily secret) data which * randomizes the starting point in the keystream */ -static srtp_err_status_t srtp_aes_icm_openssl_context_init (void* cv, const uint8_t *key) +static srtp_err_status_t srtp_aes_icm_openssl_context_init(void *cv, + const uint8_t *key) { srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv; const EVP_CIPHER *evp; @@ -230,7 +229,8 @@ c->offset.v8[SRTP_SALT_LEN] = c->offset.v8[SRTP_SALT_LEN + 1] = 0; c->counter.v8[SRTP_SALT_LEN] = c->counter.v8[SRTP_SALT_LEN + 1] = 0; - debug_print(srtp_mod_aes_icm, "key: %s", srtp_octet_string_hex_string(key, c->key_size)); + debug_print(srtp_mod_aes_icm, "key: %s", + srtp_octet_string_hex_string(key, c->key_size)); debug_print(srtp_mod_aes_icm, "offset: %s", v128_hex_string(&c->offset)); switch (c->key_size) { @@ -248,8 +248,7 @@ break; } - if (!EVP_EncryptInit_ex(c->ctx, evp, - NULL, key, NULL)) { + if (!EVP_EncryptInit_ex(c->ctx, evp, NULL, key, NULL)) { return srtp_err_status_fail; } else { return srtp_err_status_ok; @@ -258,12 +257,14 @@ return srtp_err_status_ok; } - /* * aes_icm_set_iv(c, iv) sets the counter value to the exor of iv with * the offset */ -static srtp_err_status_t srtp_aes_icm_openssl_set_iv (void *cv, uint8_t *iv, srtp_cipher_direction_t dir) +static srtp_err_status_t srtp_aes_icm_openssl_set_iv( + void *cv, + uint8_t *iv, + srtp_cipher_direction_t dir) { srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv; v128_t nonce; @@ -275,10 +276,10 @@ v128_xor(&c->counter, &c->offset, &nonce); - debug_print(srtp_mod_aes_icm, "set_counter: %s", v128_hex_string(&c->counter)); + debug_print(srtp_mod_aes_icm, "set_counter: %s", + v128_hex_string(&c->counter)); - if (!EVP_EncryptInit_ex(c->ctx, NULL, - NULL, NULL, c->counter.v8)) { + if (!EVP_EncryptInit_ex(c->ctx, NULL, NULL, NULL, c->counter.v8)) { return srtp_err_status_fail; } else { return srtp_err_status_ok; @@ -293,7 +294,9 @@ * buf data to encrypt * enc_len length of encrypt buffer */ -static srtp_err_status_t srtp_aes_icm_openssl_encrypt (void *cv, unsigned char *buf, unsigned int *enc_len) +static srtp_err_status_t srtp_aes_icm_openssl_encrypt(void *cv, + unsigned char *buf, + unsigned int *enc_len) { srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv; int len = 0; @@ -316,59 +319,70 @@ /* * Name of this crypto engine */ -static const char srtp_aes_icm_128_openssl_description[] = "AES-128 counter mode using openssl"; -static const char srtp_aes_icm_192_openssl_description[] = "AES-192 counter mode using openssl"; -static const char srtp_aes_icm_256_openssl_description[] = "AES-256 counter mode using openssl"; - +static const char srtp_aes_icm_128_openssl_description[] = + "AES-128 counter mode using openssl"; +static const char srtp_aes_icm_192_openssl_description[] = + "AES-192 counter mode using openssl"; +static const char srtp_aes_icm_256_openssl_description[] = + "AES-256 counter mode using openssl"; /* * KAT values for AES self-test. These * values came from the legacy libsrtp code. */ +/* clang-format off */ static const uint8_t srtp_aes_icm_128_test_case_0_key[SRTP_AES_ICM_128_KEY_LEN_WSALT] = { 0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6, 0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c, 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd }; +/* clang-format on */ +/* clang-format off */ static uint8_t srtp_aes_icm_128_test_case_0_nonce[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_icm_128_test_case_0_plaintext[32] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_icm_128_test_case_0_ciphertext[32] = { 0xe0, 0x3e, 0xad, 0x09, 0x35, 0xc9, 0x5e, 0x80, 0xe1, 0x66, 0xb1, 0x6d, 0xd9, 0x2b, 0x4e, 0xb4, 0xd2, 0x35, 0x13, 0x16, 0x2b, 0x02, 0xd0, 0xf7, 0x2a, 0x43, 0xa2, 0xfe, 0x4a, 0x5f, 0x97, 0xab }; +/* clang-format on */ static const srtp_cipher_test_case_t srtp_aes_icm_128_test_case_0 = { - SRTP_AES_ICM_128_KEY_LEN_WSALT, /* octets in key */ - srtp_aes_icm_128_test_case_0_key, /* key */ - srtp_aes_icm_128_test_case_0_nonce, /* packet index */ - 32, /* octets in plaintext */ - srtp_aes_icm_128_test_case_0_plaintext, /* plaintext */ - 32, /* octets in ciphertext */ - srtp_aes_icm_128_test_case_0_ciphertext, /* ciphertext */ - 0, - NULL, - 0, - NULL /* pointer to next testcase */ + SRTP_AES_ICM_128_KEY_LEN_WSALT, /* octets in key */ + srtp_aes_icm_128_test_case_0_key, /* key */ + srtp_aes_icm_128_test_case_0_nonce, /* packet index */ + 32, /* octets in plaintext */ + srtp_aes_icm_128_test_case_0_plaintext, /* plaintext */ + 32, /* octets in ciphertext */ + srtp_aes_icm_128_test_case_0_ciphertext, /* ciphertext */ + 0, /* */ + NULL, /* */ + 0, /* */ + NULL /* pointer to next testcase */ }; /* * KAT values for AES-192-CTR self-test. These * values came from section 7 of RFC 6188. */ +/* clang-format off */ static const uint8_t srtp_aes_icm_192_test_case_0_key[SRTP_AES_ICM_192_KEY_LEN_WSALT] = { 0xea, 0xb2, 0x34, 0x76, 0x4e, 0x51, 0x7b, 0x2d, 0x3d, 0x16, 0x0d, 0x58, 0x7d, 0x8c, 0x86, 0x21, @@ -376,44 +390,52 @@ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd }; +/* clang-format on */ +/* clang-format off */ static uint8_t srtp_aes_icm_192_test_case_0_nonce[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_icm_192_test_case_0_plaintext[32] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_icm_192_test_case_0_ciphertext[32] = { 0x35, 0x09, 0x6c, 0xba, 0x46, 0x10, 0x02, 0x8d, 0xc1, 0xb5, 0x75, 0x03, 0x80, 0x4c, 0xe3, 0x7c, 0x5d, 0xe9, 0x86, 0x29, 0x1d, 0xcc, 0xe1, 0x61, 0xd5, 0x16, 0x5e, 0xc4, 0x56, 0x8f, 0x5c, 0x9a }; +/* clang-format on */ static const srtp_cipher_test_case_t srtp_aes_icm_192_test_case_0 = { - SRTP_AES_ICM_192_KEY_LEN_WSALT, /* octets in key */ - srtp_aes_icm_192_test_case_0_key, /* key */ - srtp_aes_icm_192_test_case_0_nonce, /* packet index */ - 32, /* octets in plaintext */ - srtp_aes_icm_192_test_case_0_plaintext, /* plaintext */ - 32, /* octets in ciphertext */ - srtp_aes_icm_192_test_case_0_ciphertext, /* ciphertext */ - 0, - NULL, - 0, - NULL /* pointer to next testcase */ + SRTP_AES_ICM_192_KEY_LEN_WSALT, /* octets in key */ + srtp_aes_icm_192_test_case_0_key, /* key */ + srtp_aes_icm_192_test_case_0_nonce, /* packet index */ + 32, /* octets in plaintext */ + srtp_aes_icm_192_test_case_0_plaintext, /* plaintext */ + 32, /* octets in ciphertext */ + srtp_aes_icm_192_test_case_0_ciphertext, /* ciphertext */ + 0, /* */ + NULL, /* */ + 0, /* */ + NULL /* pointer to next testcase */ }; /* * KAT values for AES-256-CTR self-test. These * values came from section 7 of RFC 6188. */ +/* clang-format off */ static const uint8_t srtp_aes_icm_256_test_case_0_key[SRTP_AES_ICM_256_KEY_LEN_WSALT] = { 0x57, 0xf8, 0x2f, 0xe3, 0x61, 0x3f, 0xd1, 0x70, 0xa8, 0x5e, 0xc9, 0x3c, 0x40, 0xb1, 0xf0, 0x92, @@ -422,38 +444,45 @@ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, 0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd }; +/* clang-format on */ +/* clang-format off */ static uint8_t srtp_aes_icm_256_test_case_0_nonce[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_icm_256_test_case_0_plaintext[32] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_aes_icm_256_test_case_0_ciphertext[32] = { 0x92, 0xbd, 0xd2, 0x8a, 0x93, 0xc3, 0xf5, 0x25, 0x11, 0xc6, 0x77, 0xd0, 0x8b, 0x55, 0x15, 0xa4, 0x9d, 0xa7, 0x1b, 0x23, 0x78, 0xa8, 0x54, 0xf6, 0x70, 0x50, 0x75, 0x6d, 0xed, 0x16, 0x5b, 0xac }; +/* clang-format on */ static const srtp_cipher_test_case_t srtp_aes_icm_256_test_case_0 = { - SRTP_AES_ICM_256_KEY_LEN_WSALT, /* octets in key */ - srtp_aes_icm_256_test_case_0_key, /* key */ - srtp_aes_icm_256_test_case_0_nonce, /* packet index */ - 32, /* octets in plaintext */ - srtp_aes_icm_256_test_case_0_plaintext, /* plaintext */ - 32, /* octets in ciphertext */ - srtp_aes_icm_256_test_case_0_ciphertext, /* ciphertext */ - 0, - NULL, - 0, - NULL /* pointer to next testcase */ + SRTP_AES_ICM_256_KEY_LEN_WSALT, /* octets in key */ + srtp_aes_icm_256_test_case_0_key, /* key */ + srtp_aes_icm_256_test_case_0_nonce, /* packet index */ + 32, /* octets in plaintext */ + srtp_aes_icm_256_test_case_0_plaintext, /* plaintext */ + 32, /* octets in ciphertext */ + srtp_aes_icm_256_test_case_0_ciphertext, /* ciphertext */ + 0, /* */ + NULL, /* */ + 0, /* */ + NULL /* pointer to next testcase */ }; /* @@ -461,17 +490,17 @@ * note: the encrypt function is identical to the decrypt function */ const srtp_cipher_type_t srtp_aes_icm_128 = { - srtp_aes_icm_openssl_alloc, - srtp_aes_icm_openssl_dealloc, - srtp_aes_icm_openssl_context_init, - 0, /* set_aad */ - srtp_aes_icm_openssl_encrypt, - srtp_aes_icm_openssl_encrypt, - srtp_aes_icm_openssl_set_iv, - 0, /* get_tag */ - srtp_aes_icm_128_openssl_description, - &srtp_aes_icm_128_test_case_0, - SRTP_AES_ICM_128 + srtp_aes_icm_openssl_alloc, /* */ + srtp_aes_icm_openssl_dealloc, /* */ + srtp_aes_icm_openssl_context_init, /* */ + 0, /* set_aad */ + srtp_aes_icm_openssl_encrypt, /* */ + srtp_aes_icm_openssl_encrypt, /* */ + srtp_aes_icm_openssl_set_iv, /* */ + 0, /* get_tag */ + srtp_aes_icm_128_openssl_description, /* */ + &srtp_aes_icm_128_test_case_0, /* */ + SRTP_AES_ICM_128 /* */ }; /* @@ -479,17 +508,17 @@ * note: the encrypt function is identical to the decrypt function */ const srtp_cipher_type_t srtp_aes_icm_192 = { - srtp_aes_icm_openssl_alloc, - srtp_aes_icm_openssl_dealloc, - srtp_aes_icm_openssl_context_init, - 0, /* set_aad */ - srtp_aes_icm_openssl_encrypt, - srtp_aes_icm_openssl_encrypt, - srtp_aes_icm_openssl_set_iv, - 0, /* get_tag */ - srtp_aes_icm_192_openssl_description, - &srtp_aes_icm_192_test_case_0, - SRTP_AES_ICM_192 + srtp_aes_icm_openssl_alloc, /* */ + srtp_aes_icm_openssl_dealloc, /* */ + srtp_aes_icm_openssl_context_init, /* */ + 0, /* set_aad */ + srtp_aes_icm_openssl_encrypt, /* */ + srtp_aes_icm_openssl_encrypt, /* */ + srtp_aes_icm_openssl_set_iv, /* */ + 0, /* get_tag */ + srtp_aes_icm_192_openssl_description, /* */ + &srtp_aes_icm_192_test_case_0, /* */ + SRTP_AES_ICM_192 /* */ }; /* @@ -497,16 +526,15 @@ * note: the encrypt function is identical to the decrypt function */ const srtp_cipher_type_t srtp_aes_icm_256 = { - srtp_aes_icm_openssl_alloc, - srtp_aes_icm_openssl_dealloc, - srtp_aes_icm_openssl_context_init, - 0, /* set_aad */ - srtp_aes_icm_openssl_encrypt, - srtp_aes_icm_openssl_encrypt, - srtp_aes_icm_openssl_set_iv, - 0, /* get_tag */ - srtp_aes_icm_256_openssl_description, - &srtp_aes_icm_256_test_case_0, - SRTP_AES_ICM_256 + srtp_aes_icm_openssl_alloc, /* */ + srtp_aes_icm_openssl_dealloc, /* */ + srtp_aes_icm_openssl_context_init, /* */ + 0, /* set_aad */ + srtp_aes_icm_openssl_encrypt, /* */ + srtp_aes_icm_openssl_encrypt, /* */ + srtp_aes_icm_openssl_set_iv, /* */ + 0, /* get_tag */ + srtp_aes_icm_256_openssl_description, /* */ + &srtp_aes_icm_256_test_case_0, /* */ + SRTP_AES_ICM_256 /* */ }; - diff -Nru libsrtp2-2.1.0/crypto/cipher/cipher.c libsrtp2-2.2.0/crypto/cipher/cipher.c --- libsrtp2-2.1.0/crypto/cipher/cipher.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/cipher/cipher.c 2018-05-15 19:33:24.000000000 +0000 @@ -45,56 +45,61 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "cipher.h" #include "crypto_types.h" -#include "err.h" /* for srtp_debug */ -#include "alloc.h" /* for crypto_alloc(), crypto_free() */ +#include "err.h" /* for srtp_debug */ +#include "alloc.h" /* for crypto_alloc(), crypto_free() */ srtp_debug_module_t srtp_mod_cipher = { - 0, /* debugging is off by default */ - "cipher" /* printable module name */ + 0, /* debugging is off by default */ + "cipher" /* printable module name */ }; -srtp_err_status_t srtp_cipher_type_alloc (const srtp_cipher_type_t *ct, srtp_cipher_t **c, int key_len, int tlen) +srtp_err_status_t srtp_cipher_type_alloc(const srtp_cipher_type_t *ct, + srtp_cipher_t **c, + int key_len, + int tlen) { if (!ct || !ct->alloc) { - return (srtp_err_status_bad_param); + return (srtp_err_status_bad_param); } return ((ct)->alloc((c), (key_len), (tlen))); } -srtp_err_status_t srtp_cipher_dealloc (srtp_cipher_t *c) +srtp_err_status_t srtp_cipher_dealloc(srtp_cipher_t *c) { if (!c || !c->type) { - return (srtp_err_status_bad_param); + return (srtp_err_status_bad_param); } return (((c)->type)->dealloc(c)); } -srtp_err_status_t srtp_cipher_init (srtp_cipher_t *c, const uint8_t *key) +srtp_err_status_t srtp_cipher_init(srtp_cipher_t *c, const uint8_t *key) { if (!c || !c->type || !c->state) { - return (srtp_err_status_bad_param); + return (srtp_err_status_bad_param); } return (((c)->type)->init(((c)->state), (key))); } - -srtp_err_status_t srtp_cipher_set_iv (srtp_cipher_t *c, uint8_t *iv, int direction) +srtp_err_status_t srtp_cipher_set_iv(srtp_cipher_t *c, + uint8_t *iv, + int direction) { if (!c || !c->type || !c->state) { - return (srtp_err_status_bad_param); + return (srtp_err_status_bad_param); } - return (((c)->type)->set_iv(((c)->state), iv, direction)); + return (((c)->type)->set_iv(((c)->state), iv, direction)); } -srtp_err_status_t srtp_cipher_output (srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output) +srtp_err_status_t srtp_cipher_output(srtp_cipher_t *c, + uint8_t *buffer, + uint32_t *num_octets_to_output) { - /* zeroize the buffer */ octet_string_set_to_zero(buffer, *num_octets_to_output); @@ -102,43 +107,51 @@ return (((c)->type)->encrypt(((c)->state), buffer, num_octets_to_output)); } -srtp_err_status_t srtp_cipher_encrypt (srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output) +srtp_err_status_t srtp_cipher_encrypt(srtp_cipher_t *c, + uint8_t *buffer, + uint32_t *num_octets_to_output) { if (!c || !c->type || !c->state) { - return (srtp_err_status_bad_param); + return (srtp_err_status_bad_param); } return (((c)->type)->encrypt(((c)->state), buffer, num_octets_to_output)); } -srtp_err_status_t srtp_cipher_decrypt (srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output) +srtp_err_status_t srtp_cipher_decrypt(srtp_cipher_t *c, + uint8_t *buffer, + uint32_t *num_octets_to_output) { if (!c || !c->type || !c->state) { - return (srtp_err_status_bad_param); + return (srtp_err_status_bad_param); } return (((c)->type)->decrypt(((c)->state), buffer, num_octets_to_output)); } -srtp_err_status_t srtp_cipher_get_tag (srtp_cipher_t *c, uint8_t *buffer, uint32_t *tag_len) +srtp_err_status_t srtp_cipher_get_tag(srtp_cipher_t *c, + uint8_t *buffer, + uint32_t *tag_len) { if (!c || !c->type || !c->state) { - return (srtp_err_status_bad_param); + return (srtp_err_status_bad_param); } if (!((c)->type)->get_tag) { - return (srtp_err_status_no_such_op); + return (srtp_err_status_no_such_op); } return (((c)->type)->get_tag(((c)->state), buffer, tag_len)); } -srtp_err_status_t srtp_cipher_set_aad (srtp_cipher_t *c, const uint8_t *aad, uint32_t aad_len) +srtp_err_status_t srtp_cipher_set_aad(srtp_cipher_t *c, + const uint8_t *aad, + uint32_t aad_len) { if (!c || !c->type || !c->state) { - return (srtp_err_status_bad_param); + return (srtp_err_status_bad_param); } if (!((c)->type)->set_aad) { - return (srtp_err_status_no_such_op); + return (srtp_err_status_no_such_op); } return (((c)->type)->set_aad(((c)->state), aad, aad_len)); @@ -146,57 +159,56 @@ /* some bookkeeping functions */ -int srtp_cipher_get_key_length (const srtp_cipher_t *c) +int srtp_cipher_get_key_length(const srtp_cipher_t *c) { return c->key_len; } - /* * A trivial platform independent random source. The random * data is used for some of the cipher self-tests. */ -static srtp_err_status_t srtp_cipher_rand (void *dest, uint32_t len) +static srtp_err_status_t srtp_cipher_rand(void *dest, uint32_t len) { #if defined(HAVE_RAND_S) - uint8_t *dst = (uint8_t *)dest; - while (len) - { - unsigned int val; - errno_t err = rand_s(&val); - - if (err != 0) - return srtp_err_status_fail; - - *dst++ = val & 0xff; - len--; - } + uint8_t *dst = (uint8_t *)dest; + while (len) { + unsigned int val; + errno_t err = rand_s(&val); + + if (err != 0) + return srtp_err_status_fail; + + *dst++ = val & 0xff; + len--; + } #else - /* Generic C-library (rand()) version */ - /* This is a random source of last resort */ - uint8_t *dst = (uint8_t *)dest; - while (len) - { - int val = rand(); - /* rand() returns 0-32767 (ugh) */ - /* Is this a good enough way to get random bytes? - It is if it passes FIPS-140... */ - *dst++ = val & 0xff; - len--; - } + /* Generic C-library (rand()) version */ + /* This is a random source of last resort */ + uint8_t *dst = (uint8_t *)dest; + while (len) { + int val = rand(); + /* rand() returns 0-32767 (ugh) */ + /* Is this a good enough way to get random bytes? + It is if it passes FIPS-140... */ + *dst++ = val & 0xff; + len--; + } #endif - return srtp_err_status_ok; + return srtp_err_status_ok; } - + #define SELF_TEST_BUF_OCTETS 128 -#define NUM_RAND_TESTS 128 -#define MAX_KEY_LEN 64 +#define NUM_RAND_TESTS 128 +#define MAX_KEY_LEN 64 /* * srtp_cipher_type_test(ct, test_data) tests a cipher of type ct against * test cases provided in a list test_data of values of key, salt, iv, * plaintext, and ciphertext that is known to be good */ -srtp_err_status_t srtp_cipher_type_test (const srtp_cipher_type_t *ct, const srtp_cipher_test_case_t *test_data) +srtp_err_status_t srtp_cipher_type_test( + const srtp_cipher_type_t *ct, + const srtp_cipher_test_case_t *test_data) { const srtp_cipher_test_case_t *test_case = test_data; srtp_cipher_t *c; @@ -206,6 +218,7 @@ uint32_t tag_len; unsigned int len; int i, j, case_num = 0; + unsigned k = 0; debug_print(srtp_mod_cipher, "running self-test for cipher %s", ct->description); @@ -224,7 +237,8 @@ */ while (test_case != NULL) { /* allocate cipher */ - status = srtp_cipher_type_alloc(ct, &c, test_case->key_length_octets, test_case->tag_length_octets); + status = srtp_cipher_type_alloc(ct, &c, test_case->key_length_octets, + test_case->tag_length_octets); if (status) { return status; } @@ -246,36 +260,39 @@ srtp_cipher_dealloc(c); return srtp_err_status_bad_param; } - for (i = 0; i < test_case->plaintext_length_octets; i++) { - buffer[i] = test_case->plaintext[i]; + for (k = 0; k < test_case->plaintext_length_octets; k++) { + buffer[k] = test_case->plaintext[k]; } debug_print(srtp_mod_cipher, "plaintext: %s", - srtp_octet_string_hex_string(buffer, - test_case->plaintext_length_octets)); + srtp_octet_string_hex_string( + buffer, test_case->plaintext_length_octets)); /* set the initialization vector */ - status = srtp_cipher_set_iv(c, (uint8_t*)test_case->idx, srtp_direction_encrypt); + status = srtp_cipher_set_iv(c, (uint8_t *)test_case->idx, + srtp_direction_encrypt); if (status) { srtp_cipher_dealloc(c); return status; } - if (c->algorithm == SRTP_AES_GCM_128 || c->algorithm == SRTP_AES_GCM_256) { + if (c->algorithm == SRTP_AES_GCM_128 || + c->algorithm == SRTP_AES_GCM_256) { debug_print(srtp_mod_cipher, "IV: %s", srtp_octet_string_hex_string(test_case->idx, 12)); /* * Set the AAD */ - status = srtp_cipher_set_aad(c, test_case->aad, test_case->aad_length_octets); + status = srtp_cipher_set_aad(c, test_case->aad, + test_case->aad_length_octets); if (status) { srtp_cipher_dealloc(c); return status; } debug_print(srtp_mod_cipher, "AAD: %s", - srtp_octet_string_hex_string(test_case->aad, - test_case->aad_length_octets)); + srtp_octet_string_hex_string( + test_case->aad, test_case->aad_length_octets)); } /* encrypt */ @@ -286,7 +303,8 @@ return status; } - if (c->algorithm == SRTP_AES_GCM_128 || c->algorithm == SRTP_AES_GCM_256) { + if (c->algorithm == SRTP_AES_GCM_128 || + c->algorithm == SRTP_AES_GCM_256) { /* * Get the GCM tag */ @@ -299,8 +317,8 @@ } debug_print(srtp_mod_cipher, "ciphertext: %s", - srtp_octet_string_hex_string(buffer, - test_case->ciphertext_length_octets)); + srtp_octet_string_hex_string( + buffer, test_case->ciphertext_length_octets)); /* compare the resulting ciphertext with that in the test case */ if (len != test_case->ciphertext_length_octets) { @@ -308,22 +326,22 @@ return srtp_err_status_algo_fail; } status = srtp_err_status_ok; - for (i = 0; i < test_case->ciphertext_length_octets; i++) { - if (buffer[i] != test_case->ciphertext[i]) { + for (k = 0; k < test_case->ciphertext_length_octets; k++) { + if (buffer[k] != test_case->ciphertext[k]) { status = srtp_err_status_algo_fail; debug_print(srtp_mod_cipher, "test case %d failed", case_num); - debug_print(srtp_mod_cipher, "(failure at byte %d)", i); + debug_print(srtp_mod_cipher, "(failure at byte %u)", k); break; } } if (status) { - debug_print(srtp_mod_cipher, "c computed: %s", - srtp_octet_string_hex_string(buffer, - 2 * test_case->plaintext_length_octets)); + srtp_octet_string_hex_string( + buffer, 2 * test_case->plaintext_length_octets)); debug_print(srtp_mod_cipher, "c expected: %s", - srtp_octet_string_hex_string(test_case->ciphertext, - 2 * test_case->plaintext_length_octets)); + srtp_octet_string_hex_string( + test_case->ciphertext, + 2 * test_case->plaintext_length_octets)); srtp_cipher_dealloc(c); return srtp_err_status_algo_fail; @@ -346,33 +364,36 @@ srtp_cipher_dealloc(c); return srtp_err_status_bad_param; } - for (i = 0; i < test_case->ciphertext_length_octets; i++) { - buffer[i] = test_case->ciphertext[i]; + for (k = 0; k < test_case->ciphertext_length_octets; k++) { + buffer[k] = test_case->ciphertext[k]; } debug_print(srtp_mod_cipher, "ciphertext: %s", - srtp_octet_string_hex_string(buffer, - test_case->plaintext_length_octets)); + srtp_octet_string_hex_string( + buffer, test_case->plaintext_length_octets)); /* set the initialization vector */ - status = srtp_cipher_set_iv(c, (uint8_t*)test_case->idx, srtp_direction_decrypt); + status = srtp_cipher_set_iv(c, (uint8_t *)test_case->idx, + srtp_direction_decrypt); if (status) { srtp_cipher_dealloc(c); return status; } - if (c->algorithm == SRTP_AES_GCM_128 || c->algorithm == SRTP_AES_GCM_256) { + if (c->algorithm == SRTP_AES_GCM_128 || + c->algorithm == SRTP_AES_GCM_256) { /* * Set the AAD */ - status = srtp_cipher_set_aad(c, test_case->aad, test_case->aad_length_octets); + status = srtp_cipher_set_aad(c, test_case->aad, + test_case->aad_length_octets); if (status) { srtp_cipher_dealloc(c); return status; } debug_print(srtp_mod_cipher, "AAD: %s", - srtp_octet_string_hex_string(test_case->aad, - test_case->aad_length_octets)); + srtp_octet_string_hex_string( + test_case->aad, test_case->aad_length_octets)); } /* decrypt */ @@ -384,8 +405,8 @@ } debug_print(srtp_mod_cipher, "plaintext: %s", - srtp_octet_string_hex_string(buffer, - test_case->plaintext_length_octets)); + srtp_octet_string_hex_string( + buffer, test_case->plaintext_length_octets)); /* compare the resulting plaintext with that in the test case */ if (len != test_case->plaintext_length_octets) { @@ -393,21 +414,21 @@ return srtp_err_status_algo_fail; } status = srtp_err_status_ok; - for (i = 0; i < test_case->plaintext_length_octets; i++) { - if (buffer[i] != test_case->plaintext[i]) { + for (k = 0; k < test_case->plaintext_length_octets; k++) { + if (buffer[k] != test_case->plaintext[k]) { status = srtp_err_status_algo_fail; debug_print(srtp_mod_cipher, "test case %d failed", case_num); - debug_print(srtp_mod_cipher, "(failure at byte %d)", i); + debug_print(srtp_mod_cipher, "(failure at byte %u)", k); } } if (status) { - debug_print(srtp_mod_cipher, "p computed: %s", - srtp_octet_string_hex_string(buffer, - 2 * test_case->plaintext_length_octets)); + srtp_octet_string_hex_string( + buffer, 2 * test_case->plaintext_length_octets)); debug_print(srtp_mod_cipher, "p expected: %s", - srtp_octet_string_hex_string(test_case->plaintext, - 2 * test_case->plaintext_length_octets)); + srtp_octet_string_hex_string( + test_case->plaintext, + 2 * test_case->plaintext_length_octets)); srtp_cipher_dealloc(c); return srtp_err_status_algo_fail; @@ -431,14 +452,15 @@ /* allocate cipher, using paramaters from the first test case */ test_case = test_data; - status = srtp_cipher_type_alloc(ct, &c, test_case->key_length_octets, test_case->tag_length_octets); + status = srtp_cipher_type_alloc(ct, &c, test_case->key_length_octets, + test_case->tag_length_octets); if (status) { return status; } for (j = 0; j < NUM_RAND_TESTS; j++) { - unsigned length; - int plaintext_len; + unsigned int length; + unsigned int plaintext_len; uint8_t key[MAX_KEY_LEN]; uint8_t iv[MAX_KEY_LEN]; @@ -485,24 +507,27 @@ } /* set initialization vector */ - status = srtp_cipher_set_iv(c, (uint8_t*)test_case->idx, srtp_direction_encrypt); + status = srtp_cipher_set_iv(c, (uint8_t *)test_case->idx, + srtp_direction_encrypt); if (status) { srtp_cipher_dealloc(c); return status; } - if (c->algorithm == SRTP_AES_GCM_128 || c->algorithm == SRTP_AES_GCM_256) { + if (c->algorithm == SRTP_AES_GCM_128 || + c->algorithm == SRTP_AES_GCM_256) { /* * Set the AAD */ - status = srtp_cipher_set_aad(c, test_case->aad, test_case->aad_length_octets); + status = srtp_cipher_set_aad(c, test_case->aad, + test_case->aad_length_octets); if (status) { srtp_cipher_dealloc(c); return status; } debug_print(srtp_mod_cipher, "AAD: %s", - srtp_octet_string_hex_string(test_case->aad, - test_case->aad_length_octets)); + srtp_octet_string_hex_string( + test_case->aad, test_case->aad_length_octets)); } /* encrypt buffer with cipher */ @@ -512,7 +537,8 @@ srtp_cipher_dealloc(c); return status; } - if (c->algorithm == SRTP_AES_GCM_128 || c->algorithm == SRTP_AES_GCM_256) { + if (c->algorithm == SRTP_AES_GCM_128 || + c->algorithm == SRTP_AES_GCM_256) { /* * Get the GCM tag */ @@ -535,23 +561,26 @@ srtp_cipher_dealloc(c); return status; } - status = srtp_cipher_set_iv(c, (uint8_t*)test_case->idx, srtp_direction_decrypt); + status = srtp_cipher_set_iv(c, (uint8_t *)test_case->idx, + srtp_direction_decrypt); if (status) { srtp_cipher_dealloc(c); return status; } - if (c->algorithm == SRTP_AES_GCM_128 || c->algorithm == SRTP_AES_GCM_256) { + if (c->algorithm == SRTP_AES_GCM_128 || + c->algorithm == SRTP_AES_GCM_256) { /* * Set the AAD */ - status = srtp_cipher_set_aad(c, test_case->aad, test_case->aad_length_octets); + status = srtp_cipher_set_aad(c, test_case->aad, + test_case->aad_length_octets); if (status) { srtp_cipher_dealloc(c); return status; } debug_print(srtp_mod_cipher, "AAD: %s", - srtp_octet_string_hex_string(test_case->aad, - test_case->aad_length_octets)); + srtp_octet_string_hex_string( + test_case->aad, test_case->aad_length_octets)); } status = srtp_cipher_decrypt(c, buffer, &length); if (status) { @@ -568,18 +597,18 @@ return srtp_err_status_algo_fail; } status = srtp_err_status_ok; - for (i = 0; i < plaintext_len; i++) { - if (buffer[i] != buffer2[i]) { + for (k = 0; k < plaintext_len; k++) { + if (buffer[k] != buffer2[k]) { status = srtp_err_status_algo_fail; - debug_print(srtp_mod_cipher, "random test case %d failed", case_num); - debug_print(srtp_mod_cipher, "(failure at byte %d)", i); + debug_print(srtp_mod_cipher, "random test case %d failed", + case_num); + debug_print(srtp_mod_cipher, "(failure at byte %u)", k); } } if (status) { srtp_cipher_dealloc(c); return srtp_err_status_algo_fail; } - } status = srtp_cipher_dealloc(c); @@ -590,12 +619,11 @@ return srtp_err_status_ok; } - /* - * srtp_cipher_type_self_test(ct) performs srtp_cipher_type_test on ct's internal - * list of test data. + * srtp_cipher_type_self_test(ct) performs srtp_cipher_type_test on ct's + * internal list of test data. */ -srtp_err_status_t srtp_cipher_type_self_test (const srtp_cipher_type_t *ct) +srtp_err_status_t srtp_cipher_type_self_test(const srtp_cipher_type_t *ct) { return srtp_cipher_type_test(ct, ct->test_data); } @@ -610,7 +638,9 @@ * * if an error is encountered, the value 0 is returned */ -uint64_t srtp_cipher_bits_per_second (srtp_cipher_t *c, int octets_in_buffer, int num_trials) +uint64_t srtp_cipher_bits_per_second(srtp_cipher_t *c, + int octets_in_buffer, + int num_trials) { int i; v128_t nonce; @@ -618,16 +648,16 @@ unsigned char *enc_buf; unsigned int len = octets_in_buffer; - enc_buf = (unsigned char*)srtp_crypto_alloc(octets_in_buffer); + enc_buf = (unsigned char *)srtp_crypto_alloc(octets_in_buffer); if (enc_buf == NULL) { return 0; /* indicate bad parameters by returning null */ - } /* time repeated trials */ v128_set_to_zero(&nonce); timer = clock(); for (i = 0; i < num_trials; i++, nonce.v32[3] = i) { - if (srtp_cipher_set_iv(c, (uint8_t*)&nonce, srtp_direction_encrypt) != srtp_err_status_ok) { + if (srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt) != + srtp_err_status_ok) { srtp_crypto_free(enc_buf); return 0; } diff -Nru libsrtp2-2.1.0/crypto/cipher/null_cipher.c libsrtp2-2.2.0/crypto/cipher/null_cipher.c --- libsrtp2-2.1.0/crypto/cipher/null_cipher.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/cipher/null_cipher.c 2018-05-15 19:33:24.000000000 +0000 @@ -45,45 +45,42 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "datatypes.h" #include "null_cipher.h" -#include "err.h" /* for srtp_debug */ +#include "err.h" /* for srtp_debug */ #include "alloc.h" +#include "cipher_types.h" -/* the null_cipher uses the cipher debug module */ - -extern srtp_debug_module_t srtp_mod_cipher; - -static srtp_err_status_t srtp_null_cipher_alloc (srtp_cipher_t **c, int key_len, int tlen) +static srtp_err_status_t srtp_null_cipher_alloc(srtp_cipher_t **c, + int key_len, + int tlen) { extern const srtp_cipher_type_t srtp_null_cipher; - debug_print(srtp_mod_cipher, - "allocating cipher with key length %d", key_len); + debug_print(srtp_mod_cipher, "allocating cipher with key length %d", + key_len); /* allocate memory a cipher of type null_cipher */ *c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t)); if (*c == NULL) { return srtp_err_status_alloc_fail; } - memset(*c, 0x0, sizeof(srtp_cipher_t)); /* set pointers */ (*c)->algorithm = SRTP_NULL_CIPHER; (*c)->type = &srtp_null_cipher; - (*c)->state = (void *) 0x1; /* The null cipher does not maintain state */ + (*c)->state = (void *)0x1; /* The null cipher does not maintain state */ /* set key size */ (*c)->key_len = key_len; return srtp_err_status_ok; - } -static srtp_err_status_t srtp_null_cipher_dealloc (srtp_cipher_t *c) +static srtp_err_status_t srtp_null_cipher_dealloc(srtp_cipher_t *c) { extern const srtp_cipher_type_t srtp_null_cipher; @@ -94,28 +91,30 @@ srtp_crypto_free(c); return srtp_err_status_ok; - } -static srtp_err_status_t srtp_null_cipher_init (void *cv, const uint8_t *key) +static srtp_err_status_t srtp_null_cipher_init(void *cv, const uint8_t *key) { - /* srtp_null_cipher_ctx_t *c = (srtp_null_cipher_ctx_t *)cv; */ + /* srtp_null_cipher_ctx_t *c = (srtp_null_cipher_ctx_t *)cv; */ debug_print(srtp_mod_cipher, "initializing null cipher", NULL); return srtp_err_status_ok; } -static srtp_err_status_t srtp_null_cipher_set_iv (void *cv, uint8_t *iv, srtp_cipher_direction_t dir) +static srtp_err_status_t srtp_null_cipher_set_iv(void *cv, + uint8_t *iv, + srtp_cipher_direction_t dir) { - /* srtp_null_cipher_ctx_t *c = (srtp_null_cipher_ctx_t *)cv; */ + /* srtp_null_cipher_ctx_t *c = (srtp_null_cipher_ctx_t *)cv; */ return srtp_err_status_ok; } -static srtp_err_status_t srtp_null_cipher_encrypt (void *cv, - unsigned char *buf, unsigned int *bytes_to_encr) +static srtp_err_status_t srtp_null_cipher_encrypt(void *cv, + unsigned char *buf, + unsigned int *bytes_to_encr) { - /* srtp_null_cipher_ctx_t *c = (srtp_null_cipher_ctx_t *)cv; */ + /* srtp_null_cipher_ctx_t *c = (srtp_null_cipher_ctx_t *)cv; */ return srtp_err_status_ok; } @@ -129,28 +128,26 @@ NULL, /* plaintext */ 0, /* octets in plaintext */ NULL, /* ciphertext */ - 0, - NULL, - 0, - NULL /* pointer to next testcase */ + 0, /* */ + NULL, /* */ + 0, /* */ + NULL /* pointer to next testcase */ }; - /* * note: the decrypt function is idential to the encrypt function */ const srtp_cipher_type_t srtp_null_cipher = { - srtp_null_cipher_alloc, - srtp_null_cipher_dealloc, - srtp_null_cipher_init, - 0, /* set_aad */ - srtp_null_cipher_encrypt, - srtp_null_cipher_encrypt, - srtp_null_cipher_set_iv, - 0, /* get_tag */ - srtp_null_cipher_description, - &srtp_null_cipher_test_0, - SRTP_NULL_CIPHER + srtp_null_cipher_alloc, /* */ + srtp_null_cipher_dealloc, /* */ + srtp_null_cipher_init, /* */ + 0, /* set_aad */ + srtp_null_cipher_encrypt, /* */ + srtp_null_cipher_encrypt, /* */ + srtp_null_cipher_set_iv, /* */ + 0, /* get_tag */ + srtp_null_cipher_description, /* */ + &srtp_null_cipher_test_0, /* */ + SRTP_NULL_CIPHER /* */ }; - diff -Nru libsrtp2-2.1.0/crypto/hash/auth.c libsrtp2-2.2.0/crypto/hash/auth.c --- libsrtp2-2.1.0/crypto/hash/auth.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/hash/auth.c 2018-05-15 19:33:24.000000000 +0000 @@ -44,32 +44,31 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "auth.h" -#include "err.h" /* for srtp_debug */ -#include "datatypes.h" /* for octet_string */ +#include "err.h" /* for srtp_debug */ +#include "datatypes.h" /* for octet_string */ /* the debug module for authentiation */ srtp_debug_module_t srtp_mod_auth = { - 0, /* debugging is off by default */ - "auth func" /* printable name for module */ + 0, /* debugging is off by default */ + "auth func" /* printable name for module */ }; - -int srtp_auth_get_key_length (const srtp_auth_t *a) +int srtp_auth_get_key_length(const srtp_auth_t *a) { return a->key_len; } -int srtp_auth_get_tag_length (const srtp_auth_t *a) +int srtp_auth_get_tag_length(const srtp_auth_t *a) { return a->out_len; } -int srtp_auth_get_prefix_length (const srtp_auth_t *a) +int srtp_auth_get_prefix_length(const srtp_auth_t *a) { return a->prefix_len; } @@ -83,8 +82,8 @@ /* should be big enough for most occasions */ #define SELF_TEST_TAG_BUF_OCTETS 32 -srtp_err_status_t -srtp_auth_type_test (const srtp_auth_type_t *at, const srtp_auth_test_case_t *test_data) +srtp_err_status_t srtp_auth_type_test(const srtp_auth_type_t *at, + const srtp_auth_test_case_t *test_data) { const srtp_auth_test_case_t *test_case = test_data; srtp_auth_t *a; @@ -105,7 +104,6 @@ /* loop over all test cases */ while (test_case != NULL) { - /* check test case parameters */ if (test_case->tag_length_octets > SELF_TEST_TAG_BUF_OCTETS) { return srtp_err_status_bad_param; @@ -113,7 +111,7 @@ /* allocate auth */ status = srtp_auth_type_alloc(at, &a, test_case->key_length_octets, - test_case->tag_length_octets); + test_case->tag_length_octets); if (status) { return status; } @@ -128,7 +126,7 @@ /* zeroize tag then compute */ octet_string_set_to_zero(tag, test_case->tag_length_octets); status = srtp_auth_compute(a, test_case->data, - test_case->data_length_octets, tag); + test_case->data_length_octets, tag); if (status) { srtp_auth_dealloc(a); return status; @@ -138,10 +136,11 @@ srtp_octet_string_hex_string(test_case->key, test_case->key_length_octets)); debug_print(srtp_mod_auth, "data: %s", - srtp_octet_string_hex_string(test_case->data, - test_case->data_length_octets)); - debug_print(srtp_mod_auth, "tag computed: %s", - srtp_octet_string_hex_string(tag, test_case->tag_length_octets)); + srtp_octet_string_hex_string( + test_case->data, test_case->data_length_octets)); + debug_print( + srtp_mod_auth, "tag computed: %s", + srtp_octet_string_hex_string(tag, test_case->tag_length_octets)); debug_print(srtp_mod_auth, "tag expected: %s", srtp_octet_string_hex_string(test_case->tag, test_case->tag_length_octets)); @@ -177,14 +176,12 @@ return srtp_err_status_ok; } - /* - * auth_type_self_test(at) performs srtp_auth_type_test on at's internal + * srtp_auth_type_self_test(at) performs srtp_auth_type_test on at's internal * list of test data. */ -srtp_err_status_t srtp_auth_type_self_test (const srtp_auth_type_t *at) +srtp_err_status_t srtp_auth_type_self_test(const srtp_auth_type_t *at) { return srtp_auth_type_test(at, at->test_data); } - diff -Nru libsrtp2-2.1.0/crypto/hash/hmac.c libsrtp2-2.2.0/crypto/hash/hmac.c --- libsrtp2-2.1.0/crypto/hash/hmac.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/hash/hmac.c 2018-05-15 19:33:24.000000000 +0000 @@ -43,27 +43,31 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "hmac.h" #include "alloc.h" +#include "cipher_types.h" /* the debug module for authentiation */ srtp_debug_module_t srtp_mod_hmac = { - 0, /* debugging is off by default */ - "hmac sha-1" /* printable name for module */ + 0, /* debugging is off by default */ + "hmac sha-1" /* printable name for module */ }; - -static srtp_err_status_t srtp_hmac_alloc (srtp_auth_t **a, int key_len, int out_len) +static srtp_err_status_t srtp_hmac_alloc(srtp_auth_t **a, + int key_len, + int out_len) { extern const srtp_auth_type_t srtp_hmac; uint8_t *pointer; - debug_print(srtp_mod_hmac, "allocating auth func with key length %d", key_len); - debug_print(srtp_mod_hmac, " tag length %d", out_len); + debug_print(srtp_mod_hmac, "allocating auth func with key length %d", + key_len); + debug_print(srtp_mod_hmac, " tag length %d", + out_len); /* * check key length - note that we don't support keys larger @@ -79,13 +83,14 @@ } /* allocate memory for auth and srtp_hmac_ctx_t structures */ - pointer = (uint8_t*)srtp_crypto_alloc(sizeof(srtp_hmac_ctx_t) + sizeof(srtp_auth_t)); + pointer = (uint8_t *)srtp_crypto_alloc(sizeof(srtp_hmac_ctx_t) + + sizeof(srtp_auth_t)); if (pointer == NULL) { return srtp_err_status_alloc_fail; } /* set pointers */ - *a = (srtp_auth_t*)pointer; + *a = (srtp_auth_t *)pointer; (*a)->type = &srtp_hmac; (*a)->state = pointer + sizeof(srtp_auth_t); (*a)->out_len = out_len; @@ -95,7 +100,7 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_hmac_dealloc (srtp_auth_t *a) +static srtp_err_status_t srtp_hmac_dealloc(srtp_auth_t *a) { /* zeroize entire state*/ octet_string_set_to_zero(a, sizeof(srtp_hmac_ctx_t) + sizeof(srtp_auth_t)); @@ -106,7 +111,9 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_hmac_init (void *statev, const uint8_t *key, int key_len) +static srtp_err_status_t srtp_hmac_init(void *statev, + const uint8_t *key, + int key_len) { srtp_hmac_ctx_t *state = (srtp_hmac_ctx_t *)statev; int i; @@ -131,10 +138,11 @@ /* set the rest of ipad, opad to constant values */ for (; i < 64; i++) { ipad[i] = 0x36; - ((uint8_t*)state->opad)[i] = 0x5c; + ((uint8_t *)state->opad)[i] = 0x5c; } - debug_print(srtp_mod_hmac, "ipad: %s", srtp_octet_string_hex_string(ipad, 64)); + debug_print(srtp_mod_hmac, "ipad: %s", + srtp_octet_string_hex_string(ipad, 64)); /* initialize sha1 context */ srtp_sha1_init(&state->init_ctx); @@ -146,7 +154,7 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_hmac_start (void *statev) +static srtp_err_status_t srtp_hmac_start(void *statev) { srtp_hmac_ctx_t *state = (srtp_hmac_ctx_t *)statev; @@ -155,7 +163,9 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_hmac_update (void *statev, const uint8_t *message, int msg_octets) +static srtp_err_status_t srtp_hmac_update(void *statev, + const uint8_t *message, + int msg_octets) { srtp_hmac_ctx_t *state = (srtp_hmac_ctx_t *)statev; @@ -168,8 +178,11 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_hmac_compute (void *statev, const uint8_t *message, - int msg_octets, int tag_len, uint8_t *result) +static srtp_err_status_t srtp_hmac_compute(void *statev, + const uint8_t *message, + int msg_octets, + int tag_len, + uint8_t *result) { srtp_hmac_ctx_t *state = (srtp_hmac_ctx_t *)statev; uint32_t hash_value[5]; @@ -190,49 +203,53 @@ * function hmac_update() already did that for us */ debug_print(srtp_mod_hmac, "intermediate state: %s", - srtp_octet_string_hex_string((uint8_t*)H, 20)); + srtp_octet_string_hex_string((uint8_t *)H, 20)); /* re-initialize hash context */ srtp_sha1_init(&state->ctx); /* hash opad ^ key */ - srtp_sha1_update(&state->ctx, (uint8_t*)state->opad, 64); + srtp_sha1_update(&state->ctx, (uint8_t *)state->opad, 64); /* hash the result of the inner hash */ - srtp_sha1_update(&state->ctx, (uint8_t*)H, 20); + srtp_sha1_update(&state->ctx, (uint8_t *)H, 20); /* the result is returned in the array hash_value[] */ srtp_sha1_final(&state->ctx, hash_value); /* copy hash_value to *result */ for (i = 0; i < tag_len; i++) { - result[i] = ((uint8_t*)hash_value)[i]; + result[i] = ((uint8_t *)hash_value)[i]; } debug_print(srtp_mod_hmac, "output: %s", - srtp_octet_string_hex_string((uint8_t*)hash_value, tag_len)); + srtp_octet_string_hex_string((uint8_t *)hash_value, tag_len)); return srtp_err_status_ok; } - /* begin test case 0 */ - +/* clang-format off */ static const uint8_t srtp_hmac_test_case_0_key[20] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_hmac_test_case_0_data[8] = { 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 /* "Hi There" */ }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_hmac_test_case_0_tag[20] = { 0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e, 0xf1, 0x46, 0xbe, 0x00 }; +/* clang-format on */ static const srtp_auth_test_case_t srtp_hmac_test_case_0 = { 20, /* octets in key */ @@ -246,21 +263,21 @@ /* end test case 0 */ -static const char srtp_hmac_description[] = "hmac sha-1 authentication function"; +static const char srtp_hmac_description[] = + "hmac sha-1 authentication function"; /* * srtp_auth_type_t hmac is the hmac metaobject */ -const srtp_auth_type_t srtp_hmac = { - srtp_hmac_alloc, - srtp_hmac_dealloc, - srtp_hmac_init, - srtp_hmac_compute, - srtp_hmac_update, - srtp_hmac_start, - srtp_hmac_description, - &srtp_hmac_test_case_0, - SRTP_HMAC_SHA1 +const srtp_auth_type_t srtp_hmac = { + srtp_hmac_alloc, /* */ + srtp_hmac_dealloc, /* */ + srtp_hmac_init, /* */ + srtp_hmac_compute, /* */ + srtp_hmac_update, /* */ + srtp_hmac_start, /* */ + srtp_hmac_description, /* */ + &srtp_hmac_test_case_0, /* */ + SRTP_HMAC_SHA1 /* */ }; - diff -Nru libsrtp2-2.1.0/crypto/hash/hmac_ossl.c libsrtp2-2.2.0/crypto/hash/hmac_ossl.c --- libsrtp2-2.1.0/crypto/hash/hmac_ossl.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/hash/hmac_ossl.c 2018-05-15 19:33:24.000000000 +0000 @@ -43,31 +43,34 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "auth.h" #include "alloc.h" -#include "err.h" /* for srtp_debug */ +#include "err.h" /* for srtp_debug */ #include #include -#define SHA1_DIGEST_SIZE 20 +#define SHA1_DIGEST_SIZE 20 /* the debug module for authentiation */ srtp_debug_module_t srtp_mod_hmac = { - 0, /* debugging is off by default */ - "hmac sha-1 openssl" /* printable name for module */ + 0, /* debugging is off by default */ + "hmac sha-1 openssl" /* printable name for module */ }; - -static srtp_err_status_t srtp_hmac_alloc (srtp_auth_t **a, int key_len, int out_len) +static srtp_err_status_t srtp_hmac_alloc(srtp_auth_t **a, + int key_len, + int out_len) { extern const srtp_auth_type_t srtp_hmac; - debug_print(srtp_mod_hmac, "allocating auth func with key length %d", key_len); - debug_print(srtp_mod_hmac, " tag length %d", out_len); + debug_print(srtp_mod_hmac, "allocating auth func with key length %d", + key_len); + debug_print(srtp_mod_hmac, " tag length %d", + out_len); /* check output length - should be less than 20 bytes */ if (out_len > SHA1_DIGEST_SIZE) { @@ -76,24 +79,25 @@ /* OpenSSL 1.1.0 made HMAC_CTX an opaque structure, which must be allocated using HMAC_CTX_new. But this function doesn't exist in OpenSSL 1.0.x. */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER { /* allocate memory for auth and HMAC_CTX structures */ - uint8_t* pointer; + uint8_t *pointer; HMAC_CTX *new_hmac_ctx; - pointer = (uint8_t*)srtp_crypto_alloc(sizeof(HMAC_CTX) + sizeof(srtp_auth_t)); + pointer = (uint8_t *)srtp_crypto_alloc(sizeof(HMAC_CTX) + + sizeof(srtp_auth_t)); if (pointer == NULL) { return srtp_err_status_alloc_fail; } - *a = (srtp_auth_t*)pointer; + *a = (srtp_auth_t *)pointer; (*a)->state = pointer + sizeof(srtp_auth_t); - new_hmac_ctx = (HMAC_CTX*)((*a)->state); + new_hmac_ctx = (HMAC_CTX *)((*a)->state); HMAC_CTX_init(new_hmac_ctx); } #else - *a = (srtp_auth_t*)srtp_crypto_alloc(sizeof(srtp_auth_t)); + *a = (srtp_auth_t *)srtp_crypto_alloc(sizeof(srtp_auth_t)); if (*a == NULL) { return srtp_err_status_alloc_fail; } @@ -115,13 +119,13 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_hmac_dealloc (srtp_auth_t *a) +static srtp_err_status_t srtp_hmac_dealloc(srtp_auth_t *a) { HMAC_CTX *hmac_ctx; - hmac_ctx = (HMAC_CTX*)a->state; + hmac_ctx = (HMAC_CTX *)a->state; -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER HMAC_CTX_cleanup(hmac_ctx); /* zeroize entire state*/ @@ -140,7 +144,7 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_hmac_start (void *statev) +static srtp_err_status_t srtp_hmac_start(void *statev) { HMAC_CTX *state = (HMAC_CTX *)statev; @@ -150,7 +154,9 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_hmac_init (void *statev, const uint8_t *key, int key_len) +static srtp_err_status_t srtp_hmac_init(void *statev, + const uint8_t *key, + int key_len) { HMAC_CTX *state = (HMAC_CTX *)statev; @@ -160,7 +166,9 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_hmac_update (void *statev, const uint8_t *message, int msg_octets) +static srtp_err_status_t srtp_hmac_update(void *statev, + const uint8_t *message, + int msg_octets) { HMAC_CTX *state = (HMAC_CTX *)statev; @@ -173,8 +181,11 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_hmac_compute (void *statev, const uint8_t *message, - int msg_octets, int tag_len, uint8_t *result) +static srtp_err_status_t srtp_hmac_compute(void *statev, + const uint8_t *message, + int msg_octets, + int tag_len, + uint8_t *result) { HMAC_CTX *state = (HMAC_CTX *)statev; uint8_t hash_value[SHA1_DIGEST_SIZE]; @@ -207,52 +218,56 @@ return srtp_err_status_ok; } - /* begin test case 0 */ - +/* clang-format off */ static const uint8_t srtp_hmac_test_case_0_key[SHA1_DIGEST_SIZE] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_hmac_test_case_0_data[8] = { 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 /* "Hi There" */ }; +/* clang-format on */ +/* clang-format off */ static const uint8_t srtp_hmac_test_case_0_tag[SHA1_DIGEST_SIZE] = { 0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64, 0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e, 0xf1, 0x46, 0xbe, 0x00 }; +/* clang-format on */ static const srtp_auth_test_case_t srtp_hmac_test_case_0 = { - sizeof(srtp_hmac_test_case_0_key), /* octets in key */ - srtp_hmac_test_case_0_key, /* key */ - sizeof(srtp_hmac_test_case_0_data), /* octets in data */ - srtp_hmac_test_case_0_data, /* data */ - sizeof(srtp_hmac_test_case_0_tag), /* octets in tag */ - srtp_hmac_test_case_0_tag, /* tag */ - NULL /* pointer to next testcase */ + sizeof(srtp_hmac_test_case_0_key), /* octets in key */ + srtp_hmac_test_case_0_key, /* key */ + sizeof(srtp_hmac_test_case_0_data), /* octets in data */ + srtp_hmac_test_case_0_data, /* data */ + sizeof(srtp_hmac_test_case_0_tag), /* octets in tag */ + srtp_hmac_test_case_0_tag, /* tag */ + NULL /* pointer to next testcase */ }; /* end test case 0 */ -static const char srtp_hmac_description[] = "hmac sha-1 authentication function"; +static const char srtp_hmac_description[] = + "hmac sha-1 authentication function"; /* * srtp_auth_type_t hmac is the hmac metaobject */ -const srtp_auth_type_t srtp_hmac = { - srtp_hmac_alloc, - srtp_hmac_dealloc, - srtp_hmac_init, - srtp_hmac_compute, - srtp_hmac_update, - srtp_hmac_start, - srtp_hmac_description, - &srtp_hmac_test_case_0, - SRTP_HMAC_SHA1 +const srtp_auth_type_t srtp_hmac = { + srtp_hmac_alloc, /* */ + srtp_hmac_dealloc, /* */ + srtp_hmac_init, /* */ + srtp_hmac_compute, /* */ + srtp_hmac_update, /* */ + srtp_hmac_start, /* */ + srtp_hmac_description, /* */ + &srtp_hmac_test_case_0, /* */ + SRTP_HMAC_SHA1 /* */ }; - diff -Nru libsrtp2-2.1.0/crypto/hash/null_auth.c libsrtp2-2.2.0/crypto/hash/null_auth.c --- libsrtp2-2.1.0/crypto/hash/null_auth.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/hash/null_auth.c 2018-05-15 19:33:24.000000000 +0000 @@ -45,33 +45,35 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "null_auth.h" -#include "err.h" /* for srtp_debug */ +#include "err.h" /* for srtp_debug */ #include "alloc.h" +#include "cipher_types.h" -/* null_auth uses the auth debug module */ - -extern srtp_debug_module_t srtp_mod_auth; - -static srtp_err_status_t srtp_null_auth_alloc (srtp_auth_t **a, int key_len, int out_len) +static srtp_err_status_t srtp_null_auth_alloc(srtp_auth_t **a, + int key_len, + int out_len) { extern const srtp_auth_type_t srtp_null_auth; uint8_t *pointer; - debug_print(srtp_mod_auth, "allocating auth func with key length %d", key_len); - debug_print(srtp_mod_auth, " tag length %d", out_len); + debug_print(srtp_mod_auth, "allocating auth func with key length %d", + key_len); + debug_print(srtp_mod_auth, " tag length %d", + out_len); /* allocate memory for auth and srtp_null_auth_ctx_t structures */ - pointer = (uint8_t*)srtp_crypto_alloc(sizeof(srtp_null_auth_ctx_t) + sizeof(srtp_auth_t)); + pointer = (uint8_t *)srtp_crypto_alloc(sizeof(srtp_null_auth_ctx_t) + + sizeof(srtp_auth_t)); if (pointer == NULL) { return srtp_err_status_alloc_fail; } /* set pointers */ - *a = (srtp_auth_t*)pointer; + *a = (srtp_auth_t *)pointer; (*a)->type = &srtp_null_auth; (*a)->state = pointer + sizeof(srtp_auth_t); (*a)->out_len = out_len; @@ -81,12 +83,13 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_null_auth_dealloc (srtp_auth_t *a) +static srtp_err_status_t srtp_null_auth_dealloc(srtp_auth_t *a) { extern const srtp_auth_type_t srtp_null_auth; /* zeroize entire state*/ - octet_string_set_to_zero(a, sizeof(srtp_null_auth_ctx_t) + sizeof(srtp_auth_t)); + octet_string_set_to_zero(a, sizeof(srtp_null_auth_ctx_t) + + sizeof(srtp_auth_t)); /* free memory */ srtp_crypto_free(a); @@ -94,7 +97,9 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_null_auth_init (void *statev, const uint8_t *key, int key_len) +static srtp_err_status_t srtp_null_auth_init(void *statev, + const uint8_t *key, + int key_len) { /* srtp_null_auth_ctx_t *state = (srtp_null_auth_ctx_t *)statev; */ /* accept any length of key, and do nothing */ @@ -102,23 +107,27 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_null_auth_compute (void *statev, const uint8_t *message, - int msg_octets, int tag_len, uint8_t *result) +static srtp_err_status_t srtp_null_auth_compute(void *statev, + const uint8_t *message, + int msg_octets, + int tag_len, + uint8_t *result) { /* srtp_null_auth_ctx_t *state = (srtp_null_auth_ctx_t *)statev; */ return srtp_err_status_ok; } -static srtp_err_status_t srtp_null_auth_update (void *statev, const uint8_t *message, - int msg_octets) +static srtp_err_status_t srtp_null_auth_update(void *statev, + const uint8_t *message, + int msg_octets) { /* srtp_null_auth_ctx_t *state = (srtp_null_auth_ctx_t *)statev; */ return srtp_err_status_ok; } -static srtp_err_status_t srtp_null_auth_start (void *statev) +static srtp_err_status_t srtp_null_auth_start(void *statev) { /* srtp_null_auth_ctx_t *state = (srtp_null_auth_ctx_t *)statev; */ @@ -133,28 +142,27 @@ /* begin test case 0 */ static const srtp_auth_test_case_t srtp_null_auth_test_case_0 = { - 0, /* octets in key */ - NULL, /* key */ - 0, /* octets in data */ - NULL, /* data */ - 0, /* octets in tag */ - NULL, /* tag */ - NULL /* pointer to next testcase */ + 0, /* octets in key */ + NULL, /* key */ + 0, /* octets in data */ + NULL, /* data */ + 0, /* octets in tag */ + NULL, /* tag */ + NULL /* pointer to next testcase */ }; /* end test case 0 */ static const char srtp_null_auth_description[] = "null authentication function"; -const srtp_auth_type_t srtp_null_auth = { - srtp_null_auth_alloc, - srtp_null_auth_dealloc, - srtp_null_auth_init, - srtp_null_auth_compute, - srtp_null_auth_update, - srtp_null_auth_start, - srtp_null_auth_description, - &srtp_null_auth_test_case_0, - SRTP_NULL_AUTH +const srtp_auth_type_t srtp_null_auth = { + srtp_null_auth_alloc, /* */ + srtp_null_auth_dealloc, /* */ + srtp_null_auth_init, /* */ + srtp_null_auth_compute, /* */ + srtp_null_auth_update, /* */ + srtp_null_auth_start, /* */ + srtp_null_auth_description, /* */ + &srtp_null_auth_test_case_0, /* */ + SRTP_NULL_AUTH /* */ }; - diff -Nru libsrtp2-2.1.0/crypto/hash/sha1.c libsrtp2-2.2.0/crypto/hash/sha1.c --- libsrtp2-2.1.0/crypto/hash/sha1.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/hash/sha1.c 2018-05-15 19:33:24.000000000 +0000 @@ -45,19 +45,19 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "sha1.h" srtp_debug_module_t srtp_mod_sha1 = { - 0, /* debugging is off by default */ - "sha-1" /* printable module name */ + 0, /* debugging is off by default */ + "sha-1" /* printable module name */ }; /* SN == Rotate left N bits */ -#define S1(X) ((X << 1) | (X >> 31)) -#define S5(X) ((X << 5) | (X >> 27)) +#define S1(X) ((X << 1) | (X >> 31)) +#define S5(X) ((X << 5) | (X >> 27)) #define S30(X) ((X << 30) | (X >> 2)) #define f0(B, C, D) ((B & C) | (~B & D)) @@ -71,19 +71,18 @@ * on systems that uses curses */ -uint32_t SHA_K0 = 0x5A827999; /* Kt for 0 <= t <= 19 */ -uint32_t SHA_K1 = 0x6ED9EBA1; /* Kt for 20 <= t <= 39 */ -uint32_t SHA_K2 = 0x8F1BBCDC; /* Kt for 40 <= t <= 59 */ -uint32_t SHA_K3 = 0xCA62C1D6; /* Kt for 60 <= t <= 79 */ +uint32_t SHA_K0 = 0x5A827999; /* Kt for 0 <= t <= 19 */ +uint32_t SHA_K1 = 0x6ED9EBA1; /* Kt for 20 <= t <= 39 */ +uint32_t SHA_K2 = 0x8F1BBCDC; /* Kt for 40 <= t <= 59 */ +uint32_t SHA_K3 = 0xCA62C1D6; /* Kt for 60 <= t <= 79 */ -void srtp_sha1 (const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) +void srtp_sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5]) { srtp_sha1_ctx_t ctx; srtp_sha1_init(&ctx); srtp_sha1_update(&ctx, msg, octets_in_msg); srtp_sha1_final(&ctx, hash_value); - } /* @@ -98,7 +97,7 @@ * (crypto/cipher/seal.c) */ -void srtp_sha1_core (const uint32_t M[16], uint32_t hash_value[5]) +void srtp_sha1_core(const uint32_t M[16], uint32_t hash_value[5]) { uint32_t H0; uint32_t H1; @@ -118,38 +117,54 @@ /* copy/xor message into array */ - W[0] = be32_to_cpu(M[0]); - W[1] = be32_to_cpu(M[1]); - W[2] = be32_to_cpu(M[2]); - W[3] = be32_to_cpu(M[3]); - W[4] = be32_to_cpu(M[4]); - W[5] = be32_to_cpu(M[5]); - W[6] = be32_to_cpu(M[6]); - W[7] = be32_to_cpu(M[7]); - W[8] = be32_to_cpu(M[8]); - W[9] = be32_to_cpu(M[9]); + W[0] = be32_to_cpu(M[0]); + W[1] = be32_to_cpu(M[1]); + W[2] = be32_to_cpu(M[2]); + W[3] = be32_to_cpu(M[3]); + W[4] = be32_to_cpu(M[4]); + W[5] = be32_to_cpu(M[5]); + W[6] = be32_to_cpu(M[6]); + W[7] = be32_to_cpu(M[7]); + W[8] = be32_to_cpu(M[8]); + W[9] = be32_to_cpu(M[9]); W[10] = be32_to_cpu(M[10]); W[11] = be32_to_cpu(M[11]); W[12] = be32_to_cpu(M[12]); W[13] = be32_to_cpu(M[13]); W[14] = be32_to_cpu(M[14]); W[15] = be32_to_cpu(M[15]); - TEMP = W[13] ^ W[8] ^ W[2] ^ W[0]; W[16] = S1(TEMP); - TEMP = W[14] ^ W[9] ^ W[3] ^ W[1]; W[17] = S1(TEMP); - TEMP = W[15] ^ W[10] ^ W[4] ^ W[2]; W[18] = S1(TEMP); - TEMP = W[16] ^ W[11] ^ W[5] ^ W[3]; W[19] = S1(TEMP); - TEMP = W[17] ^ W[12] ^ W[6] ^ W[4]; W[20] = S1(TEMP); - TEMP = W[18] ^ W[13] ^ W[7] ^ W[5]; W[21] = S1(TEMP); - TEMP = W[19] ^ W[14] ^ W[8] ^ W[6]; W[22] = S1(TEMP); - TEMP = W[20] ^ W[15] ^ W[9] ^ W[7]; W[23] = S1(TEMP); - TEMP = W[21] ^ W[16] ^ W[10] ^ W[8]; W[24] = S1(TEMP); - TEMP = W[22] ^ W[17] ^ W[11] ^ W[9]; W[25] = S1(TEMP); - TEMP = W[23] ^ W[18] ^ W[12] ^ W[10]; W[26] = S1(TEMP); - TEMP = W[24] ^ W[19] ^ W[13] ^ W[11]; W[27] = S1(TEMP); - TEMP = W[25] ^ W[20] ^ W[14] ^ W[12]; W[28] = S1(TEMP); - TEMP = W[26] ^ W[21] ^ W[15] ^ W[13]; W[29] = S1(TEMP); - TEMP = W[27] ^ W[22] ^ W[16] ^ W[14]; W[30] = S1(TEMP); - TEMP = W[28] ^ W[23] ^ W[17] ^ W[15]; W[31] = S1(TEMP); + TEMP = W[13] ^ W[8] ^ W[2] ^ W[0]; + W[16] = S1(TEMP); + TEMP = W[14] ^ W[9] ^ W[3] ^ W[1]; + W[17] = S1(TEMP); + TEMP = W[15] ^ W[10] ^ W[4] ^ W[2]; + W[18] = S1(TEMP); + TEMP = W[16] ^ W[11] ^ W[5] ^ W[3]; + W[19] = S1(TEMP); + TEMP = W[17] ^ W[12] ^ W[6] ^ W[4]; + W[20] = S1(TEMP); + TEMP = W[18] ^ W[13] ^ W[7] ^ W[5]; + W[21] = S1(TEMP); + TEMP = W[19] ^ W[14] ^ W[8] ^ W[6]; + W[22] = S1(TEMP); + TEMP = W[20] ^ W[15] ^ W[9] ^ W[7]; + W[23] = S1(TEMP); + TEMP = W[21] ^ W[16] ^ W[10] ^ W[8]; + W[24] = S1(TEMP); + TEMP = W[22] ^ W[17] ^ W[11] ^ W[9]; + W[25] = S1(TEMP); + TEMP = W[23] ^ W[18] ^ W[12] ^ W[10]; + W[26] = S1(TEMP); + TEMP = W[24] ^ W[19] ^ W[13] ^ W[11]; + W[27] = S1(TEMP); + TEMP = W[25] ^ W[20] ^ W[14] ^ W[12]; + W[28] = S1(TEMP); + TEMP = W[26] ^ W[21] ^ W[15] ^ W[13]; + W[29] = S1(TEMP); + TEMP = W[27] ^ W[22] ^ W[16] ^ W[14]; + W[30] = S1(TEMP); + TEMP = W[28] ^ W[23] ^ W[17] ^ W[15]; + W[31] = S1(TEMP); /* process the remainder of the array */ for (t = 32; t < 80; t++) { @@ -157,23 +172,43 @@ W[t] = S1(TEMP); } - A = H0; B = H1; C = H2; D = H3; E = H4; + A = H0; + B = H1; + C = H2; + D = H3; + E = H4; for (t = 0; t < 20; t++) { TEMP = S5(A) + f0(B, C, D) + E + W[t] + SHA_K0; - E = D; D = C; C = S30(B); B = A; A = TEMP; + E = D; + D = C; + C = S30(B); + B = A; + A = TEMP; } for (; t < 40; t++) { TEMP = S5(A) + f1(B, C, D) + E + W[t] + SHA_K1; - E = D; D = C; C = S30(B); B = A; A = TEMP; + E = D; + D = C; + C = S30(B); + B = A; + A = TEMP; } for (; t < 60; t++) { TEMP = S5(A) + f2(B, C, D) + E + W[t] + SHA_K2; - E = D; D = C; C = S30(B); B = A; A = TEMP; + E = D; + D = C; + C = S30(B); + B = A; + A = TEMP; } for (; t < 80; t++) { TEMP = S5(A) + f3(B, C, D) + E + W[t] + SHA_K3; - E = D; D = C; C = S30(B); B = A; A = TEMP; + E = D; + D = C; + C = S30(B); + B = A; + A = TEMP; } hash_value[0] = H0 + A; @@ -185,9 +220,8 @@ return; } -void srtp_sha1_init (srtp_sha1_ctx_t *ctx) +void srtp_sha1_init(srtp_sha1_ctx_t *ctx) { - /* initialize state vector */ ctx->H[0] = 0x67452301; ctx->H[1] = 0xefcdab89; @@ -200,22 +234,21 @@ /* reset message bit-count to zero */ ctx->num_bits_in_msg = 0; - } -void srtp_sha1_update (srtp_sha1_ctx_t *ctx, const uint8_t *msg, int octets_in_msg) +void srtp_sha1_update(srtp_sha1_ctx_t *ctx, + const uint8_t *msg, + int octets_in_msg) { int i; - uint8_t *buf = (uint8_t*)ctx->M; + uint8_t *buf = (uint8_t *)ctx->M; /* update message bit-count */ ctx->num_bits_in_msg += octets_in_msg * 8; /* loop over 16-word blocks of M */ while (octets_in_msg > 0) { - if (octets_in_msg + ctx->octets_in_buffer >= 64) { - /* * copy words of M into msg buffer until that buffer is full, * converting them into host byte order as needed @@ -228,13 +261,14 @@ /* process a whole block */ - debug_print(srtp_mod_sha1, "(update) running srtp_sha1_core()", NULL); + debug_print(srtp_mod_sha1, "(update) running srtp_sha1_core()", + NULL); srtp_sha1_core(ctx->M, ctx->H); } else { - - debug_print(srtp_mod_sha1, "(update) not running srtp_sha1_core()", NULL); + debug_print(srtp_mod_sha1, "(update) not running srtp_sha1_core()", + NULL); for (i = ctx->octets_in_buffer; i < (ctx->octets_in_buffer + octets_in_msg); i++) { @@ -243,9 +277,7 @@ ctx->octets_in_buffer += octets_in_msg; octets_in_msg = 0; } - } - } /* @@ -253,7 +285,7 @@ * into the twenty octets located at *output */ -void srtp_sha1_final (srtp_sha1_ctx_t *ctx, uint32_t *output) +void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t *output) { uint32_t A, B, C, D, E, TEMP; uint32_t W[80]; @@ -268,7 +300,7 @@ /* copy/xor message into array */ for (i = 0; i < (ctx->octets_in_buffer + 3) / 4; i++) { - W[i] = be32_to_cpu(ctx->M[i]); + W[i] = be32_to_cpu(ctx->M[i]); } /* set the high bit of the octet immediately following the message */ @@ -321,19 +353,35 @@ for (t = 0; t < 20; t++) { TEMP = S5(A) + f0(B, C, D) + E + W[t] + SHA_K0; - E = D; D = C; C = S30(B); B = A; A = TEMP; + E = D; + D = C; + C = S30(B); + B = A; + A = TEMP; } for (; t < 40; t++) { TEMP = S5(A) + f1(B, C, D) + E + W[t] + SHA_K1; - E = D; D = C; C = S30(B); B = A; A = TEMP; + E = D; + D = C; + C = S30(B); + B = A; + A = TEMP; } for (; t < 60; t++) { TEMP = S5(A) + f2(B, C, D) + E + W[t] + SHA_K2; - E = D; D = C; C = S30(B); B = A; A = TEMP; + E = D; + D = C; + C = S30(B); + B = A; + A = TEMP; } for (; t < 80; t++) { TEMP = S5(A) + f3(B, C, D) + E + W[t] + SHA_K3; - E = D; D = C; C = S30(B); B = A; A = TEMP; + E = D; + D = C; + C = S30(B); + B = A; + A = TEMP; } ctx->H[0] += A; @@ -341,14 +389,13 @@ ctx->H[2] += C; ctx->H[3] += D; ctx->H[4] += E; - } debug_print(srtp_mod_sha1, "(final) running srtp_sha1_core()", NULL); if (ctx->octets_in_buffer >= 56) { - - debug_print(srtp_mod_sha1, "(final) running srtp_sha1_core() again", NULL); + debug_print(srtp_mod_sha1, "(final) running srtp_sha1_core() again", + NULL); /* we need to do one final run of the compression algo */ @@ -375,19 +422,35 @@ for (t = 0; t < 20; t++) { TEMP = S5(A) + f0(B, C, D) + E + W[t] + SHA_K0; - E = D; D = C; C = S30(B); B = A; A = TEMP; + E = D; + D = C; + C = S30(B); + B = A; + A = TEMP; } for (; t < 40; t++) { TEMP = S5(A) + f1(B, C, D) + E + W[t] + SHA_K1; - E = D; D = C; C = S30(B); B = A; A = TEMP; + E = D; + D = C; + C = S30(B); + B = A; + A = TEMP; } for (; t < 60; t++) { TEMP = S5(A) + f2(B, C, D) + E + W[t] + SHA_K2; - E = D; D = C; C = S30(B); B = A; A = TEMP; + E = D; + D = C; + C = S30(B); + B = A; + A = TEMP; } for (; t < 80; t++) { TEMP = S5(A) + f3(B, C, D) + E + W[t] + SHA_K3; - E = D; D = C; C = S30(B); B = A; A = TEMP; + E = D; + D = C; + C = S30(B); + B = A; + A = TEMP; } ctx->H[0] += A; @@ -409,6 +472,3 @@ return; } - - - diff -Nru libsrtp2-2.1.0/crypto/include/aes_gcm_ossl.h libsrtp2-2.2.0/crypto/include/aes_gcm_ossl.h --- libsrtp2-2.1.0/crypto/include/aes_gcm_ossl.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/aes_gcm_ossl.h 2018-05-15 19:33:24.000000000 +0000 @@ -55,9 +55,8 @@ typedef struct { int key_size; int tag_len; - EVP_CIPHER_CTX* ctx; + EVP_CIPHER_CTX *ctx; srtp_cipher_direction_t dir; } srtp_aes_gcm_ctx_t; #endif /* AES_GCM_OSSL_H */ - diff -Nru libsrtp2-2.1.0/crypto/include/aes.h libsrtp2-2.2.0/crypto/include/aes.h --- libsrtp2-2.1.0/crypto/include/aes.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/aes.h 2018-05-15 19:33:24.000000000 +0000 @@ -70,9 +70,11 @@ int key_len, srtp_aes_expanded_key_t *expanded_key); -void srtp_aes_encrypt(v128_t *plaintext, const srtp_aes_expanded_key_t *exp_key); +void srtp_aes_encrypt(v128_t *plaintext, + const srtp_aes_expanded_key_t *exp_key); -void srtp_aes_decrypt(v128_t *plaintext, const srtp_aes_expanded_key_t *exp_key); +void srtp_aes_decrypt(v128_t *plaintext, + const srtp_aes_expanded_key_t *exp_key); #ifdef __cplusplus } diff -Nru libsrtp2-2.1.0/crypto/include/aes_icm.h libsrtp2-2.2.0/crypto/include/aes_icm.h --- libsrtp2-2.1.0/crypto/include/aes_icm.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/aes_icm.h 2018-05-15 19:33:24.000000000 +0000 @@ -9,26 +9,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -60,4 +60,3 @@ } srtp_aes_icm_ctx_t; #endif /* AES_ICM_H */ - diff -Nru libsrtp2-2.1.0/crypto/include/aes_icm_ossl.h libsrtp2-2.2.0/crypto/include/aes_icm_ossl.h --- libsrtp2-2.1.0/crypto/include/aes_icm_ossl.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/aes_icm_ossl.h 2018-05-15 19:33:24.000000000 +0000 @@ -52,11 +52,10 @@ #include typedef struct { - v128_t counter; /* holds the counter value */ - v128_t offset; /* initial offset value */ + v128_t counter; /* holds the counter value */ + v128_t offset; /* initial offset value */ int key_size; - EVP_CIPHER_CTX* ctx; + EVP_CIPHER_CTX *ctx; } srtp_aes_icm_ctx_t; #endif /* AES_ICM_H */ - diff -Nru libsrtp2-2.1.0/crypto/include/alloc.h libsrtp2-2.2.0/crypto/include/alloc.h --- libsrtp2-2.1.0/crypto/include/alloc.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/alloc.h 2018-05-15 19:33:24.000000000 +0000 @@ -1,32 +1,32 @@ /* * alloc.h * - * interface to memory allocation and deallocation, with optional debugging + * interface to memory allocation and deallocation, with optional debugging * * David A. McGrew * Cisco Systems, Inc. */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -42,7 +42,6 @@ * */ - #ifndef CRYPTO_ALLOC_H #define CRYPTO_ALLOC_H @@ -52,8 +51,22 @@ extern "C" { #endif -void * srtp_crypto_alloc(size_t size); +/* + * srtp_crypto_alloc + * + * Allocates a block of memory of given size. The memory will be + * initialized to zero's. Free the memory with a call to srtp_crypto_free. + * + * returns pointer to memory on success or else NULL + */ +void *srtp_crypto_alloc(size_t size); +/* + * srtp_crypto_free + * + * Frees the block of memory ptr previously allocated with + * srtp_crypto_alloc + */ void srtp_crypto_free(void *ptr); #ifdef __cplusplus diff -Nru libsrtp2-2.1.0/crypto/include/auth.h libsrtp2-2.2.0/crypto/include/auth.h --- libsrtp2-2.1.0/crypto/include/auth.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/auth.h 2018-05-15 19:33:24.000000000 +0000 @@ -47,46 +47,51 @@ #define SRTP_AUTH_H #include "srtp.h" -#include "crypto_types.h" /* for values of auth_type_id_t */ +#include "crypto_types.h" /* for values of auth_type_id_t */ #ifdef __cplusplus extern "C" { #endif typedef const struct srtp_auth_type_t *srtp_auth_type_pointer; -typedef struct srtp_auth_t *srtp_auth_pointer_t; +typedef struct srtp_auth_t *srtp_auth_pointer_t; -typedef srtp_err_status_t (*srtp_auth_alloc_func) - (srtp_auth_pointer_t *ap, int key_len, int out_len); - -typedef srtp_err_status_t (*srtp_auth_init_func) - (void *state, const uint8_t *key, int key_len); +typedef srtp_err_status_t (*srtp_auth_alloc_func)(srtp_auth_pointer_t *ap, + int key_len, + int out_len); + +typedef srtp_err_status_t (*srtp_auth_init_func)(void *state, + const uint8_t *key, + int key_len); typedef srtp_err_status_t (*srtp_auth_dealloc_func)(srtp_auth_pointer_t ap); -typedef srtp_err_status_t (*srtp_auth_compute_func) - (void *state, const uint8_t *buffer, int octets_to_auth, - int tag_len, uint8_t *tag); - -typedef srtp_err_status_t (*srtp_auth_update_func) - (void *state, const uint8_t *buffer, int octets_to_auth); +typedef srtp_err_status_t (*srtp_auth_compute_func)(void *state, + const uint8_t *buffer, + int octets_to_auth, + int tag_len, + uint8_t *tag); + +typedef srtp_err_status_t (*srtp_auth_update_func)(void *state, + const uint8_t *buffer, + int octets_to_auth); typedef srtp_err_status_t (*srtp_auth_start_func)(void *state); /* some syntactic sugar on these function types */ -#define srtp_auth_type_alloc(at, a, klen, outlen) \ +#define srtp_auth_type_alloc(at, a, klen, outlen) \ ((at)->alloc((a), (klen), (outlen))) -#define srtp_auth_init(a, key) \ +#define srtp_auth_init(a, key) \ (((a)->type)->init((a)->state, (key), ((a)->key_len))) -#define srtp_auth_compute(a, buf, len, res) \ +#define srtp_auth_compute(a, buf, len, res) \ (((a)->type)->compute((a)->state, (buf), (len), (a)->out_len, (res))) -#define srtp_auth_update(a, buf, len) \ +#define srtp_auth_update(a, buf, len) \ (((a)->type)->update((a)->state, (buf), (len))) -#define srtp_auth_start(a)(((a)->type)->start((a)->state)) +#define srtp_auth_start(a) (((a)->type)->start((a)->state)) #define srtp_auth_dealloc(c) (((c)->type)->dealloc(c)) @@ -105,13 +110,14 @@ * function below) */ typedef struct srtp_auth_test_case_t { - int key_length_octets; /* octets in key */ - const uint8_t *key; /* key */ - int data_length_octets; /* octets in data */ - const uint8_t *data; /* data */ - int tag_length_octets; /* octets in tag */ - const uint8_t *tag; /* tag */ - const struct srtp_auth_test_case_t *next_test_case; /* pointer to next testcase */ + int key_length_octets; /* octets in key */ + const uint8_t *key; /* key */ + int data_length_octets; /* octets in data */ + const uint8_t *data; /* data */ + int tag_length_octets; /* octets in tag */ + const uint8_t *tag; /* tag */ + const struct srtp_auth_test_case_t + *next_test_case; /* pointer to next testcase */ } srtp_auth_test_case_t; /* srtp_auth_type_t */ @@ -122,17 +128,17 @@ srtp_auth_compute_func compute; srtp_auth_update_func update; srtp_auth_start_func start; - const char *description; - const srtp_auth_test_case_t *test_data; + const char *description; + const srtp_auth_test_case_t *test_data; srtp_auth_type_id_t id; } srtp_auth_type_t; typedef struct srtp_auth_t { const srtp_auth_type_t *type; - void *state; - int out_len; /* length of output tag in octets */ - int key_len; /* length of key in octets */ - int prefix_len; /* length of keystream prefix */ + void *state; + int out_len; /* length of output tag in octets */ + int key_len; /* length of key in octets */ + int prefix_len; /* length of keystream prefix */ } srtp_auth_t; /* @@ -147,8 +153,8 @@ * provided in an array of values of key/message/tag that is known to * be good */ -srtp_err_status_t srtp_auth_type_test(const srtp_auth_type_t *at, - const srtp_auth_test_case_t *test_data); +srtp_err_status_t srtp_auth_type_test(const srtp_auth_type_t *at, + const srtp_auth_test_case_t *test_data); /* * srtp_replace_auth_type(ct, id) @@ -157,7 +163,8 @@ * with a new one passed in externally. The new auth type must pass all the * existing auth_type's self tests as well as its own. */ -srtp_err_status_t srtp_replace_auth_type(const srtp_auth_type_t *ct, srtp_auth_type_id_t id); +srtp_err_status_t srtp_replace_auth_type(const srtp_auth_type_t *ct, + srtp_auth_type_id_t id); #ifdef __cplusplus } diff -Nru libsrtp2-2.1.0/crypto/include/cipher.h libsrtp2-2.2.0/crypto/include/cipher.h --- libsrtp2-2.1.0/crypto/include/cipher.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/cipher.h 2018-05-15 19:33:24.000000000 +0000 @@ -42,13 +42,11 @@ * */ - #ifndef SRTP_CIPHER_H #define SRTP_CIPHER_H #include "srtp.h" -#include "crypto_types.h" /* for values of cipher_type_id_t */ - +#include "crypto_types.h" /* for values of cipher_type_id_t */ #ifdef __cplusplus extern "C" { @@ -71,51 +69,60 @@ * the srtp_cipher_pointer_t definition is needed * as srtp_cipher_t is not yet defined */ -typedef struct srtp_cipher_t *srtp_cipher_pointer_t; +typedef struct srtp_cipher_t *srtp_cipher_pointer_t; /* - * a srtp_cipher_alloc_func_t allocates (but does not initialize) a srtp_cipher_t + * a srtp_cipher_alloc_func_t allocates (but does not initialize) a + * srtp_cipher_t */ -typedef srtp_err_status_t (*srtp_cipher_alloc_func_t) - (srtp_cipher_pointer_t *cp, int key_len, int tag_len); +typedef srtp_err_status_t (*srtp_cipher_alloc_func_t)(srtp_cipher_pointer_t *cp, + int key_len, + int tag_len); /* * a srtp_cipher_init_func_t [re-]initializes a cipher_t with a given key */ -typedef srtp_err_status_t (*srtp_cipher_init_func_t) - (void *state, const uint8_t *key); +typedef srtp_err_status_t (*srtp_cipher_init_func_t)(void *state, + const uint8_t *key); /* a srtp_cipher_dealloc_func_t de-allocates a cipher_t */ -typedef srtp_err_status_t (*srtp_cipher_dealloc_func_t)(srtp_cipher_pointer_t cp); +typedef srtp_err_status_t (*srtp_cipher_dealloc_func_t)( + srtp_cipher_pointer_t cp); /* * a srtp_cipher_set_aad_func_t processes the AAD data for AEAD ciphers */ -typedef srtp_err_status_t (*srtp_cipher_set_aad_func_t) - (void *state, const uint8_t *aad, uint32_t aad_len); - +typedef srtp_err_status_t (*srtp_cipher_set_aad_func_t)(void *state, + const uint8_t *aad, + uint32_t aad_len); /* a srtp_cipher_encrypt_func_t encrypts data in-place */ -typedef srtp_err_status_t (*srtp_cipher_encrypt_func_t) - (void *state, uint8_t *buffer, unsigned int *octets_to_encrypt); +typedef srtp_err_status_t (*srtp_cipher_encrypt_func_t)( + void *state, + uint8_t *buffer, + unsigned int *octets_to_encrypt); /* a srtp_cipher_decrypt_func_t decrypts data in-place */ -typedef srtp_err_status_t (*srtp_cipher_decrypt_func_t) - (void *state, uint8_t *buffer, unsigned int *octets_to_decrypt); +typedef srtp_err_status_t (*srtp_cipher_decrypt_func_t)( + void *state, + uint8_t *buffer, + unsigned int *octets_to_decrypt); /* * a srtp_cipher_set_iv_func_t function sets the current initialization vector */ -typedef srtp_err_status_t (*srtp_cipher_set_iv_func_t) - (void *state, uint8_t *iv, srtp_cipher_direction_t direction); +typedef srtp_err_status_t (*srtp_cipher_set_iv_func_t)( + void *state, + uint8_t *iv, + srtp_cipher_direction_t direction); /* * a cipher_get_tag_func_t function is used to get the authentication * tag that was calculated by an AEAD cipher. */ -typedef srtp_err_status_t (*srtp_cipher_get_tag_func_t) - (void *state, uint8_t *tag, uint32_t *len); - +typedef srtp_err_status_t (*srtp_cipher_get_tag_func_t)(void *state, + uint8_t *tag, + uint32_t *len); /* * srtp_cipher_test_case_t is a (list of) key, salt, plaintext, ciphertext, @@ -125,17 +132,18 @@ * (see the srtp_cipher_type_self_test() function below) */ typedef struct srtp_cipher_test_case_t { - int key_length_octets; /* octets in key */ - const uint8_t *key; /* key */ - uint8_t *idx; /* packet index */ - int plaintext_length_octets; /* octets in plaintext */ - const uint8_t *plaintext; /* plaintext */ - int ciphertext_length_octets; /* octets in plaintext */ - const uint8_t *ciphertext; /* ciphertext */ - int aad_length_octets; /* octets in AAD */ - const uint8_t *aad; /* AAD */ - int tag_length_octets; /* Length of AEAD tag */ - const struct srtp_cipher_test_case_t *next_test_case; /* pointer to next testcase */ + int key_length_octets; /* octets in key */ + const uint8_t *key; /* key */ + uint8_t *idx; /* packet index */ + unsigned int plaintext_length_octets; /* octets in plaintext */ + const uint8_t *plaintext; /* plaintext */ + unsigned int ciphertext_length_octets; /* octets in plaintext */ + const uint8_t *ciphertext; /* ciphertext */ + int aad_length_octets; /* octets in AAD */ + const uint8_t *aad; /* AAD */ + int tag_length_octets; /* Length of AEAD tag */ + const struct srtp_cipher_test_case_t + *next_test_case; /* pointer to next testcase */ } srtp_cipher_test_case_t; /* srtp_cipher_type_t defines the 'metadata' for a particular cipher type */ @@ -148,8 +156,8 @@ srtp_cipher_encrypt_func_t decrypt; srtp_cipher_set_iv_func_t set_iv; srtp_cipher_get_tag_func_t get_tag; - const char *description; - const srtp_cipher_test_case_t *test_data; + const char *description; + const srtp_cipher_test_case_t *test_data; srtp_cipher_type_id_t id; } srtp_cipher_type_t; @@ -159,7 +167,7 @@ */ typedef struct srtp_cipher_t { const srtp_cipher_type_t *type; - void *state; + void *state; int key_len; int algorithm; } srtp_cipher_t; @@ -167,7 +175,6 @@ /* some bookkeeping functions */ int srtp_cipher_get_key_length(const srtp_cipher_t *c); - /* * srtp_cipher_type_self_test() tests a cipher against test cases provided in * an array of values of key/srtp_xtd_seq_num_t/plaintext/ciphertext @@ -175,14 +182,15 @@ */ srtp_err_status_t srtp_cipher_type_self_test(const srtp_cipher_type_t *ct); - /* - * srtp_cipher_type_test() tests a cipher against external test cases provided in + * srtp_cipher_type_test() tests a cipher against external test cases provided + * in * an array of values of key/srtp_xtd_seq_num_t/plaintext/ciphertext * that is known to be good */ -srtp_err_status_t srtp_cipher_type_test(const srtp_cipher_type_t *ct, const srtp_cipher_test_case_t *test_data); - +srtp_err_status_t srtp_cipher_type_test( + const srtp_cipher_type_t *ct, + const srtp_cipher_test_case_t *test_data); /* * srtp_cipher_bits_per_second(c, l, t) computes (an estimate of) the @@ -194,17 +202,34 @@ * * if an error is encountered, then the value 0 is returned */ -uint64_t srtp_cipher_bits_per_second(srtp_cipher_t *c, int octets_in_buffer, int num_trials); - -srtp_err_status_t srtp_cipher_type_alloc(const srtp_cipher_type_t *ct, srtp_cipher_t **c, int key_len, int tlen); +uint64_t srtp_cipher_bits_per_second(srtp_cipher_t *c, + int octets_in_buffer, + int num_trials); + +srtp_err_status_t srtp_cipher_type_alloc(const srtp_cipher_type_t *ct, + srtp_cipher_t **c, + int key_len, + int tlen); srtp_err_status_t srtp_cipher_dealloc(srtp_cipher_t *c); srtp_err_status_t srtp_cipher_init(srtp_cipher_t *c, const uint8_t *key); -srtp_err_status_t srtp_cipher_set_iv(srtp_cipher_t *c, uint8_t *iv, int direction); -srtp_err_status_t srtp_cipher_output(srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output); -srtp_err_status_t srtp_cipher_encrypt(srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output); -srtp_err_status_t srtp_cipher_decrypt(srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output); -srtp_err_status_t srtp_cipher_get_tag(srtp_cipher_t *c, uint8_t *buffer, uint32_t *tag_len); -srtp_err_status_t srtp_cipher_set_aad(srtp_cipher_t *c, const uint8_t *aad, uint32_t aad_len); +srtp_err_status_t srtp_cipher_set_iv(srtp_cipher_t *c, + uint8_t *iv, + int direction); +srtp_err_status_t srtp_cipher_output(srtp_cipher_t *c, + uint8_t *buffer, + uint32_t *num_octets_to_output); +srtp_err_status_t srtp_cipher_encrypt(srtp_cipher_t *c, + uint8_t *buffer, + uint32_t *num_octets_to_output); +srtp_err_status_t srtp_cipher_decrypt(srtp_cipher_t *c, + uint8_t *buffer, + uint32_t *num_octets_to_output); +srtp_err_status_t srtp_cipher_get_tag(srtp_cipher_t *c, + uint8_t *buffer, + uint32_t *tag_len); +srtp_err_status_t srtp_cipher_set_aad(srtp_cipher_t *c, + const uint8_t *aad, + uint32_t aad_len); /* * srtp_replace_cipher_type(ct, id) @@ -213,7 +238,8 @@ * with a new one passed in externally. The new cipher must pass all the * existing cipher_type's self tests as well as its own. */ -srtp_err_status_t srtp_replace_cipher_type(const srtp_cipher_type_t *ct, srtp_cipher_type_id_t id); +srtp_err_status_t srtp_replace_cipher_type(const srtp_cipher_type_t *ct, + srtp_cipher_type_id_t id); #ifdef __cplusplus } diff -Nru libsrtp2-2.1.0/crypto/include/cipher_types.h libsrtp2-2.2.0/crypto/include/cipher_types.h --- libsrtp2-2.1.0/crypto/include/cipher_types.h 1970-01-01 00:00:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/cipher_types.h 2018-05-15 19:33:24.000000000 +0000 @@ -0,0 +1,81 @@ +/* + * + * Copyright(c) 2001-2017 Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef CIHPER_TYPES_H +#define CIHPER_TYPES_H + +#include "cipher.h" +#include "auth.h" + +/* + * cipher types that can be included in the kernel + */ + +extern const srtp_cipher_type_t srtp_null_cipher; +extern const srtp_cipher_type_t srtp_aes_icm_128; +extern const srtp_cipher_type_t srtp_aes_icm_256; +#ifdef OPENSSL +extern const srtp_cipher_type_t srtp_aes_icm_192; +extern const srtp_cipher_type_t srtp_aes_gcm_128_openssl; +extern const srtp_cipher_type_t srtp_aes_gcm_256_openssl; +#endif + +/* + * auth func types that can be included in the kernel + */ + +extern const srtp_auth_type_t srtp_null_auth; +extern const srtp_auth_type_t srtp_hmac; + +/* + * other generic debug modules that can be included in the kernel + */ + +extern srtp_debug_module_t srtp_mod_auth; +extern srtp_debug_module_t srtp_mod_cipher; +extern srtp_debug_module_t srtp_mod_stat; +extern srtp_debug_module_t srtp_mod_alloc; + +/* debug modules for cipher types */ +extern srtp_debug_module_t srtp_mod_aes_icm; +#ifdef OPENSSL +extern srtp_debug_module_t srtp_mod_aes_gcm; +#endif + +/* debug modules for auth types */ +extern srtp_debug_module_t srtp_mod_hmac; + +#endif diff -Nru libsrtp2-2.1.0/crypto/include/crypto_kernel.h libsrtp2-2.2.0/crypto/include/crypto_kernel.h --- libsrtp2-2.1.0/crypto/include/crypto_kernel.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/crypto_kernel.h 2018-05-15 19:33:24.000000000 +0000 @@ -42,7 +42,6 @@ * */ - #ifndef CRYPTO_KERNEL #define CRYPTO_KERNEL @@ -72,7 +71,7 @@ */ typedef struct srtp_kernel_cipher_type { srtp_cipher_type_id_t id; - const srtp_cipher_type_t *cipher_type; + const srtp_cipher_type_t *cipher_type; struct srtp_kernel_cipher_type *next; } srtp_kernel_cipher_type_t; @@ -81,7 +80,7 @@ */ typedef struct srtp_kernel_auth_type { srtp_auth_type_id_t id; - const srtp_auth_type_t *auth_type; + const srtp_auth_type_t *auth_type; struct srtp_kernel_auth_type *next; } srtp_kernel_auth_type_t; @@ -93,7 +92,6 @@ struct srtp_kernel_debug_module *next; } srtp_kernel_debug_module_t; - /* * crypto_kernel_t is the data structure for the crypto kernel * @@ -101,18 +99,17 @@ * a global variable defined in crypto_kernel.c */ typedef struct { - srtp_crypto_kernel_state_t state; /* current state of kernel */ - srtp_kernel_cipher_type_t *cipher_type_list; /* list of all cipher types */ - srtp_kernel_auth_type_t *auth_type_list; /* list of all auth func types */ - srtp_kernel_debug_module_t *debug_module_list; /* list of all debug modules */ + srtp_crypto_kernel_state_t state; /* current state of kernel */ + srtp_kernel_cipher_type_t *cipher_type_list; /* list of all cipher types */ + srtp_kernel_auth_type_t *auth_type_list; /* list of all auth func types */ + srtp_kernel_debug_module_t + *debug_module_list; /* list of all debug modules */ } srtp_crypto_kernel_t; - /* * srtp_crypto_kernel_t external api */ - /* * The function srtp_crypto_kernel_init() initialized the crypto kernel and * runs the self-test operations on the random number generators and @@ -126,7 +123,6 @@ */ srtp_err_status_t srtp_crypto_kernel_init(void); - /* * The function srtp_crypto_kernel_shutdown() de-initializes the * crypto_kernel, zeroizes keys and other cryptographic material, and @@ -150,7 +146,6 @@ */ srtp_err_status_t srtp_crypto_kernel_status(void); - /* * srtp_crypto_kernel_list_debug_modules() outputs a list of debugging modules * @@ -161,11 +156,15 @@ * srtp_crypto_kernel_load_cipher_type() * */ -srtp_err_status_t srtp_crypto_kernel_load_cipher_type(const srtp_cipher_type_t *ct, srtp_cipher_type_id_t id); +srtp_err_status_t srtp_crypto_kernel_load_cipher_type( + const srtp_cipher_type_t *ct, + srtp_cipher_type_id_t id); -srtp_err_status_t srtp_crypto_kernel_load_auth_type(const srtp_auth_type_t *ct, srtp_auth_type_id_t id); +srtp_err_status_t srtp_crypto_kernel_load_auth_type(const srtp_auth_type_t *ct, + srtp_auth_type_id_t id); -srtp_err_status_t srtp_crypto_kernel_load_debug_module(srtp_debug_module_t *new_dm); +srtp_err_status_t srtp_crypto_kernel_load_debug_module( + srtp_debug_module_t *new_dm); /* * srtp_crypto_kernel_alloc_cipher(id, cp, key_len); @@ -177,7 +176,10 @@ * srtp_err_status_alloc_fail an allocation failure occured * srtp_err_status_fail couldn't find cipher with identifier 'id' */ -srtp_err_status_t srtp_crypto_kernel_alloc_cipher(srtp_cipher_type_id_t id, srtp_cipher_pointer_t *cp, int key_len, int tag_len); +srtp_err_status_t srtp_crypto_kernel_alloc_cipher(srtp_cipher_type_id_t id, + srtp_cipher_pointer_t *cp, + int key_len, + int tag_len); /* * srtp_crypto_kernel_alloc_auth(id, ap, key_len, tag_len); @@ -190,8 +192,10 @@ * srtp_err_status_alloc_fail an allocation failure occured * srtp_err_status_fail couldn't find auth with identifier 'id' */ -srtp_err_status_t srtp_crypto_kernel_alloc_auth(srtp_auth_type_id_t id, srtp_auth_pointer_t *ap, int key_len, int tag_len); - +srtp_err_status_t srtp_crypto_kernel_alloc_auth(srtp_auth_type_id_t id, + srtp_auth_pointer_t *ap, + int key_len, + int tag_len); /* * srtp_crypto_kernel_set_debug_module(mod_name, v) @@ -201,7 +205,8 @@ * * returns srtp_err_status_ok on success, srtp_err_status_fail otherwise */ -srtp_err_status_t srtp_crypto_kernel_set_debug_module(const char *mod_name, int v); +srtp_err_status_t srtp_crypto_kernel_set_debug_module(const char *mod_name, + int v); #ifdef __cplusplus } diff -Nru libsrtp2-2.1.0/crypto/include/crypto_types.h libsrtp2-2.2.0/crypto/include/crypto_types.h --- libsrtp2-2.1.0/crypto/include/crypto_types.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/crypto_types.h 2018-05-15 19:33:24.000000000 +0000 @@ -7,26 +7,26 @@ * Cisco Systems, Inc. */ /* - * + * * Copyright(c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -48,62 +48,62 @@ /* * The null cipher performs no encryption. * - * The SRTP_NULL_CIPHER leaves its inputs unaltered, during both the + * The SRTP_NULL_CIPHER leaves its inputs unaltered, during both the * encryption and decryption operations. This cipher can be chosen * to indicate that no encryption is to be performed. */ -#define SRTP_NULL_CIPHER 0 +#define SRTP_NULL_CIPHER 0 -/* +/* * AES-128 Integer Counter Mode (AES ICM) * * AES-128 ICM is the variant of counter mode that is used by * Secure RTP. This cipher uses a 16-octet key concatenated with a * 14-octet offset (or salt) value. */ -#define SRTP_AES_ICM_128 1 +#define SRTP_AES_ICM_128 1 -/* +/* * AES-192 Integer Counter Mode (AES ICM) * * AES-128 ICM is the variant of counter mode that is used by * Secure RTP. This cipher uses a 24-octet key concatenated with a * 14-octet offset (or salt) value. */ -#define SRTP_AES_ICM_192 4 +#define SRTP_AES_ICM_192 4 -/* +/* * AES-256 Integer Counter Mode (AES ICM) * * AES-128 ICM is the variant of counter mode that is used by * Secure RTP. This cipher uses a 32-octet key concatenated with a * 14-octet offset (or salt) value. */ -#define SRTP_AES_ICM_256 5 +#define SRTP_AES_ICM_256 5 -/* - * AES-128_GCM Galois Counter Mode (AES GCM) +/* + * AES-128_GCM Galois Counter Mode (AES GCM) * - * AES-128 GCM is the variant of galois counter mode that is used by + * AES-128 GCM is the variant of galois counter mode that is used by * Secure RTP. This cipher uses a 16-octet key. */ -#define SRTP_AES_GCM_128 6 +#define SRTP_AES_GCM_128 6 -/* - * AES-256_GCM Galois Counter Mode (AES GCM) +/* + * AES-256_GCM Galois Counter Mode (AES GCM) * - * AES-256 GCM is the variant of galois counter mode that is used by + * AES-256 GCM is the variant of galois counter mode that is used by * Secure RTP. This cipher uses a 32-octet key. */ -#define SRTP_AES_GCM_256 7 +#define SRTP_AES_GCM_256 7 /* * The null authentication function performs no authentication. * * The NULL_AUTH function does nothing, and can be selected to indicate * that authentication should not be performed. - */ -#define SRTP_NULL_AUTH 0 + */ +#define SRTP_NULL_AUTH 0 /* * HMAC-SHA1 @@ -111,6 +111,6 @@ * SRTP_HMAC_SHA1 implements the Hash-based MAC using the NIST Secure * Hash Algorithm version 1 (SHA1). */ -#define SRTP_HMAC_SHA1 3 +#define SRTP_HMAC_SHA1 3 -#endif /* SRTP_CRYPTO_TYPES_H */ +#endif /* SRTP_CRYPTO_TYPES_H */ diff -Nru libsrtp2-2.1.0/crypto/include/datatypes.h libsrtp2-2.2.0/crypto/include/datatypes.h --- libsrtp2-2.1.0/crypto/include/datatypes.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/datatypes.h 2018-05-15 19:33:24.000000000 +0000 @@ -1,6 +1,6 @@ /* * datatypes.h - * + * * data types for bit vectors and finite fields * * David A. McGrew @@ -8,26 +8,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -43,11 +43,10 @@ * */ - #ifndef DATATYPES_H #define DATATYPES_H -#include "integers.h" /* definitions of uint32_t, et cetera */ +#include "integers.h" /* definitions of uint32_t, et cetera */ #include "alloc.h" #include @@ -56,42 +55,43 @@ #include #include #ifdef HAVE_NETINET_IN_H -# include +#include #elif defined HAVE_WINSOCK2_H -# include +#include +#else +#error "Platform not recognized" #endif #ifdef __cplusplus extern "C" { #endif - /* if DATATYPES_USE_MACROS is defined, then little functions are macros */ -#define DATATYPES_USE_MACROS +#define DATATYPES_USE_MACROS typedef union { - uint8_t v8[2]; - uint16_t value; + uint8_t v8[2]; + uint16_t value; } v16_t; typedef union { - uint8_t v8[4]; - uint16_t v16[2]; - uint32_t value; + uint8_t v8[4]; + uint16_t v16[2]; + uint32_t value; } v32_t; typedef union { - uint8_t v8[8]; - uint16_t v16[4]; - uint32_t v32[2]; - uint64_t value; + uint8_t v8[8]; + uint16_t v16[4]; + uint32_t v32[2]; + uint64_t value; } v64_t; typedef union { - uint8_t v8[16]; - uint16_t v16[8]; - uint32_t v32[4]; - uint64_t v64[2]; + uint8_t v8[16]; + uint16_t v16[8]; + uint32_t v32[4]; + uint64_t v64[2]; } v128_t; typedef union { @@ -101,118 +101,82 @@ uint64_t v64[4]; } v256_t; - /* some useful and simple math functions */ -#define pow_2(X) ( (unsigned int)1 << (X) ) /* 2^X */ - -#define pow_minus_one(X) ( (X) ? -1 : 1 ) /* (-1)^X */ +#define pow_2(X) ((unsigned int)1 << (X)) /* 2^X */ +#define pow_minus_one(X) ((X) ? -1 : 1) /* (-1)^X */ /* * octet_get_weight(x) returns the hamming weight (number of bits equal to * one) in the octet x */ -int -octet_get_weight(uint8_t octet); +int octet_get_weight(uint8_t octet); #define MAX_PRINT_STRING_LEN 1024 -char * -srtp_octet_string_hex_string(const void *str, int length); +char *srtp_octet_string_hex_string(const void *str, int length); -char * -v128_bit_string(v128_t *x); +char *v128_bit_string(v128_t *x); -char * -v128_hex_string(v128_t *x); +char *v128_hex_string(v128_t *x); -void -v128_copy_octet_string(v128_t *x, const uint8_t s[16]); +void v128_copy_octet_string(v128_t *x, const uint8_t s[16]); -void -v128_left_shift(v128_t *x, int shift_index); +void v128_left_shift(v128_t *x, int shift_index); -void -v128_right_shift(v128_t *x, int shift_index); +void v128_right_shift(v128_t *x, int shift_index); /* * the following macros define the data manipulation functions - * + * * If DATATYPES_USE_MACROS is defined, then these macros are used * directly (and function call overhead is avoided). Otherwise, * the macros are used through the functions defined in datatypes.c * (and the compiler provides better warnings). */ -#define _v128_set_to_zero(x) \ -( \ - (x)->v32[0] = 0, \ - (x)->v32[1] = 0, \ - (x)->v32[2] = 0, \ - (x)->v32[3] = 0 \ -) - -#define _v128_copy(x, y) \ -( \ - (x)->v32[0] = (y)->v32[0], \ - (x)->v32[1] = (y)->v32[1], \ - (x)->v32[2] = (y)->v32[2], \ - (x)->v32[3] = (y)->v32[3] \ -) - -#define _v128_xor(z, x, y) \ -( \ - (z)->v32[0] = (x)->v32[0] ^ (y)->v32[0], \ - (z)->v32[1] = (x)->v32[1] ^ (y)->v32[1], \ - (z)->v32[2] = (x)->v32[2] ^ (y)->v32[2], \ - (z)->v32[3] = (x)->v32[3] ^ (y)->v32[3] \ -) - -#define _v128_and(z, x, y) \ -( \ - (z)->v32[0] = (x)->v32[0] & (y)->v32[0], \ - (z)->v32[1] = (x)->v32[1] & (y)->v32[1], \ - (z)->v32[2] = (x)->v32[2] & (y)->v32[2], \ - (z)->v32[3] = (x)->v32[3] & (y)->v32[3] \ -) - -#define _v128_or(z, x, y) \ -( \ - (z)->v32[0] = (x)->v32[0] | (y)->v32[0], \ - (z)->v32[1] = (x)->v32[1] | (y)->v32[1], \ - (z)->v32[2] = (x)->v32[2] | (y)->v32[2], \ - (z)->v32[3] = (x)->v32[3] | (y)->v32[3] \ -) - -#define _v128_complement(x) \ -( \ - (x)->v32[0] = ~(x)->v32[0], \ - (x)->v32[1] = ~(x)->v32[1], \ - (x)->v32[2] = ~(x)->v32[2], \ - (x)->v32[3] = ~(x)->v32[3] \ -) +#define _v128_set_to_zero(x) \ + ((x)->v32[0] = 0, (x)->v32[1] = 0, (x)->v32[2] = 0, (x)->v32[3] = 0) -/* ok for NO_64BIT_MATH if it can compare uint64_t's (even as structures) */ -#define _v128_is_eq(x, y) \ - (((x)->v64[0] == (y)->v64[0]) && ((x)->v64[1] == (y)->v64[1])) +#define _v128_copy(x, y) \ + ((x)->v32[0] = (y)->v32[0], (x)->v32[1] = (y)->v32[1], \ + (x)->v32[2] = (y)->v32[2], (x)->v32[3] = (y)->v32[3]) + +#define _v128_xor(z, x, y) \ + ((z)->v32[0] = (x)->v32[0] ^ (y)->v32[0], \ + (z)->v32[1] = (x)->v32[1] ^ (y)->v32[1], \ + (z)->v32[2] = (x)->v32[2] ^ (y)->v32[2], \ + (z)->v32[3] = (x)->v32[3] ^ (y)->v32[3]) + +#define _v128_and(z, x, y) \ + ((z)->v32[0] = (x)->v32[0] & (y)->v32[0], \ + (z)->v32[1] = (x)->v32[1] & (y)->v32[1], \ + (z)->v32[2] = (x)->v32[2] & (y)->v32[2], \ + (z)->v32[3] = (x)->v32[3] & (y)->v32[3]) + +#define _v128_or(z, x, y) \ + ((z)->v32[0] = (x)->v32[0] | (y)->v32[0], \ + (z)->v32[1] = (x)->v32[1] | (y)->v32[1], \ + (z)->v32[2] = (x)->v32[2] | (y)->v32[2], \ + (z)->v32[3] = (x)->v32[3] | (y)->v32[3]) + +#define _v128_complement(x) \ + ((x)->v32[0] = ~(x)->v32[0], (x)->v32[1] = ~(x)->v32[1], \ + (x)->v32[2] = ~(x)->v32[2], (x)->v32[3] = ~(x)->v32[3]) +/* ok for NO_64BIT_MATH if it can compare uint64_t's (even as structures) */ +#define _v128_is_eq(x, y) \ + (((x)->v64[0] == (y)->v64[0]) && ((x)->v64[1] == (y)->v64[1])) #ifdef NO_64BIT_MATH -#define _v128_xor_eq(z, x) \ -( \ - (z)->v32[0] ^= (x)->v32[0], \ - (z)->v32[1] ^= (x)->v32[1], \ - (z)->v32[2] ^= (x)->v32[2], \ - (z)->v32[3] ^= (x)->v32[3] \ -) +#define _v128_xor_eq(z, x) \ + ((z)->v32[0] ^= (x)->v32[0], (z)->v32[1] ^= (x)->v32[1], \ + (z)->v32[2] ^= (x)->v32[2], (z)->v32[3] ^= (x)->v32[3]) #else -#define _v128_xor_eq(z, x) \ -( \ - (z)->v64[0] ^= (x)->v64[0], \ - (z)->v64[1] ^= (x)->v64[1] \ -) +#define _v128_xor_eq(z, x) \ + ((z)->v64[0] ^= (x)->v64[0], (z)->v64[1] ^= (x)->v64[1]) #endif /* NOTE! This assumes an odd ordering! */ @@ -224,76 +188,55 @@ really care which bit is which. AES does care which bit is which, but doesn't use the 128-bit get/set or 128-bit shifts */ -#define _v128_get_bit(x, bit) \ -( \ - ((((x)->v32[(bit) >> 5]) >> ((bit) & 31)) & 1) \ -) - -#define _v128_set_bit(x, bit) \ -( \ - (((x)->v32[(bit) >> 5]) |= ((uint32_t)1 << ((bit) & 31))) \ -) - -#define _v128_clear_bit(x, bit) \ -( \ - (((x)->v32[(bit) >> 5]) &= ~((uint32_t)1 << ((bit) & 31))) \ -) - -#define _v128_set_bit_to(x, bit, value) \ -( \ - (value) ? _v128_set_bit(x, bit) : \ - _v128_clear_bit(x, bit) \ -) - -#ifdef DATATYPES_USE_MACROS /* little functions are really macros */ - -#define v128_set_to_zero(z) _v128_set_to_zero(z) -#define v128_copy(z, x) _v128_copy(z, x) -#define v128_xor(z, x, y) _v128_xor(z, x, y) -#define v128_and(z, x, y) _v128_and(z, x, y) -#define v128_or(z, x, y) _v128_or(z, x, y) -#define v128_complement(x) _v128_complement(x) -#define v128_is_eq(x, y) _v128_is_eq(x, y) -#define v128_xor_eq(x, y) _v128_xor_eq(x, y) -#define v128_get_bit(x, i) _v128_get_bit(x, i) -#define v128_set_bit(x, i) _v128_set_bit(x, i) -#define v128_clear_bit(x, i) _v128_clear_bit(x, i) -#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y) +#define _v128_get_bit(x, bit) (((((x)->v32[(bit) >> 5]) >> ((bit)&31)) & 1)) + +#define _v128_set_bit(x, bit) \ + ((((x)->v32[(bit) >> 5]) |= ((uint32_t)1 << ((bit)&31)))) + +#define _v128_clear_bit(x, bit) \ + ((((x)->v32[(bit) >> 5]) &= ~((uint32_t)1 << ((bit)&31)))) + +#define _v128_set_bit_to(x, bit, value) \ + ((value) ? _v128_set_bit(x, bit) : _v128_clear_bit(x, bit)) + +#ifdef DATATYPES_USE_MACROS /* little functions are really macros */ + +#define v128_set_to_zero(z) _v128_set_to_zero(z) +#define v128_copy(z, x) _v128_copy(z, x) +#define v128_xor(z, x, y) _v128_xor(z, x, y) +#define v128_and(z, x, y) _v128_and(z, x, y) +#define v128_or(z, x, y) _v128_or(z, x, y) +#define v128_complement(x) _v128_complement(x) +#define v128_is_eq(x, y) _v128_is_eq(x, y) +#define v128_xor_eq(x, y) _v128_xor_eq(x, y) +#define v128_get_bit(x, i) _v128_get_bit(x, i) +#define v128_set_bit(x, i) _v128_set_bit(x, i) +#define v128_clear_bit(x, i) _v128_clear_bit(x, i) +#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y) #else -void -v128_set_to_zero(v128_t *x); +void v128_set_to_zero(v128_t *x); -int -v128_is_eq(const v128_t *x, const v128_t *y); +int v128_is_eq(const v128_t *x, const v128_t *y); -void -v128_copy(v128_t *x, const v128_t *y); +void v128_copy(v128_t *x, const v128_t *y); -void -v128_xor(v128_t *z, v128_t *x, v128_t *y); +void v128_xor(v128_t *z, v128_t *x, v128_t *y); -void -v128_and(v128_t *z, v128_t *x, v128_t *y); +void v128_and(v128_t *z, v128_t *x, v128_t *y); -void -v128_or(v128_t *z, v128_t *x, v128_t *y); +void v128_or(v128_t *z, v128_t *x, v128_t *y); -void -v128_complement(v128_t *x); +void v128_complement(v128_t *x); -int -v128_get_bit(const v128_t *x, int i); +int v128_get_bit(const v128_t *x, int i); -void -v128_set_bit(v128_t *x, int i) ; +void v128_set_bit(v128_t *x, int i); -void -v128_clear_bit(v128_t *x, int i); +void v128_clear_bit(v128_t *x, int i); -void -v128_set_bit_to(v128_t *x, int i, int y); +void v128_set_bit_to(v128_t *x, int i, int y); #endif /* DATATYPES_USE_MACROS */ @@ -304,113 +247,102 @@ * verifying authentication tags. */ -int -octet_string_is_eq(uint8_t *a, uint8_t *b, int len); +int octet_string_is_eq(uint8_t *a, uint8_t *b, int len); /* * A portable way to zero out memory as recommended by * https://cryptocoding.net/index.php/Coding_rules#Clean_memory_of_secret_data * This is used to zero memory when OPENSSL_cleanse() is not available. */ -void -srtp_cleanse(void *s, size_t len); +void srtp_cleanse(void *s, size_t len); /* * Functions as a wrapper that delegates to either srtp_cleanse() or * OPENSSL_cleanse() if available to zero memory. */ -void -octet_string_set_to_zero(void *s, size_t len); +void octet_string_set_to_zero(void *s, size_t len); -#if defined(HAVE_CONFIG_H) +#if defined(HAVE_CONFIG_H) -/* +/* * Convert big endian integers to CPU byte order. */ #ifdef WORDS_BIGENDIAN /* Nothing to do. */ -# define be32_to_cpu(x) (x) -# define be64_to_cpu(x) (x) +#define be32_to_cpu(x) (x) +#define be64_to_cpu(x) (x) #elif defined(HAVE_BYTESWAP_H) /* We have (hopefully) optimized versions in byteswap.h */ -# include -# define be32_to_cpu(x) bswap_32((x)) -# define be64_to_cpu(x) bswap_64((x)) -#else +#include +#define be32_to_cpu(x) bswap_32((x)) +#define be64_to_cpu(x) bswap_64((x)) +#else /* WORDS_BIGENDIAN */ #if defined(__GNUC__) && defined(HAVE_X86) /* Fall back. */ -static inline uint32_t be32_to_cpu(uint32_t v) { - /* optimized for x86. */ - asm("bswap %0" : "=r" (v) : "0" (v)); - return v; -} -# else /* HAVE_X86 */ -# ifdef HAVE_NETINET_IN_H -# include -# elif defined HAVE_WINSOCK2_H -# include -# endif -# define be32_to_cpu(x) ntohl((x)) -# endif /* HAVE_X86 */ - -static inline uint64_t be64_to_cpu(uint64_t v) { -# ifdef NO_64BIT_MATH - /* use the make64 functions to do 64-bit math */ - v = make64(htonl(low32(v)),htonl(high32(v))); -# else - /* use the native 64-bit math */ - v= (uint64_t)((be32_to_cpu((uint32_t)(v >> 32))) | (((uint64_t)be32_to_cpu((uint32_t)v)) << 32)); -# endif - return v; +static inline uint32_t be32_to_cpu(uint32_t v) +{ + /* optimized for x86. */ + asm("bswap %0" : "=r"(v) : "0"(v)); + return v; } +#else /* HAVE_X86 */ +#ifdef HAVE_NETINET_IN_H +#include +#elif defined HAVE_WINSOCK2_H +#include +#endif /* HAVE_NETINET_IN_H */ +#define be32_to_cpu(x) ntohl((x)) +#endif /* HAVE_X86 */ -#endif +static inline uint64_t be64_to_cpu(uint64_t v) +{ +#ifdef NO_64BIT_MATH + /* use the make64 functions to do 64-bit math */ + v = make64(htonl(low32(v)), htonl(high32(v))); +#else /* NO_64BIT_MATH */ + /* use the native 64-bit math */ + v = (uint64_t)((be32_to_cpu((uint32_t)(v >> 32))) | + (((uint64_t)be32_to_cpu((uint32_t)v)) << 32)); +#endif /* NO_64BIT_MATH */ + return v; +} #endif /* WORDS_BIGENDIAN */ +#endif /* HAVE_CONFIG_H */ + /* - * functions manipulating bitvector_t + * functions manipulating bitvector_t * * A bitvector_t consists of an array of words and an integer * representing the number of significant bits stored in the array. * The bits are packed as follows: the least significant bit is that * of word[0], while the most significant bit is the nth most * significant bit of word[m], where length = bits_per_word * m + n. - * + * */ -#define bits_per_word 32 +#define bits_per_word 32 #define bytes_per_word 4 typedef struct { - uint32_t length; - uint32_t *word; + uint32_t length; + uint32_t *word; } bitvector_t; +#define _bitvector_get_bit(v, bit_index) \ + (((((v)->word[((bit_index) >> 5)]) >> ((bit_index)&31)) & 1)) + +#define _bitvector_set_bit(v, bit_index) \ + ((((v)->word[((bit_index) >> 5)] |= ((uint32_t)1 << ((bit_index)&31))))) + +#define _bitvector_clear_bit(v, bit_index) \ + ((((v)->word[((bit_index) >> 5)] &= ~((uint32_t)1 << ((bit_index)&31))))) -#define _bitvector_get_bit(v, bit_index) \ -( \ - ((((v)->word[((bit_index) >> 5)]) >> ((bit_index) & 31)) & 1) \ -) - - -#define _bitvector_set_bit(v, bit_index) \ -( \ - (((v)->word[((bit_index) >> 5)] |= ((uint32_t)1 << ((bit_index) & 31)))) \ -) - -#define _bitvector_clear_bit(v, bit_index) \ -( \ - (((v)->word[((bit_index) >> 5)] &= ~((uint32_t)1 << ((bit_index) & 31)))) \ -) - -#define _bitvector_get_length(v) \ -( \ - ((v)->length) \ -) +#define _bitvector_get_length(v) (((v)->length)) -#ifdef DATATYPES_USE_MACROS /* little functions are really macros */ +#ifdef DATATYPES_USE_MACROS /* little functions are really macros */ #define bitvector_get_bit(v, bit_index) _bitvector_get_bit(v, bit_index) #define bitvector_set_bit(v, bit_index) _bitvector_set_bit(v, bit_index) @@ -419,34 +351,25 @@ #else -int -bitvector_get_bit(const bitvector_t *v, int bit_index); +int bitvector_get_bit(const bitvector_t *v, int bit_index); -void -bitvector_set_bit(bitvector_t *v, int bit_index); +void bitvector_set_bit(bitvector_t *v, int bit_index); -void -bitvector_clear_bit(bitvector_t *v, int bit_index); +void bitvector_clear_bit(bitvector_t *v, int bit_index); -unsigned long -bitvector_get_length(const bitvector_t *v); +unsigned long bitvector_get_length(const bitvector_t *v); #endif -int -bitvector_alloc(bitvector_t *v, unsigned long length); +int bitvector_alloc(bitvector_t *v, unsigned long length); -void -bitvector_dealloc(bitvector_t *v); +void bitvector_dealloc(bitvector_t *v); -void -bitvector_set_to_zero(bitvector_t *x); +void bitvector_set_to_zero(bitvector_t *x); -void -bitvector_left_shift(bitvector_t *x, int index); +void bitvector_left_shift(bitvector_t *x, int index); -char * -bitvector_bit_string(bitvector_t *x, char* buf, int len); +char *bitvector_bit_string(bitvector_t *x, char *buf, int len); #ifdef __cplusplus } diff -Nru libsrtp2-2.1.0/crypto/include/err.h libsrtp2-2.2.0/crypto/include/err.h --- libsrtp2-2.1.0/crypto/include/err.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/err.h 2018-05-15 19:33:24.000000000 +0000 @@ -42,7 +42,6 @@ * */ - #ifndef ERR_H #define ERR_H @@ -62,7 +61,6 @@ * @{ */ - /** * @} */ @@ -82,9 +80,11 @@ srtp_err_status_t srtp_err_reporting_init(void); -typedef void (srtp_err_report_handler_func_t)(srtp_err_reporting_level_t level, const char * msg); +typedef void(srtp_err_report_handler_func_t)(srtp_err_reporting_level_t level, + const char *msg); -srtp_err_status_t srtp_install_err_report_handler(srtp_err_report_handler_func_t func); +srtp_err_status_t srtp_install_err_report_handler( + srtp_err_report_handler_func_t func); /* * srtp_err_report reports a 'printf' formatted error @@ -96,9 +96,7 @@ * */ -void -srtp_err_report(srtp_err_reporting_level_t level, const char *format, ...); - +void srtp_err_report(srtp_err_reporting_level_t level, const char *format, ...); /* * debug_module_t defines a debug module @@ -111,17 +109,21 @@ #ifdef ENABLE_DEBUG_LOGGING -#define debug_print(mod, format, arg) \ +#define debug_print(mod, format, arg) \ srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name, arg) -#define debug_print2(mod, format, arg1, arg2) \ - srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name, arg1, arg2) +#define debug_print2(mod, format, arg1, arg2) \ + srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name, \ + arg1, arg2) #else -#define debug_print(mod, format, arg) \ - if (mod.on) srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name, arg) -#define debug_print2(mod, format, arg1, arg2) \ - if (mod.on) srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name, arg1, arg2) +#define debug_print(mod, format, arg) \ + if (mod.on) \ + srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name, arg) +#define debug_print2(mod, format, arg1, arg2) \ + if (mod.on) \ + srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name, \ + arg1, arg2) #endif diff -Nru libsrtp2-2.1.0/crypto/include/integers.h libsrtp2-2.2.0/crypto/include/integers.h --- libsrtp2-2.1.0/crypto/include/integers.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/integers.h 2018-05-15 19:33:24.000000000 +0000 @@ -8,26 +8,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -43,29 +43,27 @@ * */ - #ifndef INTEGERS_H #define INTEGERS_H - /* use standard integer definitions, if they're available */ #ifdef HAVE_STDLIB_H -# include +#include #endif #ifdef HAVE_STDINT_H -# include +#include #endif #ifdef HAVE_INTTYPES_H -# include +#include #endif #ifdef HAVE_SYS_TYPES_H -# include +#include #endif #ifdef HAVE_SYS_INT_TYPES_H -# include /* this exists on Sun OS */ +#include /* this exists on Sun OS */ #endif #ifdef HAVE_MACHINE_TYPES_H -# include +#include #endif #ifdef __cplusplus @@ -74,31 +72,30 @@ /* Can we do 64 bit integers? */ #if !defined(HAVE_UINT64_T) -# if SIZEOF_UNSIGNED_LONG == 8 -typedef unsigned long uint64_t; -# elif SIZEOF_UNSIGNED_LONG_LONG == 8 -typedef unsigned long long uint64_t; -# else -# define NO_64BIT_MATH 1 -# endif +#if SIZEOF_UNSIGNED_LONG == 8 +typedef unsigned long uint64_t; +#elif SIZEOF_UNSIGNED_LONG_LONG == 8 +typedef unsigned long long uint64_t; +#else +#define NO_64BIT_MATH 1 +#endif #endif /* Reasonable defaults for 32 bit machines - you may need to * edit these definitions for your own machine. */ #ifndef HAVE_UINT8_T -typedef unsigned char uint8_t; +typedef unsigned char uint8_t; #endif #ifndef HAVE_UINT16_T -typedef unsigned short int uint16_t; +typedef unsigned short int uint16_t; #endif #ifndef HAVE_UINT32_T -typedef unsigned int uint32_t; +typedef unsigned int uint32_t; #endif #ifndef HAVE_INT32_T typedef int int32_t; #endif - #if defined(NO_64BIT_MATH) && defined(HAVE_CONFIG_H) typedef double uint64_t; /* assert that sizeof(double) == 8 */ @@ -107,39 +104,38 @@ extern uint32_t low32(uint64_t value); #endif - /* These macros are to load and store 32-bit values from un-aligned addresses. This is required for processors that do not allow unaligned loads. */ #ifdef ALIGNMENT_32BIT_REQUIRED /* Note that if it's in a variable, you can memcpy it */ #ifdef WORDS_BIGENDIAN -#define PUT_32(addr,value) \ - { \ - ((unsigned char *) (addr))[0] = (value >> 24); \ - ((unsigned char *) (addr))[1] = (value >> 16) & 0xff; \ - ((unsigned char *) (addr))[2] = (value >> 8) & 0xff; \ - ((unsigned char *) (addr))[3] = (value) & 0xff; \ +#define PUT_32(addr, value) \ + { \ + ((unsigned char *)(addr))[0] = (value >> 24); \ + ((unsigned char *)(addr))[1] = (value >> 16) & 0xff; \ + ((unsigned char *)(addr))[2] = (value >> 8) & 0xff; \ + ((unsigned char *)(addr))[3] = (value)&0xff; \ } -#define GET_32(addr) ((((unsigned char *) (addr))[0] << 24) | \ - (((unsigned char *) (addr))[1] << 16) | \ - (((unsigned char *) (addr))[2] << 8) | \ - (((unsigned char *) (addr))[3])) +#define GET_32(addr) \ + ((((unsigned char *)(addr))[0] << 24) | \ + (((unsigned char *)(addr))[1] << 16) | \ + (((unsigned char *)(addr))[2] << 8) | (((unsigned char *)(addr))[3])) #else -#define PUT_32(addr,value) \ - { \ - ((unsigned char *) (addr))[3] = (value >> 24); \ - ((unsigned char *) (addr))[2] = (value >> 16) & 0xff; \ - ((unsigned char *) (addr))[1] = (value >> 8) & 0xff; \ - ((unsigned char *) (addr))[0] = (value) & 0xff; \ +#define PUT_32(addr, value) \ + { \ + ((unsigned char *)(addr))[3] = (value >> 24); \ + ((unsigned char *)(addr))[2] = (value >> 16) & 0xff; \ + ((unsigned char *)(addr))[1] = (value >> 8) & 0xff; \ + ((unsigned char *)(addr))[0] = (value)&0xff; \ } -#define GET_32(addr) ((((unsigned char *) (addr))[3] << 24) | \ - (((unsigned char *) (addr))[2] << 16) | \ - (((unsigned char *) (addr))[1] << 8) | \ - (((unsigned char *) (addr))[0])) +#define GET_32(addr) \ + ((((unsigned char *)(addr))[3] << 24) | \ + (((unsigned char *)(addr))[2] << 16) | \ + (((unsigned char *)(addr))[1] << 8) | (((unsigned char *)(addr))[0])) #endif // WORDS_BIGENDIAN #else -#define PUT_32(addr,value) *(((uint32_t *) (addr)) = (value) +#define PUT_32(addr, value) *(((uint32_t *) (addr)) = (value) #define GET_32(addr) (*(((uint32_t *) (addr))) #endif diff -Nru libsrtp2-2.1.0/crypto/include/key.h libsrtp2-2.2.0/crypto/include/key.h --- libsrtp2-2.1.0/crypto/include/key.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/key.h 2018-05-15 19:33:24.000000000 +0000 @@ -45,7 +45,7 @@ #ifndef KEY_H #define KEY_H -#include "rdbx.h" /* for srtp_xtd_seq_num_t */ +#include "rdbx.h" /* for srtp_xtd_seq_num_t */ #include "err.h" #ifdef __cplusplus @@ -60,9 +60,11 @@ srtp_key_event_hard_limit } srtp_key_event_t; -srtp_err_status_t srtp_key_limit_set(srtp_key_limit_t key, const srtp_xtd_seq_num_t s); +srtp_err_status_t srtp_key_limit_set(srtp_key_limit_t key, + const srtp_xtd_seq_num_t s); -srtp_err_status_t srtp_key_limit_clone(srtp_key_limit_t original, srtp_key_limit_t *new_key); +srtp_err_status_t srtp_key_limit_clone(srtp_key_limit_t original, + srtp_key_limit_t *new_key); srtp_err_status_t srtp_key_limit_check(const srtp_key_limit_t key); diff -Nru libsrtp2-2.1.0/crypto/include/null_cipher.h libsrtp2-2.2.0/crypto/include/null_cipher.h --- libsrtp2-2.1.0/crypto/include/null_cipher.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/null_cipher.h 2018-05-15 19:33:24.000000000 +0000 @@ -44,7 +44,6 @@ * */ - #ifndef NULL_CIPHER_H #define NULL_CIPHER_H diff -Nru libsrtp2-2.1.0/crypto/include/rdb.h libsrtp2-2.2.0/crypto/include/rdb.h --- libsrtp2-2.1.0/crypto/include/rdb.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/rdb.h 2018-05-15 19:33:24.000000000 +0000 @@ -7,28 +7,27 @@ * Cisco Systems, Inc. */ - /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -47,9 +46,9 @@ #ifndef REPLAY_DB_H #define REPLAY_DB_H -#include "integers.h" /* for uint32_t */ -#include "datatypes.h" /* for v128_t */ -#include "err.h" /* for srtp_err_status_t */ +#include "integers.h" /* for uint32_t */ +#include "datatypes.h" /* for v128_t */ +#include "err.h" /* for srtp_err_status_t */ #ifdef __cplusplus extern "C" { @@ -76,7 +75,6 @@ */ srtp_err_status_t srtp_rdb_init(srtp_rdb_t *rdb); - /* * srtp_rdb_check * @@ -103,7 +101,6 @@ * srtp_rdb_t upon which srtp_rdb_add_index is used! */ - /* * srtp_rdb_increment(db) increments the sequence number in db, if it is * not too high @@ -121,7 +118,6 @@ */ uint32_t srtp_rdb_get_value(const srtp_rdb_t *rdb); - #ifdef __cplusplus } #endif diff -Nru libsrtp2-2.1.0/crypto/include/rdbx.h libsrtp2-2.2.0/crypto/include/rdbx.h --- libsrtp2-2.1.0/crypto/include/rdbx.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/rdbx.h 2018-05-15 19:33:24.000000000 +0000 @@ -9,26 +9,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -58,10 +58,10 @@ #ifndef ROC_TEST -typedef uint16_t srtp_sequence_number_t; /* 16 bit sequence number */ -typedef uint32_t srtp_rollover_counter_t; /* 32 bit rollover counter */ +typedef uint16_t srtp_sequence_number_t; /* 16 bit sequence number */ +typedef uint32_t srtp_rollover_counter_t; /* 32 bit rollover counter */ -#else /* use small seq_num and roc datatypes for testing purposes */ +#else /* use small seq_num and roc datatypes for testing purposes */ typedef unsigned char srtp_sequence_number_t; /* 8 bit sequence number */ typedef uint16_t srtp_rollover_counter_t; /* 16 bit rollover counter */ @@ -69,7 +69,7 @@ #endif #define seq_num_median (1 << (8 * sizeof(srtp_sequence_number_t) - 1)) -#define seq_num_max (1 << (8 * sizeof(srtp_sequence_number_t))) +#define seq_num_max (1 << (8 * sizeof(srtp_sequence_number_t))) /* * An rtp_xtd_seq_num_t is a 64-bit unsigned integer used as an 'extended' @@ -77,7 +77,6 @@ */ typedef uint64_t srtp_xtd_seq_num_t; - /* * An srtp_rdbx_t is a replay database with extended range; it uses an * xtd_seq_num_t and a bitmask of recently received indices. @@ -87,7 +86,6 @@ bitvector_t bitmask; } srtp_rdbx_t; - /* * srtp_rdbx_init(rdbx_ptr, ws) * @@ -96,7 +94,6 @@ */ srtp_err_status_t srtp_rdbx_init(srtp_rdbx_t *rdbx, unsigned long ws); - /* * srtp_rdbx_dealloc(rdbx_ptr) * @@ -104,7 +101,6 @@ */ srtp_err_status_t srtp_rdbx_dealloc(srtp_rdbx_t *rdbx); - /* * srtp_rdbx_estimate_index(rdbx, guess, s) * @@ -113,7 +109,9 @@ * index to which s corresponds, and returns the difference between * *guess and the locally stored synch info */ -int32_t srtp_rdbx_estimate_index(const srtp_rdbx_t *rdbx, srtp_xtd_seq_num_t *guess, srtp_sequence_number_t s); +int32_t srtp_rdbx_estimate_index(const srtp_rdbx_t *rdbx, + srtp_xtd_seq_num_t *guess, + srtp_sequence_number_t s); /* * srtp_rdbx_check(rdbx, delta); @@ -136,7 +134,6 @@ */ srtp_err_status_t srtp_rdbx_add_index(srtp_rdbx_t *rdbx, int delta); - /* * srtp_rdbx_set_roc(rdbx, roc) initalizes the srtp_rdbx_t at the location rdbx * to have the rollover counter value roc. If that value is less than @@ -147,7 +144,8 @@ srtp_err_status_t srtp_rdbx_set_roc(srtp_rdbx_t *rdbx, uint32_t roc); /* - * srtp_rdbx_get_packet_index(rdbx) returns the value of the rollover counter for + * srtp_rdbx_get_packet_index(rdbx) returns the value of the rollover counter + * for * the srtp_rdbx_t pointed to by rdbx * */ @@ -166,14 +164,12 @@ */ unsigned long srtp_rdbx_get_window_size(const srtp_rdbx_t *rdbx); - /* index_init(&pi) initializes a packet index pi (sets it to zero) */ void srtp_index_init(srtp_xtd_seq_num_t *pi); /* index_advance(&pi, s) advances a xtd_seq_num_t forward by s */ void srtp_index_advance(srtp_xtd_seq_num_t *pi, srtp_sequence_number_t s); - /* * srtp_index_guess(local, guess, s) * @@ -183,7 +179,9 @@ * guess of the packet index to which s corresponds, and returns the * difference between *guess and *local */ -int32_t srtp_index_guess(const srtp_xtd_seq_num_t *local, srtp_xtd_seq_num_t *guess, srtp_sequence_number_t s); +int32_t srtp_index_guess(const srtp_xtd_seq_num_t *local, + srtp_xtd_seq_num_t *guess, + srtp_sequence_number_t s); /* * srtp_rdbx_get_roc(rdbx) @@ -200,9 +198,9 @@ * rollover counter value, then the function returns * srtp_err_status_replay_old, otherwise, srtp_err_status_ok is returned. */ -srtp_err_status_t srtp_rdbx_set_roc_seq (srtp_rdbx_t *rdbx, - uint32_t roc, - uint16_t seq); +srtp_err_status_t srtp_rdbx_set_roc_seq(srtp_rdbx_t *rdbx, + uint32_t roc, + uint16_t seq); #ifdef __cplusplus } diff -Nru libsrtp2-2.1.0/crypto/include/sha1.h libsrtp2-2.2.0/crypto/include/sha1.h --- libsrtp2-2.1.0/crypto/include/sha1.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/sha1.h 2018-05-15 19:33:24.000000000 +0000 @@ -48,7 +48,7 @@ #define SHA1_H #ifdef HAVE_CONFIG_H - #include +#include #endif #include "err.h" @@ -81,49 +81,53 @@ /* OpenSSL 1.1.0 made EVP_MD_CTX an opaque structure, which must be allocated using EVP_MD_CTX_new. But this function doesn't exist in OpenSSL 1.0.x. */ -#if OPENSSL_VERSION_NUMBER < 0x10100000L +#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER typedef EVP_MD_CTX srtp_sha1_ctx_t; -static inline void srtp_sha1_init (srtp_sha1_ctx_t *ctx) +static inline void srtp_sha1_init(srtp_sha1_ctx_t *ctx) { EVP_MD_CTX_init(ctx); EVP_DigestInit(ctx, EVP_sha1()); } -static inline void srtp_sha1_update (srtp_sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg) +static inline void srtp_sha1_update(srtp_sha1_ctx_t *ctx, + const uint8_t *M, + int octets_in_msg) { EVP_DigestUpdate(ctx, M, octets_in_msg); } -static inline void srtp_sha1_final (srtp_sha1_ctx_t *ctx, uint32_t *output) +static inline void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t *output) { unsigned int len = 0; - EVP_DigestFinal(ctx, (unsigned char*)output, &len); + EVP_DigestFinal(ctx, (unsigned char *)output, &len); EVP_MD_CTX_cleanup(ctx); } #else -typedef EVP_MD_CTX* srtp_sha1_ctx_t; +typedef EVP_MD_CTX *srtp_sha1_ctx_t; -static inline void srtp_sha1_init (srtp_sha1_ctx_t *ctx) +static inline void srtp_sha1_init(srtp_sha1_ctx_t *ctx) { *ctx = EVP_MD_CTX_new(); EVP_DigestInit(*ctx, EVP_sha1()); } -static inline void srtp_sha1_update (srtp_sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg) +static inline void srtp_sha1_update(srtp_sha1_ctx_t *ctx, + const uint8_t *M, + int octets_in_msg) { EVP_DigestUpdate(*ctx, M, octets_in_msg); } -static inline void srtp_sha1_final (srtp_sha1_ctx_t *ctx, uint32_t *output) +static inline void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t *output) { unsigned int len = 0; - EVP_DigestFinal(*ctx, (unsigned char*)output, &len); + EVP_DigestFinal(*ctx, (unsigned char *)output, &len); EVP_MD_CTX_free(*ctx); } #endif @@ -137,7 +141,6 @@ uint32_t num_bits_in_msg; /* total number of bits in message */ } srtp_sha1_ctx_t; - /* * srtp_sha1_init(&ctx) initializes the SHA1 context ctx * @@ -150,9 +153,11 @@ */ void srtp_sha1_init(srtp_sha1_ctx_t *ctx); -void srtp_sha1_update(srtp_sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg); +void srtp_sha1_update(srtp_sha1_ctx_t *ctx, + const uint8_t *M, + int octets_in_msg); -void srtp_sha1_final(srtp_sha1_ctx_t * ctx, uint32_t output[5]); +void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t output[5]); /* * The srtp_sha1_core function is INTERNAL to SHA-1, but it is declared diff -Nru libsrtp2-2.1.0/crypto/include/stat.h libsrtp2-2.2.0/crypto/include/stat.h --- libsrtp2-2.1.0/crypto/include/stat.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/include/stat.h 2018-05-15 19:33:24.000000000 +0000 @@ -1,6 +1,6 @@ /* * stats.h - * + * * interface to statistical test functions * * David A. McGrew @@ -8,26 +8,26 @@ */ /* - * + * * Copyright(c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -43,12 +43,11 @@ * */ - #ifndef STAT_H #define STAT_H -#include "datatypes.h" /* for uint8_t */ -#include "err.h" /* for srtp_err_status_t */ +#include "datatypes.h" /* for uint8_t */ +#include "err.h" /* for srtp_err_status_t */ #ifdef __cplusplus extern "C" { diff -Nru libsrtp2-2.1.0/crypto/kernel/alloc.c libsrtp2-2.2.0/crypto/kernel/alloc.c --- libsrtp2-2.1.0/crypto/kernel/alloc.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/kernel/alloc.c 2018-05-15 19:33:24.000000000 +0000 @@ -1,32 +1,32 @@ /* * alloc.c * - * memory allocation and deallocation + * memory allocation and deallocation * * David A. McGrew * Cisco Systems, Inc. */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -43,7 +43,7 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "alloc.h" @@ -51,9 +51,9 @@ /* the debug module for memory allocation */ -srtp_debug_module_t mod_alloc = { - 0, /* debugging is off by default */ - "alloc" /* printable name for module */ +srtp_debug_module_t srtp_mod_alloc = { + 0, /* debugging is off by default */ + "alloc" /* printable name for module */ }; /* @@ -67,29 +67,35 @@ #if defined(HAVE_STDLIB_H) -void * srtp_crypto_alloc(size_t size) { - void *ptr; +void *srtp_crypto_alloc(size_t size) +{ + void *ptr; + + if (!size) { + return NULL; + } + + ptr = calloc(1, size); + + if (ptr) { + debug_print(srtp_mod_alloc, "(location: %p) allocated", ptr); + } else { + debug_print(srtp_mod_alloc, "allocation failed (asked for %d bytes)\n", + size); + } - ptr = malloc(size); - - if (ptr) { - debug_print(mod_alloc, "(location: %p) allocated", ptr); - } else { - debug_print(mod_alloc, "allocation failed (asked for %d bytes)\n", size); - } - - return ptr; + return ptr; } -void srtp_crypto_free(void *ptr) { - - debug_print(mod_alloc, "(location: %p) freed", ptr); +void srtp_crypto_free(void *ptr) +{ + debug_print(srtp_mod_alloc, "(location: %p) freed", ptr); - free(ptr); + free(ptr); } -#else /* we need to define our own memory allocation routines */ +#else /* we need to define our own memory allocation routines */ -#error no memory allocation defined yet +#error no memory allocation defined yet #endif diff -Nru libsrtp2-2.1.0/crypto/kernel/crypto_kernel.c libsrtp2-2.2.0/crypto/kernel/crypto_kernel.c --- libsrtp2-2.1.0/crypto/kernel/crypto_kernel.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/kernel/crypto_kernel.c 2018-05-15 19:33:24.000000000 +0000 @@ -42,60 +42,22 @@ * */ - #ifdef HAVE_CONFIG_H - #include +#include #endif #include "alloc.h" #include "crypto_kernel.h" +#include "cipher_types.h" /* the debug module for the crypto_kernel */ srtp_debug_module_t srtp_mod_crypto_kernel = { - 0, /* debugging is off by default */ - "crypto kernel" /* printable name for module */ + 0, /* debugging is off by default */ + "crypto kernel" /* printable name for module */ }; -/* - * other generic debug modules that can be included in the kernel - */ - -extern srtp_debug_module_t srtp_mod_auth; -extern srtp_debug_module_t srtp_mod_cipher; -extern srtp_debug_module_t mod_stat; -extern srtp_debug_module_t mod_alloc; - -/* - * cipher types that can be included in the kernel - */ - -extern srtp_cipher_type_t srtp_null_cipher; -extern srtp_cipher_type_t srtp_aes_icm_128; -extern srtp_cipher_type_t srtp_aes_icm_256; -#ifdef OPENSSL -extern srtp_cipher_type_t srtp_aes_icm_192; -extern srtp_cipher_type_t srtp_aes_gcm_128_openssl; -extern srtp_cipher_type_t srtp_aes_gcm_256_openssl; -#endif - -/* debug modules for cipher types */ -extern srtp_debug_module_t srtp_mod_aes_icm; -#ifdef OPENSSL -extern srtp_debug_module_t srtp_mod_aes_gcm; -#endif - -/* - * auth func types that can be included in the kernel - */ - -extern srtp_auth_type_t srtp_null_auth; -extern srtp_auth_type_t srtp_hmac; - -/* debug modules for auth types */ -extern srtp_debug_module_t srtp_mod_hmac; - /* crypto_kernel is a global variable, the only one of its datatype */ srtp_crypto_kernel_t crypto_kernel = { @@ -107,13 +69,12 @@ #define MAX_RNG_TRIALS 25 -srtp_err_status_t srtp_crypto_kernel_init () +srtp_err_status_t srtp_crypto_kernel_init() { srtp_err_status_t status; /* check the security state */ if (crypto_kernel.state == srtp_crypto_kernel_state_secure) { - /* * we're already in the secure state, but we've been asked to * re-initialize, so we just re-run the self-tests and then return @@ -140,25 +101,28 @@ if (status) { return status; } - status = srtp_crypto_kernel_load_debug_module(&mod_stat); + status = srtp_crypto_kernel_load_debug_module(&srtp_mod_stat); if (status) { return status; } - status = srtp_crypto_kernel_load_debug_module(&mod_alloc); + status = srtp_crypto_kernel_load_debug_module(&srtp_mod_alloc); if (status) { return status; } /* load cipher types */ - status = srtp_crypto_kernel_load_cipher_type(&srtp_null_cipher, SRTP_NULL_CIPHER); + status = srtp_crypto_kernel_load_cipher_type(&srtp_null_cipher, + SRTP_NULL_CIPHER); if (status) { return status; } - status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_icm_128, SRTP_AES_ICM_128); + status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_icm_128, + SRTP_AES_ICM_128); if (status) { return status; } - status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_icm_256, SRTP_AES_ICM_256); + status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_icm_256, + SRTP_AES_ICM_256); if (status) { return status; } @@ -167,15 +131,18 @@ return status; } #ifdef OPENSSL - status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_icm_192, SRTP_AES_ICM_192); + status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_icm_192, + SRTP_AES_ICM_192); if (status) { return status; } - status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_gcm_128_openssl, SRTP_AES_GCM_128); + status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_gcm_128_openssl, + SRTP_AES_GCM_128); if (status) { return status; } - status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_gcm_256_openssl, SRTP_AES_GCM_256); + status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_gcm_256_openssl, + SRTP_AES_GCM_256); if (status) { return status; } @@ -205,19 +172,21 @@ return srtp_err_status_ok; } -srtp_err_status_t srtp_crypto_kernel_status () +srtp_err_status_t srtp_crypto_kernel_status() { srtp_err_status_t status; - srtp_kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list; - srtp_kernel_auth_type_t *atype = crypto_kernel.auth_type_list; + srtp_kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list; + srtp_kernel_auth_type_t *atype = crypto_kernel.auth_type_list; /* for each cipher type, describe and test */ while (ctype != NULL) { - srtp_err_report(srtp_err_level_info, "cipher: %s\n", ctype->cipher_type->description); + srtp_err_report(srtp_err_level_info, "cipher: %s\n", + ctype->cipher_type->description); srtp_err_report(srtp_err_level_info, " self-test: "); status = srtp_cipher_type_self_test(ctype->cipher_type); if (status) { - srtp_err_report(srtp_err_level_error, "failed with error code %d\n", status); + srtp_err_report(srtp_err_level_error, "failed with error code %d\n", + status); exit(status); } srtp_err_report(srtp_err_level_info, "passed\n"); @@ -226,11 +195,13 @@ /* for each auth type, describe and test */ while (atype != NULL) { - srtp_err_report(srtp_err_level_info, "auth func: %s\n", atype->auth_type->description); + srtp_err_report(srtp_err_level_info, "auth func: %s\n", + atype->auth_type->description); srtp_err_report(srtp_err_level_info, " self-test: "); status = srtp_auth_type_self_test(atype->auth_type); if (status) { - srtp_err_report(srtp_err_level_error, "failed with error code %d\n", status); + srtp_err_report(srtp_err_level_error, "failed with error code %d\n", + status); exit(status); } srtp_err_report(srtp_err_level_info, "passed\n"); @@ -242,7 +213,7 @@ return srtp_err_status_ok; } -srtp_err_status_t srtp_crypto_kernel_list_debug_modules () +srtp_err_status_t srtp_crypto_kernel_list_debug_modules() { srtp_kernel_debug_module_t *dm = crypto_kernel.debug_module_list; @@ -252,7 +223,7 @@ srtp_err_report(srtp_err_level_info, " %s ", dm->mod->name); if (dm->mod->on) { srtp_err_report(srtp_err_level_info, "(on)\n"); - } else{ + } else { srtp_err_report(srtp_err_level_info, "(off)\n"); } dm = dm->next; @@ -261,7 +232,7 @@ return srtp_err_status_ok; } -srtp_err_status_t srtp_crypto_kernel_shutdown () +srtp_err_status_t srtp_crypto_kernel_shutdown() { /* * free dynamic memory used in crypto_kernel at present @@ -271,8 +242,7 @@ while (crypto_kernel.cipher_type_list != NULL) { srtp_kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list; crypto_kernel.cipher_type_list = ctype->next; - debug_print(srtp_mod_crypto_kernel, - "freeing memory for cipher %s", + debug_print(srtp_mod_crypto_kernel, "freeing memory for cipher %s", ctype->cipher_type->description); srtp_crypto_free(ctype); } @@ -292,8 +262,7 @@ srtp_kernel_debug_module_t *kdm = crypto_kernel.debug_module_list; crypto_kernel.debug_module_list = kdm->next; debug_print(srtp_mod_crypto_kernel, - "freeing memory for debug module %s", - kdm->mod->name); + "freeing memory for debug module %s", kdm->mod->name); srtp_crypto_free(kdm); } @@ -303,7 +272,10 @@ return srtp_err_status_ok; } -static inline srtp_err_status_t srtp_crypto_kernel_do_load_cipher_type (const srtp_cipher_type_t *new_ct, srtp_cipher_type_id_t id, int replace) +static inline srtp_err_status_t srtp_crypto_kernel_do_load_cipher_type( + const srtp_cipher_type_t *new_ct, + srtp_cipher_type_id_t id, + int replace) { srtp_kernel_cipher_type_t *ctype, *new_ctype; srtp_err_status_t status; @@ -330,13 +302,14 @@ if (!replace) { return srtp_err_status_bad_param; } - status = srtp_cipher_type_test(new_ct, ctype->cipher_type->test_data); + status = + srtp_cipher_type_test(new_ct, ctype->cipher_type->test_data); if (status) { return status; } new_ctype = ctype; break; - }else if (new_ct == ctype->cipher_type) { + } else if (new_ct == ctype->cipher_type) { return srtp_err_status_bad_param; } ctype = ctype->next; @@ -345,7 +318,8 @@ /* if not found, put new_ct at the head of the list */ if (ctype == NULL) { /* allocate memory */ - new_ctype = (srtp_kernel_cipher_type_t*)srtp_crypto_alloc(sizeof(srtp_kernel_cipher_type_t)); + new_ctype = (srtp_kernel_cipher_type_t *)srtp_crypto_alloc( + sizeof(srtp_kernel_cipher_type_t)); if (new_ctype == NULL) { return srtp_err_status_alloc_fail; } @@ -362,17 +336,23 @@ return srtp_err_status_ok; } -srtp_err_status_t srtp_crypto_kernel_load_cipher_type (const srtp_cipher_type_t *new_ct, srtp_cipher_type_id_t id) +srtp_err_status_t srtp_crypto_kernel_load_cipher_type( + const srtp_cipher_type_t *new_ct, + srtp_cipher_type_id_t id) { return srtp_crypto_kernel_do_load_cipher_type(new_ct, id, 0); } -srtp_err_status_t srtp_replace_cipher_type (const srtp_cipher_type_t *new_ct, srtp_cipher_type_id_t id) +srtp_err_status_t srtp_replace_cipher_type(const srtp_cipher_type_t *new_ct, + srtp_cipher_type_id_t id) { return srtp_crypto_kernel_do_load_cipher_type(new_ct, id, 1); } -srtp_err_status_t srtp_crypto_kernel_do_load_auth_type (const srtp_auth_type_t *new_at, srtp_auth_type_id_t id, int replace) +srtp_err_status_t srtp_crypto_kernel_do_load_auth_type( + const srtp_auth_type_t *new_at, + srtp_auth_type_id_t id, + int replace) { srtp_kernel_auth_type_t *atype, *new_atype; srtp_err_status_t status; @@ -405,7 +385,7 @@ } new_atype = atype; break; - }else if (new_at == atype->auth_type) { + } else if (new_at == atype->auth_type) { return srtp_err_status_bad_param; } atype = atype->next; @@ -414,7 +394,8 @@ /* if not found, put new_at at the head of the list */ if (atype == NULL) { /* allocate memory */ - new_atype = (srtp_kernel_auth_type_t*)srtp_crypto_alloc(sizeof(srtp_kernel_auth_type_t)); + new_atype = (srtp_kernel_auth_type_t *)srtp_crypto_alloc( + sizeof(srtp_kernel_auth_type_t)); if (new_atype == NULL) { return srtp_err_status_alloc_fail; } @@ -429,21 +410,23 @@ new_atype->id = id; return srtp_err_status_ok; - } -srtp_err_status_t srtp_crypto_kernel_load_auth_type (const srtp_auth_type_t *new_at, srtp_auth_type_id_t id) +srtp_err_status_t srtp_crypto_kernel_load_auth_type( + const srtp_auth_type_t *new_at, + srtp_auth_type_id_t id) { return srtp_crypto_kernel_do_load_auth_type(new_at, id, 0); } -srtp_err_status_t srtp_replace_auth_type (const srtp_auth_type_t *new_at, srtp_auth_type_id_t id) +srtp_err_status_t srtp_replace_auth_type(const srtp_auth_type_t *new_at, + srtp_auth_type_id_t id) { return srtp_crypto_kernel_do_load_auth_type(new_at, id, 1); } - -const srtp_cipher_type_t * srtp_crypto_kernel_get_cipher_type (srtp_cipher_type_id_t id) +const srtp_cipher_type_t *srtp_crypto_kernel_get_cipher_type( + srtp_cipher_type_id_t id) { srtp_kernel_cipher_type_t *ctype; @@ -460,8 +443,10 @@ return NULL; } - -srtp_err_status_t srtp_crypto_kernel_alloc_cipher (srtp_cipher_type_id_t id, srtp_cipher_pointer_t *cp, int key_len, int tag_len) +srtp_err_status_t srtp_crypto_kernel_alloc_cipher(srtp_cipher_type_id_t id, + srtp_cipher_pointer_t *cp, + int key_len, + int tag_len) { const srtp_cipher_type_t *ct; @@ -481,9 +466,7 @@ return ((ct)->alloc(cp, key_len, tag_len)); } - - -const srtp_auth_type_t * srtp_crypto_kernel_get_auth_type (srtp_auth_type_id_t id) +const srtp_auth_type_t *srtp_crypto_kernel_get_auth_type(srtp_auth_type_id_t id) { srtp_kernel_auth_type_t *atype; @@ -500,7 +483,10 @@ return NULL; } -srtp_err_status_t srtp_crypto_kernel_alloc_auth (srtp_auth_type_id_t id, srtp_auth_pointer_t *ap, int key_len, int tag_len) +srtp_err_status_t srtp_crypto_kernel_alloc_auth(srtp_auth_type_id_t id, + srtp_auth_pointer_t *ap, + int key_len, + int tag_len) { const srtp_auth_type_t *at; @@ -520,12 +506,13 @@ return ((at)->alloc(ap, key_len, tag_len)); } -srtp_err_status_t srtp_crypto_kernel_load_debug_module (srtp_debug_module_t *new_dm) +srtp_err_status_t srtp_crypto_kernel_load_debug_module( + srtp_debug_module_t *new_dm) { srtp_kernel_debug_module_t *kdm, *new; /* defensive coding */ - if (new_dm == NULL) { + if (new_dm == NULL || new_dm->name == NULL) { return srtp_err_status_bad_param; } @@ -540,7 +527,8 @@ /* put new_dm at the head of the list */ /* allocate memory */ - new = (srtp_kernel_debug_module_t*)srtp_crypto_alloc(sizeof(srtp_kernel_debug_module_t)); + new = (srtp_kernel_debug_module_t *)srtp_crypto_alloc( + sizeof(srtp_kernel_debug_module_t)); if (new == NULL) { return srtp_err_status_alloc_fail; } @@ -555,7 +543,7 @@ return srtp_err_status_ok; } -srtp_err_status_t srtp_crypto_kernel_set_debug_module (const char *name, int on) +srtp_err_status_t srtp_crypto_kernel_set_debug_module(const char *name, int on) { srtp_kernel_debug_module_t *kdm; diff -Nru libsrtp2-2.1.0/crypto/kernel/err.c libsrtp2-2.2.0/crypto/kernel/err.c --- libsrtp2-2.1.0/crypto/kernel/err.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/kernel/err.c 2018-05-15 19:33:24.000000000 +0000 @@ -43,7 +43,7 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "err.h" @@ -54,7 +54,7 @@ static FILE *srtp_err_file = NULL; -srtp_err_status_t srtp_err_reporting_init () +srtp_err_status_t srtp_err_reporting_init() { #ifdef ERR_REPORTING_STDOUT srtp_err_file = stdout; @@ -69,15 +69,16 @@ return srtp_err_status_ok; } -static srtp_err_report_handler_func_t * srtp_err_report_handler = NULL; +static srtp_err_report_handler_func_t *srtp_err_report_handler = NULL; -srtp_err_status_t srtp_install_err_report_handler(srtp_err_report_handler_func_t func) +srtp_err_status_t srtp_install_err_report_handler( + srtp_err_report_handler_func_t func) { srtp_err_report_handler = func; return srtp_err_status_ok; } -void srtp_err_report (srtp_err_reporting_level_t level, const char *format, ...) +void srtp_err_report(srtp_err_reporting_level_t level, const char *format, ...) { va_list args; if (srtp_err_file != NULL) { @@ -91,12 +92,13 @@ if (vsnprintf(msg, sizeof(msg), format, args) > 0) { /* strip trailing \n, callback should not have one */ size_t l = strlen(msg); - if (l && msg[l-1] == '\n') { - msg[l-1] = '\0'; + if (l && msg[l - 1] == '\n') { + msg[l - 1] = '\0'; } srtp_err_report_handler(level, msg); /* - * NOTE, need to be carefull, there is a potential that octet_string_set_to_zero() could + * NOTE, need to be carefull, there is a potential that + * octet_string_set_to_zero() could * call srtp_err_report() in the future, leading to recursion */ octet_string_set_to_zero(msg, sizeof(msg)); diff -Nru libsrtp2-2.1.0/crypto/kernel/key.c libsrtp2-2.2.0/crypto/kernel/key.c --- libsrtp2-2.1.0/crypto/kernel/key.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/kernel/key.c 2018-05-15 19:33:24.000000000 +0000 @@ -43,14 +43,15 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "key.h" #define soft_limit 0x10000 -srtp_err_status_t srtp_key_limit_set (srtp_key_limit_t key, const srtp_xtd_seq_num_t s) +srtp_err_status_t srtp_key_limit_set(srtp_key_limit_t key, + const srtp_xtd_seq_num_t s) { #ifdef NO_64BIT_MATH if (high32(s) == 0 && low32(s) < soft_limit) { @@ -66,7 +67,8 @@ return srtp_err_status_ok; } -srtp_err_status_t srtp_key_limit_clone (srtp_key_limit_t original, srtp_key_limit_t *new_key) +srtp_err_status_t srtp_key_limit_clone(srtp_key_limit_t original, + srtp_key_limit_t *new_key) { if (original == NULL) { return srtp_err_status_bad_param; @@ -75,7 +77,7 @@ return srtp_err_status_ok; } -srtp_err_status_t srtp_key_limit_check (const srtp_key_limit_t key) +srtp_err_status_t srtp_key_limit_check(const srtp_key_limit_t key) { if (key->state == srtp_key_state_expired) { return srtp_err_status_key_expired; @@ -83,13 +85,14 @@ return srtp_err_status_ok; } -srtp_key_event_t srtp_key_limit_update (srtp_key_limit_t key) +srtp_key_event_t srtp_key_limit_update(srtp_key_limit_t key) { #ifdef NO_64BIT_MATH if (low32(key->num_left) == 0) { // carry - key->num_left = make64(high32(key->num_left) - 1, low32(key->num_left) - 1); - }else { + key->num_left = + make64(high32(key->num_left) - 1, low32(key->num_left) - 1); + } else { // no carry key->num_left = make64(high32(key->num_left), low32(key->num_left) - 1); } @@ -111,10 +114,9 @@ #else if (key->num_left < 1) #endif - { /* we just hit the hard limit */ + { /* we just hit the hard limit */ key->state = srtp_key_state_expired; return srtp_key_event_hard_limit; } return srtp_key_event_soft_limit; } - diff -Nru libsrtp2-2.1.0/crypto/math/datatypes.c libsrtp2-2.2.0/crypto/math/datatypes.c --- libsrtp2-2.1.0/crypto/math/datatypes.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/math/datatypes.c 2018-05-15 19:33:24.000000000 +0000 @@ -8,26 +8,26 @@ * Cisco Systems, Inc. */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -44,7 +44,7 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #ifdef OPENSSL @@ -53,48 +53,24 @@ #include "datatypes.h" -int -octet_weight[256] = { - 0, 1, 1, 2, 1, 2, 2, 3, - 1, 2, 2, 3, 2, 3, 3, 4, - 1, 2, 2, 3, 2, 3, 3, 4, - 2, 3, 3, 4, 3, 4, 4, 5, - 1, 2, 2, 3, 2, 3, 3, 4, - 2, 3, 3, 4, 3, 4, 4, 5, - 2, 3, 3, 4, 3, 4, 4, 5, - 3, 4, 4, 5, 4, 5, 5, 6, - 1, 2, 2, 3, 2, 3, 3, 4, - 2, 3, 3, 4, 3, 4, 4, 5, - 2, 3, 3, 4, 3, 4, 4, 5, - 3, 4, 4, 5, 4, 5, 5, 6, - 2, 3, 3, 4, 3, 4, 4, 5, - 3, 4, 4, 5, 4, 5, 5, 6, - 3, 4, 4, 5, 4, 5, 5, 6, - 4, 5, 5, 6, 5, 6, 6, 7, - 1, 2, 2, 3, 2, 3, 3, 4, - 2, 3, 3, 4, 3, 4, 4, 5, - 2, 3, 3, 4, 3, 4, 4, 5, - 3, 4, 4, 5, 4, 5, 5, 6, - 2, 3, 3, 4, 3, 4, 4, 5, - 3, 4, 4, 5, 4, 5, 5, 6, - 3, 4, 4, 5, 4, 5, 5, 6, - 4, 5, 5, 6, 5, 6, 6, 7, - 2, 3, 3, 4, 3, 4, 4, 5, - 3, 4, 4, 5, 4, 5, 5, 6, - 3, 4, 4, 5, 4, 5, 5, 6, - 4, 5, 5, 6, 5, 6, 6, 7, - 3, 4, 4, 5, 4, 5, 5, 6, - 4, 5, 5, 6, 5, 6, 6, 7, - 4, 5, 5, 6, 5, 6, 6, 7, - 5, 6, 6, 7, 6, 7, 7, 8 +static const int8_t octet_weight[256] = { + 0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4, 1, 2, 2, 3, 2, 3, 3, 4, + 2, 3, 3, 4, 3, 4, 4, 5, 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, + 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 1, 2, 2, 3, 2, 3, 3, 4, + 2, 3, 3, 4, 3, 4, 4, 5, 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, + 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 3, 4, 4, 5, 4, 5, 5, 6, + 4, 5, 5, 6, 5, 6, 6, 7, 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5, + 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 2, 3, 3, 4, 3, 4, 4, 5, + 3, 4, 4, 5, 4, 5, 5, 6, 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, + 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 3, 4, 4, 5, 4, 5, 5, 6, + 4, 5, 5, 6, 5, 6, 6, 7, 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7, + 4, 5, 5, 6, 5, 6, 6, 7, 5, 6, 6, 7, 6, 7, 7, 8 }; -int -octet_get_weight(uint8_t octet) { - extern int octet_weight[256]; - - return octet_weight[octet]; -} +int octet_get_weight(uint8_t octet) +{ + return (int)octet_weight[octet]; +} /* * bit_string is a buffer that is used to hold output strings, e.g. @@ -105,414 +81,410 @@ char bit_string[MAX_PRINT_STRING_LEN]; -uint8_t -srtp_nibble_to_hex_char(uint8_t nibble) { - char buf[16] = {'0', '1', '2', '3', '4', '5', '6', '7', - '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; - return buf[nibble & 0xF]; -} - -char * srtp_octet_string_hex_string(const void *s, int length) { - const uint8_t *str = (const uint8_t *)s; - int i; - - /* double length, since one octet takes two hex characters */ - length *= 2; - - /* truncate string if it would be too long */ - if (length > MAX_PRINT_STRING_LEN) - length = MAX_PRINT_STRING_LEN-2; - - for (i=0; i < length; i+=2) { - bit_string[i] = srtp_nibble_to_hex_char(*str >> 4); - bit_string[i+1] = srtp_nibble_to_hex_char(*str++ & 0xF); - } - bit_string[i] = 0; /* null terminate string */ - return bit_string; -} - -char * -v128_hex_string(v128_t *x) { - int i, j; - - for (i=j=0; i < 16; i++) { - bit_string[j++] = srtp_nibble_to_hex_char(x->v8[i] >> 4); - bit_string[j++] = srtp_nibble_to_hex_char(x->v8[i] & 0xF); - } - - bit_string[j] = 0; /* null terminate string */ - return bit_string; -} - -char * -v128_bit_string(v128_t *x) { - int j, i; - uint32_t mask; - - for (j=i=0; j < 4; j++) { - for (mask=0x80000000; mask > 0; mask >>= 1) { - if (x->v32[j] & mask) - bit_string[i] = '1'; - else - bit_string[i] = '0'; - ++i; +uint8_t srtp_nibble_to_hex_char(uint8_t nibble) +{ + char buf[16] = { '0', '1', '2', '3', '4', '5', '6', '7', + '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; + return buf[nibble & 0xF]; +} + +char *srtp_octet_string_hex_string(const void *s, int length) +{ + const uint8_t *str = (const uint8_t *)s; + int i; + + /* double length, since one octet takes two hex characters */ + length *= 2; + + /* truncate string if it would be too long */ + if (length > MAX_PRINT_STRING_LEN) + length = MAX_PRINT_STRING_LEN - 2; + + for (i = 0; i < length; i += 2) { + bit_string[i] = srtp_nibble_to_hex_char(*str >> 4); + bit_string[i + 1] = srtp_nibble_to_hex_char(*str++ & 0xF); + } + bit_string[i] = 0; /* null terminate string */ + return bit_string; +} + +char *v128_hex_string(v128_t *x) +{ + int i, j; + + for (i = j = 0; i < 16; i++) { + bit_string[j++] = srtp_nibble_to_hex_char(x->v8[i] >> 4); + bit_string[j++] = srtp_nibble_to_hex_char(x->v8[i] & 0xF); } - } - bit_string[128] = 0; /* null terminate string */ - return bit_string; + bit_string[j] = 0; /* null terminate string */ + return bit_string; } -void -v128_copy_octet_string(v128_t *x, const uint8_t s[16]) { +char *v128_bit_string(v128_t *x) +{ + int j, i; + uint32_t mask; + + for (j = i = 0; j < 4; j++) { + for (mask = 0x80000000; mask > 0; mask >>= 1) { + if (x->v32[j] & mask) + bit_string[i] = '1'; + else + bit_string[i] = '0'; + ++i; + } + } + bit_string[128] = 0; /* null terminate string */ + + return bit_string; +} + +void v128_copy_octet_string(v128_t *x, const uint8_t s[16]) +{ #ifdef ALIGNMENT_32BIT_REQUIRED - if ((((uint32_t) &s[0]) & 0x3) != 0) + if ((((uint32_t)&s[0]) & 0x3) != 0) #endif - { - x->v8[0] = s[0]; - x->v8[1] = s[1]; - x->v8[2] = s[2]; - x->v8[3] = s[3]; - x->v8[4] = s[4]; - x->v8[5] = s[5]; - x->v8[6] = s[6]; - x->v8[7] = s[7]; - x->v8[8] = s[8]; - x->v8[9] = s[9]; - x->v8[10] = s[10]; - x->v8[11] = s[11]; - x->v8[12] = s[12]; - x->v8[13] = s[13]; - x->v8[14] = s[14]; - x->v8[15] = s[15]; - } + { + x->v8[0] = s[0]; + x->v8[1] = s[1]; + x->v8[2] = s[2]; + x->v8[3] = s[3]; + x->v8[4] = s[4]; + x->v8[5] = s[5]; + x->v8[6] = s[6]; + x->v8[7] = s[7]; + x->v8[8] = s[8]; + x->v8[9] = s[9]; + x->v8[10] = s[10]; + x->v8[11] = s[11]; + x->v8[12] = s[12]; + x->v8[13] = s[13]; + x->v8[14] = s[14]; + x->v8[15] = s[15]; + } #ifdef ALIGNMENT_32BIT_REQUIRED - else - { - v128_t *v = (v128_t *) &s[0]; + else { + v128_t *v = (v128_t *)&s[0]; - v128_copy(x,v); - } + v128_copy(x, v); + } #endif } #ifndef DATATYPES_USE_MACROS /* little functions are not macros */ -void -v128_set_to_zero(v128_t *x) { - _v128_set_to_zero(x); +void v128_set_to_zero(v128_t *x) +{ + _v128_set_to_zero(x); } -void -v128_copy(v128_t *x, const v128_t *y) { - _v128_copy(x, y); +void v128_copy(v128_t *x, const v128_t *y) +{ + _v128_copy(x, y); } -void -v128_xor(v128_t *z, v128_t *x, v128_t *y) { - _v128_xor(z, x, y); -} - -void -v128_and(v128_t *z, v128_t *x, v128_t *y) { - _v128_and(z, x, y); +void v128_xor(v128_t *z, v128_t *x, v128_t *y) +{ + _v128_xor(z, x, y); } -void -v128_or(v128_t *z, v128_t *x, v128_t *y) { - _v128_or(z, x, y); +void v128_and(v128_t *z, v128_t *x, v128_t *y) +{ + _v128_and(z, x, y); } -void -v128_complement(v128_t *x) { - _v128_complement(x); +void v128_or(v128_t *z, v128_t *x, v128_t *y) +{ + _v128_or(z, x, y); } -int -v128_is_eq(const v128_t *x, const v128_t *y) { - return _v128_is_eq(x, y); +void v128_complement(v128_t *x) +{ + _v128_complement(x); } -int -v128_xor_eq(v128_t *x, const v128_t *y) { - return _v128_xor_eq(x, y); +int v128_is_eq(const v128_t *x, const v128_t *y) +{ + return _v128_is_eq(x, y); } -int -v128_get_bit(const v128_t *x, int i) { - return _v128_get_bit(x, i); +int v128_xor_eq(v128_t *x, const v128_t *y) +{ + return _v128_xor_eq(x, y); } -void -v128_set_bit(v128_t *x, int i) { - _v128_set_bit(x, i); -} +int v128_get_bit(const v128_t *x, int i) +{ + return _v128_get_bit(x, i); +} -void -v128_clear_bit(v128_t *x, int i){ - _v128_clear_bit(x, i); -} +void v128_set_bit(v128_t *x, int i) +{ + _v128_set_bit(x, i); +} -void -v128_set_bit_to(v128_t *x, int i, int y){ - _v128_set_bit_to(x, i, y); +void v128_clear_bit(v128_t *x, int i) +{ + _v128_clear_bit(x, i); } +void v128_set_bit_to(v128_t *x, int i, int y) +{ + _v128_set_bit_to(x, i, y); +} #endif /* DATATYPES_USE_MACROS */ -void -v128_right_shift(v128_t *x, int shift) { - const int base_index = shift >> 5; - const int bit_index = shift & 31; - int i, from; - uint32_t b; - - if (shift > 127) { - v128_set_to_zero(x); - return; - } - - if (bit_index == 0) { - - /* copy each word from left size to right side */ - x->v32[4-1] = x->v32[4-1-base_index]; - for (i=4-1; i > base_index; i--) - x->v32[i-1] = x->v32[i-1-base_index]; - - } else { - - /* set each word to the "or" of the two bit-shifted words */ - for (i = 4; i > base_index; i--) { - from = i-1 - base_index; - b = x->v32[from] << bit_index; - if (from > 0) - b |= x->v32[from-1] >> (32-bit_index); - x->v32[i-1] = b; - } - - } - - /* now wrap up the final portion */ - for (i=0; i < base_index; i++) - x->v32[i] = 0; - -} - -void -v128_left_shift(v128_t *x, int shift) { - int i; - const int base_index = shift >> 5; - const int bit_index = shift & 31; - - if (shift > 127) { - v128_set_to_zero(x); - return; - } - - if (bit_index == 0) { - for (i=0; i < 4 - base_index; i++) - x->v32[i] = x->v32[i+base_index]; - } else { - for (i=0; i < 4 - base_index - 1; i++) - x->v32[i] = (x->v32[i+base_index] >> bit_index) ^ - (x->v32[i+base_index+1] << (32 - bit_index)); - x->v32[4 - base_index-1] = x->v32[4-1] >> bit_index; - } - - /* now wrap up the final portion */ - for (i = 4 - base_index; i < 4; i++) - x->v32[i] = 0; +void v128_right_shift(v128_t *x, int shift) +{ + const int base_index = shift >> 5; + const int bit_index = shift & 31; + int i, from; + uint32_t b; + + if (shift > 127) { + v128_set_to_zero(x); + return; + } + + if (bit_index == 0) { + /* copy each word from left size to right side */ + x->v32[4 - 1] = x->v32[4 - 1 - base_index]; + for (i = 4 - 1; i > base_index; i--) + x->v32[i - 1] = x->v32[i - 1 - base_index]; + + } else { + /* set each word to the "or" of the two bit-shifted words */ + for (i = 4; i > base_index; i--) { + from = i - 1 - base_index; + b = x->v32[from] << bit_index; + if (from > 0) + b |= x->v32[from - 1] >> (32 - bit_index); + x->v32[i - 1] = b; + } + } + + /* now wrap up the final portion */ + for (i = 0; i < base_index; i++) + x->v32[i] = 0; +} + +void v128_left_shift(v128_t *x, int shift) +{ + int i; + const int base_index = shift >> 5; + const int bit_index = shift & 31; + + if (shift > 127) { + v128_set_to_zero(x); + return; + } + + if (bit_index == 0) { + for (i = 0; i < 4 - base_index; i++) + x->v32[i] = x->v32[i + base_index]; + } else { + for (i = 0; i < 4 - base_index - 1; i++) + x->v32[i] = (x->v32[i + base_index] >> bit_index) ^ + (x->v32[i + base_index + 1] << (32 - bit_index)); + x->v32[4 - base_index - 1] = x->v32[4 - 1] >> bit_index; + } + /* now wrap up the final portion */ + for (i = 4 - base_index; i < 4; i++) + x->v32[i] = 0; } /* functions manipulating bitvector_t */ #ifndef DATATYPES_USE_MACROS /* little functions are not macros */ -int -bitvector_get_bit(const bitvector_t *v, int bit_index) +int bitvector_get_bit(const bitvector_t *v, int bit_index) { - return _bitvector_get_bit(v, bit_index); + return _bitvector_get_bit(v, bit_index); } -void -bitvector_set_bit(bitvector_t *v, int bit_index) +void bitvector_set_bit(bitvector_t *v, int bit_index) { - _bitvector_set_bit(v, bit_index); + _bitvector_set_bit(v, bit_index); } -void -bitvector_clear_bit(bitvector_t *v, int bit_index) +void bitvector_clear_bit(bitvector_t *v, int bit_index) { - _bitvector_clear_bit(v, bit_index); + _bitvector_clear_bit(v, bit_index); } - #endif /* DATATYPES_USE_MACROS */ -int -bitvector_alloc(bitvector_t *v, unsigned long length) { - unsigned long l; - - /* Round length up to a multiple of bits_per_word */ - length = (length + bits_per_word - 1) & ~(unsigned long)((bits_per_word - 1)); - - l = length / bits_per_word * bytes_per_word; +int bitvector_alloc(bitvector_t *v, unsigned long length) +{ + unsigned long l; - /* allocate memory, then set parameters */ - if (l == 0) - v->word = NULL; - else { - v->word = (uint32_t*)srtp_crypto_alloc(l); - if (v->word == NULL) { - v->word = NULL; - v->length = 0; - return -1; + /* Round length up to a multiple of bits_per_word */ + length = + (length + bits_per_word - 1) & ~(unsigned long)((bits_per_word - 1)); + + l = length / bits_per_word * bytes_per_word; + + /* allocate memory, then set parameters */ + if (l == 0) { + v->word = NULL; + v->length = 0; + return -1; + } else { + v->word = (uint32_t *)srtp_crypto_alloc(l); + if (v->word == NULL) { + v->length = 0; + return -1; + } } - } - v->length = length; + v->length = length; - /* initialize bitvector to zero */ - bitvector_set_to_zero(v); + /* initialize bitvector to zero */ + bitvector_set_to_zero(v); - return 0; + return 0; } - -void -bitvector_dealloc(bitvector_t *v) { - if (v->word != NULL) - srtp_crypto_free(v->word); - v->word = NULL; - v->length = 0; +void bitvector_dealloc(bitvector_t *v) +{ + if (v->word != NULL) + srtp_crypto_free(v->word); + v->word = NULL; + v->length = 0; } -void -bitvector_set_to_zero(bitvector_t *x) +void bitvector_set_to_zero(bitvector_t *x) { - /* C99 guarantees that memset(0) will set the value 0 for uint32_t */ - memset(x->word, 0, x->length >> 3); + /* C99 guarantees that memset(0) will set the value 0 for uint32_t */ + memset(x->word, 0, x->length >> 3); } -char * -bitvector_bit_string(bitvector_t *x, char* buf, int len) { - int j, i; - uint32_t mask; - - for (j=i=0; j < (int)(x->length>>5) && i < len-1; j++) { - for (mask=0x80000000; mask > 0; mask >>= 1) { - if (x->word[j] & mask) - buf[i] = '1'; - else - buf[i] = '0'; - ++i; - if (i >= len-1) - break; +char *bitvector_bit_string(bitvector_t *x, char *buf, int len) +{ + int j, i; + uint32_t mask; + + for (j = i = 0; j < (int)(x->length >> 5) && i < len - 1; j++) { + for (mask = 0x80000000; mask > 0; mask >>= 1) { + if (x->word[j] & mask) + buf[i] = '1'; + else + buf[i] = '0'; + ++i; + if (i >= len - 1) + break; + } } - } - buf[i] = 0; /* null terminate string */ + buf[i] = 0; /* null terminate string */ - return buf; + return buf; } -void -bitvector_left_shift(bitvector_t *x, int shift) { - int i; - const int base_index = shift >> 5; - const int bit_index = shift & 31; - const int word_length = x->length >> 5; - - if (shift >= (int)x->length) { - bitvector_set_to_zero(x); - return; - } - - if (bit_index == 0) { - for (i=0; i < word_length - base_index; i++) - x->word[i] = x->word[i+base_index]; - } else { - for (i=0; i < word_length - base_index - 1; i++) - x->word[i] = (x->word[i+base_index] >> bit_index) ^ - (x->word[i+base_index+1] << (32 - bit_index)); - x->word[word_length - base_index-1] = x->word[word_length-1] >> bit_index; - } +void bitvector_left_shift(bitvector_t *x, int shift) +{ + int i; + const int base_index = shift >> 5; + const int bit_index = shift & 31; + const int word_length = x->length >> 5; + + if (shift >= (int)x->length) { + bitvector_set_to_zero(x); + return; + } - /* now wrap up the final portion */ - for (i = word_length - base_index; i < word_length; i++) - x->word[i] = 0; + if (bit_index == 0) { + for (i = 0; i < word_length - base_index; i++) + x->word[i] = x->word[i + base_index]; + } else { + for (i = 0; i < word_length - base_index - 1; i++) + x->word[i] = (x->word[i + base_index] >> bit_index) ^ + (x->word[i + base_index + 1] << (32 - bit_index)); + x->word[word_length - base_index - 1] = + x->word[word_length - 1] >> bit_index; + } + /* now wrap up the final portion */ + for (i = word_length - base_index; i < word_length; i++) + x->word[i] = 0; } -int -octet_string_is_eq(uint8_t *a, uint8_t *b, int len) { - uint8_t *end = b + len; - uint8_t accumulator = 0; +int octet_string_is_eq(uint8_t *a, uint8_t *b, int len) +{ + uint8_t *end = b + len; + uint8_t accumulator = 0; - /* - * We use this somewhat obscure implementation to try to ensure the running - * time only depends on len, even accounting for compiler optimizations. - * The accumulator ends up zero iff the strings are equal. - */ - while (b < end) - accumulator |= (*a++ ^ *b++); + /* + * We use this somewhat obscure implementation to try to ensure the running + * time only depends on len, even accounting for compiler optimizations. + * The accumulator ends up zero iff the strings are equal. + */ + while (b < end) + accumulator |= (*a++ ^ *b++); - /* Return 1 if *not* equal. */ - return accumulator != 0; + /* Return 1 if *not* equal. */ + return accumulator != 0; } -void -srtp_cleanse(void *s, size_t len) +void srtp_cleanse(void *s, size_t len) { - volatile unsigned char *p = (volatile unsigned char *)s; - while(len--) *p++ = 0; + volatile unsigned char *p = (volatile unsigned char *)s; + while (len--) + *p++ = 0; } -void -octet_string_set_to_zero(void *s, size_t len) +void octet_string_set_to_zero(void *s, size_t len) { #ifdef OPENSSL - OPENSSL_cleanse(s, len); + OPENSSL_cleanse(s, len); #else - srtp_cleanse(s, len); + srtp_cleanse(s, len); #endif } #ifdef TESTAPP_SOURCE static const char b64chars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" - "abcdefghijklmnopqrstuvwxyz0123456789+/"; + "abcdefghijklmnopqrstuvwxyz0123456789+/"; + +static int base64_block_to_octet_triple(char *out, char *in) +{ + unsigned char sextets[4] = { 0 }; + int j = 0; + int i; + + for (i = 0; i < 4; i++) { + char *p = strchr(b64chars, in[i]); + if (p != NULL) + sextets[i] = p - b64chars; + else + j++; + } -static int base64_block_to_octet_triple(char *out, char *in) { - unsigned char sextets[4] = {0}; - int j = 0; - int i; - - for (i = 0; i < 4; i++) { - char *p = strchr(b64chars, in[i]); - if (p != NULL) sextets[i] = p - b64chars; - else j++; - } - - out[0] = (sextets[0]<<2)|(sextets[1]>>4); - if (j < 2) out[1] = (sextets[1]<<4)|(sextets[2]>>2); - if (j < 1) out[2] = (sextets[2]<<6)|sextets[3]; - return j; -} - -int base64_string_to_octet_string(char *out, int *pad, char *in, int len) { - int k = 0; - int i = 0; - int j = 0; - if (len % 4 != 0) return 0; - - while (i < len && j == 0) { - j = base64_block_to_octet_triple(out + k, in + i); - k += 3; - i += 4; - } - *pad = j; - return i; + out[0] = (sextets[0] << 2) | (sextets[1] >> 4); + if (j < 2) + out[1] = (sextets[1] << 4) | (sextets[2] >> 2); + if (j < 1) + out[2] = (sextets[2] << 6) | sextets[3]; + return j; +} + +int base64_string_to_octet_string(char *out, int *pad, char *in, int len) +{ + int k = 0; + int i = 0; + int j = 0; + if (len % 4 != 0) + return 0; + + while (i < len && j == 0) { + j = base64_block_to_octet_triple(out + k, in + i); + k += 3; + i += 4; + } + *pad = j; + return i; } #endif diff -Nru libsrtp2-2.1.0/crypto/math/stat.c libsrtp2-2.2.0/crypto/math/stat.c --- libsrtp2-2.1.0/crypto/math/stat.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/math/stat.c 2018-05-15 19:33:24.000000000 +0000 @@ -1,33 +1,33 @@ /* * stats.c * - * statistical tests - * + * statistical tests + * * David A. McGrew * Cisco Systems, Inc. */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -44,14 +44,14 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "stat.h" -srtp_debug_module_t mod_stat = { - 0, /* debugging is off by default */ - (char *)"stat test" /* printable module name */ +srtp_debug_module_t srtp_mod_stat = { + 0, /* debugging is off by default */ + (char *)"stat test" /* printable module name */ }; /* @@ -61,166 +61,153 @@ #define STAT_TEST_DATA_LEN 2500 -srtp_err_status_t -stat_test_monobit(uint8_t *data) { - uint8_t *data_end = data + STAT_TEST_DATA_LEN; - uint16_t ones_count; - - ones_count = 0; - while (data < data_end) { - ones_count += octet_get_weight(*data); - data++; - } - - debug_print(mod_stat, "bit count: %d", ones_count); - - if ((ones_count < 9725) || (ones_count > 10275)) - return srtp_err_status_algo_fail; +srtp_err_status_t stat_test_monobit(uint8_t *data) +{ + uint8_t *data_end = data + STAT_TEST_DATA_LEN; + uint16_t ones_count; + + ones_count = 0; + while (data < data_end) { + ones_count += octet_get_weight(*data); + data++; + } - return srtp_err_status_ok; -} + debug_print(srtp_mod_stat, "bit count: %d", ones_count); -srtp_err_status_t -stat_test_poker(uint8_t *data) { - int i; - uint8_t *data_end = data + STAT_TEST_DATA_LEN; - double poker; - uint16_t f[16] = { - 0, 0, 0, 0, 0, 0, 0, 0, - 0, 0, 0, 0, 0, 0, 0, 0 - }; - - while (data < data_end) { - f[*data & 0x0f]++; /* increment freq. count for low nibble */ - f[(*data) >> 4]++; /* increment freq. count for high nibble */ - data++; - } - - poker = 0.0; - for (i=0; i < 16; i++) - poker += (double) f[i] * f[i]; - - poker *= (16.0 / 5000.0); - poker -= 5000.0; - - debug_print(mod_stat, "poker test: %f\n", poker); - - if ((poker < 2.16) || (poker > 46.17)) - return srtp_err_status_algo_fail; - - return srtp_err_status_ok; + if ((ones_count < 9725) || (ones_count > 10275)) + return srtp_err_status_algo_fail; + + return srtp_err_status_ok; } +srtp_err_status_t stat_test_poker(uint8_t *data) +{ + int i; + uint8_t *data_end = data + STAT_TEST_DATA_LEN; + double poker; + uint16_t f[16] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 }; + + while (data < data_end) { + f[*data & 0x0f]++; /* increment freq. count for low nibble */ + f[(*data) >> 4]++; /* increment freq. count for high nibble */ + data++; + } + + poker = 0.0; + for (i = 0; i < 16; i++) + poker += (double)f[i] * f[i]; + + poker *= (16.0 / 5000.0); + poker -= 5000.0; + + debug_print(srtp_mod_stat, "poker test: %f\n", poker); + + if ((poker < 2.16) || (poker > 46.17)) + return srtp_err_status_algo_fail; + + return srtp_err_status_ok; +} /* * runs[i] holds the number of runs of size (i-1) */ -srtp_err_status_t -stat_test_runs(uint8_t *data) { - uint8_t *data_end = data + STAT_TEST_DATA_LEN; - uint16_t runs[6] = { 0, 0, 0, 0, 0, 0 }; - uint16_t gaps[6] = { 0, 0, 0, 0, 0, 0 }; - uint16_t lo_value[6] = { 2315, 1114, 527, 240, 103, 103 }; - uint16_t hi_value[6] = { 2685, 1386, 723, 384, 209, 209 }; - int state = 0; - uint16_t mask; - int i; - - /* - * the state variable holds the number of bits in the - * current run (or gap, if negative) - */ - - while (data < data_end) { - - /* loop over the bits of this byte */ - for (mask = 1; mask < 256; mask <<= 1) { - if (*data & mask) { - - /* next bit is a one */ - if (state > 0) { - - /* prefix is a run, so increment the run-count */ - state++; - - /* check for long runs */ - if (state > 25) { - debug_print(mod_stat, ">25 runs: %d", state); - return srtp_err_status_algo_fail; - } - - } else if (state < 0) { - - /* prefix is a gap */ - if (state < -25) { - debug_print(mod_stat, ">25 gaps: %d", state); - return srtp_err_status_algo_fail; /* long-runs test failed */ - } - if (state < -6) { - state = -6; /* group together gaps > 5 */ - } - gaps[-1-state]++; /* increment gap count */ - state = 1; /* set state at one set bit */ - } else { - - /* state is zero; this happens only at initialization */ - state = 1; - } - } else { - - /* next bit is a zero */ - if (state > 0) { - - /* prefix is a run */ - if (state > 25) { - debug_print(mod_stat, ">25 runs (2): %d", state); - return srtp_err_status_algo_fail; /* long-runs test failed */ - } - if (state > 6) { - state = 6; /* group together runs > 5 */ - } - runs[state-1]++; /* increment run count */ - state = -1; /* set state at one zero bit */ - } else if (state < 0) { - - /* prefix is a gap, so increment gap-count (decrement state) */ - state--; - - /* check for long gaps */ - if (state < -25) { - debug_print(mod_stat, ">25 gaps (2): %d", state); - return srtp_err_status_algo_fail; - } - - } else { - - /* state is zero; this happens only at initialization */ - state = -1; - } - } - } +srtp_err_status_t stat_test_runs(uint8_t *data) +{ + uint8_t *data_end = data + STAT_TEST_DATA_LEN; + uint16_t runs[6] = { 0, 0, 0, 0, 0, 0 }; + uint16_t gaps[6] = { 0, 0, 0, 0, 0, 0 }; + uint16_t lo_value[6] = { 2315, 1114, 527, 240, 103, 103 }; + uint16_t hi_value[6] = { 2685, 1386, 723, 384, 209, 209 }; + int state = 0; + uint16_t mask; + int i; + + /* + * the state variable holds the number of bits in the + * current run (or gap, if negative) + */ + + while (data < data_end) { + /* loop over the bits of this byte */ + for (mask = 1; mask < 256; mask <<= 1) { + if (*data & mask) { + /* next bit is a one */ + if (state > 0) { + /* prefix is a run, so increment the run-count */ + state++; + + /* check for long runs */ + if (state > 25) { + debug_print(srtp_mod_stat, ">25 runs: %d", state); + return srtp_err_status_algo_fail; + } + + } else if (state < 0) { + /* prefix is a gap */ + if (state < -25) { + debug_print(srtp_mod_stat, ">25 gaps: %d", state); + return srtp_err_status_algo_fail; /* long-runs test + failed */ + } + if (state < -6) { + state = -6; /* group together gaps > 5 */ + } + gaps[-1 - state]++; /* increment gap count */ + state = 1; /* set state at one set bit */ + } else { + /* state is zero; this happens only at initialization */ + state = 1; + } + } else { + /* next bit is a zero */ + if (state > 0) { + /* prefix is a run */ + if (state > 25) { + debug_print(srtp_mod_stat, ">25 runs (2): %d", state); + return srtp_err_status_algo_fail; /* long-runs test + failed */ + } + if (state > 6) { + state = 6; /* group together runs > 5 */ + } + runs[state - 1]++; /* increment run count */ + state = -1; /* set state at one zero bit */ + } else if (state < 0) { + /* prefix is a gap, so increment gap-count (decrement state) + */ + state--; + + /* check for long gaps */ + if (state < -25) { + debug_print(srtp_mod_stat, ">25 gaps (2): %d", state); + return srtp_err_status_algo_fail; + } + + } else { + /* state is zero; this happens only at initialization */ + state = -1; + } + } + } - /* move along to next octet */ - data++; - } - - if (mod_stat.on) { - debug_print(mod_stat, "runs test", NULL); - for (i=0; i < 6; i++) - debug_print(mod_stat, " runs[]: %d", runs[i]); - for (i=0; i < 6; i++) - debug_print(mod_stat, " gaps[]: %d", gaps[i]); - } - - /* check run and gap counts against the fixed limits */ - for (i=0; i < 6; i++) - if ( (runs[i] < lo_value[i] ) || (runs[i] > hi_value[i]) - || (gaps[i] < lo_value[i] ) || (gaps[i] > hi_value[i])) - return srtp_err_status_algo_fail; + /* move along to next octet */ + data++; + } - - return srtp_err_status_ok; -} + if (srtp_mod_stat.on) { + debug_print(srtp_mod_stat, "runs test", NULL); + for (i = 0; i < 6; i++) + debug_print(srtp_mod_stat, " runs[]: %d", runs[i]); + for (i = 0; i < 6; i++) + debug_print(srtp_mod_stat, " gaps[]: %d", gaps[i]); + } + /* check run and gap counts against the fixed limits */ + for (i = 0; i < 6; i++) + if ((runs[i] < lo_value[i]) || (runs[i] > hi_value[i]) || + (gaps[i] < lo_value[i]) || (gaps[i] > hi_value[i])) + return srtp_err_status_algo_fail; + return srtp_err_status_ok; +} diff -Nru libsrtp2-2.1.0/crypto/replay/rdb.c libsrtp2-2.2.0/crypto/replay/rdb.c --- libsrtp2-2.1.0/crypto/replay/rdb.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/replay/rdb.c 2018-05-15 19:33:24.000000000 +0000 @@ -43,14 +43,12 @@ * */ - #ifdef HAVE_CONFIG_H - #include +#include #endif #include "rdb.h" - /* * this implementation of a replay database works as follows: * @@ -61,7 +59,7 @@ */ /* srtp_rdb_init initalizes rdb */ -srtp_err_status_t srtp_rdb_init (srtp_rdb_t *rdb) +srtp_err_status_t srtp_rdb_init(srtp_rdb_t *rdb) { v128_set_to_zero(&rdb->bitmask); rdb->window_start = 0; @@ -71,9 +69,8 @@ /* * srtp_rdb_check checks to see if index appears in rdb */ -srtp_err_status_t srtp_rdb_check (const srtp_rdb_t *rdb, uint32_t p_index) +srtp_err_status_t srtp_rdb_check(const srtp_rdb_t *rdb, uint32_t p_index) { - /* if the index appears after (or at very end of) the window, its good */ if (p_index >= rdb->window_start + rdb_bits_in_bitmask) { return srtp_err_status_ok; @@ -101,35 +98,32 @@ * indicated that the index does not appear in the rdb, e.g., a mutex * should protect the rdb between these calls */ -srtp_err_status_t srtp_rdb_add_index (srtp_rdb_t *rdb, uint32_t p_index) +srtp_err_status_t srtp_rdb_add_index(srtp_rdb_t *rdb, uint32_t p_index) { - int delta; + unsigned int delta; - /* here we *assume* that p_index > rdb->window_start */ + if (p_index < rdb->window_start) + return srtp_err_status_replay_fail; delta = (p_index - rdb->window_start); if (delta < rdb_bits_in_bitmask) { - /* if the p_index is within the window, set the appropriate bit */ v128_set_bit(&rdb->bitmask, delta); } else { - delta -= rdb_bits_in_bitmask - 1; /* shift the window forward by delta bits*/ v128_left_shift(&rdb->bitmask, delta); v128_set_bit(&rdb->bitmask, rdb_bits_in_bitmask - 1); rdb->window_start += delta; - } return srtp_err_status_ok; } -srtp_err_status_t srtp_rdb_increment (srtp_rdb_t *rdb) +srtp_err_status_t srtp_rdb_increment(srtp_rdb_t *rdb) { - if (rdb->window_start >= 0x7fffffff) { return srtp_err_status_key_expired; } @@ -137,7 +131,7 @@ return srtp_err_status_ok; } -uint32_t srtp_rdb_get_value (const srtp_rdb_t *rdb) +uint32_t srtp_rdb_get_value(const srtp_rdb_t *rdb) { return rdb->window_start; } diff -Nru libsrtp2-2.1.0/crypto/replay/rdbx.c libsrtp2-2.2.0/crypto/replay/rdbx.c --- libsrtp2-2.1.0/crypto/replay/rdbx.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/replay/rdbx.c 2018-05-15 19:33:24.000000000 +0000 @@ -44,12 +44,11 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "rdbx.h" - /* * from RFC 3711: * @@ -64,8 +63,6 @@ * incremented by one (if the packet containing s is authentic). */ - - /* * rdbx implementation notes * @@ -83,14 +80,13 @@ * srtp_index_advance(&guess, delta), where delta is the difference. * * - * A srtp_rdbx_t consists of a srtp_xtd_seq_num_t and a bitmask. The index is highest - * sequence number that has been received, and the bitmask indicates + * A srtp_rdbx_t consists of a srtp_xtd_seq_num_t and a bitmask. The index is + * highest sequence number that has been received, and the bitmask indicates * which of the recent indicies have been received as well. The * highest bit in the bitmask corresponds to the index in the bitmask. */ - -void srtp_index_init (srtp_xtd_seq_num_t *pi) +void srtp_index_init(srtp_xtd_seq_num_t *pi) { #ifdef NO_64BIT_MATH *pi = make64(0, 0); @@ -99,7 +95,7 @@ #endif } -void srtp_index_advance (srtp_xtd_seq_num_t *pi, srtp_sequence_number_t s) +void srtp_index_advance(srtp_xtd_seq_num_t *pi, srtp_sequence_number_t s) { #ifdef NO_64BIT_MATH /* a > ~b means a+b will generate a carry */ @@ -110,7 +106,6 @@ #endif } - /* * srtp_index_guess(local, guess, s) * @@ -124,24 +119,19 @@ * unsigned integer! */ -int32_t srtp_index_guess (const srtp_xtd_seq_num_t *local, srtp_xtd_seq_num_t *guess, srtp_sequence_number_t s) +int32_t srtp_index_guess(const srtp_xtd_seq_num_t *local, + srtp_xtd_seq_num_t *guess, + srtp_sequence_number_t s) { #ifdef NO_64BIT_MATH - uint32_t local_roc = ((high32(*local) << 16) | - (low32(*local) >> 16)); + uint32_t local_roc = ((high32(*local) << 16) | (low32(*local) >> 16)); uint16_t local_seq = (uint16_t)(low32(*local)); #else uint32_t local_roc = (uint32_t)(*local >> 16); uint16_t local_seq = (uint16_t)*local; #endif -#ifdef NO_64BIT_MATH - uint32_t guess_roc = ((high32(*guess) << 16) | - (low32(*guess) >> 16)); - uint16_t guess_seq = (uint16_t)(low32(*guess)); -#else - uint32_t guess_roc = (uint32_t)(*guess >> 16); - uint16_t guess_seq = (uint16_t)*guess; -#endif + uint32_t guess_roc; + uint16_t guess_seq; int32_t difference; if (local_seq < seq_num_median) { @@ -163,10 +153,9 @@ } guess_seq = s; - /* Note: guess_roc is 32 bits, so this generates a 48-bit result! */ +/* Note: guess_roc is 32 bits, so this generates a 48-bit result! */ #ifdef NO_64BIT_MATH - *guess = make64(guess_roc >> 16, - (guess_roc << 16) | guess_seq); + *guess = make64(guess_roc >> 16, (guess_roc << 16) | guess_seq); #else *guess = (((uint64_t)guess_roc) << 16) | guess_seq; #endif @@ -179,11 +168,11 @@ * */ - /* - * srtp_rdbx_init(&r, ws) initializes the srtp_rdbx_t pointed to by r with window size ws + * srtp_rdbx_init(&r, ws) initializes the srtp_rdbx_t pointed to by r with + * window size ws */ -srtp_err_status_t srtp_rdbx_init (srtp_rdbx_t *rdbx, unsigned long ws) +srtp_err_status_t srtp_rdbx_init(srtp_rdbx_t *rdbx, unsigned long ws) { if (ws == 0) { return srtp_err_status_bad_param; @@ -201,7 +190,7 @@ /* * srtp_rdbx_dealloc(&r) frees memory for the srtp_rdbx_t pointed to by r */ -srtp_err_status_t srtp_rdbx_dealloc (srtp_rdbx_t *rdbx) +srtp_err_status_t srtp_rdbx_dealloc(srtp_rdbx_t *rdbx) { bitvector_dealloc(&rdbx->bitmask); @@ -215,12 +204,12 @@ * srtp_err_status_replay_old; otherwise, srtp_err_status_ok is returned. * */ -srtp_err_status_t srtp_rdbx_set_roc (srtp_rdbx_t *rdbx, uint32_t roc) +srtp_err_status_t srtp_rdbx_set_roc(srtp_rdbx_t *rdbx, uint32_t roc) { bitvector_set_to_zero(&rdbx->bitmask); #ifdef NO_64BIT_MATH - #error not yet implemented +#error not yet implemented #else /* make sure that we're not moving backwards */ @@ -240,7 +229,7 @@ * for the srtp_rdbx_t pointed to by rdbx * */ -srtp_xtd_seq_num_t srtp_rdbx_get_packet_index (const srtp_rdbx_t *rdbx) +srtp_xtd_seq_num_t srtp_rdbx_get_packet_index(const srtp_rdbx_t *rdbx) { return rdbx->index; } @@ -250,7 +239,7 @@ * for the srtp_rdbx_t pointed to by rdbx * */ -unsigned long srtp_rdbx_get_window_size (const srtp_rdbx_t *rdbx) +unsigned long srtp_rdbx_get_window_size(const srtp_rdbx_t *rdbx) { return bitvector_get_length(&rdbx->bitmask); } @@ -259,16 +248,17 @@ * srtp_rdbx_check(&r, delta) checks to see if the srtp_xtd_seq_num_t * which is at rdbx->index + delta is in the rdb */ -srtp_err_status_t srtp_rdbx_check (const srtp_rdbx_t *rdbx, int delta) +srtp_err_status_t srtp_rdbx_check(const srtp_rdbx_t *rdbx, int delta) { - - if (delta > 0) { /* if delta is positive, it's good */ + if (delta > 0) { /* if delta is positive, it's good */ return srtp_err_status_ok; } else if ((int)(bitvector_get_length(&rdbx->bitmask) - 1) + delta < 0) { /* if delta is lower than the bitmask, it's bad */ return srtp_err_status_replay_old; - } else if (bitvector_get_bit(&rdbx->bitmask, - (int)(bitvector_get_length(&rdbx->bitmask) - 1) + delta) == 1) { + } else if (bitvector_get_bit( + &rdbx->bitmask, + (int)(bitvector_get_length(&rdbx->bitmask) - 1) + delta) == + 1) { /* delta is within the window, so check the bitmask */ return srtp_err_status_replay_fail; } @@ -285,17 +275,18 @@ * indicated that the index does not appear in the rdbx, e.g., a mutex * should protect the rdbx between these calls if need be */ -srtp_err_status_t srtp_rdbx_add_index (srtp_rdbx_t *rdbx, int delta) +srtp_err_status_t srtp_rdbx_add_index(srtp_rdbx_t *rdbx, int delta) { - if (delta > 0) { /* shift forward by delta */ srtp_index_advance(&rdbx->index, delta); bitvector_left_shift(&rdbx->bitmask, delta); - bitvector_set_bit(&rdbx->bitmask, bitvector_get_length(&rdbx->bitmask) - 1); + bitvector_set_bit(&rdbx->bitmask, + bitvector_get_length(&rdbx->bitmask) - 1); } else { /* delta is in window */ - bitvector_set_bit(&rdbx->bitmask, bitvector_get_length(&rdbx->bitmask) - 1 + delta); + bitvector_set_bit(&rdbx->bitmask, + bitvector_get_length(&rdbx->bitmask) - 1 + delta); } /* note that we need not consider the case that delta == 0 */ @@ -303,8 +294,6 @@ return srtp_err_status_ok; } - - /* * srtp_rdbx_estimate_index(rdbx, guess, s) * @@ -313,25 +302,27 @@ * index to which s corresponds, and returns the difference between * *guess and the locally stored synch info */ -int32_t srtp_rdbx_estimate_index (const srtp_rdbx_t *rdbx, srtp_xtd_seq_num_t *guess, srtp_sequence_number_t s) +int32_t srtp_rdbx_estimate_index(const srtp_rdbx_t *rdbx, + srtp_xtd_seq_num_t *guess, + srtp_sequence_number_t s) { - - /* - * if the sequence number and rollover counter in the rdbx are - * non-zero, then use the srtp_index_guess(...) function, otherwise, just - * set the rollover counter to zero (since the srtp_index_guess(...) - * function might incorrectly guess that the rollover counter is - * 0xffffffff) - */ +/* + * if the sequence number and rollover counter in the rdbx are + * non-zero, then use the srtp_index_guess(...) function, otherwise, just + * set the rollover counter to zero (since the srtp_index_guess(...) + * function might incorrectly guess that the rollover counter is + * 0xffffffff) + */ #ifdef NO_64BIT_MATH /* seq_num_median = 0x8000 */ - if (high32(rdbx->index) > 0 || - low32(rdbx->index) > seq_num_median) + if (high32(rdbx->index) > 0 || low32(rdbx->index) > seq_num_median) #else if (rdbx->index > seq_num_median) #endif - { return srtp_index_guess(&rdbx->index, guess, s); } + { + return srtp_index_guess(&rdbx->index, guess, s); + } #ifdef NO_64BIT_MATH *guess = make64(0, (uint32_t)s); @@ -372,12 +363,12 @@ * rollover counter value, then the function returns * srtp_err_status_replay_old, otherwise, srtp_err_status_ok is returned. */ -srtp_err_status_t srtp_rdbx_set_roc_seq (srtp_rdbx_t *rdbx, - uint32_t roc, - uint16_t seq) +srtp_err_status_t srtp_rdbx_set_roc_seq(srtp_rdbx_t *rdbx, + uint32_t roc, + uint16_t seq) { #ifdef NO_64BIT_MATH - #error not yet implemented +#error not yet implemented #else /* make sure that we're not moving backwards */ @@ -393,4 +384,3 @@ return srtp_err_status_ok; } - diff -Nru libsrtp2-2.1.0/crypto/replay/ut_sim.c libsrtp2-2.2.0/crypto/replay/ut_sim.c --- libsrtp2-2.1.0/crypto/replay/ut_sim.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/replay/ut_sim.c 2018-05-15 19:33:24.000000000 +0000 @@ -3,32 +3,32 @@ * * an unreliable transport simulator * (for testing replay databases and suchlike) - * + * * David A. McGrew * Cisco Systems, Inc. */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -44,66 +44,61 @@ * */ - #ifdef HAVE_CONFIG_H - #include +#include #endif #include "ut_sim.h" - -int -ut_compar(const void *a, const void *b) { - return rand() > (RAND_MAX/2) ? -1 : 1; +int ut_compar(const void *a, const void *b) +{ + return rand() > (RAND_MAX / 2) ? -1 : 1; } -void -ut_init(ut_connection *utc) { - int i; - utc->index = 0; - - for (i=0; i < UT_BUF; i++) - utc->buffer[i] = i; - - qsort(utc->buffer, UT_BUF, sizeof(uint32_t), ut_compar); +void ut_init(ut_connection *utc) +{ + int i; + utc->index = 0; - utc->index = UT_BUF - 1; -} + for (i = 0; i < UT_BUF; i++) + utc->buffer[i] = i; -uint32_t -ut_next_index(ut_connection *utc) { - uint32_t tmp; - - tmp = utc->buffer[0]; - utc->index++; - utc->buffer[0] = utc->index; - - qsort(utc->buffer, UT_BUF, sizeof(uint32_t), ut_compar); - - return tmp; + qsort(utc->buffer, UT_BUF, sizeof(uint32_t), ut_compar); + + utc->index = UT_BUF - 1; } +uint32_t ut_next_index(ut_connection *utc) +{ + uint32_t tmp; + + tmp = utc->buffer[0]; + utc->index++; + utc->buffer[0] = utc->index; + qsort(utc->buffer, UT_BUF, sizeof(uint32_t), ut_compar); + + return tmp; +} #ifdef UT_TEST #include -int -main() { - uint32_t i, irecvd, idiff; - ut_connection utc; - - ut_init(&utc); - - for (i=0; i < 1000; i++) { - irecvd = ut_next_index(&utc); - idiff = i - irecvd; - printf("%lu\t%lu\t%d\n", i, irecvd, idiff); - } - - return 0; -} +int main() +{ + uint32_t i, irecvd, idiff; + ut_connection utc; + + ut_init(&utc); + + for (i = 0; i < 1000; i++) { + irecvd = ut_next_index(&utc); + idiff = i - irecvd; + printf("%lu\t%lu\t%d\n", i, irecvd, idiff); + } + return 0; +} #endif diff -Nru libsrtp2-2.1.0/crypto/test/aes_calc.c libsrtp2-2.2.0/crypto/test/aes_calc.c --- libsrtp2-2.1.0/crypto/test/aes_calc.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/test/aes_calc.c 2018-05-15 19:33:24.000000000 +0000 @@ -1,6 +1,6 @@ /* * aes_calc.c - * + * * A simple AES calculator for generating AES encryption values * * David A. McGrew @@ -8,26 +8,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -44,10 +44,12 @@ */ /* - + Example usage (with first NIST FIPS 197 test case): - -[sh]$ test/aes_calc 000102030405060708090a0b0c0d0e0f 00112233445566778899aabbccddeeff -v + + [sh]$ test/aes_calc 000102030405060708090a0b0c0d0e0f \ + 00112233445566778899aabbccddeeff -v + plaintext: 00112233445566778899aabbccddeeff key: 000102030405060708090a0b0c0d0e0f ciphertext: 69c4e0d86a7b0430d8cdb78070b4c55a @@ -55,7 +57,7 @@ */ #ifdef HAVE_CONFIG_H - #include +#include #endif #include "aes.h" @@ -63,98 +65,93 @@ #include #include "util.h" -void -usage(char *prog_name) { - printf("usage: %s [-v]\n", prog_name); - exit(255); +void usage(char *prog_name) +{ + printf("usage: %s <key> <plaintext> [-v]\n", prog_name); + exit(255); } #define AES_MAX_KEY_LEN 32 -int -main (int argc, char *argv[]) { - v128_t data; - uint8_t key[AES_MAX_KEY_LEN]; - srtp_aes_expanded_key_t exp_key; - int key_len, len; - int verbose = 0; - srtp_err_status_t status; - - if (argc == 3) { - /* we're not in verbose mode */ - verbose = 0; - } else if (argc == 4) { - if (strncmp(argv[3], "-v", 2) == 0) { - /* we're in verbose mode */ - verbose = 1; +int main(int argc, char *argv[]) +{ + v128_t data; + uint8_t key[AES_MAX_KEY_LEN]; + srtp_aes_expanded_key_t exp_key; + int key_len, len; + int verbose = 0; + srtp_err_status_t status; + + if (argc == 3) { + /* we're not in verbose mode */ + verbose = 0; + } else if (argc == 4) { + if (strncmp(argv[3], "-v", 2) == 0) { + /* we're in verbose mode */ + verbose = 1; + } else { + /* unrecognized flag, complain and exit */ + usage(argv[0]); + } } else { - /* unrecognized flag, complain and exit */ - usage(argv[0]); + /* we've been fed the wrong number of arguments - compain and exit */ + usage(argv[0]); } - } else { - /* we've been fed the wrong number of arguments - compain and exit */ - usage(argv[0]); - } - - /* read in key, checking length */ - if (strlen(argv[1]) > AES_MAX_KEY_LEN*2) { - fprintf(stderr, - "error: too many digits in key " - "(should be at most %d hexadecimal digits, found %u)\n", - AES_MAX_KEY_LEN*2, (unsigned)strlen(argv[1])); - exit(1); - } - len = hex_string_to_octet_string((char*)key, argv[1], AES_MAX_KEY_LEN*2); - /* check that hex string is the right length */ - if (len != 32 && len != 48 && len != 64) { - fprintf(stderr, - "error: bad number of digits in key " - "(should be 32/48/64 hexadecimal digits, found %d)\n", - len); - exit(1); - } - key_len = len/2; - - /* read in plaintext, checking length */ - if (strlen(argv[2]) > 16*2) { - fprintf(stderr, - "error: too many digits in plaintext " - "(should be %d hexadecimal digits, found %u)\n", - 16*2, (unsigned)strlen(argv[2])); - exit(1); - } - len = hex_string_to_octet_string((char *)(&data), argv[2], 16*2); - /* check that hex string is the right length */ - if (len < 16*2) { - fprintf(stderr, - "error: too few digits in plaintext " - "(should be %d hexadecimal digits, found %d)\n", - 16*2, len); - exit(1); - } - - if (verbose) { - /* print out plaintext */ - printf("plaintext:\t%s\n", octet_string_hex_string((uint8_t *)&data, 16)); - } - - /* encrypt plaintext */ - status = srtp_aes_expand_encryption_key(key, key_len, &exp_key); - if (status) { - fprintf(stderr, - "error: AES key expansion failed.\n"); - exit(1); - } - - srtp_aes_encrypt(&data, &exp_key); - - /* write ciphertext to output */ - if (verbose) { - printf("key:\t\t%s\n", octet_string_hex_string(key, key_len)); - printf("ciphertext:\t"); - } - printf("%s\n", v128_hex_string(&data)); - return 0; -} + /* read in key, checking length */ + if (strlen(argv[1]) > AES_MAX_KEY_LEN * 2) { + fprintf(stderr, "error: too many digits in key " + "(should be at most %d hexadecimal digits, found %u)\n", + AES_MAX_KEY_LEN * 2, (unsigned)strlen(argv[1])); + exit(1); + } + len = hex_string_to_octet_string((char *)key, argv[1], AES_MAX_KEY_LEN * 2); + /* check that hex string is the right length */ + if (len != 32 && len != 48 && len != 64) { + fprintf(stderr, "error: bad number of digits in key " + "(should be 32/48/64 hexadecimal digits, found %d)\n", + len); + exit(1); + } + key_len = len / 2; + + /* read in plaintext, checking length */ + if (strlen(argv[2]) > 16 * 2) { + fprintf(stderr, "error: too many digits in plaintext " + "(should be %d hexadecimal digits, found %u)\n", + 16 * 2, (unsigned)strlen(argv[2])); + exit(1); + } + len = hex_string_to_octet_string((char *)(&data), argv[2], 16 * 2); + /* check that hex string is the right length */ + if (len < 16 * 2) { + fprintf(stderr, "error: too few digits in plaintext " + "(should be %d hexadecimal digits, found %d)\n", + 16 * 2, len); + exit(1); + } + + if (verbose) { + /* print out plaintext */ + printf("plaintext:\t%s\n", + octet_string_hex_string((uint8_t *)&data, 16)); + } + /* encrypt plaintext */ + status = srtp_aes_expand_encryption_key(key, key_len, &exp_key); + if (status) { + fprintf(stderr, "error: AES key expansion failed.\n"); + exit(1); + } + + srtp_aes_encrypt(&data, &exp_key); + + /* write ciphertext to output */ + if (verbose) { + printf("key:\t\t%s\n", octet_string_hex_string(key, key_len)); + printf("ciphertext:\t"); + } + printf("%s\n", v128_hex_string(&data)); + + return 0; +} diff -Nru libsrtp2-2.1.0/crypto/test/cipher_driver.c libsrtp2-2.2.0/crypto/test/cipher_driver.c --- libsrtp2-2.1.0/crypto/test/cipher_driver.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/test/cipher_driver.c 2018-05-15 19:33:24.000000000 +0000 @@ -8,26 +8,26 @@ */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -44,12 +44,11 @@ */ #ifdef HAVE_CONFIG_H - #include <config.h> +#include <config.h> #endif -#include <stdio.h> /* for printf() */ -#include <stdlib.h> /* for rand() */ -#include <string.h> /* for memset() */ +#include <stdio.h> /* for printf() */ +#include <stdlib.h> /* for rand() */ #include "getopt_s.h" #include "cipher.h" #ifdef OPENSSL @@ -61,12 +60,9 @@ #define PRINT_DEBUG 0 -void -cipher_driver_test_throughput(srtp_cipher_t *c); - -srtp_err_status_t -cipher_driver_self_test(srtp_cipher_type_t *ct); +void cipher_driver_test_throughput(srtp_cipher_t *c); +srtp_err_status_t cipher_driver_self_test(srtp_cipher_type_t *ct); /* * cipher_driver_test_buffering(ct) tests the cipher's output @@ -74,44 +70,43 @@ * calls */ -srtp_err_status_t -cipher_driver_test_buffering(srtp_cipher_t *c); - +srtp_err_status_t cipher_driver_test_buffering(srtp_cipher_t *c); /* * functions for testing cipher cache thrash */ -srtp_err_status_t -cipher_driver_test_array_throughput(srtp_cipher_type_t *ct, - int klen, int num_cipher); - -void -cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher); - -uint64_t -cipher_array_bits_per_second(srtp_cipher_t *cipher_array[], int num_cipher, - unsigned octets_in_buffer, int num_trials); - -srtp_err_status_t -cipher_array_delete(srtp_cipher_t *cipher_array[], int num_cipher); - -srtp_err_status_t -cipher_array_alloc_init(srtp_cipher_t ***cipher_array, int num_ciphers, - srtp_cipher_type_t *ctype, int klen); - -void -usage(char *prog_name) { - printf("usage: %s [ -t | -v | -a ]\n", prog_name); - exit(255); -} - -void -check_status(srtp_err_status_t s) { - if (s) { - printf("error (code %d)\n", s); - exit(s); - } - return; +srtp_err_status_t cipher_driver_test_array_throughput(srtp_cipher_type_t *ct, + int klen, + int num_cipher); + +void cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher); + +uint64_t cipher_array_bits_per_second(srtp_cipher_t *cipher_array[], + int num_cipher, + unsigned octets_in_buffer, + int num_trials); + +srtp_err_status_t cipher_array_delete(srtp_cipher_t *cipher_array[], + int num_cipher); + +srtp_err_status_t cipher_array_alloc_init(srtp_cipher_t ***cipher_array, + int num_ciphers, + srtp_cipher_type_t *ctype, + int klen); + +void usage(char *prog_name) +{ + printf("usage: %s [ -t | -v | -a ]\n", prog_name); + exit(255); +} + +void check_status(srtp_err_status_t s) +{ + if (s) { + printf("error (code %d)\n", s); + exit(s); + } + return; } /* @@ -129,151 +124,163 @@ extern srtp_cipher_type_t srtp_aes_gcm_256_openssl; #endif -int -main(int argc, char *argv[]) { - srtp_cipher_t *c = NULL; - srtp_err_status_t status; - unsigned char test_key[48] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, - 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, - 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, - 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, - 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, - }; - int q; - unsigned do_timing_test = 0; - unsigned do_validation = 0; - unsigned do_array_timing_test = 0; - - /* process input arguments */ - while (1) { - q = getopt_s(argc, argv, "tva"); - if (q == -1) - break; - switch (q) { - case 't': - do_timing_test = 1; - break; - case 'v': - do_validation = 1; - break; - case 'a': - do_array_timing_test = 1; - break; - default: - usage(argv[0]); - } - } - - printf("cipher test driver\n" - "David A. McGrew\n" - "Cisco Systems, Inc.\n"); - - if (!do_validation && !do_timing_test && !do_array_timing_test) - usage(argv[0]); - - /* arry timing (cache thrash) test */ - if (do_array_timing_test) { - int max_num_cipher = 1 << 16; /* number of ciphers in cipher_array */ - int num_cipher; - - for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) - cipher_driver_test_array_throughput(&srtp_null_cipher, 0, num_cipher); - - for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) - cipher_driver_test_array_throughput(&srtp_aes_icm_128, SRTP_AES_ICM_128_KEY_LEN_WSALT, num_cipher); - - for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) - cipher_driver_test_array_throughput(&srtp_aes_icm_256, SRTP_AES_ICM_256_KEY_LEN_WSALT, num_cipher); +int main(int argc, char *argv[]) +{ + srtp_cipher_t *c = NULL; + srtp_err_status_t status; + /* clang-format off */ + unsigned char test_key[48] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f, + 0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27, + 0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f, + }; + /* clang-format on */ + int q; + unsigned do_timing_test = 0; + unsigned do_validation = 0; + unsigned do_array_timing_test = 0; + + /* process input arguments */ + while (1) { + q = getopt_s(argc, argv, "tva"); + if (q == -1) + break; + switch (q) { + case 't': + do_timing_test = 1; + break; + case 'v': + do_validation = 1; + break; + case 'a': + do_array_timing_test = 1; + break; + default: + usage(argv[0]); + } + } + + printf("cipher test driver\n" + "David A. McGrew\n" + "Cisco Systems, Inc.\n"); + + if (!do_validation && !do_timing_test && !do_array_timing_test) + usage(argv[0]); + + /* arry timing (cache thrash) test */ + if (do_array_timing_test) { + int max_num_cipher = 1 << 16; /* number of ciphers in cipher_array */ + int num_cipher; + + for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) + cipher_driver_test_array_throughput(&srtp_null_cipher, 0, + num_cipher); + + for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) + cipher_driver_test_array_throughput( + &srtp_aes_icm_128, SRTP_AES_ICM_128_KEY_LEN_WSALT, num_cipher); + + for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) + cipher_driver_test_array_throughput( + &srtp_aes_icm_256, SRTP_AES_ICM_256_KEY_LEN_WSALT, num_cipher); #ifdef OPENSSL - for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) - cipher_driver_test_array_throughput(&srtp_aes_icm_192, SRTP_AES_ICM_192_KEY_LEN_WSALT, num_cipher); - - for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) { - cipher_driver_test_array_throughput(&srtp_aes_gcm_128_openssl, SRTP_AES_GCM_128_KEY_LEN_WSALT, num_cipher); - } - - for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8) { - cipher_driver_test_array_throughput(&srtp_aes_gcm_256_openssl, SRTP_AES_GCM_256_KEY_LEN_WSALT, num_cipher); - } + for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) + cipher_driver_test_array_throughput( + &srtp_aes_icm_192, SRTP_AES_ICM_192_KEY_LEN_WSALT, num_cipher); + + for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) { + cipher_driver_test_array_throughput(&srtp_aes_gcm_128_openssl, + SRTP_AES_GCM_128_KEY_LEN_WSALT, + num_cipher); + } + + for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) { + cipher_driver_test_array_throughput(&srtp_aes_gcm_256_openssl, + SRTP_AES_GCM_256_KEY_LEN_WSALT, + num_cipher); + } #endif - } + } - if (do_validation) { - cipher_driver_self_test(&srtp_null_cipher); - cipher_driver_self_test(&srtp_aes_icm_128); - cipher_driver_self_test(&srtp_aes_icm_256); + if (do_validation) { + cipher_driver_self_test(&srtp_null_cipher); + cipher_driver_self_test(&srtp_aes_icm_128); + cipher_driver_self_test(&srtp_aes_icm_256); #ifdef OPENSSL - cipher_driver_self_test(&srtp_aes_icm_192); - cipher_driver_self_test(&srtp_aes_gcm_128_openssl); - cipher_driver_self_test(&srtp_aes_gcm_256_openssl); + cipher_driver_self_test(&srtp_aes_icm_192); + cipher_driver_self_test(&srtp_aes_gcm_128_openssl); + cipher_driver_self_test(&srtp_aes_gcm_256_openssl); #endif - } + } + + /* do timing and/or buffer_test on srtp_null_cipher */ + status = srtp_cipher_type_alloc(&srtp_null_cipher, &c, 0, 0); + check_status(status); - /* do timing and/or buffer_test on srtp_null_cipher */ - status = srtp_cipher_type_alloc(&srtp_null_cipher, &c, 0, 0); - check_status(status); - - status = srtp_cipher_init(c, NULL); - check_status(status); - - if (do_timing_test) - cipher_driver_test_throughput(c); - if (do_validation) { - status = cipher_driver_test_buffering(c); - check_status(status); - } - status = srtp_cipher_dealloc(c); - check_status(status); - + status = srtp_cipher_init(c, NULL); + check_status(status); + + if (do_timing_test) + cipher_driver_test_throughput(c); + if (do_validation) { + status = cipher_driver_test_buffering(c); + check_status(status); + } + status = srtp_cipher_dealloc(c); + check_status(status); - /* run the throughput test on the aes_icm cipher (128-bit key) */ - status = srtp_cipher_type_alloc(&srtp_aes_icm_128, &c, SRTP_AES_ICM_128_KEY_LEN_WSALT, 0); + /* run the throughput test on the aes_icm cipher (128-bit key) */ + status = srtp_cipher_type_alloc(&srtp_aes_icm_128, &c, + SRTP_AES_ICM_128_KEY_LEN_WSALT, 0); if (status) { - fprintf(stderr, "error: can't allocate cipher\n"); - exit(status); + fprintf(stderr, "error: can't allocate cipher\n"); + exit(status); } status = srtp_cipher_init(c, test_key); check_status(status); if (do_timing_test) - cipher_driver_test_throughput(c); - + cipher_driver_test_throughput(c); + if (do_validation) { - status = cipher_driver_test_buffering(c); - check_status(status); + status = cipher_driver_test_buffering(c); + check_status(status); } - + status = srtp_cipher_dealloc(c); check_status(status); - /* repeat the tests with 256-bit keys */ - status = srtp_cipher_type_alloc(&srtp_aes_icm_256, &c, SRTP_AES_ICM_256_KEY_LEN_WSALT, 0); + /* repeat the tests with 256-bit keys */ + status = srtp_cipher_type_alloc(&srtp_aes_icm_256, &c, + SRTP_AES_ICM_256_KEY_LEN_WSALT, 0); if (status) { - fprintf(stderr, "error: can't allocate cipher\n"); - exit(status); + fprintf(stderr, "error: can't allocate cipher\n"); + exit(status); } status = srtp_cipher_init(c, test_key); check_status(status); if (do_timing_test) - cipher_driver_test_throughput(c); - + cipher_driver_test_throughput(c); + if (do_validation) { - status = cipher_driver_test_buffering(c); - check_status(status); + status = cipher_driver_test_buffering(c); + check_status(status); } - + status = srtp_cipher_dealloc(c); check_status(status); #ifdef OPENSSL /* run the throughput test on the aes_gcm_128_openssl cipher */ - status = srtp_cipher_type_alloc(&srtp_aes_gcm_128_openssl, &c, SRTP_AES_GCM_128_KEY_LEN_WSALT, 8); + status = srtp_cipher_type_alloc(&srtp_aes_gcm_128_openssl, &c, + SRTP_AES_GCM_128_KEY_LEN_WSALT, 8); if (status) { fprintf(stderr, "error: can't allocate GCM 128 cipher\n"); exit(status); @@ -292,7 +299,8 @@ check_status(status); /* run the throughput test on the aes_gcm_256_openssl cipher */ - status = srtp_cipher_type_alloc(&srtp_aes_gcm_256_openssl, &c, SRTP_AES_GCM_256_KEY_LEN_WSALT, 16); + status = srtp_cipher_type_alloc(&srtp_aes_gcm_256_openssl, &c, + SRTP_AES_GCM_256_KEY_LEN_WSALT, 16); if (status) { fprintf(stderr, "error: can't allocate GCM 256 cipher\n"); exit(status); @@ -309,39 +317,39 @@ } status = srtp_cipher_dealloc(c); check_status(status); -#endif +#endif return 0; } -void -cipher_driver_test_throughput(srtp_cipher_t *c) { - int i; - int min_enc_len = 32; - int max_enc_len = 2048; /* should be a power of two */ - int num_trials = 1000000; - - printf("timing %s throughput, key length %d:\n", c->type->description, c->key_len); - fflush(stdout); - for (i=min_enc_len; i <= max_enc_len; i = i * 2) - printf("msg len: %d\tgigabits per second: %f\n", - i, srtp_cipher_bits_per_second(c, i, num_trials) / 1e9); +void cipher_driver_test_throughput(srtp_cipher_t *c) +{ + int i; + int min_enc_len = 32; + int max_enc_len = 2048; /* should be a power of two */ + int num_trials = 1000000; + + printf("timing %s throughput, key length %d:\n", c->type->description, + c->key_len); + fflush(stdout); + for (i = min_enc_len; i <= max_enc_len; i = i * 2) + printf("msg len: %d\tgigabits per second: %f\n", i, + srtp_cipher_bits_per_second(c, i, num_trials) / 1e9); +} + +srtp_err_status_t cipher_driver_self_test(srtp_cipher_type_t *ct) +{ + srtp_err_status_t status; -} + printf("running cipher self-test for %s...", ct->description); + status = srtp_cipher_type_self_test(ct); + if (status) { + printf("failed with error code %d\n", status); + exit(status); + } + printf("passed\n"); -srtp_err_status_t -cipher_driver_self_test(srtp_cipher_type_t *ct) { - srtp_err_status_t status; - - printf("running cipher self-test for %s...", ct->description); - status = srtp_cipher_type_self_test(ct); - if (status) { - printf("failed with error code %d\n", status); - exit(status); - } - printf("passed\n"); - - return srtp_err_status_ok; + return srtp_err_status_ok; } /* @@ -351,168 +359,166 @@ */ #define INITIAL_BUFLEN 1024 -srtp_err_status_t -cipher_driver_test_buffering(srtp_cipher_t *c) { - int i, j, num_trials = 1000; - unsigned len, buflen = INITIAL_BUFLEN; - uint8_t buffer0[INITIAL_BUFLEN], buffer1[INITIAL_BUFLEN], *current, *end; - uint8_t idx[16] = { - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, - 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34 - }; - srtp_err_status_t status; - - printf("testing output buffering for cipher %s...", - c->type->description); - - for (i=0; i < num_trials; i++) { - - /* set buffers to zero */ - for (j=0; j < (int) buflen; j++) { - buffer0[j] = buffer1[j] = 0; - } - - /* initialize cipher */ - status = srtp_cipher_set_iv(c, (uint8_t*)idx, srtp_direction_encrypt); - if (status) - return status; - - /* generate 'reference' value by encrypting all at once */ - status = srtp_cipher_encrypt(c, buffer0, &buflen); - if (status) - return status; - - /* re-initialize cipher */ - status = srtp_cipher_set_iv(c, (uint8_t*)idx, srtp_direction_encrypt); - if (status) - return status; - - /* now loop over short lengths until buffer1 is encrypted */ - current = buffer1; - end = buffer1 + buflen; - while (current < end) { - - /* choose a short length */ - len = rand() & 0x01f; - - /* make sure that len doesn't cause us to overreach the buffer */ - if (current + len > end) - len = end - current; - - status = srtp_cipher_encrypt(c, current, &len); - if (status) - return status; - - /* advance pointer into buffer1 to reflect encryption */ - current += len; - - /* if buffer1 is all encrypted, break out of loop */ - if (current == end) - break; - } - - /* compare buffers */ - for (j=0; j < (int) buflen; j++) { - if (buffer0[j] != buffer1[j]) { +srtp_err_status_t cipher_driver_test_buffering(srtp_cipher_t *c) +{ + int i, j, num_trials = 1000; + unsigned len, buflen = INITIAL_BUFLEN; + uint8_t buffer0[INITIAL_BUFLEN], buffer1[INITIAL_BUFLEN], *current, *end; + uint8_t idx[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34 }; + srtp_err_status_t status; + + printf("testing output buffering for cipher %s...", c->type->description); + + for (i = 0; i < num_trials; i++) { + /* set buffers to zero */ + for (j = 0; j < (int)buflen; j++) { + buffer0[j] = buffer1[j] = 0; + } + + /* initialize cipher */ + status = srtp_cipher_set_iv(c, (uint8_t *)idx, srtp_direction_encrypt); + if (status) + return status; + + /* generate 'reference' value by encrypting all at once */ + status = srtp_cipher_encrypt(c, buffer0, &buflen); + if (status) + return status; + + /* re-initialize cipher */ + status = srtp_cipher_set_iv(c, (uint8_t *)idx, srtp_direction_encrypt); + if (status) + return status; + + /* now loop over short lengths until buffer1 is encrypted */ + current = buffer1; + end = buffer1 + buflen; + while (current < end) { + /* choose a short length */ + len = rand() & 0x01f; + + /* make sure that len doesn't cause us to overreach the buffer */ + if (current + len > end) + len = end - current; + + status = srtp_cipher_encrypt(c, current, &len); + if (status) + return status; + + /* advance pointer into buffer1 to reflect encryption */ + current += len; + + /* if buffer1 is all encrypted, break out of loop */ + if (current == end) + break; + } + + /* compare buffers */ + for (j = 0; j < (int)buflen; j++) { + if (buffer0[j] != buffer1[j]) { #if PRINT_DEBUG - printf("test case %d failed at byte %d\n", i, j); - printf("computed: %s\n", octet_string_hex_string(buffer1, buflen)); - printf("expected: %s\n", octet_string_hex_string(buffer0, buflen)); -#endif - return srtp_err_status_algo_fail; - } - } - } - - printf("passed\n"); + printf("test case %d failed at byte %d\n", i, j); + printf("computed: %s\n", + octet_string_hex_string(buffer1, buflen)); + printf("expected: %s\n", + octet_string_hex_string(buffer0, buflen)); +#endif + return srtp_err_status_algo_fail; + } + } + } - return srtp_err_status_ok; -} + printf("passed\n"); + return srtp_err_status_ok; +} /* * The function cipher_test_throughput_array() tests the effect of CPU - * cache thrash on cipher throughput. + * cache thrash on cipher throughput. * * cipher_array_alloc_init(ctype, array, num_ciphers) creates an array * of srtp_cipher_t of type ctype */ -srtp_err_status_t -cipher_array_alloc_init(srtp_cipher_t ***ca, int num_ciphers, - srtp_cipher_type_t *ctype, int klen) { - int i, j; - srtp_err_status_t status; - uint8_t *key; - srtp_cipher_t **cipher_array; - /* pad klen allocation, to handle aes_icm reading 16 bytes for the - 14-byte salt */ - int klen_pad = ((klen + 15) >> 4) << 4; - - /* allocate array of pointers to ciphers */ - cipher_array = (srtp_cipher_t **) malloc(sizeof(srtp_cipher_t *) * num_ciphers); - if (cipher_array == NULL) - return srtp_err_status_alloc_fail; - - /* set ca to location of cipher_array */ - *ca = cipher_array; - - /* allocate key */ - key = srtp_crypto_alloc(klen_pad); - if (key == NULL) { - free(cipher_array); - return srtp_err_status_alloc_fail; - } - - /* allocate and initialize an array of ciphers */ - for (i=0; i < num_ciphers; i++) { - - /* allocate cipher */ - status = srtp_cipher_type_alloc(ctype, cipher_array, klen, 16); - if (status) - return status; - - /* generate random key and initialize cipher */ - for (j=0; j < klen; j++) - key[j] = (uint8_t) rand(); - for (; j < klen_pad; j++) - key[j] = 0; - status = srtp_cipher_init(*cipher_array, key); - if (status) - return status; - -/* printf("%dth cipher is at %p\n", i, *cipher_array); */ -/* printf("%dth cipher description: %s\n", i, */ -/* (*cipher_array)->type->description); */ - - /* advance cipher array pointer */ - cipher_array++; - } - - srtp_crypto_free(key); - - return srtp_err_status_ok; -} - -srtp_err_status_t -cipher_array_delete(srtp_cipher_t *cipher_array[], int num_cipher) { - int i; - - for (i=0; i < num_cipher; i++) { - srtp_cipher_dealloc(cipher_array[i]); - } - - free(cipher_array); - - return srtp_err_status_ok; -} +srtp_err_status_t cipher_array_alloc_init(srtp_cipher_t ***ca, + int num_ciphers, + srtp_cipher_type_t *ctype, + int klen) +{ + int i, j; + srtp_err_status_t status; + uint8_t *key; + srtp_cipher_t **cipher_array; + /* pad klen allocation, to handle aes_icm reading 16 bytes for the + 14-byte salt */ + int klen_pad = ((klen + 15) >> 4) << 4; + + /* allocate array of pointers to ciphers */ + cipher_array = (srtp_cipher_t **)srtp_crypto_alloc(sizeof(srtp_cipher_t *) * + num_ciphers); + if (cipher_array == NULL) + return srtp_err_status_alloc_fail; + + /* set ca to location of cipher_array */ + *ca = cipher_array; + + /* allocate key */ + key = srtp_crypto_alloc(klen_pad); + if (key == NULL) { + srtp_crypto_free(cipher_array); + return srtp_err_status_alloc_fail; + } + + /* allocate and initialize an array of ciphers */ + for (i = 0; i < num_ciphers; i++) { + /* allocate cipher */ + status = srtp_cipher_type_alloc(ctype, cipher_array, klen, 16); + if (status) + return status; + + /* generate random key and initialize cipher */ + for (j = 0; j < klen; j++) + key[j] = (uint8_t)rand(); + for (; j < klen_pad; j++) + key[j] = 0; + status = srtp_cipher_init(*cipher_array, key); + if (status) + return status; + + /* printf("%dth cipher is at %p\n", i, *cipher_array); */ + /* printf("%dth cipher description: %s\n", i, */ + /* (*cipher_array)->type->description); */ + + /* advance cipher array pointer */ + cipher_array++; + } + + srtp_crypto_free(key); + + return srtp_err_status_ok; +} + +srtp_err_status_t cipher_array_delete(srtp_cipher_t *cipher_array[], + int num_cipher) +{ + int i; + for (i = 0; i < num_cipher; i++) { + srtp_cipher_dealloc(cipher_array[i]); + } + + srtp_crypto_free(cipher_array); + + return srtp_err_status_ok; +} /* * cipher_array_bits_per_second(c, l, t) computes (an estimate of) the * number of bits that a cipher implementation can encrypt in a second * when distinct keys are used to encrypt distinct messages - * + * * c is a cipher (which MUST be allocated an initialized already), l * is the length in octets of the test data to be encrypted, and t is * the number of trials @@ -520,80 +526,85 @@ * if an error is encountered, the value 0 is returned */ -uint64_t -cipher_array_bits_per_second(srtp_cipher_t *cipher_array[], int num_cipher, - unsigned octets_in_buffer, int num_trials) { - int i; - v128_t nonce; - clock_t timer; - unsigned char *enc_buf; - int cipher_index = rand() % num_cipher; - - /* Over-alloc, for NIST CBC padding */ - enc_buf = srtp_crypto_alloc(octets_in_buffer+17); - if (enc_buf == NULL) - return 0; /* indicate bad parameters by returning null */ - memset(enc_buf, 0, octets_in_buffer); - - /* time repeated trials */ - v128_set_to_zero(&nonce); - timer = clock(); - for(i=0; i < num_trials; i++, nonce.v32[3] = i) { - /* length parameter to srtp_cipher_encrypt is in/out -- out is total, padded - * length -- so reset it each time. */ - unsigned octets_to_encrypt = octets_in_buffer; - - /* encrypt buffer with cipher */ - srtp_cipher_set_iv(cipher_array[cipher_index], (uint8_t*)&nonce, srtp_direction_encrypt); - srtp_cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_to_encrypt); - - /* choose a cipher at random from the array*/ - cipher_index = (*((uint32_t *)enc_buf)) % num_cipher; - } - timer = clock() - timer; - - free(enc_buf); - - if (timer == 0) { - /* Too fast! */ - return 0; - } +uint64_t cipher_array_bits_per_second(srtp_cipher_t *cipher_array[], + int num_cipher, + unsigned octets_in_buffer, + int num_trials) +{ + int i; + v128_t nonce; + clock_t timer; + unsigned char *enc_buf; + int cipher_index = rand() % num_cipher; + + /* Over-alloc, for NIST CBC padding */ + enc_buf = srtp_crypto_alloc(octets_in_buffer + 17); + if (enc_buf == NULL) + return 0; /* indicate bad parameters by returning null */ + + /* time repeated trials */ + v128_set_to_zero(&nonce); + timer = clock(); + for (i = 0; i < num_trials; i++, nonce.v32[3] = i) { + /* length parameter to srtp_cipher_encrypt is in/out -- out is total, + * padded + * length -- so reset it each time. */ + unsigned octets_to_encrypt = octets_in_buffer; + + /* encrypt buffer with cipher */ + srtp_cipher_set_iv(cipher_array[cipher_index], (uint8_t *)&nonce, + srtp_direction_encrypt); + srtp_cipher_encrypt(cipher_array[cipher_index], enc_buf, + &octets_to_encrypt); + + /* choose a cipher at random from the array*/ + cipher_index = (*((uint32_t *)enc_buf)) % num_cipher; + } + timer = clock() - timer; + + srtp_crypto_free(enc_buf); + + if (timer == 0) { + /* Too fast! */ + return 0; + } + + return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer; +} + +void cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher) +{ + int i; + int min_enc_len = 16; + int max_enc_len = 2048; /* should be a power of two */ + int num_trials = 1000000; + + printf("timing %s throughput with key length %d, array size %d:\n", + (ca[0])->type->description, (ca[0])->key_len, num_cipher); + fflush(stdout); + for (i = min_enc_len; i <= max_enc_len; i = i * 4) + printf("msg len: %d\tgigabits per second: %f\n", i, + cipher_array_bits_per_second(ca, num_cipher, i, num_trials) / + 1e9); +} + +srtp_err_status_t cipher_driver_test_array_throughput(srtp_cipher_type_t *ct, + int klen, + int num_cipher) +{ + srtp_cipher_t **ca = NULL; + srtp_err_status_t status; - return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer; -} + status = cipher_array_alloc_init(&ca, num_cipher, ct, klen); + if (status) { + printf("error: cipher_array_alloc_init() failed with error code %d\n", + status); + return status; + } -void -cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher) { - int i; - int min_enc_len = 16; - int max_enc_len = 2048; /* should be a power of two */ - int num_trials = 1000000; - - printf("timing %s throughput with key length %d, array size %d:\n", - (ca[0])->type->description, (ca[0])->key_len, num_cipher); - fflush(stdout); - for (i=min_enc_len; i <= max_enc_len; i = i * 4) - printf("msg len: %d\tgigabits per second: %f\n", i, - cipher_array_bits_per_second(ca, num_cipher, i, num_trials) / 1e9); + cipher_array_test_throughput(ca, num_cipher); -} + cipher_array_delete(ca, num_cipher); -srtp_err_status_t -cipher_driver_test_array_throughput(srtp_cipher_type_t *ct, - int klen, int num_cipher) { - srtp_cipher_t **ca = NULL; - srtp_err_status_t status; - - status = cipher_array_alloc_init(&ca, num_cipher, ct, klen); - if (status) { - printf("error: cipher_array_alloc_init() failed with error code %d\n", - status); - return status; - } - - cipher_array_test_throughput(ca, num_cipher); - - cipher_array_delete(ca, num_cipher); - - return srtp_err_status_ok; + return srtp_err_status_ok; } diff -Nru libsrtp2-2.1.0/crypto/test/datatypes_driver.c libsrtp2-2.2.0/crypto/test/datatypes_driver.c --- libsrtp2-2.1.0/crypto/test/datatypes_driver.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/test/datatypes_driver.c 2018-05-15 19:33:24.000000000 +0000 @@ -8,26 +8,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -43,117 +43,108 @@ * */ - #ifdef HAVE_CONFIG_H - #include <config.h> +#include <config.h> #endif -#include <stdio.h> /* for printf() */ -#include <string.h> /* for strlen() */ +#include <stdio.h> /* for printf() */ +#include <string.h> /* for strlen() */ #include "datatypes.h" #include "util.h" -void -byte_order(void); +void byte_order(void); -void -test_hex_string_funcs(void); +void test_hex_string_funcs(void); -void -print_string(char *s); +void print_string(char *s); -void -test_bswap(void); +void test_bswap(void); -int -main (void) { - - /* - * this program includes various and sundry tests for fundamental - * datatypes. it's a grab-bag of throwaway code, retained only in - * case of future problems - */ - - int i, j; - v128_t x; - char *r = - "The Moving Finger writes; and, having writ,\n" - "Moves on: nor all thy Piety nor Wit\n" - "Shall lure it back to cancel half a Line,\n" - "Nor all thy Tears wash out a Word of it."; - char *s = "incomplet"; - - print_string(r); - print_string(s); - - byte_order(); - test_hex_string_funcs(); +int main(void) +{ + /* + * this program includes various and sundry tests for fundamental + * datatypes. it's a grab-bag of throwaway code, retained only in + * case of future problems + */ + + int i, j; + v128_t x; + char *r = "The Moving Finger writes; and, having writ,\n" + "Moves on: nor all thy Piety nor Wit\n" + "Shall lure it back to cancel half a Line,\n" + "Nor all thy Tears wash out a Word of it."; + char *s = "incomplet"; + + print_string(r); + print_string(s); + + byte_order(); + test_hex_string_funcs(); + + for (j = 0; j < 128; j++) { + v128_set_to_zero(&x); + /* x.v32[0] = (1 << j); */ + v128_set_bit(&x, j); + printf("%s\n", v128_bit_string(&x)); + v128_clear_bit(&x, j); + printf("%s\n", v128_bit_string(&x)); + } - for (j=0; j < 128; j++) { + printf("----------------------------------------------\n"); v128_set_to_zero(&x); - /* x.v32[0] = (1 << j); */ - v128_set_bit(&x, j); - printf("%s\n", v128_bit_string(&x)); - v128_clear_bit(&x, j); - printf("%s\n", v128_bit_string(&x)); - - } - - printf("----------------------------------------------\n"); - v128_set_to_zero(&x); - for (i=0; i < 128; i++) { - v128_set_bit(&x, i); - } - printf("%s\n", v128_bit_string(&x)); - - printf("----------------------------------------------\n"); - v128_set_to_zero(&x); - v128_set_bit(&x, 0); - for (i=0; i < 128; i++) { - printf("%s\n", v128_bit_string(&x)); - v128_right_shift(&x, 1); - } - printf("----------------------------------------------\n"); - v128_set_to_zero(&x); - v128_set_bit(&x, 127); - for (i=0; i < 128; i++) { - printf("%s\n", v128_bit_string(&x)); - v128_left_shift(&x, 1); - } - printf("----------------------------------------------\n"); - for (i=0; i < 128; i++) { + for (i = 0; i < 128; i++) { + v128_set_bit(&x, i); + } + printf("%s\n", v128_bit_string(&x)); + + printf("----------------------------------------------\n"); + v128_set_to_zero(&x); + v128_set_bit(&x, 0); + for (i = 0; i < 128; i++) { + printf("%s\n", v128_bit_string(&x)); + v128_right_shift(&x, 1); + } + printf("----------------------------------------------\n"); v128_set_to_zero(&x); v128_set_bit(&x, 127); - v128_left_shift(&x, i); - printf("%s\n", v128_bit_string(&x)); - } - printf("----------------------------------------------\n"); - v128_set_to_zero(&x); - for (i=0; i < 128; i+=2) { - v128_set_bit(&x, i); - } - printf("bit_string: { %s }\n", v128_bit_string(&x)); - printf("get_bit: { "); - for (i=0; i < 128; i++) { - if (v128_get_bit(&x, i) == 1) - printf("1"); - else - printf("0"); - } - printf(" } \n"); + for (i = 0; i < 128; i++) { + printf("%s\n", v128_bit_string(&x)); + v128_left_shift(&x, 1); + } + printf("----------------------------------------------\n"); + for (i = 0; i < 128; i++) { + v128_set_to_zero(&x); + v128_set_bit(&x, 127); + v128_left_shift(&x, i); + printf("%s\n", v128_bit_string(&x)); + } + printf("----------------------------------------------\n"); + v128_set_to_zero(&x); + for (i = 0; i < 128; i += 2) { + v128_set_bit(&x, i); + } + printf("bit_string: { %s }\n", v128_bit_string(&x)); + printf("get_bit: { "); + for (i = 0; i < 128; i++) { + if (v128_get_bit(&x, i) == 1) + printf("1"); + else + printf("0"); + } + printf(" } \n"); - test_bswap(); + test_bswap(); - return 0; + return 0; } - /* byte_order() prints out byte ordering of datatypes */ -void -byte_order(void) { - int i; - v128_t e; +void byte_order(void) +{ + int i; + v128_t e; #if 0 v16_t b; v32_t c; @@ -180,63 +171,60 @@ c.value = 0x00010002; printf("v32_t:\t%x%x\n", c.v16[0], c.v16[1]); -#endif +#endif - printf("byte ordering of crypto/math datatypes:\n"); - for (i=0; i < sizeof(e); i++) - e.v8[i] = i; - printf("v128_t: %s\n", v128_hex_string(&e)); - + printf("byte ordering of crypto/math datatypes:\n"); + for (i = 0; i < sizeof(e); i++) + e.v8[i] = i; + printf("v128_t: %s\n", v128_hex_string(&e)); } -void -test_hex_string_funcs(void) { - char hex1[] = "abadcafe"; - char hex2[] = "0123456789abcdefqqqqq"; - char raw[10]; - int len; - - len = hex_string_to_octet_string(raw, hex1, strlen(hex1)); - printf("computed length: %d\tstring: %s\n", len, - octet_string_hex_string(raw, len/2)); - printf("expected length: %u\tstring: %s\n", (unsigned)strlen(hex1), hex1); - - len = hex_string_to_octet_string(raw, hex2, strlen(hex2)); - printf("computed length: %d\tstring: %s\n", len, - octet_string_hex_string(raw, len/2)); - printf("expected length: %d\tstring: %s\n", 16, "0123456789abcdef"); - +void test_hex_string_funcs(void) +{ + char hex1[] = "abadcafe"; + char hex2[] = "0123456789abcdefqqqqq"; + char raw[10]; + int len; + + len = hex_string_to_octet_string(raw, hex1, strlen(hex1)); + printf("computed length: %d\tstring: %s\n", len, + octet_string_hex_string(raw, len / 2)); + printf("expected length: %u\tstring: %s\n", (unsigned)strlen(hex1), hex1); + + len = hex_string_to_octet_string(raw, hex2, strlen(hex2)); + printf("computed length: %d\tstring: %s\n", len, + octet_string_hex_string(raw, len / 2)); + printf("expected length: %d\tstring: %s\n", 16, "0123456789abcdef"); } -void -print_string(char *s) { - size_t i; - printf("%s\n", s); - printf("strlen(s) = %u\n", (unsigned)strlen(s)); - printf("{ "); - for (i=0; i < strlen(s); i++) { - printf("0x%x, ", s[i]); - if (((i+1) % 8) == 0) - printf("\n "); - } - printf("}\n"); +void print_string(char *s) +{ + size_t i; + printf("%s\n", s); + printf("strlen(s) = %u\n", (unsigned)strlen(s)); + printf("{ "); + for (i = 0; i < strlen(s); i++) { + printf("0x%x, ", s[i]); + if (((i + 1) % 8) == 0) + printf("\n "); + } + printf("}\n"); } -void -test_bswap(void) { - uint32_t x = 0x11223344; - uint64_t y = 0x1122334455667788LL; - - printf("before: %0x\nafter: %0x\n", x, (unsigned int)be32_to_cpu(x)); - printf("before: %0llx\nafter: %0llx\n", (unsigned long long)y, - (unsigned long long)be64_to_cpu(y)); - - y = 1234; - - printf("1234: %0llx\n", (unsigned long long)y); - printf("as octet string: %s\n", - octet_string_hex_string((uint8_t *) &y, 8)); - y = be64_to_cpu(y); - printf("bswapped octet string: %s\n", - octet_string_hex_string((uint8_t *) &y, 8)); +void test_bswap(void) +{ + uint32_t x = 0x11223344; + uint64_t y = 0x1122334455667788LL; + + printf("before: %0x\nafter: %0x\n", x, (unsigned int)be32_to_cpu(x)); + printf("before: %0llx\nafter: %0llx\n", (unsigned long long)y, + (unsigned long long)be64_to_cpu(y)); + + y = 1234; + + printf("1234: %0llx\n", (unsigned long long)y); + printf("as octet string: %s\n", octet_string_hex_string((uint8_t *)&y, 8)); + y = be64_to_cpu(y); + printf("bswapped octet string: %s\n", + octet_string_hex_string((uint8_t *)&y, 8)); } diff -Nru libsrtp2-2.1.0/crypto/test/env.c libsrtp2-2.2.0/crypto/test/env.c --- libsrtp2-2.1.0/crypto/test/env.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/test/env.c 2018-05-15 19:33:24.000000000 +0000 @@ -7,26 +7,26 @@ * Cisco Systems, Inc. */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -43,45 +43,47 @@ */ #include <stdio.h> -#include <string.h> /* for srtcmp() */ +#include <string.h> /* for srtcmp() */ #include "config.h" -int -main(void) { - int err_count = 0; +int main(void) +{ + int err_count = 0; #ifdef WORDS_BIGENDIAN - printf("CPU set to big-endian\t\t\t(WORDS_BIGENDIAN == 1)\n"); + printf("CPU set to big-endian\t\t\t(WORDS_BIGENDIAN == 1)\n"); #else - printf("CPU set to little-endian\t\t(WORDS_BIGENDIAN == 0)\n"); + printf("CPU set to little-endian\t\t(WORDS_BIGENDIAN == 0)\n"); #endif #ifdef CPU_RISC - printf("CPU set to RISC\t\t\t\t(CPU_RISC == 1)\n"); + printf("CPU set to RISC\t\t\t\t(CPU_RISC == 1)\n"); #elif defined(CPU_CISC) - printf("CPU set to CISC\t\t\t\t(CPU_CISC == 1)\n"); + printf("CPU set to CISC\t\t\t\t(CPU_CISC == 1)\n"); #else - printf("CPU set to an unknown type, probably due to a configuration error\n"); - err_count++; + printf( + "CPU set to an unknown type, probably due to a configuration error\n"); + err_count++; #endif #ifdef CPU_ALTIVEC - printf("CPU set to ALTIVEC\t\t\t\t(CPU_ALTIVEC == 0)\n"); + printf("CPU set to ALTIVEC\t\t\t\t(CPU_ALTIVEC == 0)\n"); #endif #ifndef NO_64BIT_MATH - printf("using native 64-bit type\t\t(NO_64_BIT_MATH == 0)\n"); + printf("using native 64-bit type\t\t(NO_64_BIT_MATH == 0)\n"); #else - printf("using built-in 64-bit math\t\t(NO_64_BIT_MATH == 1)\n"); + printf("using built-in 64-bit math\t\t(NO_64_BIT_MATH == 1)\n"); #endif #ifdef ERR_REPORTING_STDOUT - printf("using stdout for error reporting\t(ERR_REPORTING_STDOUT == 1)\n"); + printf("using stdout for error reporting\t(ERR_REPORTING_STDOUT == 1)\n"); #endif - if (err_count) - printf("warning: configuration is probably in error " - "(found %d problems)\n", err_count); + if (err_count) + printf("warning: configuration is probably in error " + "(found %d problems)\n", + err_count); - return err_count; + return err_count; } diff -Nru libsrtp2-2.1.0/crypto/test/kernel_driver.c libsrtp2-2.2.0/crypto/test/kernel_driver.c --- libsrtp2-2.1.0/crypto/test/kernel_driver.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/test/kernel_driver.c 2018-05-15 19:33:24.000000000 +0000 @@ -7,26 +7,26 @@ * Cisco Systems, Inc. */ /* - * + * * Copyright(c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -42,77 +42,76 @@ * */ - #ifdef HAVE_CONFIG_H - #include <config.h> +#include <config.h> #endif -#include <stdio.h> /* for printf() */ +#include <stdio.h> /* for printf() */ #include "getopt_s.h" #include "crypto_kernel.h" -void -usage(char *prog_name) { - printf("usage: %s [ -v ][ -d debug_module ]*\n", prog_name); - exit(255); +void usage(char *prog_name) +{ + printf("usage: %s [ -v ][ -d debug_module ]*\n", prog_name); + exit(255); } -int -main (int argc, char *argv[]) { - int q; - int do_validation = 0; - srtp_err_status_t status; - - if (argc == 1) - usage(argv[0]); - - /* initialize kernel - we need to do this before anything else */ - status = srtp_crypto_kernel_init(); - if (status) { - printf("error: srtp_crypto_kernel init failed\n"); - exit(1); - } - printf("srtp_crypto_kernel successfully initalized\n"); - - /* process input arguments */ - while (1) { - q = getopt_s(argc, argv, "vd:"); - if (q == -1) - break; - switch (q) { - case 'v': - do_validation = 1; - break; - case 'd': - status = srtp_crypto_kernel_set_debug_module(optarg_s, 1); - if (status) { - printf("error: set debug module (%s) failed\n", optarg_s); - exit(1); - } - break; - default: - usage(argv[0]); - } - } - - if (do_validation) { - printf("checking srtp_crypto_kernel status...\n"); - status = srtp_crypto_kernel_status(); +int main(int argc, char *argv[]) +{ + int q; + int do_validation = 0; + srtp_err_status_t status; + + if (argc == 1) + usage(argv[0]); + + /* initialize kernel - we need to do this before anything else */ + status = srtp_crypto_kernel_init(); if (status) { - printf("failed\n"); - exit(1); + printf("error: srtp_crypto_kernel init failed\n"); + exit(1); } - printf("srtp_crypto_kernel passed self-tests\n"); - } + printf("srtp_crypto_kernel successfully initalized\n"); - status = srtp_crypto_kernel_shutdown(); - if (status) { - printf("error: srtp_crypto_kernel shutdown failed\n"); - exit(1); - } - printf("srtp_crypto_kernel successfully shut down\n"); - - return 0; + /* process input arguments */ + while (1) { + q = getopt_s(argc, argv, "vd:"); + if (q == -1) + break; + switch (q) { + case 'v': + do_validation = 1; + break; + case 'd': + status = srtp_crypto_kernel_set_debug_module(optarg_s, 1); + if (status) { + printf("error: set debug module (%s) failed\n", optarg_s); + exit(1); + } + break; + default: + usage(argv[0]); + } + } + + if (do_validation) { + printf("checking srtp_crypto_kernel status...\n"); + status = srtp_crypto_kernel_status(); + if (status) { + printf("failed\n"); + exit(1); + } + printf("srtp_crypto_kernel passed self-tests\n"); + } + + status = srtp_crypto_kernel_shutdown(); + if (status) { + printf("error: srtp_crypto_kernel shutdown failed\n"); + exit(1); + } + printf("srtp_crypto_kernel successfully shut down\n"); + + return 0; } /* @@ -120,10 +119,9 @@ * of the crypto_kernel */ -srtp_err_status_t -crypto_kernel_cipher_test(void) { - - /* not implemented yet! */ +srtp_err_status_t crypto_kernel_cipher_test(void) +{ + /* not implemented yet! */ - return srtp_err_status_ok; + return srtp_err_status_ok; } diff -Nru libsrtp2-2.1.0/crypto/test/sha1_driver.c libsrtp2-2.2.0/crypto/test/sha1_driver.c --- libsrtp2-2.1.0/crypto/test/sha1_driver.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/test/sha1_driver.c 2018-05-15 19:33:24.000000000 +0000 @@ -8,26 +8,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -44,7 +44,7 @@ */ #ifdef HAVE_CONFIG_H - #include <config.h> +#include <config.h> #endif #include <stdio.h> @@ -56,505 +56,332 @@ #define SHA_FAIL 1 #define MAX_HASH_DATA_LEN 1024 -#define MAX_HASH_OUT_LEN 20 +#define MAX_HASH_OUT_LEN 20 typedef struct hash_test_case_t { - unsigned data_len; /* number of octets in data */ - unsigned hash_len; /* number of octets output by hash */ - uint8_t data[MAX_HASH_DATA_LEN]; /* message data */ - uint8_t hash[MAX_HASH_OUT_LEN]; /* expected hash output */ - struct hash_test_case_t *next_test_case; + unsigned data_len; /* number of octets in data */ + unsigned hash_len; /* number of octets output by hash */ + uint8_t data[MAX_HASH_DATA_LEN]; /* message data */ + uint8_t hash[MAX_HASH_OUT_LEN]; /* expected hash output */ + struct hash_test_case_t *next_test_case; } hash_test_case_t; hash_test_case_t *sha1_test_case_list; -srtp_err_status_t -hash_test_case_add(hash_test_case_t **list_ptr, - char *hex_data, - unsigned data_len, - char *hex_hash, - unsigned hash_len) { - hash_test_case_t *list_head = *list_ptr; - hash_test_case_t *test_case; - unsigned tmp_len; - - test_case = malloc(sizeof(hash_test_case_t)); - if (test_case == NULL) - return srtp_err_status_alloc_fail; - - tmp_len = hex_string_to_octet_string((char *)test_case->data, hex_data, data_len*2); - if (tmp_len != data_len*2) { - free(test_case); - return srtp_err_status_parse_err; - } - - tmp_len = hex_string_to_octet_string((char *)test_case->hash, hex_hash, hash_len*2); - if (tmp_len != hash_len*2) { - free(test_case); - return srtp_err_status_parse_err; - } - - test_case->data_len = data_len; - test_case->hash_len = hash_len; - - /* add the new test case to the head of the list */ - test_case->next_test_case = list_head; - *list_ptr = test_case; +srtp_err_status_t hash_test_case_add(hash_test_case_t **list_ptr, + char *hex_data, + unsigned data_len, + char *hex_hash, + unsigned hash_len) +{ + hash_test_case_t *list_head = *list_ptr; + hash_test_case_t *test_case; + unsigned tmp_len; + + test_case = malloc(sizeof(hash_test_case_t)); + if (test_case == NULL) + return srtp_err_status_alloc_fail; + + tmp_len = hex_string_to_octet_string((char *)test_case->data, hex_data, + data_len * 2); + if (tmp_len != data_len * 2) { + free(test_case); + return srtp_err_status_parse_err; + } - return srtp_err_status_ok; + tmp_len = hex_string_to_octet_string((char *)test_case->hash, hex_hash, + hash_len * 2); + if (tmp_len != hash_len * 2) { + free(test_case); + return srtp_err_status_parse_err; + } + + test_case->data_len = data_len; + test_case->hash_len = hash_len; + + /* add the new test case to the head of the list */ + test_case->next_test_case = list_head; + *list_ptr = test_case; + + return srtp_err_status_ok; } -srtp_err_status_t -sha1_test_case_validate(const hash_test_case_t *test_case) { - srtp_sha1_ctx_t ctx; - uint32_t hash_value[5]; - - if (test_case == NULL) - return srtp_err_status_bad_param; - - if (test_case->hash_len != 20) - return srtp_err_status_bad_param; - if (test_case->data_len > MAX_HASH_DATA_LEN) - return srtp_err_status_bad_param; - - srtp_sha1_init(&ctx); - srtp_sha1_update(&ctx, test_case->data, test_case->data_len); - srtp_sha1_final(&ctx, hash_value); - if (0 == memcmp(test_case->hash, hash_value, 20)) { +srtp_err_status_t sha1_test_case_validate(const hash_test_case_t *test_case) +{ + srtp_sha1_ctx_t ctx; + uint32_t hash_value[5]; + + if (test_case == NULL) + return srtp_err_status_bad_param; + + if (test_case->hash_len != 20) + return srtp_err_status_bad_param; + if (test_case->data_len > MAX_HASH_DATA_LEN) + return srtp_err_status_bad_param; + + srtp_sha1_init(&ctx); + srtp_sha1_update(&ctx, test_case->data, test_case->data_len); + srtp_sha1_final(&ctx, hash_value); + if (0 == memcmp(test_case->hash, hash_value, 20)) { #if VERBOSE - printf("PASSED: reference value: %s\n", - octet_string_hex_string((const uint8_t *)test_case->hash, 20)); - printf("PASSED: computed value: %s\n", - octet_string_hex_string((const uint8_t *)hash_value, 20)); -#endif - return srtp_err_status_ok; - } + printf("PASSED: reference value: %s\n", + octet_string_hex_string((const uint8_t *)test_case->hash, 20)); + printf("PASSED: computed value: %s\n", + octet_string_hex_string((const uint8_t *)hash_value, 20)); +#endif + return srtp_err_status_ok; + } - printf("reference value: %s\n", - octet_string_hex_string((const uint8_t *)test_case->hash, 20)); - printf("computed value: %s\n", - octet_string_hex_string((const uint8_t *)hash_value, 20)); + printf("reference value: %s\n", + octet_string_hex_string((const uint8_t *)test_case->hash, 20)); + printf("computed value: %s\n", + octet_string_hex_string((const uint8_t *)hash_value, 20)); - return srtp_err_status_algo_fail; - + return srtp_err_status_algo_fail; } struct hex_sha1_test_case_t { - unsigned bit_len; - char hex_data[MAX_HASH_DATA_LEN*2]; - char hex_hash[40]; + unsigned bit_len; + char hex_data[MAX_HASH_DATA_LEN * 2]; + char hex_hash[40]; }; -srtp_err_status_t -sha1_add_test_cases(void) { - int i; - srtp_err_status_t err; - - /* - * these test cases are taken from the "SHA-1 Sample Vectors" - * provided by NIST at http://csrc.nist.gov/cryptval/shs.html - */ - - struct hex_sha1_test_case_t tc[] = { - { - 0, - "", - "da39a3ee5e6b4b0d3255bfef95601890afd80709" - }, - { - 8, - "a8", - "99f2aa95e36f95c2acb0eaf23998f030638f3f15" - }, - { - 16, - "3000", - "f944dcd635f9801f7ac90a407fbc479964dec024" - }, - { - 24, - "42749e", - "a444319e9b6cc1e8464c511ec0969c37d6bb2619" - }, - { - 32, - "9fc3fe08", - "16a0ff84fcc156fd5d3ca3a744f20a232d172253" - }, - { - 40, - "b5c1c6f1af", - "fec9deebfcdedaf66dda525e1be43597a73a1f93" - }, - { - 48, - "e47571e5022e", - "8ce051181f0ed5e9d0c498f6bc4caf448d20deb5" - }, - { - 56, - "3e1b28839fb758", - "67da53837d89e03bf652ef09c369a3415937cfd3" - }, - { - 64, - "a81350cbb224cb90", - "305e4ff9888ad855a78573cddf4c5640cce7e946" - }, - { - 72, "c243d167923dec3ce1", - "5902b77b3265f023f9bbc396ba1a93fa3509bde7" - }, - { - 80, - "50ac18c59d6a37a29bf4", - "fcade5f5d156bf6f9af97bdfa9c19bccfb4ff6ab" - }, - { - 88, - "98e2b611ad3b1cccf634f6", - "1d20fbe00533c10e3cbd6b27088a5de0c632c4b5" - }, - { - 96, - "73fe9afb68e1e8712e5d4eec", - "7e1b7e0f7a8f3455a9c03e9580fd63ae205a2d93" - }, - { - 104, - "9e701ed7d412a9226a2a130e66", - "706f0677146307b20bb0e8d6311e329966884d13" - }, - { - 112, - "6d3ee90413b0a7cbf69e5e6144ca", - "a7241a703aaf0d53fe142f86bf2e849251fa8dff" - }, - { - 120, - "fae24d56514efcb530fd4802f5e71f", - "400f53546916d33ad01a5e6df66822dfbdc4e9e6" - }, - { - 128, - "c5a22dd6eda3fe2bdc4ddb3ce6b35fd1", - "fac8ab93c1ae6c16f0311872b984f729dc928ccd" - }, - { - 136, - "d98cded2adabf08fda356445c781802d95", - "fba6d750c18da58f6e2aab10112b9a5ef3301b3b" - }, - { - 144, - "bcc6d7087a84f00103ccb32e5f5487a751a2", - "29d27c2d44c205c8107f0351b05753ac708226b6" - }, - { - 152, - "36ecacb1055434190dbbc556c48bafcb0feb0d", - "b971bfc1ebd6f359e8d74cb7ecfe7f898d0ba845" - }, - { - 160, - "5ff9edb69e8f6bbd498eb4537580b7fba7ad31d0", - "96d08c430094b9fcc164ad2fb6f72d0a24268f68" - }, - { - 168, "c95b441d8270822a46a798fae5defcf7b26abace36", - "a287ea752a593d5209e287881a09c49fa3f0beb1" - }, - { - 176, - "83104c1d8a55b28f906f1b72cb53f68cbb097b44f860", - "a06c713779cbd88519ed4a585ac0cb8a5e9d612b" - }, - { - 184, - "755175528d55c39c56493d697b790f099a5ce741f7754b", - "bff7d52c13a3688132a1d407b1ab40f5b5ace298" - }, - { - 192, - "088fc38128bbdb9fd7d65228b3184b3faac6c8715f07272f", - "c7566b91d7b6f56bdfcaa9781a7b6841aacb17e9" - }, - { - 200, - "a4a586eb9245a6c87e3adf1009ac8a49f46c07e14185016895", - "ffa30c0b5c550ea4b1e34f8a60ec9295a1e06ac1" - }, - { - 208, - "8e7c555270c006092c2a3189e2a526b873e2e269f0fb28245256", - "29e66ed23e914351e872aa761df6e4f1a07f4b81" - }, - { - 216, - "a5f3bfa6bb0ba3b59f6b9cbdef8a558ec565e8aa3121f405e7f2f0", - "b28cf5e5b806a01491d41f69bd9248765c5dc292" - }, - { - 224, - "589054f0d2bd3c2c85b466bfd8ce18e6ec3e0b87d944cd093ba36469", - "60224fb72c46069652cd78bcd08029ef64da62f3" - }, - { - 232, - "a0abb12083b5bbc78128601bf1cbdbc0fdf4b862b24d899953d8da0ff3", - "b72c4a86f72608f24c05f3b9088ef92fba431df7" - }, - { - 240, - "82143f4cea6fadbf998e128a8811dc75301cf1db4f079501ea568da68eeb", - "73779ad5d6b71b9b8328ef7220ff12eb167076ac" - }, - { - 248, - "9f1231dd6df1ff7bc0b0d4f989d048672683ce35d956d2f57913046267e6f3", - "a09671d4452d7cf50015c914a1e31973d20cc1a0" - }, - { - 256, - "041c512b5eed791f80d3282f3a28df263bb1df95e1239a7650e5670fc2187919", - "e88cdcd233d99184a6fd260b8fca1b7f7687aee0" - }, - { - 264, - "17e81f6ae8c2e5579d69dafa6e070e7111461552d314b691e7a3e7a4feb3fae418", - "010def22850deb1168d525e8c84c28116cb8a269" - }, - { - 272, - "d15976b23a1d712ad28fad04d805f572026b54dd64961fda94d5355a0cc98620cf77", - "aeaa40ba1717ed5439b1e6ea901b294ba500f9ad" - }, - { - 280, - "09fce4d434f6bd32a44e04b848ff50ec9f642a8a85b37a264dc73f130f22838443328f", - "c6433791238795e34f080a5f1f1723f065463ca0" - }, - { - 288, "f17af27d776ec82a257d8d46d2b46b639462c56984cc1be9c1222eadb8b26594a25c709d", - "e21e22b89c1bb944a32932e6b2a2f20d491982c3" - }, - { - 296, - "b13ce635d6f8758143ffb114f2f601cb20b6276951416a2f94fbf4ad081779d79f4f195b22", - "575323a9661f5d28387964d2ba6ab92c17d05a8a" - }, - { - 304, - "5498793f60916ff1c918dde572cdea76da8629ba4ead6d065de3dfb48de94d234cc1c5002910", - "feb44494af72f245bfe68e86c4d7986d57c11db7" - }, - { - 312, - "498a1e0b39fa49582ae688cd715c86fbaf8a81b8b11b4d1594c49c902d197c8ba8a621fd6e3be5", - "cff2290b3648ba2831b98dde436a72f9ebf51eee" - }, - { - 320, - "3a36ae71521f9af628b3e34dcb0d4513f84c78ee49f10416a98857150b8b15cb5c83afb4b570376e", - "9b4efe9d27b965905b0c3dab67b8d7c9ebacd56c" - }, - { - 328, - "dcc76b40ae0ea3ba253e92ac50fcde791662c5b6c948538cffc2d95e9de99cac34dfca38910db2678f", - "afedb0ff156205bcd831cbdbda43db8b0588c113" - }, - { - 336, - "5b5ec6ec4fd3ad9c4906f65c747fd4233c11a1736b6b228b92e90cddabb0c7c2fcf9716d3fad261dff33", - "8deb1e858f88293a5e5e4d521a34b2a4efa70fc4" - }, - { - 344, - "df48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f20fd697c3e4c8b8c5f590ab", - "95cbdac0f74afa69cebd0e5c7defbc6faf0cbeaf" - }, - { - 352, - "1f179b3b82250a65e1b0aee949e218e2f45c7a8dbfd6ba08de05c55acfc226b48c68d7f7057e5675cd96fcfc", - "f0307bcb92842e5ae0cd4f4f14f3df7f877fbef2" - }, - { - 360, - "ee3d72da3a44d971578972a8e6780ce64941267e0f7d0179b214fa97855e1790e888e09fbe3a70412176cb3b54", - "7b13bb0dbf14964bd63b133ac85e22100542ef55" - }, - { - 368, - "d4d4c7843d312b30f610b3682254c8be96d5f6684503f8fbfbcd15774fc1b084d3741afb8d24aaa8ab9c104f7258", - "c314d2b6cf439be678d2a74e890d96cfac1c02ed" - }, - { - 376, - "32c094944f5936a190a0877fb9178a7bf60ceae36fd530671c5b38c5dbd5e6a6c0d615c2ac8ad04b213cc589541cf6", - "4d0be361e410b47a9d67d8ce0bb6a8e01c53c078" - }, - { - 384, - "e5d3180c14bf27a5409fa12b104a8fd7e9639609bfde6ee82bbf9648be2546d29688a65e2e3f3da47a45ac14343c9c02", - "e5353431ffae097f675cbf498869f6fbb6e1c9f2" - }, - { - 392, - "e7b6e4b69f724327e41e1188a37f4fe38b1dba19cbf5a7311d6e32f1038e97ab506ee05aebebc1eed09fc0e357109818b9", - "b8720a7068a085c018ab18961de2765aa6cd9ac4" - }, - { - 400, - "bc880cb83b8ac68ef2fedc2da95e7677ce2aa18b0e2d8b322701f67af7d5e7a0d96e9e33326ccb7747cfff0852b961bfd475", - "b0732181568543ba85f2b6da602b4b065d9931aa" - }, - { - 408, - "235ea9c2ba7af25400f2e98a47a291b0bccdaad63faa2475721fda5510cc7dad814bce8dabb611790a6abe56030b798b75c944", - "9c22674cf3222c3ba921672694aafee4ce67b96b" - }, - { - 416, - "07e3e29fed63104b8410f323b975fd9fba53f636af8c4e68a53fb202ca35dd9ee07cb169ec5186292e44c27e5696a967f5e67709", - "d128335f4cecca9066cdae08958ce656ff0b4cfc" - }, - { - 424, - "65d2a1dd60a517eb27bfbf530cf6a5458f9d5f4730058bd9814379547f34241822bf67e6335a6d8b5ed06abf8841884c636a25733f", - "0b67c57ac578de88a2ae055caeaec8bb9b0085a0" - }, - { - 432, - "dcc86b3bd461615bab739d8daafac231c0f462e819ad29f9f14058f3ab5b75941d4241ea2f17ebb8a458831b37a9b16dead4a76a9b0e", - "c766f912a89d4ccda88e0cce6a713ef5f178b596" - }, - { - 440, - "4627d54f0568dc126b62a8c35fb46a9ac5024400f2995e51635636e1afc4373dbb848eb32df23914230560b82477e9c3572647a7f2bb92", - "9aa3925a9dcb177b15ccff9b78e70cf344858779" - }, - { - 448, - "ba531affd4381168ef24d8b275a84d9254c7f5cc55fded53aa8024b2c5c5c8aa7146fe1d1b83d62b70467e9a2e2cb67b3361830adbab28d7", - "4811fa30042fc076acf37c8e2274d025307e5943" - }, - { - 456, - "8764dcbcf89dcf4282eb644e3d568bdccb4b13508bfa7bfe0ffc05efd1390be22109969262992d377691eb4f77f3d59ea8466a74abf57b2ef4", - "6743018450c9730761ee2b130df9b91c1e118150" - }, - { - 464, - "497d9df9ddb554f3d17870b1a31986c1be277bc44feff713544217a9f579623d18b5ffae306c25a45521d2759a72c0459b58957255ab592f3be4", - "71ad4a19d37d92a5e6ef3694ddbeb5aa61ada645" - }, - { - 472, - "72c3c2e065aefa8d9f7a65229e818176eef05da83f835107ba90ec2e95472e73e538f783b416c04654ba8909f26a12db6e5c4e376b7615e4a25819", - "a7d9dc68dacefb7d6116186048cb355cc548e11d" - }, - { - 480, - "7cc9894454d0055ab5069a33984e2f712bef7e3124960d33559f5f3b81906bb66fe64da13c153ca7f5cabc89667314c32c01036d12ecaf5f9a78de98", - "142e429f0522ba5abf5131fa81df82d355b96909" - }, - { - 488, - "74e8404d5a453c5f4d306f2cfa338ca65501c840ddab3fb82117933483afd6913c56aaf8a0a0a6b2a342fc3d9dc7599f4a850dfa15d06c61966d74ea59", - "ef72db70dcbcab991e9637976c6faf00d22caae9" - }, - { - 496, - "46fe5ed326c8fe376fcc92dc9e2714e2240d3253b105adfbb256ff7a19bc40975c604ad7c0071c4fd78a7cb64786e1bece548fa4833c04065fe593f6fb10", - "f220a7457f4588d639dc21407c942e9843f8e26b" - }, - { - 504, - "836dfa2524d621cf07c3d2908835de859e549d35030433c796b81272fd8bc0348e8ddbc7705a5ad1fdf2155b6bc48884ac0cd376925f069a37849c089c8645", - "ddd2117b6e309c233ede85f962a0c2fc215e5c69" - }, - { - 512, - "7e3a4c325cb9c52b88387f93d01ae86d42098f5efa7f9457388b5e74b6d28b2438d42d8b64703324d4aa25ab6aad153ae30cd2b2af4d5e5c00a8a2d0220c6116", - "a3054427cdb13f164a610b348702724c808a0dcc" +srtp_err_status_t sha1_add_test_cases(void) +{ + int i; + srtp_err_status_t err; + + /* + * these test cases are taken from the "SHA-1 Sample Vectors" + * provided by NIST at http://csrc.nist.gov/cryptval/shs.html + */ + + struct hex_sha1_test_case_t tc[] = { + { 0, "", "da39a3ee5e6b4b0d3255bfef95601890afd80709" }, + { 8, "a8", "99f2aa95e36f95c2acb0eaf23998f030638f3f15" }, + { 16, "3000", "f944dcd635f9801f7ac90a407fbc479964dec024" }, + { 24, "42749e", "a444319e9b6cc1e8464c511ec0969c37d6bb2619" }, + { 32, "9fc3fe08", "16a0ff84fcc156fd5d3ca3a744f20a232d172253" }, + { 40, "b5c1c6f1af", "fec9deebfcdedaf66dda525e1be43597a73a1f93" }, + { 48, "e47571e5022e", "8ce051181f0ed5e9d0c498f6bc4caf448d20deb5" }, + { 56, "3e1b28839fb758", "67da53837d89e03bf652ef09c369a3415937cfd3" }, + { 64, "a81350cbb224cb90", "305e4ff9888ad855a78573cddf4c5640cce7e946" }, + { 72, "c243d167923dec3ce1", + "5902b77b3265f023f9bbc396ba1a93fa3509bde7" }, + { 80, "50ac18c59d6a37a29bf4", + "fcade5f5d156bf6f9af97bdfa9c19bccfb4ff6ab" }, + { 88, "98e2b611ad3b1cccf634f6", + "1d20fbe00533c10e3cbd6b27088a5de0c632c4b5" }, + { 96, "73fe9afb68e1e8712e5d4eec", + "7e1b7e0f7a8f3455a9c03e9580fd63ae205a2d93" }, + { 104, "9e701ed7d412a9226a2a130e66", + "706f0677146307b20bb0e8d6311e329966884d13" }, + { 112, "6d3ee90413b0a7cbf69e5e6144ca", + "a7241a703aaf0d53fe142f86bf2e849251fa8dff" }, + { 120, "fae24d56514efcb530fd4802f5e71f", + "400f53546916d33ad01a5e6df66822dfbdc4e9e6" }, + { 128, "c5a22dd6eda3fe2bdc4ddb3ce6b35fd1", + "fac8ab93c1ae6c16f0311872b984f729dc928ccd" }, + { 136, "d98cded2adabf08fda356445c781802d95", + "fba6d750c18da58f6e2aab10112b9a5ef3301b3b" }, + { 144, "bcc6d7087a84f00103ccb32e5f5487a751a2", + "29d27c2d44c205c8107f0351b05753ac708226b6" }, + { 152, "36ecacb1055434190dbbc556c48bafcb0feb0d", + "b971bfc1ebd6f359e8d74cb7ecfe7f898d0ba845" }, + { 160, "5ff9edb69e8f6bbd498eb4537580b7fba7ad31d0", + "96d08c430094b9fcc164ad2fb6f72d0a24268f68" }, + { 168, "c95b441d8270822a46a798fae5defcf7b26abace36", + "a287ea752a593d5209e287881a09c49fa3f0beb1" }, + { 176, "83104c1d8a55b28f906f1b72cb53f68cbb097b44f860", + "a06c713779cbd88519ed4a585ac0cb8a5e9d612b" }, + { 184, "755175528d55c39c56493d697b790f099a5ce741f7754b", + "bff7d52c13a3688132a1d407b1ab40f5b5ace298" }, + { 192, "088fc38128bbdb9fd7d65228b3184b3faac6c8715f07272f", + "c7566b91d7b6f56bdfcaa9781a7b6841aacb17e9" }, + { 200, "a4a586eb9245a6c87e3adf1009ac8a49f46c07e14185016895", + "ffa30c0b5c550ea4b1e34f8a60ec9295a1e06ac1" }, + { 208, "8e7c555270c006092c2a3189e2a526b873e2e269f0fb28245256", + "29e66ed23e914351e872aa761df6e4f1a07f4b81" }, + { 216, "a5f3bfa6bb0ba3b59f6b9cbdef8a558ec565e8aa3121f405e7f2f0", + "b28cf5e5b806a01491d41f69bd9248765c5dc292" }, + { 224, "589054f0d2bd3c2c85b466bfd8ce18e6ec3e0b87d944cd093ba36469", + "60224fb72c46069652cd78bcd08029ef64da62f3" }, + { 232, "a0abb12083b5bbc78128601bf1cbdbc0fdf4b862b24d899953d8da0ff3", + "b72c4a86f72608f24c05f3b9088ef92fba431df7" }, + { 240, "82143f4cea6fadbf998e128a8811dc75301cf1db4f079501ea568da68eeb", + "73779ad5d6b71b9b8328ef7220ff12eb167076ac" }, + { 248, "9f1231dd6df1ff7bc0b0d4f989d048672683ce35d956d2f57913046267e6f3", + "a09671d4452d7cf50015c914a1e31973d20cc1a0" }, + { 256, + "041c512b5eed791f80d3282f3a28df263bb1df95e1239a7650e5670fc2187919", + "e88cdcd233d99184a6fd260b8fca1b7f7687aee0" }, + { 264, + "17e81f6ae8c2e5579d69dafa6e070e7111461552d314b691e7a3e7a4feb3fae418", + "010def22850deb1168d525e8c84c28116cb8a269" }, + { 272, "d15976b23a1d712ad28fad04d805f572026b54dd64961fda94d5355a0cc9862" + "0cf77", + "aeaa40ba1717ed5439b1e6ea901b294ba500f9ad" }, + { 280, "09fce4d434f6bd32a44e04b848ff50ec9f642a8a85b37a264dc73f130f22838" + "443328f", + "c6433791238795e34f080a5f1f1723f065463ca0" }, + { 288, "f17af27d776ec82a257d8d46d2b46b639462c56984cc1be9c1222eadb8b2659" + "4a25c709d", + "e21e22b89c1bb944a32932e6b2a2f20d491982c3" }, + { 296, "b13ce635d6f8758143ffb114f2f601cb20b6276951416a2f94fbf4ad081779d" + "79f4f195b22", + "575323a9661f5d28387964d2ba6ab92c17d05a8a" }, + { 304, "5498793f60916ff1c918dde572cdea76da8629ba4ead6d065de3dfb48de94d2" + "34cc1c5002910", + "feb44494af72f245bfe68e86c4d7986d57c11db7" }, + { 312, "498a1e0b39fa49582ae688cd715c86fbaf8a81b8b11b4d1594c49c902d197c8" + "ba8a621fd6e3be5", + "cff2290b3648ba2831b98dde436a72f9ebf51eee" }, + { 320, "3a36ae71521f9af628b3e34dcb0d4513f84c78ee49f10416a98857150b8b15c" + "b5c83afb4b570376e", + "9b4efe9d27b965905b0c3dab67b8d7c9ebacd56c" }, + { 328, "dcc76b40ae0ea3ba253e92ac50fcde791662c5b6c948538cffc2d95e9de99ca" + "c34dfca38910db2678f", + "afedb0ff156205bcd831cbdbda43db8b0588c113" }, + { 336, "5b5ec6ec4fd3ad9c4906f65c747fd4233c11a1736b6b228b92e90cddabb0c7c" + "2fcf9716d3fad261dff33", + "8deb1e858f88293a5e5e4d521a34b2a4efa70fc4" }, + { 344, "df48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f" + "20fd697c3e4c8b8c5f590ab", + "95cbdac0f74afa69cebd0e5c7defbc6faf0cbeaf" }, + { 352, "1f179b3b82250a65e1b0aee949e218e2f45c7a8dbfd6ba08de05c55acfc226b" + "48c68d7f7057e5675cd96fcfc", + "f0307bcb92842e5ae0cd4f4f14f3df7f877fbef2" }, + { 360, "ee3d72da3a44d971578972a8e6780ce64941267e0f7d0179b214fa97855e179" + "0e888e09fbe3a70412176cb3b54", + "7b13bb0dbf14964bd63b133ac85e22100542ef55" }, + { 368, "d4d4c7843d312b30f610b3682254c8be96d5f6684503f8fbfbcd15774fc1b08" + "4d3741afb8d24aaa8ab9c104f7258", + "c314d2b6cf439be678d2a74e890d96cfac1c02ed" }, + { 376, "32c094944f5936a190a0877fb9178a7bf60ceae36fd530671c5b38c5dbd5e6a" + "6c0d615c2ac8ad04b213cc589541cf6", + "4d0be361e410b47a9d67d8ce0bb6a8e01c53c078" }, + { 384, "e5d3180c14bf27a5409fa12b104a8fd7e9639609bfde6ee82bbf9648be2546d" + "29688a65e2e3f3da47a45ac14343c9c02", + "e5353431ffae097f675cbf498869f6fbb6e1c9f2" }, + { 392, "e7b6e4b69f724327e41e1188a37f4fe38b1dba19cbf5a7311d6e32f1038e97a" + "b506ee05aebebc1eed09fc0e357109818b9", + "b8720a7068a085c018ab18961de2765aa6cd9ac4" }, + { 400, "bc880cb83b8ac68ef2fedc2da95e7677ce2aa18b0e2d8b322701f67af7d5e7a" + "0d96e9e33326ccb7747cfff0852b961bfd475", + "b0732181568543ba85f2b6da602b4b065d9931aa" }, + { 408, "235ea9c2ba7af25400f2e98a47a291b0bccdaad63faa2475721fda5510cc7da" + "d814bce8dabb611790a6abe56030b798b75c944", + "9c22674cf3222c3ba921672694aafee4ce67b96b" }, + { 416, "07e3e29fed63104b8410f323b975fd9fba53f636af8c4e68a53fb202ca35dd9" + "ee07cb169ec5186292e44c27e5696a967f5e67709", + "d128335f4cecca9066cdae08958ce656ff0b4cfc" }, + { 424, "65d2a1dd60a517eb27bfbf530cf6a5458f9d5f4730058bd9814379547f34241" + "822bf67e6335a6d8b5ed06abf8841884c636a25733f", + "0b67c57ac578de88a2ae055caeaec8bb9b0085a0" }, + { 432, "dcc86b3bd461615bab739d8daafac231c0f462e819ad29f9f14058f3ab5b759" + "41d4241ea2f17ebb8a458831b37a9b16dead4a76a9b0e", + "c766f912a89d4ccda88e0cce6a713ef5f178b596" }, + { 440, "4627d54f0568dc126b62a8c35fb46a9ac5024400f2995e51635636e1afc4373" + "dbb848eb32df23914230560b82477e9c3572647a7f2bb92", + "9aa3925a9dcb177b15ccff9b78e70cf344858779" }, + { 448, "ba531affd4381168ef24d8b275a84d9254c7f5cc55fded53aa8024b2c5c5c8a" + "a7146fe1d1b83d62b70467e9a2e2cb67b3361830adbab28d7", + "4811fa30042fc076acf37c8e2274d025307e5943" }, + { 456, "8764dcbcf89dcf4282eb644e3d568bdccb4b13508bfa7bfe0ffc05efd1390be" + "22109969262992d377691eb4f77f3d59ea8466a74abf57b2ef4", + "6743018450c9730761ee2b130df9b91c1e118150" }, + { 464, "497d9df9ddb554f3d17870b1a31986c1be277bc44feff713544217a9f579623" + "d18b5ffae306c25a45521d2759a72c0459b58957255ab592f3be4", + "71ad4a19d37d92a5e6ef3694ddbeb5aa61ada645" }, + { 472, "72c3c2e065aefa8d9f7a65229e818176eef05da83f835107ba90ec2e95472e7" + "3e538f783b416c04654ba8909f26a12db6e5c4e376b7615e4a25819", + "a7d9dc68dacefb7d6116186048cb355cc548e11d" }, + { 480, "7cc9894454d0055ab5069a33984e2f712bef7e3124960d33559f5f3b81906bb" + "66fe64da13c153ca7f5cabc89667314c32c01036d12ecaf5f9a78de98", + "142e429f0522ba5abf5131fa81df82d355b96909" }, + { 488, "74e8404d5a453c5f4d306f2cfa338ca65501c840ddab3fb82117933483afd69" + "13c56aaf8a0a0a6b2a342fc3d9dc7599f4a850dfa15d06c61966d74ea59", + "ef72db70dcbcab991e9637976c6faf00d22caae9" }, + { 496, "46fe5ed326c8fe376fcc92dc9e2714e2240d3253b105adfbb256ff7a19bc409" + "75c604ad7c0071c4fd78a7cb64786e1bece548fa4833c04065fe593f6fb10", + "f220a7457f4588d639dc21407c942e9843f8e26b" }, + { 504, "836dfa2524d621cf07c3d2908835de859e549d35030433c796b81272fd8bc03" + "48e8ddbc7705a5ad1fdf2155b6bc48884ac0cd376925f069a37849c089c864" + "5", + "ddd2117b6e309c233ede85f962a0c2fc215e5c69" }, + { 512, "7e3a4c325cb9c52b88387f93d01ae86d42098f5efa7f9457388b5e74b6d28b2" + "438d42d8b64703324d4aa25ab6aad153ae30cd2b2af4d5e5c00a8a2d0220c61" + "16", + "a3054427cdb13f164a610b348702724c808a0dcc" } + }; + + for (i = 0; i < 65; i++) { + err = hash_test_case_add(&sha1_test_case_list, tc[i].hex_data, + tc[i].bit_len / 8, tc[i].hex_hash, 20); + if (err) { + printf("error adding hash test case (code %d)\n", err); + return err; + } } - }; - - for (i=0; i < 65; i++) { - err = hash_test_case_add(&sha1_test_case_list, - tc[i].hex_data, - tc[i].bit_len/8, - tc[i].hex_hash, 20); - if (err) { - printf("error adding hash test case (code %d)\n", err); - return err; - } - } - - return srtp_err_status_ok; + return srtp_err_status_ok; } -srtp_err_status_t -sha1_dealloc_test_cases(void) { - hash_test_case_t *t, *next; - - for (t = sha1_test_case_list; t != NULL; t = next) { - next = t->next_test_case; - free(t); - } +srtp_err_status_t sha1_dealloc_test_cases(void) +{ + hash_test_case_t *t, *next; + + for (t = sha1_test_case_list; t != NULL; t = next) { + next = t->next_test_case; + free(t); + } - sha1_test_case_list = NULL; + sha1_test_case_list = NULL; - return srtp_err_status_ok; + return srtp_err_status_ok; } +srtp_err_status_t sha1_validate(void) +{ + hash_test_case_t *test_case; + srtp_err_status_t err; - -srtp_err_status_t -sha1_validate(void) { - hash_test_case_t *test_case; - srtp_err_status_t err; - - err = sha1_add_test_cases(); - if (err) { - printf("error adding SHA1 test cases (error code %d)\n", err); - return err; - } - - if (sha1_test_case_list == NULL) - return srtp_err_status_cant_check; - - test_case = sha1_test_case_list; - while (test_case != NULL) { - err = sha1_test_case_validate(test_case); + err = sha1_add_test_cases(); if (err) { - printf("error validating hash test case (error code %d)\n", err); - return err; + printf("error adding SHA1 test cases (error code %d)\n", err); + return err; } - test_case = test_case->next_test_case; - } - sha1_dealloc_test_cases(); + if (sha1_test_case_list == NULL) + return srtp_err_status_cant_check; - return srtp_err_status_ok; -} + test_case = sha1_test_case_list; + while (test_case != NULL) { + err = sha1_test_case_validate(test_case); + if (err) { + printf("error validating hash test case (error code %d)\n", err); + return err; + } + test_case = test_case->next_test_case; + } + sha1_dealloc_test_cases(); + return srtp_err_status_ok; +} -int -main (void) { - srtp_err_status_t err; - - printf("sha1 test driver\n"); - - err = sha1_validate(); - if (err) { - printf("SHA1 did not pass validation testing\n"); - return 1; - } - printf("SHA1 passed validation tests\n"); +int main(void) +{ + srtp_err_status_t err; - return 0; + printf("sha1 test driver\n"); + + err = sha1_validate(); + if (err) { + printf("SHA1 did not pass validation testing\n"); + return 1; + } + printf("SHA1 passed validation tests\n"); + return 0; } diff -Nru libsrtp2-2.1.0/crypto/test/stat_driver.c libsrtp2-2.2.0/crypto/test/stat_driver.c --- libsrtp2-2.1.0/crypto/test/stat_driver.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/crypto/test/stat_driver.c 2018-05-15 19:33:24.000000000 +0000 @@ -8,26 +8,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -44,10 +44,10 @@ */ #ifdef HAVE_CONFIG_H - #include <config.h> +#include <config.h> #endif -#include <stdio.h> /* for printf() */ +#include <stdio.h> /* for printf() */ #include "err.h" #include "stat.h" @@ -56,192 +56,203 @@ #include "cipher.h" typedef struct { - void *state; + void *state; } random_source_t; -srtp_err_status_t -random_source_alloc(void); +srtp_err_status_t random_source_alloc(void); -void -err_check(srtp_err_status_t s) { - if (s) { - printf("error (code %d)\n", s); - exit(1); - } +void err_check(srtp_err_status_t s) +{ + if (s) { + printf("error (code %d)\n", s); + exit(1); + } } -int -main (int argc, char *argv[]) { - uint8_t buffer[2532]; - unsigned int buf_len = 2500; - int i, j; - extern srtp_cipher_type_t srtp_aes_icm_128; - extern srtp_cipher_type_t srtp_aes_icm_256; +int main(int argc, char *argv[]) +{ + uint8_t buffer[2532]; + unsigned int buf_len = 2500; + int i, j; + extern srtp_cipher_type_t srtp_aes_icm_128; + extern srtp_cipher_type_t srtp_aes_icm_256; #ifdef OPENSSL - extern srtp_cipher_type_t srtp_aes_gcm_128_openssl; - extern srtp_cipher_type_t srtp_aes_gcm_256_openssl; + extern srtp_cipher_type_t srtp_aes_gcm_128_openssl; + extern srtp_cipher_type_t srtp_aes_gcm_256_openssl; #endif - srtp_cipher_t *c; - uint8_t key[46] = { - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, - 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 + srtp_cipher_t *c; + /* clang-format off */ + uint8_t key[46] = { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05 }; - v128_t nonce; - int num_trials = 500; - int num_fail; - - printf("statistical tests driver\n"); - - v128_set_to_zero(&nonce); - for (i=0; i < 2500; i++) - buffer[i] = 0; - - /* run tests */ - printf("running stat_tests on all-null buffer, expecting failure\n"); - printf("monobit %d\n", stat_test_monobit(buffer)); - printf("poker %d\n", stat_test_poker(buffer)); - printf("runs %d\n", stat_test_runs(buffer)); - - for (i=0; i < 2500; i++) - buffer[i] = rand(); - printf("running stat_tests on rand(), expecting success\n"); - printf("monobit %d\n", stat_test_monobit(buffer)); - printf("poker %d\n", stat_test_poker(buffer)); - printf("runs %d\n", stat_test_runs(buffer)); - - printf("running stat_tests on AES-128-ICM, expecting success\n"); - /* set buffer to cipher output */ - for (i=0; i < 2500; i++) - buffer[i] = 0; - err_check(srtp_cipher_type_alloc(&srtp_aes_icm_128, &c, SRTP_AES_ICM_128_KEY_LEN_WSALT, 0)); - err_check(srtp_cipher_init(c, key)); - err_check(srtp_cipher_set_iv(c, (uint8_t*)&nonce, srtp_direction_encrypt)); - err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); - /* run tests on cipher outout */ - printf("monobit %d\n", stat_test_monobit(buffer)); - printf("poker %d\n", stat_test_poker(buffer)); - printf("runs %d\n", stat_test_runs(buffer)); - - printf("runs test (please be patient): "); - fflush(stdout); - num_fail = 0; - v128_set_to_zero(&nonce); - for(j=0; j < num_trials; j++) { - for (i=0; i < 2500; i++) - buffer[i] = 0; - nonce.v32[3] = i; - err_check(srtp_cipher_set_iv(c, (uint8_t*)&nonce, srtp_direction_encrypt)); - err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); - if (stat_test_runs(buffer)) { - num_fail++; - } - } + /* clang-format on */ + v128_t nonce; + int num_trials = 500; + int num_fail; - printf("%d failures in %d tests\n", num_fail, num_trials); - printf("(nota bene: a small fraction of stat_test failures does not \n" - "indicate that the random source is invalid)\n"); - - err_check(srtp_cipher_dealloc(c)); - - printf("running stat_tests on AES-256-ICM, expecting success\n"); - /* set buffer to cipher output */ - for (i=0; i < 2500; i++) - buffer[i] = 0; - err_check(srtp_cipher_type_alloc(&srtp_aes_icm_256, &c, SRTP_AES_ICM_256_KEY_LEN_WSALT, 0)); - err_check(srtp_cipher_init(c, key)); - err_check(srtp_cipher_set_iv(c, (uint8_t*)&nonce, srtp_direction_encrypt)); - err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); - /* run tests on cipher outout */ - printf("monobit %d\n", stat_test_monobit(buffer)); - printf("poker %d\n", stat_test_poker(buffer)); - printf("runs %d\n", stat_test_runs(buffer)); - - printf("runs test (please be patient): "); - fflush(stdout); - num_fail = 0; - v128_set_to_zero(&nonce); - for(j=0; j < num_trials; j++) { - for (i=0; i < 2500; i++) - buffer[i] = 0; - nonce.v32[3] = i; - err_check(srtp_cipher_set_iv(c, (uint8_t*)&nonce, srtp_direction_encrypt)); - err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); - if (stat_test_runs(buffer)) { - num_fail++; - } - } + printf("statistical tests driver\n"); -#ifdef OPENSSL - { - printf("running stat_tests on AES-128-GCM, expecting success\n"); + v128_set_to_zero(&nonce); + for (i = 0; i < 2500; i++) + buffer[i] = 0; + + /* run tests */ + printf("running stat_tests on all-null buffer, expecting failure\n"); + printf("monobit %d\n", stat_test_monobit(buffer)); + printf("poker %d\n", stat_test_poker(buffer)); + printf("runs %d\n", stat_test_runs(buffer)); + + for (i = 0; i < 2500; i++) + buffer[i] = rand(); + printf("running stat_tests on rand(), expecting success\n"); + printf("monobit %d\n", stat_test_monobit(buffer)); + printf("poker %d\n", stat_test_poker(buffer)); + printf("runs %d\n", stat_test_runs(buffer)); + + printf("running stat_tests on AES-128-ICM, expecting success\n"); /* set buffer to cipher output */ - for (i=0; i < 2500; i++) { - buffer[i] = 0; - } - err_check(srtp_cipher_type_alloc(&srtp_aes_gcm_128_openssl, &c, SRTP_AES_GCM_128_KEY_LEN_WSALT, 8)); + for (i = 0; i < 2500; i++) + buffer[i] = 0; + err_check(srtp_cipher_type_alloc(&srtp_aes_icm_128, &c, + SRTP_AES_ICM_128_KEY_LEN_WSALT, 0)); err_check(srtp_cipher_init(c, key)); - err_check(srtp_cipher_set_iv(c, (uint8_t*)&nonce, srtp_direction_encrypt)); + err_check(srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt)); err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); /* run tests on cipher outout */ printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); + + printf("runs test (please be patient): "); fflush(stdout); num_fail = 0; v128_set_to_zero(&nonce); - for(j=0; j < num_trials; j++) { - for (i=0; i < 2500; i++) { - buffer[i] = 0; - } - nonce.v32[3] = i; - err_check(srtp_cipher_set_iv(c, (uint8_t*)&nonce, srtp_direction_encrypt)); - err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); - buf_len = 2500; - if (stat_test_runs(buffer)) { - num_fail++; - } - } + for (j = 0; j < num_trials; j++) { + for (i = 0; i < 2500; i++) + buffer[i] = 0; + nonce.v32[3] = i; + err_check( + srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt)); + err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); + if (stat_test_runs(buffer)) { + num_fail++; + } + } + + printf("%d failures in %d tests\n", num_fail, num_trials); + printf("(nota bene: a small fraction of stat_test failures does not \n" + "indicate that the random source is invalid)\n"); + + err_check(srtp_cipher_dealloc(c)); - printf("running stat_tests on AES-256-GCM, expecting success\n"); + printf("running stat_tests on AES-256-ICM, expecting success\n"); /* set buffer to cipher output */ - for (i=0; i < 2500; i++) { - buffer[i] = 0; - } - err_check(srtp_cipher_type_alloc(&srtp_aes_gcm_256_openssl, &c, SRTP_AES_GCM_256_KEY_LEN_WSALT, 16)); + for (i = 0; i < 2500; i++) + buffer[i] = 0; + err_check(srtp_cipher_type_alloc(&srtp_aes_icm_256, &c, + SRTP_AES_ICM_256_KEY_LEN_WSALT, 0)); err_check(srtp_cipher_init(c, key)); - err_check(srtp_cipher_set_iv(c, (uint8_t*)&nonce, srtp_direction_encrypt)); + err_check(srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt)); err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); /* run tests on cipher outout */ printf("monobit %d\n", stat_test_monobit(buffer)); printf("poker %d\n", stat_test_poker(buffer)); printf("runs %d\n", stat_test_runs(buffer)); + + printf("runs test (please be patient): "); fflush(stdout); num_fail = 0; v128_set_to_zero(&nonce); - for(j=0; j < num_trials; j++) { - for (i=0; i < 2500; i++) { - buffer[i] = 0; - } - nonce.v32[3] = i; - err_check(srtp_cipher_set_iv(c, (uint8_t*)&nonce, srtp_direction_encrypt)); - err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); - buf_len = 2500; - if (stat_test_runs(buffer)) { - num_fail++; - } + for (j = 0; j < num_trials; j++) { + for (i = 0; i < 2500; i++) + buffer[i] = 0; + nonce.v32[3] = i; + err_check( + srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt)); + err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); + if (stat_test_runs(buffer)) { + num_fail++; + } + } + +#ifdef OPENSSL + { + printf("running stat_tests on AES-128-GCM, expecting success\n"); + /* set buffer to cipher output */ + for (i = 0; i < 2500; i++) { + buffer[i] = 0; + } + err_check(srtp_cipher_type_alloc(&srtp_aes_gcm_128_openssl, &c, + SRTP_AES_GCM_128_KEY_LEN_WSALT, 8)); + err_check(srtp_cipher_init(c, key)); + err_check( + srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt)); + err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); + /* run tests on cipher outout */ + printf("monobit %d\n", stat_test_monobit(buffer)); + printf("poker %d\n", stat_test_poker(buffer)); + printf("runs %d\n", stat_test_runs(buffer)); + fflush(stdout); + num_fail = 0; + v128_set_to_zero(&nonce); + for (j = 0; j < num_trials; j++) { + for (i = 0; i < 2500; i++) { + buffer[i] = 0; + } + nonce.v32[3] = i; + err_check(srtp_cipher_set_iv(c, (uint8_t *)&nonce, + srtp_direction_encrypt)); + err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); + buf_len = 2500; + if (stat_test_runs(buffer)) { + num_fail++; + } + } + + printf("running stat_tests on AES-256-GCM, expecting success\n"); + /* set buffer to cipher output */ + for (i = 0; i < 2500; i++) { + buffer[i] = 0; + } + err_check(srtp_cipher_type_alloc(&srtp_aes_gcm_256_openssl, &c, + SRTP_AES_GCM_256_KEY_LEN_WSALT, 16)); + err_check(srtp_cipher_init(c, key)); + err_check( + srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt)); + err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); + /* run tests on cipher outout */ + printf("monobit %d\n", stat_test_monobit(buffer)); + printf("poker %d\n", stat_test_poker(buffer)); + printf("runs %d\n", stat_test_runs(buffer)); + fflush(stdout); + num_fail = 0; + v128_set_to_zero(&nonce); + for (j = 0; j < num_trials; j++) { + for (i = 0; i < 2500; i++) { + buffer[i] = 0; + } + nonce.v32[3] = i; + err_check(srtp_cipher_set_iv(c, (uint8_t *)&nonce, + srtp_direction_encrypt)); + err_check(srtp_cipher_encrypt(c, buffer, &buf_len)); + buf_len = 2500; + if (stat_test_runs(buffer)) { + num_fail++; + } + } } - } #endif - printf("%d failures in %d tests\n", num_fail, num_trials); - printf("(nota bene: a small fraction of stat_test failures does not \n" - "indicate that the random source is invalid)\n"); + printf("%d failures in %d tests\n", num_fail, num_trials); + printf("(nota bene: a small fraction of stat_test failures does not \n" + "indicate that the random source is invalid)\n"); - err_check(srtp_cipher_dealloc(c)); + err_check(srtp_cipher_dealloc(c)); - return 0; + return 0; } diff -Nru libsrtp2-2.1.0/debian/changelog libsrtp2-2.2.0/debian/changelog --- libsrtp2-2.1.0/debian/changelog 2018-05-30 10:52:07.000000000 +0000 +++ libsrtp2-2.2.0/debian/changelog 2019-07-09 09:46:31.000000000 +0000 @@ -1,3 +1,11 @@ +libsrtp2 (2.2.0-1ppa1~ubuntu14.04) unstable; urgency=medium + + * Imported Upstream version 2.2.0 + * Update patches for new upstream version. + * Update symbols for new upstream version. + + -- Joachim Bauch <bauch@struktur.de> Tue, 09 Jul 2019 11:46:20 +0200 + libsrtp2 (2.1.0-1ppa3~ubuntu14.04) unstable; urgency=medium * Add patch to fix broken OPENSSL_cleanse. diff -Nru libsrtp2-2.1.0/debian/libsrtp2-1.symbols libsrtp2-2.2.0/debian/libsrtp2-1.symbols --- libsrtp2-2.1.0/debian/libsrtp2-1.symbols 2017-11-20 14:55:40.000000000 +0000 +++ libsrtp2-2.2.0/debian/libsrtp2-1.symbols 2019-07-09 09:19:25.000000000 +0000 @@ -1,9 +1,9 @@ # SymbolsHelper-Confirmed: 2.0.0+20170516 alpha amd64 arm64 armel armhf hppa hurd-i386 i386 kfreebsd-amd64 kfreebsd-i386 m68k mips mips64el mipsel powerpc powerpcspe ppc64 ppc64el s390x sh4 sparc64 x32 libsrtp2.so.1 libsrtp2-1 #MINVER# - SHA_K0@Base 2.0.0 - SHA_K1@Base 2.0.0 - SHA_K2@Base 2.0.0 - SHA_K3@Base 2.0.0 +#MISSING: 2.2.0# SHA_K0@Base 2.0.0 +#MISSING: 2.2.0# SHA_K1@Base 2.0.0 +#MISSING: 2.2.0# SHA_K2@Base 2.0.0 +#MISSING: 2.2.0# SHA_K3@Base 2.0.0 aes_decrypt_with_raw_key@Base 2.0.0 bit_string@Base 2.0.0 bitvector_alloc@Base 2.0.0 @@ -12,21 +12,25 @@ bitvector_left_shift@Base 2.0.0 bitvector_set_to_zero@Base 2.0.0 crypto_kernel@Base 2.0.0 - mod_alloc@Base 2.0.0 + get_protect_trailer_length@Base 2.2.0 +#MISSING: 2.2.0# mod_alloc@Base 2.0.0 mod_srtp@Base 2.0.0 - mod_stat@Base 2.0.0 +#MISSING: 2.2.0# mod_stat@Base 2.0.0 octet_get_weight@Base 2.0.0 octet_string_is_eq@Base 2.0.0 octet_string_set_to_zero@Base 2.0.0 - octet_weight@Base 2.0.0 +#MISSING: 2.2.0# octet_weight@Base 2.0.0 srtcp_ekt_trailer@Base 2.0.0 srtp_add_stream@Base 2.0.0 - srtp_aes_decrypt@Base 2.0.0 - srtp_aes_encrypt@Base 2.0.0 - srtp_aes_expand_decryption_key@Base 2.0.0 - srtp_aes_expand_encryption_key@Base 2.0.0 +#MISSING: 2.2.0# srtp_aes_decrypt@Base 2.0.0 +#MISSING: 2.2.0# srtp_aes_encrypt@Base 2.0.0 +#MISSING: 2.2.0# srtp_aes_expand_decryption_key@Base 2.0.0 +#MISSING: 2.2.0# srtp_aes_expand_encryption_key@Base 2.0.0 + srtp_aes_gcm_128_openssl@Base 2.2.0 + srtp_aes_gcm_256_openssl@Base 2.2.0 #MISSING: 2.0.0+20170516# srtp_aes_icm@Base 2.0.0 srtp_aes_icm_128@Base 2.0.0+20170516 + srtp_aes_icm_192@Base 2.2.0 srtp_aes_icm_256@Base 2.0.0+20170516 srtp_append_salt_to_key@Base 2.0.0 srtp_auth_get_key_length@Base 2.0.0 @@ -66,9 +70,18 @@ srtp_crypto_kernel_status@Base 2.0.0 srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32@Base 2.0.0 srtp_crypto_policy_set_aes_cm_128_null_auth@Base 2.0.0 + srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32@Base 2.2.0 + srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80@Base 2.2.0 + srtp_crypto_policy_set_aes_cm_192_null_auth@Base 2.2.0 srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32@Base 2.0.0 srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80@Base 2.0.0 srtp_crypto_policy_set_aes_cm_256_null_auth@Base 2.0.0 + srtp_crypto_policy_set_aes_gcm_128_16_auth@Base 2.2.0 + srtp_crypto_policy_set_aes_gcm_128_8_auth@Base 2.2.0 + srtp_crypto_policy_set_aes_gcm_128_8_only_auth@Base 2.2.0 + srtp_crypto_policy_set_aes_gcm_256_16_auth@Base 2.2.0 + srtp_crypto_policy_set_aes_gcm_256_8_auth@Base 2.2.0 + srtp_crypto_policy_set_aes_gcm_256_8_only_auth@Base 2.2.0 srtp_crypto_policy_set_from_profile_for_rtcp@Base 2.0.0 srtp_crypto_policy_set_from_profile_for_rtp@Base 2.0.0 srtp_crypto_policy_set_null_cipher_hmac_null@Base 2.0.0 @@ -109,12 +122,15 @@ srtp_key_limit_set@Base 2.0.0 srtp_key_limit_update@Base 2.0.0 srtp_list_debug_modules@Base 2.0.0 + srtp_mod_aes_gcm@Base 2.2.0 srtp_mod_aes_icm@Base 2.0.0 + srtp_mod_alloc@Base 2.2.0 srtp_mod_auth@Base 2.0.0 srtp_mod_cipher@Base 2.0.0 srtp_mod_crypto_kernel@Base 2.0.0 srtp_mod_hmac@Base 2.0.0 - srtp_mod_sha1@Base 2.0.0 +#MISSING: 2.2.0# srtp_mod_sha1@Base 2.0.0 + srtp_mod_stat@Base 2.2.0 srtp_nibble_to_hex_char@Base 2.0.0 srtp_null_auth@Base 2.0.0 srtp_null_cipher@Base 2.0.0 @@ -146,11 +162,11 @@ srtp_set_debug_module@Base 2.0.0 srtp_set_stream_roc@Base 2.0.0+20170516 srtp_set_user_data@Base 2.0.0 - srtp_sha1@Base 2.0.0 - srtp_sha1_core@Base 2.0.0 - srtp_sha1_final@Base 2.0.0 - srtp_sha1_init@Base 2.0.0 - srtp_sha1_update@Base 2.0.0 +#MISSING: 2.2.0# srtp_sha1@Base 2.0.0 +#MISSING: 2.2.0# srtp_sha1_core@Base 2.0.0 +#MISSING: 2.2.0# srtp_sha1_final@Base 2.0.0 +#MISSING: 2.2.0# srtp_sha1_init@Base 2.0.0 +#MISSING: 2.2.0# srtp_sha1_update@Base 2.0.0 srtp_shutdown@Base 2.0.0 srtp_stream_alloc@Base 2.0.0 srtp_stream_clone@Base 2.0.0 @@ -169,6 +185,7 @@ stat_test_monobit@Base 2.0.0 stat_test_poker@Base 2.0.0 stat_test_runs@Base 2.0.0 + stream_get_protect_trailer_length@Base 2.2.0 ut_compar@Base 2.0.0 ut_init@Base 2.0.0 ut_next_index@Base 2.0.0 diff -Nru libsrtp2-2.1.0/debian/patches/1004_make_runtest_more_verbose.patch libsrtp2-2.2.0/debian/patches/1004_make_runtest_more_verbose.patch --- libsrtp2-2.1.0/debian/patches/1004_make_runtest_more_verbose.patch 2017-11-20 14:55:40.000000000 +0000 +++ libsrtp2-2.2.0/debian/patches/1004_make_runtest_more_verbose.patch 2019-07-09 09:05:48.000000000 +0000 @@ -6,7 +6,7 @@ --- a/Makefile.in +++ b/Makefile.in -@@ -22,17 +22,17 @@ +@@ -23,17 +23,17 @@ runtest: test @echo "running libsrtp2 test applications..." @@ -18,7 +18,7 @@ - test/roc_driver$(EXE) -v >/dev/null - test/replay_driver$(EXE) -v >/dev/null - test/dtls_srtp_driver$(EXE) >/dev/null -- cd test; $(abspath $(srcdir))/test/rtpw_test.sh >/dev/null +- cd test; $(abspath $(srcdir))/test/rtpw_test.sh -w $(abspath $(srcdir))/test/words.txt >/dev/null + crypto/test/cipher_driver$(EXE) -v + crypto/test/kernel_driver$(EXE) -v + test/test_srtp$(EXE) @@ -27,10 +27,10 @@ + test/roc_driver$(EXE) -v + test/replay_driver$(EXE) -v + test/dtls_srtp_driver$(EXE) -+ cd test; $(abspath $(srcdir))/test/rtpw_test.sh ++ cd test; $(abspath $(srcdir))/test/rtpw_test.sh -w $(abspath $(srcdir))/test/words.txt ifeq (1, $(USE_OPENSSL)) -- cd test; $(abspath $(srcdir))/test/rtpw_test_gcm.sh >/dev/null -+ cd test; $(abspath $(srcdir))/test/rtpw_test_gcm.sh +- cd test; $(abspath $(srcdir))/test/rtpw_test_gcm.sh -w $(abspath $(srcdir))/test/words.txt >/dev/null ++ cd test; $(abspath $(srcdir))/test/rtpw_test_gcm.sh -w $(abspath $(srcdir))/test/words.txt endif @echo "libsrtp2 test applications passed." $(MAKE) -C crypto runtest diff -Nru libsrtp2-2.1.0/debian/patches/1005_fix_data_alignment.patch libsrtp2-2.2.0/debian/patches/1005_fix_data_alignment.patch --- libsrtp2-2.1.0/debian/patches/1005_fix_data_alignment.patch 2017-11-20 14:55:40.000000000 +0000 +++ libsrtp2-2.2.0/debian/patches/1005_fix_data_alignment.patch 2019-07-09 09:05:52.000000000 +0000 @@ -7,7 +7,7 @@ --- a/test/srtp_driver.c +++ b/test/srtp_driver.c -@@ -1679,14 +1679,14 @@ +@@ -1628,14 +1628,14 @@ 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab }; diff -Nru libsrtp2-2.1.0/debian/patches/3001_detect_broken_openssl_cleanse.patch libsrtp2-2.2.0/debian/patches/3001_detect_broken_openssl_cleanse.patch --- libsrtp2-2.1.0/debian/patches/3001_detect_broken_openssl_cleanse.patch 2018-05-30 10:51:42.000000000 +0000 +++ libsrtp2-2.2.0/debian/patches/3001_detect_broken_openssl_cleanse.patch 2019-07-09 09:10:18.000000000 +0000 @@ -33,7 +33,7 @@ --- a/configure +++ b/configure -@@ -5552,6 +5552,60 @@ +@@ -5565,6 +5565,60 @@ USE_OPENSSL=1 @@ -94,8 +94,8 @@ { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to leverage OpenSSL KDF algorithm" >&5 $as_echo_n "checking whether to leverage OpenSSL KDF algorithm... " >&6; } # Check whether --enable-openssl-kdf was given. ---- a/configure.in -+++ b/configure.in +--- a/configure.ac ++++ b/configure.ac @@ -254,6 +254,31 @@ HMAC_OBJS=crypto/hash/hmac_ossl.o AC_SUBST([USE_OPENSSL], [1]) @@ -130,38 +130,37 @@ [AS_HELP_STRING([--enable-openssl-kdf], [Use OpenSSL KDF algorithm])], --- a/crypto/math/datatypes.c +++ b/crypto/math/datatypes.c -@@ -471,7 +471,7 @@ - void - octet_string_set_to_zero(void *s, size_t len) +@@ -436,7 +436,7 @@ + + void octet_string_set_to_zero(void *s, size_t len) { -#ifdef OPENSSL +#if defined(OPENSSL) && !defined(OPENSSL_CLEANSE_BROKEN) - OPENSSL_cleanse(s, len); + OPENSSL_cleanse(s, len); #else - srtp_cleanse(s, len); + srtp_cleanse(s, len); --- a/crypto/test/datatypes_driver.c +++ b/crypto/test/datatypes_driver.c -@@ -65,6 +65,9 @@ - void - test_bswap(void); - -+void -+test_set_to_zero(void); -+ - int - main (void) { - -@@ -143,6 +146,7 @@ - printf(" } \n"); +@@ -60,6 +60,8 @@ + + void test_bswap(void); + ++void test_set_to_zero(void); ++ + int main(void) + { + /* +@@ -135,6 +137,7 @@ + printf(" } \n"); - test_bswap(); -+ test_set_to_zero(); + test_bswap(); ++ test_set_to_zero(); - return 0; + return 0; } -@@ -240,3 +244,26 @@ - printf("bswapped octet string: %s\n", - octet_string_hex_string((uint8_t *) &y, 8)); +@@ -228,3 +231,26 @@ + printf("bswapped octet string: %s\n", + octet_string_hex_string((uint8_t *)&y, 8)); } + +void test_set_to_zero(void) diff -Nru libsrtp2-2.1.0/format.sh libsrtp2-2.2.0/format.sh --- libsrtp2-2.1.0/format.sh 1970-01-01 00:00:00.000000000 +0000 +++ libsrtp2-2.2.0/format.sh 2018-05-15 19:33:24.000000000 +0000 @@ -0,0 +1,35 @@ +#!/bin/sh +# +# format.sh +# +# run clang-format on each .c & .h file +# +# assumes git tree is clean when reporting status + +if [ -z "${CLANG_FORMAT}" ]; then + CLANG_FORMAT=clang-format +fi + +a=`git ls-files '*.h' '*.c'` +for x in $a; do + if [ $x != "config_in.h" ]; then + $CLANG_FORMAT -i -style=file $x + fi +done + +m=`git ls-files -m` +if [ -n "$m" ]; then + v=`$CLANG_FORMAT -version` + echo "Fromatting required when checking with $v" + echo + echo "The following files required formatting:" + for f in $m; do + echo $f + done + if [ "$1" = "-d" ]; then + echo + git diff + fi + exit 1 +fi +exit 0 diff -Nru libsrtp2-2.1.0/include/ekt.h libsrtp2-2.2.0/include/ekt.h --- libsrtp2-2.1.0/include/ekt.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/include/ekt.h 2018-05-15 19:33:24.000000000 +0000 @@ -7,26 +7,26 @@ * Cisco Systems, Inc. */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -42,15 +42,13 @@ * */ - - /* - * EKT implementation strategy - * + * EKT implementation strategy + * * use stream_template approach * * in srtp_unprotect, when a new stream appears, check if template has - * EKT defined, and if it does, then apply EKT processing + * EKT defined, and if it does, then apply EKT processing * * question: will we want to allow key-sharing templates in addition * to EKT templates? could define a new ssrc_type_t that's associated @@ -69,14 +67,13 @@ extern "C" { #endif -#define SRTP_EKT_CIPHER_DEFAULT 1 -#define SRTP_EKT_CIPHER_AES_128_ECB 1 -#define SRTP_EKT_CIPHER_AES_192_KEY_WRAP 2 -#define SRTP_EKT_CIPHER_AES_256_KEY_WRAP 3 +#define SRTP_EKT_CIPHER_DEFAULT 1 +#define SRTP_EKT_CIPHER_AES_128_ECB 1 +#define SRTP_EKT_CIPHER_AES_192_KEY_WRAP 2 +#define SRTP_EKT_CIPHER_AES_256_KEY_WRAP 3 typedef uint16_t srtp_ekt_spi_t; - unsigned srtp_ekt_octets_after_base_tag(srtp_ekt_stream_t ekt); /* @@ -88,24 +85,23 @@ */ typedef struct srtp_ekt_policy_ctx_t { - srtp_ekt_spi_t spi; /* security parameter index */ - uint8_t ekt_cipher_type; - uint8_t *ekt_key; - struct srtp_ekt_policy_ctx_t *next_ekt_policy; + srtp_ekt_spi_t spi; /* security parameter index */ + uint8_t ekt_cipher_type; + uint8_t *ekt_key; + struct srtp_ekt_policy_ctx_t *next_ekt_policy; } srtp_ekt_policy_ctx_t; - /* * an srtp_ekt_data_t structure holds the data corresponding to an ekt key, * spi, and so on */ typedef struct srtp_ekt_data_t { - srtp_ekt_spi_t spi; - uint8_t ekt_cipher_type; - srtp_aes_expanded_key_t ekt_enc_key; - srtp_aes_expanded_key_t ekt_dec_key; - struct ekt_data_t *next_ekt_data; + srtp_ekt_spi_t spi; + uint8_t ekt_cipher_type; + srtp_aes_expanded_key_t ekt_enc_key; + srtp_aes_expanded_key_t ekt_dec_key; + struct ekt_data_t *next_ekt_data; } srtp_ekt_data_t; /* @@ -116,25 +112,31 @@ */ typedef struct srtp_ekt_stream_ctx_t { - srtp_ekt_data_t *data; - uint16_t isn; /* initial sequence number */ - uint8_t encrypted_master_key[SRTP_MAX_KEY_LEN]; + srtp_ekt_data_t *data; + uint16_t isn; /* initial sequence number */ + uint8_t encrypted_master_key[SRTP_MAX_KEY_LEN]; } srtp_ekt_stream_ctx_t; +srtp_err_status_t srtp_ekt_alloc(srtp_ekt_stream_t *stream_data, + srtp_ekt_policy_t policy); - -srtp_err_status_t srtp_ekt_alloc(srtp_ekt_stream_t *stream_data, srtp_ekt_policy_t policy); - -srtp_err_status_t srtp_ekt_stream_init(srtp_ekt_stream_t e, srtp_ekt_spi_t spi, void *ekt_key, unsigned ekt_cipher_type); - -srtp_err_status_t srtp_ekt_stream_init_from_policy(srtp_ekt_stream_t e, srtp_ekt_policy_t p); - - - -srtp_err_status_t srtp_stream_init_from_ekt(srtp_stream_t stream, const void *srtcp_hdr, unsigned pkt_octet_len); - - -void srtp_ekt_write_data(srtp_ekt_stream_t ekt, uint8_t *base_tag, unsigned base_tag_len, int *packet_len, srtp_xtd_seq_num_t pkt_index); +srtp_err_status_t srtp_ekt_stream_init(srtp_ekt_stream_t e, + srtp_ekt_spi_t spi, + void *ekt_key, + unsigned ekt_cipher_type); + +srtp_err_status_t srtp_ekt_stream_init_from_policy(srtp_ekt_stream_t e, + srtp_ekt_policy_t p); + +srtp_err_status_t srtp_stream_init_from_ekt(srtp_stream_t stream, + const void *srtcp_hdr, + unsigned pkt_octet_len); + +void srtp_ekt_write_data(srtp_ekt_stream_t ekt, + uint8_t *base_tag, + unsigned base_tag_len, + int *packet_len, + srtp_xtd_seq_num_t pkt_index); /* * We handle EKT by performing some additional steps before @@ -144,10 +146,13 @@ * With EKT, the tag_len parameter is actually the base tag * length */ -srtp_err_status_t srtp_ekt_tag_verification_preproces(uint8_t *pkt_tag, uint8_t *pkt_tag_copy, unsigned tag_len); - -srtp_err_status_t srtp_ekt_tag_verification_postproces(uint8_t *pkt_tag, uint8_t *pkt_tag_copy, unsigned tag_len); - +srtp_err_status_t srtp_ekt_tag_verification_preproces(uint8_t *pkt_tag, + uint8_t *pkt_tag_copy, + unsigned tag_len); + +srtp_err_status_t srtp_ekt_tag_verification_postproces(uint8_t *pkt_tag, + uint8_t *pkt_tag_copy, + unsigned tag_len); /* * @brief EKT pre-processing for srtcp tag generation @@ -157,16 +162,18 @@ * Master Key, the SRTP ROC, the Initial Sequence Number, and SPI * fields. The Base Authentication Tag field is set to the all-zero * value - * + * * When EKT is not used, this function is a no-op. - * + * */ -srtp_err_status_t srtp_stream_srtcp_auth_tag_generation_preprocess(const srtp_stream_t *s, uint8_t *pkt_tag, unsigned pkt_octet_len); +srtp_err_status_t srtp_stream_srtcp_auth_tag_generation_preprocess( + const srtp_stream_t *s, + uint8_t *pkt_tag, + unsigned pkt_octet_len); /* it's not clear that a tag_generation_postprocess function is needed */ srtp_err_status_t srtcp_auth_tag_generation_postprocess(void); - #ifdef __cplusplus } #endif diff -Nru libsrtp2-2.1.0/include/getopt_s.h libsrtp2-2.2.0/include/getopt_s.h --- libsrtp2-2.1.0/include/getopt_s.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/include/getopt_s.h 2018-05-15 19:33:24.000000000 +0000 @@ -7,26 +7,26 @@ * */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -49,17 +49,16 @@ extern "C" { #endif -/* +/* * getopt_s(), optarg_s, and optind_s are small, locally defined * versions of the POSIX standard getopt() interface. */ - -int -getopt_s(int argc, char * const argv[], const char *optstring); -extern char *optarg_s; /* defined in getopt.c */ +int getopt_s(int argc, char *const argv[], const char *optstring); + +extern char *optarg_s; /* defined in getopt.c */ -extern int optind_s; /* defined in getopt.c */ +extern int optind_s; /* defined in getopt.c */ #ifdef __cplusplus } diff -Nru libsrtp2-2.1.0/include/srtp.h libsrtp2-2.2.0/include/srtp.h --- libsrtp2-2.1.0/include/srtp.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/include/srtp.h 2018-05-15 19:33:24.000000000 +0000 @@ -7,26 +7,26 @@ * Cisco Systems, Inc. */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -42,7 +42,6 @@ * */ - #ifndef SRTP_SRTP_H #define SRTP_SRTP_H @@ -70,13 +69,13 @@ /* * SRTP_MAX_KEY_LEN is the maximum key length supported by libSRTP */ -#define SRTP_MAX_KEY_LEN 64 +#define SRTP_MAX_KEY_LEN 64 /* * SRTP_MAX_TAG_LEN is the maximum tag length supported by libSRTP */ -#define SRTP_MAX_TAG_LEN 16 +#define SRTP_MAX_TAG_LEN 16 /** * SRTP_MAX_MKI_LEN is the maximum size the MKI could be which is @@ -84,7 +83,6 @@ */ #define SRTP_MAX_MKI_LEN 128 - /** * SRTP_MAX_TRAILER_LEN is the maximum length of the SRTP trailer * (authentication tag and MKI) supported by libSRTP. This value is @@ -97,32 +95,36 @@ /** * SRTP_MAX_NUM_MASTER_KEYS is the maximum number of Master keys for - * MKI supported by libSRTP. - * + * MKI supported by libSRTP. + * */ #define SRTP_MAX_NUM_MASTER_KEYS 16 -#define SRTP_SALT_LEN 14 +#define SRTP_SALT_LEN 14 + /* * SRTP_AEAD_SALT_LEN is the length of the SALT values used with * GCM mode. GCM mode requires an IV. The SALT value is used * as part of the IV formation logic applied to each RTP packet. */ -#define SRTP_AEAD_SALT_LEN 12 - -#define SRTP_AES_128_KEY_LEN 16 -#define SRTP_AES_192_KEY_LEN 24 -#define SRTP_AES_256_KEY_LEN 32 +#define SRTP_AEAD_SALT_LEN 12 -#define SRTP_AES_ICM_128_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_128_KEY_LEN) -#define SRTP_AES_ICM_192_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_192_KEY_LEN) -#define SRTP_AES_ICM_256_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_256_KEY_LEN) +#define SRTP_AES_128_KEY_LEN 16 +#define SRTP_AES_192_KEY_LEN 24 +#define SRTP_AES_256_KEY_LEN 32 + +#define SRTP_AES_ICM_128_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_128_KEY_LEN) +#define SRTP_AES_ICM_192_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_192_KEY_LEN) +#define SRTP_AES_ICM_256_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_256_KEY_LEN) + +#define SRTP_AES_GCM_128_KEY_LEN_WSALT \ + (SRTP_AEAD_SALT_LEN + SRTP_AES_128_KEY_LEN) +#define SRTP_AES_GCM_192_KEY_LEN_WSALT \ + (SRTP_AEAD_SALT_LEN + SRTP_AES_192_KEY_LEN) +#define SRTP_AES_GCM_256_KEY_LEN_WSALT \ + (SRTP_AEAD_SALT_LEN + SRTP_AES_256_KEY_LEN) -#define SRTP_AES_GCM_128_KEY_LEN_WSALT (SRTP_AEAD_SALT_LEN + SRTP_AES_128_KEY_LEN) -#define SRTP_AES_GCM_192_KEY_LEN_WSALT (SRTP_AEAD_SALT_LEN + SRTP_AES_192_KEY_LEN) -#define SRTP_AES_GCM_256_KEY_LEN_WSALT (SRTP_AEAD_SALT_LEN + SRTP_AES_256_KEY_LEN) - -/** +/** * @brief A srtp_cipher_type_id_t is an identifier for a particular cipher * type. * @@ -131,13 +133,14 @@ * SRTP_NULL_CIPHER is avaliable; this cipher leaves the data unchanged, * and can be selected to indicate that no encryption is to take * place. - * + * * @ingroup Ciphers */ -typedef uint32_t srtp_cipher_type_id_t; +typedef uint32_t srtp_cipher_type_id_t; /** - * @brief An srtp_auth_type_id_t is an identifier for a particular authentication + * @brief An srtp_auth_type_id_t is an identifier for a particular + * authentication * function. * * An srtp_auth_type_id_t is an integer that represents a particular @@ -145,7 +148,7 @@ * avaliable; this authentication function performs no computation, * and can be selected to indicate that no authentication is to take * place. - * + * * @ingroup Authentication */ typedef uint32_t srtp_auth_type_id_t; @@ -159,120 +162,119 @@ * */ typedef enum { - srtp_err_status_ok = 0, /**< nothing to report */ - srtp_err_status_fail = 1, /**< unspecified failure */ - srtp_err_status_bad_param = 2, /**< unsupported parameter */ - srtp_err_status_alloc_fail = 3, /**< couldn't allocate memory */ - srtp_err_status_dealloc_fail = 4, /**< couldn't deallocate properly */ - srtp_err_status_init_fail = 5, /**< couldn't initialize */ - srtp_err_status_terminus = 6, /**< can't process as much data as requested */ - srtp_err_status_auth_fail = 7, /**< authentication failure */ - srtp_err_status_cipher_fail = 8, /**< cipher failure */ - srtp_err_status_replay_fail = 9, /**< replay check failed (bad index) */ - srtp_err_status_replay_old = 10, /**< replay check failed (index too old) */ - srtp_err_status_algo_fail = 11, /**< algorithm failed test routine */ - srtp_err_status_no_such_op = 12, /**< unsupported operation */ - srtp_err_status_no_ctx = 13, /**< no appropriate context found */ - srtp_err_status_cant_check = 14, /**< unable to perform desired validation */ - srtp_err_status_key_expired = 15, /**< can't use key any more */ - srtp_err_status_socket_err = 16, /**< error in use of socket */ - srtp_err_status_signal_err = 17, /**< error in use POSIX signals */ - srtp_err_status_nonce_bad = 18, /**< nonce check failed */ - srtp_err_status_read_fail = 19, /**< couldn't read data */ - srtp_err_status_write_fail = 20, /**< couldn't write data */ - srtp_err_status_parse_err = 21, /**< error parsing data */ - srtp_err_status_encode_err = 22, /**< error encoding data */ - srtp_err_status_semaphore_err = 23,/**< error while using semaphores */ - srtp_err_status_pfkey_err = 24, /**< error while using pfkey */ - srtp_err_status_bad_mki = 25, /**< error MKI present in packet is invalid */ - srtp_err_status_pkt_idx_old = 26, /**< packet index is too old to consider */ - srtp_err_status_pkt_idx_adv = 27 /**< packet index advanced, reset needed */ + srtp_err_status_ok = 0, /**< nothing to report */ + srtp_err_status_fail = 1, /**< unspecified failure */ + srtp_err_status_bad_param = 2, /**< unsupported parameter */ + srtp_err_status_alloc_fail = 3, /**< couldn't allocate memory */ + srtp_err_status_dealloc_fail = 4, /**< couldn't deallocate properly */ + srtp_err_status_init_fail = 5, /**< couldn't initialize */ + srtp_err_status_terminus = 6, /**< can't process as much data as */ + /**< requested */ + srtp_err_status_auth_fail = 7, /**< authentication failure */ + srtp_err_status_cipher_fail = 8, /**< cipher failure */ + srtp_err_status_replay_fail = 9, /**< replay check failed (bad index) */ + srtp_err_status_replay_old = 10, /**< replay check failed (index too */ + /**< old) */ + srtp_err_status_algo_fail = 11, /**< algorithm failed test routine */ + srtp_err_status_no_such_op = 12, /**< unsupported operation */ + srtp_err_status_no_ctx = 13, /**< no appropriate context found */ + srtp_err_status_cant_check = 14, /**< unable to perform desired */ + /**< validation */ + srtp_err_status_key_expired = 15, /**< can't use key any more */ + srtp_err_status_socket_err = 16, /**< error in use of socket */ + srtp_err_status_signal_err = 17, /**< error in use POSIX signals */ + srtp_err_status_nonce_bad = 18, /**< nonce check failed */ + srtp_err_status_read_fail = 19, /**< couldn't read data */ + srtp_err_status_write_fail = 20, /**< couldn't write data */ + srtp_err_status_parse_err = 21, /**< error parsing data */ + srtp_err_status_encode_err = 22, /**< error encoding data */ + srtp_err_status_semaphore_err = 23, /**< error while using semaphores */ + srtp_err_status_pfkey_err = 24, /**< error while using pfkey */ + srtp_err_status_bad_mki = 25, /**< error MKI present in packet is */ + /**< invalid */ + srtp_err_status_pkt_idx_old = 26, /**< packet index is too old to */ + /**< consider */ + srtp_err_status_pkt_idx_adv = 27 /**< packet index advanced, reset */ + /**< needed */ } srtp_err_status_t; - typedef struct srtp_ctx_t_ srtp_ctx_t; /** - * @brief srtp_sec_serv_t describes a set of security services. + * @brief srtp_sec_serv_t describes a set of security services. * * A srtp_sec_serv_t enumeration is used to describe the particular * security services that will be applied by a particular crypto - * policy (or other mechanism). + * policy (or other mechanism). */ - typedef enum { - sec_serv_none = 0, /**< no services */ - sec_serv_conf = 1, /**< confidentiality */ - sec_serv_auth = 2, /**< authentication */ - sec_serv_conf_and_auth = 3 /**< confidentiality and authentication */ + sec_serv_none = 0, /**< no services */ + sec_serv_conf = 1, /**< confidentiality */ + sec_serv_auth = 2, /**< authentication */ + sec_serv_conf_and_auth = 3 /**< confidentiality and authentication */ } srtp_sec_serv_t; -/** +/** * @brief srtp_crypto_policy_t describes a particular crypto policy that * can be applied to an SRTP stream. * * A srtp_crypto_policy_t describes a particular cryptographic policy that * can be applied to an SRTP or SRTCP stream. An SRTP session policy - * consists of a list of these policies, one for each SRTP stream + * consists of a list of these policies, one for each SRTP stream * in the session. */ - typedef struct srtp_crypto_policy_t { - srtp_cipher_type_id_t cipher_type; /**< An integer representing - * the type of cipher. */ - int cipher_key_len; /**< The length of the cipher key - * in octets. */ - srtp_auth_type_id_t auth_type; /**< An integer representing the - * authentication function. */ - int auth_key_len; /**< The length of the authentication - * function key in octets. */ - int auth_tag_len; /**< The length of the authentication - * tag in octets. */ - srtp_sec_serv_t sec_serv; /**< The flag indicating the security - * services to be applied. */ + srtp_cipher_type_id_t cipher_type; /**< An integer representing */ + /**< the type of cipher. */ + int cipher_key_len; /**< The length of the cipher key */ + /**< in octets. */ + srtp_auth_type_id_t auth_type; /**< An integer representing the */ + /**< authentication function. */ + int auth_key_len; /**< The length of the authentication */ + /**< function key in octets. */ + int auth_tag_len; /**< The length of the authentication */ + /**< tag in octets. */ + srtp_sec_serv_t sec_serv; /**< The flag indicating the security */ + /**< services to be applied. */ } srtp_crypto_policy_t; - -/** +/** * @brief srtp_ssrc_type_t describes the type of an SSRC. - * + * * An srtp_ssrc_type_t enumeration is used to indicate a type of SSRC. See * @ref srtp_policy_t for more informataion. */ - -typedef enum { - ssrc_undefined = 0, /**< Indicates an undefined SSRC type. */ - ssrc_specific = 1, /**< Indicates a specific SSRC value */ - ssrc_any_inbound = 2, /**< Indicates any inbound SSRC value - (i.e. a value that is used in the - function srtp_unprotect()) */ - ssrc_any_outbound = 3 /**< Indicates any outbound SSRC value - (i.e. a value that is used in the - function srtp_protect()) */ +typedef enum { + ssrc_undefined = 0, /**< Indicates an undefined SSRC type. */ + ssrc_specific = 1, /**< Indicates a specific SSRC value */ + ssrc_any_inbound = 2, /**< Indicates any inbound SSRC value */ + /**< (i.e. a value that is used in the */ + /**< function srtp_unprotect()) */ + ssrc_any_outbound = 3 /**< Indicates any outbound SSRC value */ + /**< (i.e. a value that is used in the */ + /**< function srtp_protect()) */ } srtp_ssrc_type_t; /** - * @brief An srtp_ssrc_t represents a particular SSRC value, or a `wildcard' SSRC. - * + * @brief An srtp_ssrc_t represents a particular SSRC value, or a `wildcard' + * SSRC. + * * An srtp_ssrc_t represents a particular SSRC value (if its type is * ssrc_specific), or a wildcard SSRC value that will match all * outbound SSRCs (if its type is ssrc_any_outbound) or all inbound - * SSRCs (if its type is ssrc_any_inbound). - * + * SSRCs (if its type is ssrc_any_inbound). */ - -typedef struct { - srtp_ssrc_type_t type; /**< The type of this particular SSRC */ - unsigned int value; /**< The value of this SSRC, if it is not a wildcard */ +typedef struct { + srtp_ssrc_type_t type; /**< The type of this particular SSRC */ + unsigned int value; /**< The value of this SSRC, if it is not a */ + /**< wildcard */ } srtp_ssrc_t; - /** * @brief points to an EKT policy */ typedef struct srtp_ekt_policy_ctx_t *srtp_ekt_policy_t; - /** * @brief points to EKT stream data */ @@ -285,13 +287,13 @@ * Index Size to correctly read it from a packet. */ typedef struct srtp_master_key_t { - unsigned char *key; - unsigned char *mki_id; - unsigned int mki_size; + unsigned char *key; + unsigned char *mki_id; + unsigned int mki_size; } srtp_master_key_t; -/** - * @brief represents the policy for an SRTP session. +/** + * @brief represents the policy for an SRTP session. * * A single srtp_policy_t struct represents the policy for a single * SRTP stream, and a linked list of these elements represents the @@ -300,7 +302,7 @@ * master key for that stream, the SSRC describing that stream, or a * flag indicating a `wildcard' SSRC value, and a `next' field that * holds a pointer to the next element in the list of policy elements, - * or NULL if it is the last element. + * or NULL if it is the last element. * * The wildcard value SSRC_ANY_INBOUND matches any SSRC from an * inbound stream that for which there is no explicit SSRC entry in @@ -311,47 +313,44 @@ * is intentional, and it allows libSRTP to ensure that no security * lapses result from accidental re-use of SSRC values during key * sharing. - * - * + * * @warning The final element of the list @b must have its `next' pointer * set to NULL. */ typedef struct srtp_policy_t { - srtp_ssrc_t ssrc; /**< The SSRC value of stream, or the - * flags SSRC_ANY_INBOUND or - * SSRC_ANY_OUTBOUND if key sharing - * is used for this policy element. - */ - srtp_crypto_policy_t rtp; /**< SRTP crypto policy. */ - srtp_crypto_policy_t rtcp; /**< SRTCP crypto policy. */ - unsigned char *key; /**< Pointer to the SRTP master key for - * this stream. */ - srtp_master_key_t **keys; /** Array of Master Key structures */ - unsigned long num_master_keys; /** Number of master keys */ - srtp_ekt_policy_t ekt; /**< Pointer to the EKT policy structure - * for this stream (if any) */ - unsigned long window_size; /**< The window size to use for replay - * protection. */ - int allow_repeat_tx; /**< Whether retransmissions of - * packets with the same sequence number - * are allowed. (Note that such repeated - * transmissions must have the same RTP - * payload, or a severe security weakness - * is introduced!) */ - int *enc_xtn_hdr; /**< List of header ids to encrypt. */ - int enc_xtn_hdr_count; /**< Number of entries in list of header ids. */ - struct srtp_policy_t *next; /**< Pointer to next stream policy. */ + srtp_ssrc_t ssrc; /**< The SSRC value of stream, or the */ + /**< flags SSRC_ANY_INBOUND or */ + /**< SSRC_ANY_OUTBOUND if key sharing */ + /**< is used for this policy element. */ + srtp_crypto_policy_t rtp; /**< SRTP crypto policy. */ + srtp_crypto_policy_t rtcp; /**< SRTCP crypto policy. */ + unsigned char *key; /**< Pointer to the SRTP master key for */ + /**< this stream. */ + srtp_master_key_t **keys; /** Array of Master Key structures */ + unsigned long num_master_keys; /** Number of master keys */ + srtp_ekt_policy_t ekt; /**< Pointer to the EKT policy structure */ + /**< for this stream (if any) */ + unsigned long window_size; /**< The window size to use for replay */ + /**< protection. */ + int allow_repeat_tx; /**< Whether retransmissions of */ + /**< packets with the same sequence */ + /**< number are allowed. */ + /**< (Note that such repeated */ + /**< transmissions must have the same */ + /**< RTP payload, or a severe security */ + /**< weakness is introduced!) */ + int *enc_xtn_hdr; /**< List of header ids to encrypt. */ + int enc_xtn_hdr_count; /**< Number of entries in list of header */ + /**< ids. */ + struct srtp_policy_t *next; /**< Pointer to next stream policy. */ } srtp_policy_t; - - - /** * @brief An srtp_t points to an SRTP session structure. * * The typedef srtp_t is a pointer to a structure that represents - * an SRTP session. This datatype is intentially opaque in + * an SRTP session. This datatype is intentially opaque in * order to separate the interface from the implementation. * * An SRTP session consists of all of the traffic sent to the RTP and @@ -359,17 +358,14 @@ * Audio/Video Profile). A session can be viewed as a set of SRTP * streams, each of which originates with a different participant. */ - typedef srtp_ctx_t *srtp_t; - /** - * @brief srtp_init() initializes the srtp library. + * @brief srtp_init() initializes the srtp library. * * @warning This function @b must be called before any other srtp * functions. */ - srtp_err_status_t srtp_init(void); /** @@ -377,20 +373,19 @@ * * @warning No srtp functions may be called after calling this function. */ - srtp_err_status_t srtp_shutdown(void); /** * @brief srtp_protect() is the Secure RTP sender-side packet processing * function. - * + * * The function call srtp_protect(ctx, rtp_hdr, len_ptr) applies SRTP * protection to the RTP packet rtp_hdr (which has length *len_ptr) using * the SRTP context ctx. If srtp_err_status_ok is returned, then rtp_hdr * points to the resulting SRTP packet and *len_ptr is the number of * octets in that packet; otherwise, no assumptions should be made * about the value of either data elements. - * + * * The sequence numbers of the RTP packets presented to this function * need not be consecutive, but they @b must be out of order by less * than 2^15 = 32,768 packets. @@ -400,11 +395,11 @@ * packet, and assumes that the RTP packet is aligned on a 32-bit * boundary. * - * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN - * into the location in memory immediately following the RTP packet. - * Callers MUST ensure that this much writable memory is available in + * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN + * into the location in memory immediately following the RTP packet. + * Callers MUST ensure that this much writable memory is available in * the buffer that holds the RTP packet. - * + * * @param ctx is the SRTP context to use in processing the packet. * * @param rtp_hdr is a pointer to the RTP packet (before the call); after @@ -415,25 +410,24 @@ * complete SRTP packet after the call, if srtp_err_status_ok was returned. * Otherwise, the value of the data to which it points is undefined. * - * @return + * @return * - srtp_err_status_ok no problems * - srtp_err_status_replay_fail rtp sequence number was non-increasing * - @e other failure in cryptographic mechanisms */ - srtp_err_status_t srtp_protect(srtp_t ctx, void *rtp_hdr, int *len_ptr); /** * @brief srtp_protect_mki() is the Secure RTP sender-side packet processing * function that can utilize MKI. - * + * * The function call srtp_protect(ctx, rtp_hdr, len_ptr) applies SRTP * protection to the RTP packet rtp_hdr (which has length *len_ptr) using * the SRTP context ctx. If srtp_err_status_ok is returned, then rtp_hdr * points to the resulting SRTP packet and *len_ptr is the number of * octets in that packet; otherwise, no assumptions should be made * about the value of either data elements. - * + * * The sequence numbers of the RTP packets presented to this function * need not be consecutive, but they @b must be out of order by less * than 2^15 = 32,768 packets. @@ -443,11 +437,11 @@ * packet, and assumes that the RTP packet is aligned on a 32-bit * boundary. * - * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN - * into the location in memory immediately following the RTP packet. - * Callers MUST ensure that this much writable memory is available in + * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN + * into the location in memory immediately following the RTP packet. + * Callers MUST ensure that this much writable memory is available in * the buffer that holds the RTP packet. - * + * * @param ctx is the SRTP context to use in processing the packet. * * @param rtp_hdr is a pointer to the RTP packet (before the call); after @@ -458,21 +452,23 @@ * complete SRTP packet after the call, if srtp_err_status_ok was returned. * Otherwise, the value of the data to which it points is undefined. * - * @param use_mki is a boolean to tell the system if mki is being used. If - * set to false then will use the first set of session keys. If set to true will + * @param use_mki is a boolean to tell the system if mki is being used. If + * set to false then will use the first set of session keys. If set to true + * will * use the session keys identified by the mki_index * * @param mki_index integer value specifying which set of session keys should be * used if use_mki is set to true. * - * @return + * @return * - srtp_err_status_ok no problems * - srtp_err_status_replay_fail rtp sequence number was non-increasing * - @e other failure in cryptographic mechanisms */ - -srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, void *rtp_hdr, - int *pkt_octet_len, unsigned int use_mki, +srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, + void *rtp_hdr, + int *pkt_octet_len, + unsigned int use_mki, unsigned int mki_index); /** @@ -485,12 +481,12 @@ * srtp_err_status_ok is returned, then srtp_hdr points to the resulting * RTP packet and *len_ptr is the number of octets in that packet; * otherwise, no assumptions should be made about the value of either - * data elements. - * + * data elements. + * * The sequence numbers of the RTP packets presented to this function * need not be consecutive, but they @b must be out of order by less * than 2^15 = 32,768 packets. - * + * * @warning This function assumes that the SRTP packet is aligned on a * 32-bit boundary. * @@ -506,16 +502,15 @@ * complete rtp packet after the call, if srtp_err_status_ok was returned. * Otherwise, the value of the data to which it points is undefined. * - * @return + * @return * - srtp_err_status_ok if the RTP packet is valid. - * - srtp_err_status_auth_fail if the SRTP packet failed the message - * authentication check. - * - srtp_err_status_replay_fail if the SRTP packet is a replay (e.g. packet has - * already been processed and accepted). + * - srtp_err_status_auth_fail if the SRTP packet failed the message + * authentication check. + * - srtp_err_status_replay_fail if the SRTP packet is a replay (e.g. packet + * has already been processed and accepted). * - [other] if there has been an error in the cryptographic mechanisms. * */ - srtp_err_status_t srtp_unprotect(srtp_t ctx, void *srtp_hdr, int *len_ptr); /** @@ -528,12 +523,12 @@ * srtp_err_status_ok is returned, then srtp_hdr points to the resulting * RTP packet and *len_ptr is the number of octets in that packet; * otherwise, no assumptions should be made about the value of either - * data elements. - * + * data elements. + * * The sequence numbers of the RTP packets presented to this function * need not be consecutive, but they @b must be out of order by less * than 2^15 = 32,768 packets. - * + * * @warning This function assumes that the SRTP packet is aligned on a * 32-bit boundary. * @@ -550,52 +545,52 @@ * Otherwise, the value of the data to which it points is undefined. * * @param use_mki is a boolean to tell the system if mki is being used. If - * set to false then will use the first set of session keys. If set to true will + * set to false then will use the first set of session keys. If set to true + * will * use the session keys identified by the mki_index * - * @return + * @return * - srtp_err_status_ok if the RTP packet is valid. - * - srtp_err_status_auth_fail if the SRTP packet failed the message - * authentication check. - * - srtp_err_status_replay_fail if the SRTP packet is a replay (e.g. packet has - * already been processed and accepted). + * - srtp_err_status_auth_fail if the SRTP packet failed the message + * authentication check. + * - srtp_err_status_replay_fail if the SRTP packet is a replay (e.g. packet + * has already been processed and accepted). * - srtp_err_status_bad_mki if the MKI in the packet is not a known MKI id * - [other] if there has been an error in the cryptographic mechanisms. * */ - -srtp_err_status_t srtp_unprotect_mki(srtp_t ctx, void *srtp_hdr, int *len_ptr, +srtp_err_status_t srtp_unprotect_mki(srtp_t ctx, + void *srtp_hdr, + int *len_ptr, unsigned int use_mki); /** * @brief srtp_create() allocates and initializes an SRTP session. * The function call srtp_create(session, policy) allocates and - * initializes an SRTP session context, applying the given policy. + * initializes an SRTP session context, applying the given policy. * * @param session is a pointer to the SRTP session to which the policy is * to be added. - * + * * @param policy is the srtp_policy_t struct that describes the policy * for the session. The struct may be a single element, or it may be * the head of a list, in which case each element of the list is * processed. It may also be NULL, in which case streams should be added * later using srtp_add_stream(). The final element of the list @b must * have its `next' field set to NULL. - * + * * @return * - srtp_err_status_ok if creation succeded. * - srtp_err_status_alloc_fail if allocation failed. * - srtp_err_status_init_fail if initialization failed. */ - srtp_err_status_t srtp_create(srtp_t *session, const srtp_policy_t *policy); - /** * @brief srtp_add_stream() allocates and initializes an SRTP stream * within a given SRTP session. - * + * * The function call srtp_add_stream(session, policy) allocates and * initializes a new SRTP stream within a given, previously created * session, applying the policy given as the other argument to that @@ -606,13 +601,11 @@ * - srtp_err_status_alloc_fail if stream allocation failed * - srtp_err_status_init_fail if stream initialization failed. */ - srtp_err_status_t srtp_add_stream(srtp_t session, const srtp_policy_t *policy); - /** * @brief srtp_remove_stream() deallocates an SRTP stream. - * + * * The function call srtp_remove_stream(session, ssrc) removes * the SRTP stream with the SSRC value ssrc from the SRTP session * context given by the argument session. @@ -625,13 +618,12 @@ * * @warning Wildcard SSRC values cannot be removed from a * session. - * + * * @return * - srtp_err_status_ok if the stream deallocation succeded. * - [other] otherwise. * */ - srtp_err_status_t srtp_remove_stream(srtp_t session, unsigned int ssrc); /** @@ -658,7 +650,6 @@ * - [other] otherwise. * */ - srtp_err_status_t srtp_update(srtp_t session, const srtp_policy_t *policy); /** @@ -682,15 +673,15 @@ * - [other] otherwise. * */ - -srtp_err_status_t srtp_update_stream(srtp_t session, const srtp_policy_t *policy); +srtp_err_status_t srtp_update_stream(srtp_t session, + const srtp_policy_t *policy); /** * @brief srtp_crypto_policy_set_rtp_default() sets a crypto policy * structure to the SRTP default policy for RTP protection. * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call crypto_policy_set_rtp_default(&p) sets the * crypto_policy_t at location p to the SRTP default policy for RTP * protection, as defined in the specification. This function is a @@ -699,19 +690,18 @@ * with this function call. Doing so may allow your code to be * forward compatible with later versions of libSRTP that include more * elements in the crypto_policy_t datatype. - * + * * @return void. - * + * */ - void srtp_crypto_policy_set_rtp_default(srtp_crypto_policy_t *p); /** * @brief srtp_crypto_policy_set_rtcp_default() sets a crypto policy * structure to the SRTP default policy for RTCP protection. * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call srtp_crypto_policy_set_rtcp_default(&p) sets the * srtp_crypto_policy_t at location p to the SRTP default policy for RTCP * protection, as defined in the specification. This function is a @@ -720,37 +710,35 @@ * with this function call. Doing so may allow your code to be * forward compatible with later versions of libSRTP that include more * elements in the srtp_crypto_policy_t datatype. - * + * * @return void. - * + * */ - void srtp_crypto_policy_set_rtcp_default(srtp_crypto_policy_t *p); /** * @brief srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80() sets a crypto * policy structure to the SRTP default policy for RTP protection. * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80() is a * synonym for srtp_crypto_policy_set_rtp_default(). It conforms to the * naming convention used in RFC 4568 (SDP Security Descriptions for * Media Streams). - * + * * @return void. - * + * */ - -#define srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(p) srtp_crypto_policy_set_rtp_default(p) - +#define srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(p) \ + srtp_crypto_policy_set_rtp_default(p) /** * @brief srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32() sets a crypto * policy structure to a short-authentication tag policy * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(&p) * sets the srtp_crypto_policy_t at location p to use policy * AES_CM_128_HMAC_SHA1_32 as defined in RFC 4568. @@ -760,7 +748,7 @@ * considered adequate only for protecting audio and video media that * use a stateless playback function. See Section 7.5 of RFC 3711 * (http://www.ietf.org/rfc/rfc3711.txt). - * + * * This function is a convenience that helps to avoid dealing directly * with the policy data structure. You are encouraged to initialize * policy elements with this function call. Doing so may allow your @@ -773,25 +761,22 @@ * (http://www.ietf.org/rfc/rfc3711.txt). * * @return void. - * + * */ - void srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(srtp_crypto_policy_t *p); - - /** * @brief srtp_crypto_policy_set_aes_cm_128_null_auth() sets a crypto * policy structure to an encryption-only policy * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call srtp_crypto_policy_set_aes_cm_128_null_auth(&p) sets * the srtp_crypto_policy_t at location p to use the SRTP default cipher * (AES-128 Counter Mode), but to use no authentication method. This * policy is NOT RECOMMENDED unless it is unavoidable; see Section 7.5 * of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). - * + * * This function is a convenience that helps to avoid dealing directly * with the policy data structure. You are encouraged to initialize * policy elements with this function call. Doing so may allow your @@ -803,24 +788,22 @@ * Section 7.5 of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). * * @return void. - * + * */ - void srtp_crypto_policy_set_aes_cm_128_null_auth(srtp_crypto_policy_t *p); - /** * @brief srtp_crypto_policy_set_null_cipher_hmac_sha1_80() sets a crypto * policy structure to an authentication-only policy * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&p) * sets the srtp_crypto_policy_t at location p to use HMAC-SHA1 with an 80 * bit authentication tag to provide message authentication, but to * use no encryption. This policy is NOT RECOMMENDED for SRTP unless - * there is a requirement to forego encryption. - * + * there is a requirement to forego encryption. + * * This function is a convenience that helps to avoid dealing directly * with the policy data structure. You are encouraged to initialize * policy elements with this function call. Doing so may allow your @@ -828,24 +811,24 @@ * include more elements in the srtp_crypto_policy_t datatype. * * @warning This policy is NOT RECOMMENDED for SRTP unless there is a - * requirement to forego encryption. + * requirement to forego encryption. * * @return void. - * + * */ void srtp_crypto_policy_set_null_cipher_hmac_sha1_80(srtp_crypto_policy_t *p); /** * @brief srtp_crypto_policy_set_null_cipher_hmac_null() sets a crypto - * policy structure to use no encryption or authentication. + * policy structure to use no encryption or authentication. + * + * @param p is a pointer to the policy structure to be set * - * @param p is a pointer to the policy structure to be set - * * The function call srtp_crypto_policy_set_null_cipher_hmac_null(&p) * sets the srtp_crypto_policy_t at location p to use no encryption and * no authentication. This policy should only be used for testing and - * troubleshootingl. - * + * troubleshootingl. + * * This function is a convenience that helps to avoid dealing directly * with the policy data structure. You are encouraged to initialize * policy elements with this function call. Doing so may allow your @@ -853,27 +836,26 @@ * include more elements in the srtp_crypto_policy_t datatype. * * @warning This policy is NOT RECOMMENDED for SRTP unless there is a - * requirement to forego encryption and authentication. + * requirement to forego encryption and authentication. * * @return void. - * + * */ void srtp_crypto_policy_set_null_cipher_hmac_null(srtp_crypto_policy_t *p); - /** * @brief srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80() sets a crypto - * policy structure to a encryption and authentication policy using AES-256 + * policy structure to a encryption and authentication policy using AES-256 * for RTP protection. * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&p) * sets the srtp_crypto_policy_t at location p to use policy * AES_CM_256_HMAC_SHA1_80 as defined in RFC 6188. This policy uses AES-256 * Counter Mode encryption and HMAC-SHA1 authentication, with an 80 bit * authentication tag. - * + * * This function is a convenience that helps to avoid dealing directly * with the policy data structure. You are encouraged to initialize * policy elements with this function call. Doing so may allow your @@ -881,19 +863,17 @@ * include more elements in the srtp_crypto_policy_t datatype. * * @return void. - * + * */ - void srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(srtp_crypto_policy_t *p); - /** * @brief srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32() sets a crypto * policy structure to a short-authentication tag policy using AES-256 * encryption. * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32(&p) * sets the srtp_crypto_policy_t at location p to use policy * AES_CM_256_HMAC_SHA1_32 as defined in RFC 6188. This policy uses AES-256 @@ -902,7 +882,7 @@ * considered adequate only for protecting audio and video media that * use a stateless playback function. See Section 7.5 of RFC 3711 * (http://www.ietf.org/rfc/rfc3711.txt). - * + * * This function is a convenience that helps to avoid dealing directly * with the policy data structure. You are encouraged to initialize * policy elements with this function call. Doing so may allow your @@ -915,9 +895,8 @@ * (http://www.ietf.org/rfc/rfc3711.txt). * * @return void. - * + * */ - void srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32(srtp_crypto_policy_t *p); /** @@ -947,7 +926,6 @@ */ void srtp_crypto_policy_set_aes_cm_256_null_auth(srtp_crypto_policy_t *p); - /** * @brief srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80() sets a crypto * policy structure to a encryption and authentication policy using AES-192 @@ -972,7 +950,6 @@ */ void srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80(srtp_crypto_policy_t *p); - /** * @brief srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32() sets a crypto * policy structure to a short-authentication tag policy using AES-192 @@ -1005,7 +982,6 @@ */ void srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32(srtp_crypto_policy_t *p); - /** * @brief srtp_crypto_policy_set_aes_cm_192_null_auth() sets a crypto * policy structure to an encryption-only policy @@ -1033,19 +1009,18 @@ */ void srtp_crypto_policy_set_aes_cm_192_null_auth(srtp_crypto_policy_t *p); - /** * @brief srtp_crypto_policy_set_aes_gcm_128_8_auth() sets a crypto * policy structure to an AEAD encryption policy. * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call srtp_crypto_policy_set_aes_gcm_128_8_auth(&p) sets * the srtp_crypto_policy_t at location p to use the SRTP default cipher * (AES-128 Galois Counter Mode) with 8 octet auth tag. This * policy applies confidentiality and authentication to both the * RTP and RTCP packets. - * + * * This function is a convenience that helps to avoid dealing directly * with the policy data structure. You are encouraged to initialize * policy elements with this function call. Doing so may allow your @@ -1053,7 +1028,7 @@ * include more elements in the srtp_crypto_policy_t datatype. * * @return void. - * + * */ void srtp_crypto_policy_set_aes_gcm_128_8_auth(srtp_crypto_policy_t *p); @@ -1061,14 +1036,14 @@ * @brief srtp_crypto_policy_set_aes_gcm_256_8_auth() sets a crypto * policy structure to an AEAD encryption policy * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call srtp_crypto_policy_set_aes_gcm_256_8_auth(&p) sets * the srtp_crypto_policy_t at location p to use the SRTP default cipher - * (AES-256 Galois Counter Mode) with 8 octet auth tag. This + * (AES-256 Galois Counter Mode) with 8 octet auth tag. This * policy applies confidentiality and authentication to both the * RTP and RTCP packets. - * + * * This function is a convenience that helps to avoid dealing directly * with the policy data structure. You are encouraged to initialize * policy elements with this function call. Doing so may allow your @@ -1076,7 +1051,7 @@ * include more elements in the srtp_crypto_policy_t datatype. * * @return void. - * + * */ void srtp_crypto_policy_set_aes_gcm_256_8_auth(srtp_crypto_policy_t *p); @@ -1084,14 +1059,14 @@ * @brief srtp_crypto_policy_set_aes_gcm_128_8_only_auth() sets a crypto * policy structure to an AEAD authentication-only policy * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&p) sets * the srtp_crypto_policy_t at location p to use the SRTP default cipher - * (AES-128 Galois Counter Mode) with 8 octet auth tag. This policy - * applies confidentiality and authentication to the RTP packets, + * (AES-128 Galois Counter Mode) with 8 octet auth tag. This policy + * applies confidentiality and authentication to the RTP packets, * but only authentication to the RTCP packets. - * + * * This function is a convenience that helps to avoid dealing directly * with the policy data structure. You are encouraged to initialize * policy elements with this function call. Doing so may allow your @@ -1099,7 +1074,7 @@ * include more elements in the srtp_crypto_policy_t datatype. * * @return void. - * + * */ void srtp_crypto_policy_set_aes_gcm_128_8_only_auth(srtp_crypto_policy_t *p); @@ -1107,14 +1082,14 @@ * @brief srtp_crypto_policy_set_aes_gcm_256_8_only_auth() sets a crypto * policy structure to an AEAD authentication-only policy * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&p) sets * the srtp_crypto_policy_t at location p to use the SRTP default cipher - * (AES-256 Galois Counter Mode) with 8 octet auth tag. This policy - * applies confidentiality and authentication to the RTP packets, + * (AES-256 Galois Counter Mode) with 8 octet auth tag. This policy + * applies confidentiality and authentication to the RTP packets, * but only authentication to the RTCP packets. - * + * * This function is a convenience that helps to avoid dealing directly * with the policy data structure. You are encouraged to initialize * policy elements with this function call. Doing so may allow your @@ -1122,7 +1097,7 @@ * include more elements in the srtp_crypto_policy_t datatype. * * @return void. - * + * */ void srtp_crypto_policy_set_aes_gcm_256_8_only_auth(srtp_crypto_policy_t *p); @@ -1130,14 +1105,14 @@ * @brief srtp_crypto_policy_set_aes_gcm_128_16_auth() sets a crypto * policy structure to an AEAD encryption policy. * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call srtp_crypto_policy_set_aes_gcm_128_16_auth(&p) sets * the srtp_crypto_policy_t at location p to use the SRTP default cipher * (AES-128 Galois Counter Mode) with 16 octet auth tag. This * policy applies confidentiality and authentication to both the * RTP and RTCP packets. - * + * * This function is a convenience that helps to avoid dealing directly * with the policy data structure. You are encouraged to initialize * policy elements with this function call. Doing so may allow your @@ -1145,7 +1120,7 @@ * include more elements in the srtp_crypto_policy_t datatype. * * @return void. - * + * */ void srtp_crypto_policy_set_aes_gcm_128_16_auth(srtp_crypto_policy_t *p); @@ -1153,14 +1128,14 @@ * @brief srtp_crypto_policy_set_aes_gcm_256_16_auth() sets a crypto * policy structure to an AEAD encryption policy * - * @param p is a pointer to the policy structure to be set - * + * @param p is a pointer to the policy structure to be set + * * The function call srtp_crypto_policy_set_aes_gcm_256_16_auth(&p) sets * the srtp_crypto_policy_t at location p to use the SRTP default cipher - * (AES-256 Galois Counter Mode) with 16 octet auth tag. This + * (AES-256 Galois Counter Mode) with 16 octet auth tag. This * policy applies confidentiality and authentication to both the * RTP and RTCP packets. - * + * * This function is a convenience that helps to avoid dealing directly * with the policy data structure. You are encouraged to initialize * policy elements with this function call. Doing so may allow your @@ -1168,15 +1143,14 @@ * include more elements in the srtp_crypto_policy_t datatype. * * @return void. - * + * */ void srtp_crypto_policy_set_aes_gcm_256_16_auth(srtp_crypto_policy_t *p); - /** * @brief srtp_dealloc() deallocates storage for an SRTP session * context. - * + * * The function call srtp_dealloc(s) deallocates storage for the * SRTP session context s. This function should be called no more * than one time for each of the contexts allocated by the function @@ -1188,30 +1162,26 @@ * - srtp_err_status_ok if there no problems. * - srtp_err_status_dealloc_fail a memory deallocation failure occured. */ - srtp_err_status_t srtp_dealloc(srtp_t s); - /* - * @brief identifies a particular SRTP profile + * @brief identifies a particular SRTP profile * * An srtp_profile_t enumeration is used to identify a particular SRTP * profile (that is, a set of algorithms and parameters). These profiles * are defined for DTLS-SRTP: * https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml */ - typedef enum { - srtp_profile_reserved = 0, - srtp_profile_aes128_cm_sha1_80 = 1, - srtp_profile_aes128_cm_sha1_32 = 2, - srtp_profile_null_sha1_80 = 5, - srtp_profile_null_sha1_32 = 6, - srtp_profile_aead_aes_128_gcm = 7, - srtp_profile_aead_aes_256_gcm = 8, + srtp_profile_reserved = 0, + srtp_profile_aes128_cm_sha1_80 = 1, + srtp_profile_aes128_cm_sha1_32 = 2, + srtp_profile_null_sha1_80 = 5, + srtp_profile_null_sha1_32 = 6, + srtp_profile_aead_aes_128_gcm = 7, + srtp_profile_aead_aes_256_gcm = 8, } srtp_profile_t; - /** * @brief srtp_crypto_policy_set_from_profile_for_rtp() sets a crypto policy * structure to the appropriate value for RTP based on an srtp_profile_t @@ -1232,13 +1202,12 @@ * * @return values * - srtp_err_status_ok no problems were encountered - * - srtp_err_status_bad_param the profile is not supported + * - srtp_err_status_bad_param the profile is not supported * */ -srtp_err_status_t srtp_crypto_policy_set_from_profile_for_rtp(srtp_crypto_policy_t *policy, srtp_profile_t profile); - - - +srtp_err_status_t srtp_crypto_policy_set_from_profile_for_rtp( + srtp_crypto_policy_t *policy, + srtp_profile_t profile); /** * @brief srtp_crypto_policy_set_from_profile_for_rtcp() sets a crypto policy @@ -1263,48 +1232,43 @@ * - srtp_err_status_bad_param the profile is not supported * */ -srtp_err_status_t srtp_crypto_policy_set_from_profile_for_rtcp(srtp_crypto_policy_t *policy, srtp_profile_t profile); +srtp_err_status_t srtp_crypto_policy_set_from_profile_for_rtcp( + srtp_crypto_policy_t *policy, + srtp_profile_t profile); /** * @brief returns the master key length for a given SRTP profile */ -unsigned int -srtp_profile_get_master_key_length(srtp_profile_t profile); - +unsigned int srtp_profile_get_master_key_length(srtp_profile_t profile); /** * @brief returns the master salt length for a given SRTP profile */ -unsigned int -srtp_profile_get_master_salt_length(srtp_profile_t profile); +unsigned int srtp_profile_get_master_salt_length(srtp_profile_t profile); /** * @brief appends the salt to the key * - * The function call srtp_append_salt_to_key(k, klen, s, slen) + * The function call srtp_append_salt_to_key(k, klen, s, slen) * copies the string s to the location at klen bytes following - * the location k. + * the location k. * * @warning There must be at least bytes_in_salt + bytes_in_key bytes * available at the location pointed to by key. - * + * */ - -void -srtp_append_salt_to_key(unsigned char *key, unsigned int bytes_in_key, - unsigned char *salt, unsigned int bytes_in_salt); - - +void srtp_append_salt_to_key(unsigned char *key, + unsigned int bytes_in_key, + unsigned char *salt, + unsigned int bytes_in_salt); /** * @} */ - - /** * @defgroup SRTCP Secure RTCP - * @ingroup SRTP + * @ingroup SRTP * * @brief Secure RTCP functions are used to protect RTCP traffic. * @@ -1312,36 +1276,36 @@ * traffic in much the same way as it does RTP traffic. The function * srtp_protect_rtcp() applies cryptographic protections to outbound * RTCP packets, and srtp_unprotect_rtcp() verifies the protections on - * inbound RTCP packets. + * inbound RTCP packets. * * A note on the naming convention: srtp_protect_rtcp() has an srtp_t * as its first argument, and thus has `srtp_' as its prefix. The - * trailing `_rtcp' indicates the protocol on which it acts. - * + * trailing `_rtcp' indicates the protocol on which it acts. + * * @{ */ /** * @brief srtp_protect_rtcp() is the Secure RTCP sender-side packet * processing function. - * + * * The function call srtp_protect_rtcp(ctx, rtp_hdr, len_ptr) applies * SRTCP protection to the RTCP packet rtcp_hdr (which has length * *len_ptr) using the SRTP session context ctx. If srtp_err_status_ok is * returned, then rtp_hdr points to the resulting SRTCP packet and * *len_ptr is the number of octets in that packet; otherwise, no * assumptions should be made about the value of either data elements. - * + * * @warning This function assumes that it can write the authentication * tag into the location in memory immediately following the RTCP * packet, and assumes that the RTCP packet is aligned on a 32-bit * boundary. * - * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN+4 - * into the location in memory immediately following the RTCP packet. - * Callers MUST ensure that this much writable memory is available in + * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN+4 + * into the location in memory immediately following the RTCP packet. + * Callers MUST ensure that this much writable memory is available in * the buffer that holds the RTCP packet. - * + * * @param ctx is the SRTP context to use in processing the packet. * * @param rtcp_hdr is a pointer to the RTCP packet (before the call); after @@ -1353,37 +1317,36 @@ * was returned. Otherwise, the value of the data to which it points * is undefined. * - * @return + * @return * - srtp_err_status_ok if there were no problems. - * - [other] if there was a failure in + * - [other] if there was a failure in * the cryptographic mechanisms. */ - - -srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len); - +srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, + void *rtcp_hdr, + int *pkt_octet_len); /** * @brief srtp_protect_rtcp_mki() is the Secure RTCP sender-side packet * processing function that can utilize mki. - * + * * The function call srtp_protect_rtcp(ctx, rtp_hdr, len_ptr) applies * SRTCP protection to the RTCP packet rtcp_hdr (which has length * *len_ptr) using the SRTP session context ctx. If srtp_err_status_ok is * returned, then rtp_hdr points to the resulting SRTCP packet and * *len_ptr is the number of octets in that packet; otherwise, no * assumptions should be made about the value of either data elements. - * + * * @warning This function assumes that it can write the authentication * tag into the location in memory immediately following the RTCP * packet, and assumes that the RTCP packet is aligned on a 32-bit * boundary. * - * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN+4 - * into the location in memory immediately following the RTCP packet. - * Callers MUST ensure that this much writable memory is available in + * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN+4 + * into the location in memory immediately following the RTCP packet. + * Callers MUST ensure that this much writable memory is available in * the buffer that holds the RTCP packet. - * + * * @param ctx is the SRTP context to use in processing the packet. * * @param rtcp_hdr is a pointer to the RTCP packet (before the call); after @@ -1395,21 +1358,24 @@ * was returned. Otherwise, the value of the data to which it points * is undefined. * - * @param use_mki is a boolean to tell the system if mki is being used. If - * set to false then will use the first set of session keys. If set to true will + * @param use_mki is a boolean to tell the system if mki is being used. If + * set to false then will use the first set of session keys. If set to true + * will * use the session keys identified by the mki_index * * @param mki_index integer value specifying which set of session kesy should be * used if use_mki is set to true. * - * @return + * @return * - srtp_err_status_ok if there were no problems. - * - [other] if there was a failure in + * - [other] if there was a failure in * the cryptographic mechanisms. */ - -srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len, - unsigned int use_mki, unsigned int mki_index); +srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, + void *rtcp_hdr, + int *pkt_octet_len, + unsigned int use_mki, + unsigned int mki_index); /** * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet @@ -1422,7 +1388,7 @@ * to the resulting RTCP packet and *len_ptr is the number of octets * in that packet; otherwise, no assumptions should be made about the * value of either data elements. - * + * * @warning This function assumes that the SRTCP packet is aligned on a * 32-bit boundary. * @@ -1440,17 +1406,18 @@ * returned. Otherwise, the value of the data to which it points is * undefined. * - * @return + * @return * - srtp_err_status_ok if the RTCP packet is valid. - * - srtp_err_status_auth_fail if the SRTCP packet failed the message + * - srtp_err_status_auth_fail if the SRTCP packet failed the message * authentication check. * - srtp_err_status_replay_fail if the SRTCP packet is a replay (e.g. has * already been processed and accepted). * - [other] if there has been an error in the cryptographic mechanisms. * */ - -srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len); +srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, + void *srtcp_hdr, + int *pkt_octet_len); /** * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet @@ -1463,7 +1430,7 @@ * to the resulting RTCP packet and *len_ptr is the number of octets * in that packet; otherwise, no assumptions should be made about the * value of either data elements. - * + * * @warning This function assumes that the SRTCP packet is aligned on a * 32-bit boundary. * @@ -1482,21 +1449,23 @@ * undefined. * * @param use_mki is a boolean to tell the system if mki is being used. If - * set to false then will use the first set of session keys. If set to true will - * use the session keys identified by the mki_index + * set to false then will use the first set of session keys. If set to true + * will use the session keys identified by the mki_index * - * @return + * @return * - srtp_err_status_ok if the RTCP packet is valid. - * - srtp_err_status_auth_fail if the SRTCP packet failed the message - * authentication check. + * - srtp_err_status_auth_fail if the SRTCP packet failed the message + * authentication check. * - srtp_err_status_replay_fail if the SRTCP packet is a replay (e.g. has - * already been processed and accepted). - * - srtp_err_status_bad_mki if the MKI in the packet is not a known MKI id - * - [other] if there has been an error in the cryptographic mechanisms. + * already been processed and accepted). + * - srtp_err_status_bad_mki if the MKI in the packet is not a known MKI + * id + * - [other] if there has been an error in the + * cryptographic mechanisms. * */ - -srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, void *srtcp_hdr, +srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, + void *srtcp_hdr, int *pkt_octet_len, unsigned int use_mki); @@ -1504,7 +1473,6 @@ * @} */ - /** * @defgroup User data associated to a SRTP session. * @ingroup SRTP @@ -1527,9 +1495,7 @@ * @return void. * */ - -void -srtp_set_user_data(srtp_t ctx, void *data); +void srtp_set_user_data(srtp_t ctx, void *data); /** * @brief srtp_get_user_data() retrieves the pointer to the custom data @@ -1546,23 +1512,20 @@ * @return void* pointer to the user data. * */ - -void* -srtp_get_user_data(srtp_t ctx); +void *srtp_get_user_data(srtp_t ctx); /** * @} */ - /** * @defgroup SRTPevents SRTP events and callbacks * @ingroup SRTP * - * @brief libSRTP can use a user-provided callback function to + * @brief libSRTP can use a user-provided callback function to * handle events. * - * + * * libSRTP allows a user to provide a callback function to handle * events that need to be dealt with outside of the data plane (see * the enum srtp_event_t for a description of these events). Dealing @@ -1583,8 +1546,8 @@ * @brief srtp_event_t defines events that need to be handled * * The enum srtp_event_t defines events that need to be handled - * outside the `data plane', such as SSRC collisions and - * key expirations. + * outside the `data plane', such as SSRC collisions and + * key expirations. * * When a key expires or the maximum number of packets has been * reached, an SRTP stream will enter an `expired' state in which no @@ -1596,34 +1559,28 @@ * are unaffected, unless key sharing is used by that stream. In the * latter case, all of the streams in the session will expire. */ - -typedef enum { - event_ssrc_collision, /**< - * An SSRC collision occured. - */ - event_key_soft_limit, /**< An SRTP stream reached the soft key - * usage limit and will expire soon. - */ - event_key_hard_limit, /**< An SRTP stream reached the hard - * key usage limit and has expired. - */ - event_packet_index_limit /**< An SRTP stream reached the hard - * packet limit (2^48 packets). - */ +typedef enum { + event_ssrc_collision, /**< An SSRC collision occured. */ + event_key_soft_limit, /**< An SRTP stream reached the soft key */ + /**< usage limit and will expire soon. */ + event_key_hard_limit, /**< An SRTP stream reached the hard */ + /**< key usage limit and has expired. */ + event_packet_index_limit /**< An SRTP stream reached the hard */ + /**< packet limit (2^48 packets). */ } srtp_event_t; /** - * @brief srtp_event_data_t is the structure passed as a callback to + * @brief srtp_event_data_t is the structure passed as a callback to * the event handler function * * The struct srtp_event_data_t holds the data passed to the event - * handler function. + * handler function. */ - typedef struct srtp_event_data_t { - srtp_t session; /**< The session in which the event happend. */ - uint32_t ssrc; /**< The ssrc in host order of the stream in which the event happend */ - srtp_event_t event; /**< An enum indicating the type of event. */ + srtp_t session; /**< The session in which the event happend. */ + uint32_t ssrc; /**< The ssrc in host order of the stream in which */ + /**< the event happend */ + srtp_event_t event; /**< An enum indicating the type of event. */ } srtp_event_data_t; /** @@ -1636,12 +1593,11 @@ * There can only be a single, global handler for all events in * libSRTP. */ - -typedef void (srtp_event_handler_func_t)(srtp_event_data_t *data); +typedef void(srtp_event_handler_func_t)(srtp_event_data_t *data); /** * @brief sets the event handler to the function supplied by the caller. - * + * * The function call srtp_install_event_handler(func) sets the event * handler function to the value func. The value NULL is acceptable * as an argument; in this case, events will be ignored rather than @@ -1651,24 +1607,23 @@ * pointer as an argument and returns void. This function * will be used by libSRTP to handle events. */ - srtp_err_status_t srtp_install_event_handler(srtp_event_handler_func_t func); /** - * @brief Returns the version string of the library. - * + * @brief Returns the version string of the library. + * */ const char *srtp_get_version_string(void); /** - * @brief Returns the numeric representation of the library version. - * + * @brief Returns the numeric representation of the library version. + * */ unsigned int srtp_get_version(void); /** * @brief srtp_set_debug_module(mod_name, v) - * + * * sets dynamic debugging to the value v (0 for off, 1 for on) for the * debug module with the name mod_name * @@ -1706,7 +1661,9 @@ * There can only be a single, global handler for all log messages in * libSRTP. */ -typedef void (srtp_log_handler_func_t)(srtp_log_level_t level, const char * msg, void *data); +typedef void(srtp_log_handler_func_t)(srtp_log_level_t level, + const char *msg, + void *data); /** * @brief sets the log handler to the function supplied by the caller. @@ -1719,34 +1676,44 @@ * * @param func is a pointer to a fuction of type srtp_log_handler_func_t. * This function will be used by libSRTP to output log messages. - * @param data is a user pointer that will be returned as the data argument in func. + * @param data is a user pointer that will be returned as the data argument in + * func. */ -srtp_err_status_t srtp_install_log_handler(srtp_log_handler_func_t func, void *data); +srtp_err_status_t srtp_install_log_handler(srtp_log_handler_func_t func, + void *data); /** * @brief srtp_get_protect_trailer_length(session, use_mki, mki_index, length) * - * Determines the length of the amount of data Lib SRTP will add to the - * packet during the protect process. The length is returned in the length parameter + * Determines the length of the amount of data Lib SRTP will add to the + * packet during the protect process. The length is returned in the length + * parameter * - * returns err_status_ok on success, err_status_bad_mki if the MKI index is invalid + * returns err_status_ok on success, err_status_bad_mki if the MKI index is + * invalid * */ -srtp_err_status_t srtp_get_protect_trailer_length(srtp_t session, uint32_t use_mki, - uint32_t mki_index, uint32_t *length); +srtp_err_status_t srtp_get_protect_trailer_length(srtp_t session, + uint32_t use_mki, + uint32_t mki_index, + uint32_t *length); /** - * @brief srtp_get_protect_rtcp_trailer_length(session, use_mki, mki_index, length) + * @brief srtp_get_protect_rtcp_trailer_length(session, use_mki, mki_index, + * length) * - * Determines the length of the amount of data Lib SRTP will add to the - * packet during the protect process. The length is returned in the length parameter + * Determines the length of the amount of data Lib SRTP will add to the + * packet during the protect process. The length is returned in the length + * parameter * - * returns err_status_ok on success, err_status_bad_mki if the MKI index is invalid + * returns err_status_ok on success, err_status_bad_mki if the MKI index is + * invalid * */ -srtp_err_status_t srtp_get_protect_rtcp_trailer_length(srtp_t session, uint32_t use_mki, - uint32_t mki_index, uint32_t *length); - +srtp_err_status_t srtp_get_protect_rtcp_trailer_length(srtp_t session, + uint32_t use_mki, + uint32_t mki_index, + uint32_t *length); /** * @brief srtp_set_stream_roc(session, ssrc, roc) @@ -1757,7 +1724,9 @@ * stream found * */ -srtp_err_status_t srtp_set_stream_roc(srtp_t session, uint32_t ssrc, uint32_t roc); +srtp_err_status_t srtp_set_stream_roc(srtp_t session, + uint32_t ssrc, + uint32_t roc); /** * @brief srtp_get_stream_roc(session, ssrc, roc) @@ -1768,14 +1737,17 @@ * stream found * */ -srtp_err_status_t srtp_get_stream_roc(srtp_t session, uint32_t ssrc, uint32_t *roc); - +srtp_err_status_t srtp_get_stream_roc(srtp_t session, + uint32_t ssrc, + uint32_t *roc); /** * @} */ + /* in host order, so outside the #if */ -#define SRTCP_E_BIT 0x80000000 +#define SRTCP_E_BIT 0x80000000 + /* for byte-access */ #define SRTCP_E_BYTE_BIT 0x80 #define SRTCP_INDEX_MASK 0x7fffffff diff -Nru libsrtp2-2.1.0/include/srtp_priv.h libsrtp2-2.2.0/include/srtp_priv.h --- libsrtp2-2.1.0/include/srtp_priv.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/include/srtp_priv.h 2018-05-15 19:33:24.000000000 +0000 @@ -7,26 +7,26 @@ * Cisco Systems, Inc. */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -62,14 +62,14 @@ extern "C" { #endif -#define SRTP_VER_STRING PACKAGE_STRING -#define SRTP_VERSION PACKAGE_VERSION +#define SRTP_VER_STRING PACKAGE_STRING +#define SRTP_VERSION PACKAGE_VERSION typedef struct srtp_stream_ctx_t_ srtp_stream_ctx_t; typedef srtp_stream_ctx_t *srtp_stream_t; /* - * the following declarations are libSRTP internal functions + * the following declarations are libSRTP internal functions */ /* @@ -78,7 +78,6 @@ */ srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc); - /* * srtp_stream_init_keys(s, k) (re)initializes the srtp_stream_t s by * deriving all of the needed keys using the KDF and the key k. @@ -88,29 +87,29 @@ const unsigned int current_mki_index); /* - * srtp_stream_init_all_master_keys(s, k, m) (re)initializes the srtp_stream_t s by - * deriving all of the needed keys for all the master keys using the KDF and the keys from k. - */ -srtp_err_status_t srtp_steam_init_all_master_keys(srtp_stream_ctx_t *srtp, - unsigned char *key, - srtp_master_key_t **keys, - const unsigned int max_master_keys); + * srtp_stream_init_all_master_keys(s, k, m) (re)initializes the srtp_stream_t s + * by deriving all of the needed keys for all the master keys using the KDF and + * the keys from k. + */ +srtp_err_status_t srtp_steam_init_all_master_keys( + srtp_stream_ctx_t *srtp, + unsigned char *key, + srtp_master_key_t **keys, + const unsigned int max_master_keys); /* - * srtp_stream_init(s, p) initializes the srtp_stream_t s to + * srtp_stream_init(s, p) initializes the srtp_stream_t s to * use the policy at the location p */ srtp_err_status_t srtp_stream_init(srtp_stream_t srtp, const srtp_policy_t *p); - /* - * libsrtp internal datatypes + * libsrtp internal datatypes */ - -typedef enum direction_t { - dir_unknown = 0, - dir_srtp_sender = 1, - dir_srtp_receiver = 2 +typedef enum direction_t { + dir_unknown = 0, + dir_srtp_sender = 1, + dir_srtp_receiver = 2 } direction_t; /* @@ -119,56 +118,52 @@ * MKI ID which is used to identify the session keys. */ typedef struct srtp_session_keys_t { - srtp_cipher_t *rtp_cipher; - srtp_cipher_t *rtp_xtn_hdr_cipher; - srtp_auth_t *rtp_auth; - srtp_cipher_t *rtcp_cipher; - srtp_auth_t *rtcp_auth; - uint8_t salt[SRTP_AEAD_SALT_LEN]; - uint8_t c_salt[SRTP_AEAD_SALT_LEN]; - uint8_t *mki_id; - unsigned int mki_size; - srtp_key_limit_ctx_t *limit; + srtp_cipher_t *rtp_cipher; + srtp_cipher_t *rtp_xtn_hdr_cipher; + srtp_auth_t *rtp_auth; + srtp_cipher_t *rtcp_cipher; + srtp_auth_t *rtcp_auth; + uint8_t salt[SRTP_AEAD_SALT_LEN]; + uint8_t c_salt[SRTP_AEAD_SALT_LEN]; + uint8_t *mki_id; + unsigned int mki_size; + srtp_key_limit_ctx_t *limit; } srtp_session_keys_t; - -/* +/* * an srtp_stream_t has its own SSRC, encryption key, authentication * key, sequence number, and replay database - * + * * note that the keys might not actually be unique, in which case the * srtp_cipher_t and srtp_auth_t pointers will point to the same structures */ - typedef struct srtp_stream_ctx_t_ { - uint32_t ssrc; - srtp_session_keys_t *session_keys; - unsigned int num_master_keys; - srtp_rdbx_t rtp_rdbx; - srtp_sec_serv_t rtp_services; - srtp_rdb_t rtcp_rdb; - srtp_sec_serv_t rtcp_services; - direction_t direction; - int allow_repeat_tx; - srtp_ekt_stream_t ekt; - int *enc_xtn_hdr; - int enc_xtn_hdr_count; - uint32_t pending_roc; - struct srtp_stream_ctx_t_ *next; /* linked list of streams */ + uint32_t ssrc; + srtp_session_keys_t *session_keys; + unsigned int num_master_keys; + srtp_rdbx_t rtp_rdbx; + srtp_sec_serv_t rtp_services; + srtp_rdb_t rtcp_rdb; + srtp_sec_serv_t rtcp_services; + direction_t direction; + int allow_repeat_tx; + srtp_ekt_stream_t ekt; + int *enc_xtn_hdr; + int enc_xtn_hdr_count; + uint32_t pending_roc; + struct srtp_stream_ctx_t_ *next; /* linked list of streams */ } strp_stream_ctx_t_; - /* * an srtp_ctx_t holds a stream list and a service description */ - typedef struct srtp_ctx_t_ { - struct srtp_stream_ctx_t_ *stream_list; /* linked list of streams */ - struct srtp_stream_ctx_t_ *stream_template; /* act as template for other streams */ - void *user_data; /* user custom data */ + struct srtp_stream_ctx_t_ *stream_list; /* linked list of streams */ + struct srtp_stream_ctx_t_ *stream_template; /* act as template for other */ + /* streams */ + void *user_data; /* user custom data */ } srtp_ctx_t_; - /* * srtp_hdr_t represents an RTP or SRTP header. The bit-fields in * this structure should be declared "unsigned int" instead of @@ -211,13 +206,11 @@ #endif - typedef struct { - uint16_t profile_specific; /* profile-specific info */ - uint16_t length; /* number of 32-bit words in extension */ + uint16_t profile_specific; /* profile-specific info */ + uint16_t length; /* number of 32-bit words in extension */ } srtp_hdr_xtnd_t; - /* * srtcp_hdr_t represents a secure rtcp header * @@ -237,10 +230,10 @@ } srtcp_hdr_t; typedef struct { - unsigned int index : 31; /* srtcp packet index in network order! */ - unsigned int e : 1; /* encrypted? 1=yes */ - /* optional mikey/etc go here */ - /* and then the variable-length auth tag */ + unsigned int index : 31; /* srtcp packet index in network order! */ + unsigned int e : 1; /* encrypted? 1=yes */ + /* optional mikey/etc go here */ + /* and then the variable-length auth tag */ } srtcp_trailer_t; #else /* BIG_ENDIAN */ @@ -255,31 +248,30 @@ } srtcp_hdr_t; typedef struct { - unsigned int e : 1; /* encrypted? 1=yes */ - unsigned int index : 31; /* srtcp packet index */ - /* optional mikey/etc go here */ - /* and then the variable-length auth tag */ + unsigned int e : 1; /* encrypted? 1=yes */ + unsigned int index : 31; /* srtcp packet index */ + /* optional mikey/etc go here */ + /* and then the variable-length auth tag */ } srtcp_trailer_t; #endif - /* * srtp_handle_event(srtp, srtm, evnt) calls the event handling * function, if there is one. * - * This macro is not included in the documentation as it is + * This macro is not included in the documentation as it is * an internal-only function. */ -#define srtp_handle_event(srtp, strm, evnt) \ - if(srtp_event_handler) { \ - srtp_event_data_t data; \ - data.session = srtp; \ - data.ssrc = ntohl(strm->ssrc); \ - data.event = evnt; \ - srtp_event_handler(&data); \ -} +#define srtp_handle_event(srtp, strm, evnt) \ + if (srtp_event_handler) { \ + srtp_event_data_t data; \ + data.session = srtp; \ + data.ssrc = ntohl(strm->ssrc); \ + data.event = evnt; \ + srtp_event_handler(&data); \ + } #ifdef __cplusplus } diff -Nru libsrtp2-2.1.0/include/ut_sim.h libsrtp2-2.2.0/include/ut_sim.h --- libsrtp2-2.1.0/include/ut_sim.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/include/ut_sim.h 2018-05-15 19:33:24.000000000 +0000 @@ -9,26 +9,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -44,41 +44,37 @@ * */ - - #ifndef UT_SIM_H #define UT_SIM_H -#include "integers.h" /* for uint32_t */ +#include "integers.h" /* for uint32_t */ #ifdef __cplusplus extern "C" { #endif -#define UT_BUF 160 /* maximum amount of packet reorder */ +#define UT_BUF 160 /* maximum amount of packet reorder */ typedef struct { - uint32_t index; - uint32_t buffer[UT_BUF]; + uint32_t index; + uint32_t buffer[UT_BUF]; } ut_connection; /* - * ut_init(&u) initializes the ut_connection + * ut_init(&u) initializes the ut_connection * * this function should always be the first one called on a new * ut_connection */ -void -ut_init(ut_connection *utc); +void ut_init(ut_connection *utc); /* * ut_next_index(&u) returns the next index from the simulated * unreliable connection */ -uint32_t -ut_next_index(ut_connection *utc); +uint32_t ut_next_index(ut_connection *utc); #ifdef __cplusplus } diff -Nru libsrtp2-2.1.0/Makefile.in libsrtp2-2.2.0/Makefile.in --- libsrtp2-2.1.0/Makefile.in 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/Makefile.in 2018-05-15 19:33:24.000000000 +0000 @@ -6,6 +6,7 @@ # targets: # # runtest runs test applications +# runtest-valgrind runs test applications with valgrind # test builds test applications # libsrtp2.a static library implementing srtp # libsrtp2.so shared library implementing srtp @@ -30,13 +31,19 @@ test/roc_driver$(EXE) -v >/dev/null test/replay_driver$(EXE) -v >/dev/null test/dtls_srtp_driver$(EXE) >/dev/null - cd test; $(abspath $(srcdir))/test/rtpw_test.sh >/dev/null + cd test; $(abspath $(srcdir))/test/rtpw_test.sh -w $(abspath $(srcdir))/test/words.txt >/dev/null ifeq (1, $(USE_OPENSSL)) - cd test; $(abspath $(srcdir))/test/rtpw_test_gcm.sh >/dev/null + cd test; $(abspath $(srcdir))/test/rtpw_test_gcm.sh -w $(abspath $(srcdir))/test/words.txt >/dev/null endif @echo "libsrtp2 test applications passed." $(MAKE) -C crypto runtest +runtest-valgrind: test + @echo "running libsrtp2 test applications... (valgrind)" + valgrind --error-exitcode=1 --leak-check=full test/test_srtp$(EXE) -v >/dev/null + valgrind --error-exitcode=1 --leak-check=full test/srtp_driver$(EXE) -v >/dev/null + @echo "libsrtp2 test applications passed. (valgrind)" + # makefile variables CC = @CC@ @@ -48,6 +55,7 @@ LDFLAGS = -L. @LDFLAGS@ COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS) SRTPLIB = -lsrtp2 +PCAP_LIB = @PCAP_LIB@ AR = @AR@ RANLIB = @RANLIB@ @@ -149,8 +157,8 @@ crypto_testapp = $(AES_CALC) crypto/test/cipher_driver$(EXE) \ crypto/test/datatypes_driver$(EXE) crypto/test/kernel_driver$(EXE) \ - crypto/test/sha1_driver$(EXE) \ - crypto/test/stat_driver$(EXE) + crypto/test/sha1_driver$(EXE) crypto/test/stat_driver$(EXE) \ + crypto/test/env$(EXE) testapp = $(crypto_testapp) test/srtp_driver$(EXE) test/replay_driver$(EXE) \ test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE) \ @@ -169,7 +177,7 @@ ifeq (1, $(HAVE_PCAP)) test/rtp_decoder$(EXE): test/rtp_decoder.c test/rtp.c test/util.c test/getopt_s.c \ crypto/math/datatypes.c - $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB) + $(COMPILE) $(LDFLAGS) -o $@ $^ $(PCAP_LIB) $(LIBS) $(SRTPLIB) endif crypto/test/aes_calc$(EXE): crypto/test/aes_calc.c test/util.c @@ -199,10 +207,7 @@ crypto/test/kernel_driver$(EXE): crypto/test/kernel_driver.c test/getopt_s.c $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB) -crypto/test/rand_gen$(EXE): crypto/test/rand_gen.c test/getopt_s.c - $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB) - -crypto/test/rand_gen_soak$(EXE): crypto/test/rand_gen_soak.c test/getopt_s.c +crypto/test/env$(EXE): crypto/test/env.c test/getopt_s.c $(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB) test: $(testapp) diff -Nru libsrtp2-2.1.0/README.md libsrtp2-2.2.0/README.md --- libsrtp2-2.1.0/README.md 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/README.md 2018-05-15 19:33:24.000000000 +0000 @@ -1,3 +1,6 @@ +[![Build Status](https://travis-ci.org/cisco/libsrtp.svg?branch=master)](https://travis-ci.org/cisco/libsrtp) +[![Coverity Scan Build Status](https://scan.coverity.com/projects/14274/badge.svg)](https://scan.coverity.com/projects/cisco-libsrtp) + <a name="introduction-to-libsrtp"></a> # Introduction to libSRTP @@ -51,6 +54,7 @@ - [Supported Features](#supported-features) - [Implementation Notes](#implementation-notes) - [Installing and Building libSRTP](#installing-and-building-libsrtp) + - [Changing Build Configuration](#changing-build-configuration) - [Applications](#applications) - [Example Code](#example-code) - [Credits](#credits) @@ -291,6 +295,26 @@ -------------------------------------------------------------------------------- +<a name="changing-build-configuration"></a> +## Changing Build Configuration + +To build the `./configure` script mentioned above, libSRTP relies on the +[automake](https://www.gnu.org/software/automake/) toolchain. Since +`./configure` is built from `configure.in` by automake, if you make changes in +how `./configure` works (e.g., to add a new library dependency), you will need +to rebuild `./configure` and commit the updated version. In addition to +automake itself, you will need to have the `pkgconfig` tools installed as well. + +For example, on macOS: + +``` +brew install automake pkgconfig +# Edit configure.in +autoremake -ivf +``` + +-------------------------------------------------------------------------------- + <a name="applications"></a> # Applications @@ -397,6 +421,9 @@ // initialize libSRTP srtp_init(); +// default policy values +memset(&policy, 0x0, sizeof(srtp_policy_t)); + // set policy to describe a policy for an SRTP stream crypto_policy_set_rtp_default(&policy.rtp); crypto_policy_set_rtcp_default(&policy.rtcp); diff -Nru libsrtp2-2.1.0/srtp/ekt.c libsrtp2-2.2.0/srtp/ekt.c --- libsrtp2-2.1.0/srtp/ekt.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/srtp/ekt.c 2018-05-15 19:33:24.000000000 +0000 @@ -2,31 +2,31 @@ * ekt.c * * Encrypted Key Transport for SRTP - * + * * David McGrew * Cisco Systems, Inc. */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -42,7 +42,6 @@ * */ - #include "srtp_priv.h" #include "err.h" #include "ekt.h" @@ -64,195 +63,219 @@ * | Initial Sequence Number | Security Parameter Index | * +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * - */ + */ #define EKT_OCTETS_AFTER_BASE_TAG 24 -#define EKT_OCTETS_AFTER_EMK 8 -#define EKT_OCTETS_AFTER_ROC 4 -#define EKT_SPI_LEN 2 - -unsigned srtp_ekt_octets_after_base_tag(srtp_ekt_stream_t ekt) { - /* - * if the pointer ekt is NULL, then EKT is not in effect, so we - * indicate this by returning zero - */ - if (!ekt) +#define EKT_OCTETS_AFTER_EMK 8 +#define EKT_OCTETS_AFTER_ROC 4 +#define EKT_SPI_LEN 2 + +unsigned srtp_ekt_octets_after_base_tag(srtp_ekt_stream_t ekt) +{ + /* + * if the pointer ekt is NULL, then EKT is not in effect, so we + * indicate this by returning zero + */ + if (!ekt) + return 0; + + switch (ekt->data->ekt_cipher_type) { + case SRTP_EKT_CIPHER_AES_128_ECB: + return 16 + EKT_OCTETS_AFTER_EMK; + break; + default: + break; + } return 0; - - switch(ekt->data->ekt_cipher_type) { - case SRTP_EKT_CIPHER_AES_128_ECB: - return 16 + EKT_OCTETS_AFTER_EMK; - break; - default: - break; - } - return 0; } -static inline srtp_ekt_spi_t srtcp_packet_get_ekt_spi(const uint8_t *packet_start, unsigned pkt_octet_len) { - const uint8_t *spi_location; - - spi_location = packet_start + (pkt_octet_len - EKT_SPI_LEN); - - return *((const srtp_ekt_spi_t *)spi_location); -} +static inline srtp_ekt_spi_t srtcp_packet_get_ekt_spi( + const uint8_t *packet_start, + unsigned pkt_octet_len) +{ + const uint8_t *spi_location; -static inline uint32_t srtcp_packet_get_ekt_roc(const uint8_t *packet_start, unsigned pkt_octet_len) { - const uint8_t *roc_location; - - roc_location = packet_start + (pkt_octet_len - EKT_OCTETS_AFTER_ROC); - - return *((const uint32_t *)roc_location); + spi_location = packet_start + (pkt_octet_len - EKT_SPI_LEN); + + return *((const srtp_ekt_spi_t *)spi_location); } -static inline const uint8_t * srtcp_packet_get_emk_location(const uint8_t *packet_start, unsigned pkt_octet_len) { - const uint8_t *location; - - location = packet_start + (pkt_octet_len - EKT_OCTETS_AFTER_BASE_TAG); +static inline uint32_t srtcp_packet_get_ekt_roc(const uint8_t *packet_start, + unsigned pkt_octet_len) +{ + const uint8_t *roc_location; + + roc_location = packet_start + (pkt_octet_len - EKT_OCTETS_AFTER_ROC); - return location; + return *((const uint32_t *)roc_location); } +static inline const uint8_t *srtcp_packet_get_emk_location( + const uint8_t *packet_start, + unsigned pkt_octet_len) +{ + const uint8_t *location; -srtp_err_status_t srtp_ekt_alloc(srtp_ekt_stream_t *stream_data, srtp_ekt_policy_t policy) { + location = packet_start + (pkt_octet_len - EKT_OCTETS_AFTER_BASE_TAG); - /* - * if the policy pointer is NULL, then EKT is not in use - * so we just set the EKT stream data pointer to NULL - */ - if (!policy) { - *stream_data = NULL; - return srtp_err_status_ok; - } + return location; +} - /* TODO */ - *stream_data = NULL; +srtp_err_status_t srtp_ekt_alloc(srtp_ekt_stream_t *stream_data, + srtp_ekt_policy_t policy) +{ + /* + * if the policy pointer is NULL, then EKT is not in use + * so we just set the EKT stream data pointer to NULL + */ + if (!policy) { + *stream_data = NULL; + return srtp_err_status_ok; + } - return srtp_err_status_ok; -} + /* TODO */ + *stream_data = NULL; -srtp_err_status_t srtp_ekt_stream_init_from_policy(srtp_ekt_stream_t stream_data, srtp_ekt_policy_t policy) { - if (!stream_data) return srtp_err_status_ok; - - return srtp_err_status_ok; } +srtp_err_status_t srtp_ekt_stream_init_from_policy( + srtp_ekt_stream_t stream_data, + srtp_ekt_policy_t policy) +{ + if (!stream_data) + return srtp_err_status_ok; + + return srtp_err_status_ok; +} -void aes_decrypt_with_raw_key(void *ciphertext, const void *key, int key_len) { +void aes_decrypt_with_raw_key(void *ciphertext, const void *key, int key_len) +{ #ifndef OPENSSL -//FIXME: need to get this working through the crypto module interface - srtp_aes_expanded_key_t expanded_key; + // FIXME: need to get this working through the crypto module interface + srtp_aes_expanded_key_t expanded_key; - srtp_aes_expand_decryption_key(key, key_len, &expanded_key); - srtp_aes_decrypt(ciphertext, &expanded_key); + srtp_aes_expand_decryption_key(key, key_len, &expanded_key); + srtp_aes_decrypt(ciphertext, &expanded_key); #endif } /* * The function srtp_stream_init_from_ekt() initializes a stream using - * the EKT data from an SRTCP trailer. + * the EKT data from an SRTCP trailer. */ -srtp_err_status_t srtp_stream_init_from_ekt(srtp_stream_t stream, const void *srtcp_hdr, unsigned pkt_octet_len) { - srtp_err_status_t err; - const uint8_t *master_key; - srtp_policy_t srtp_policy; - uint32_t roc; - - /* - * NOTE: at present, we only support a single ekt_policy at a time. - */ - if (stream->ekt->data->spi != - srtcp_packet_get_ekt_spi(srtcp_hdr, pkt_octet_len)) - return srtp_err_status_no_ctx; - - if (stream->ekt->data->ekt_cipher_type != SRTP_EKT_CIPHER_AES_128_ECB) - return srtp_err_status_bad_param; - - /* decrypt the Encrypted Master Key field */ - master_key = srtcp_packet_get_emk_location(srtcp_hdr, pkt_octet_len); - /* FIX!? This decrypts the master key in-place, and never uses it */ - /* FIX!? It's also passing to ekt_dec_key (which is an aes_expanded_key_t) - * to a function which expects a raw (unexpanded) key */ - aes_decrypt_with_raw_key((void*)master_key, &stream->ekt->data->ekt_dec_key, 16); - - /* set the SRTP ROC */ - roc = srtcp_packet_get_ekt_roc(srtcp_hdr, pkt_octet_len); - err = srtp_rdbx_set_roc(&stream->rtp_rdbx, roc); - if (err) return err; - - err = srtp_stream_init(stream, &srtp_policy); - if (err) return err; +srtp_err_status_t srtp_stream_init_from_ekt(srtp_stream_t stream, + const void *srtcp_hdr, + unsigned pkt_octet_len) +{ + srtp_err_status_t err; + const uint8_t *master_key; + srtp_policy_t srtp_policy; + uint32_t roc; + + /* + * NOTE: at present, we only support a single ekt_policy at a time. + */ + if (stream->ekt->data->spi != + srtcp_packet_get_ekt_spi(srtcp_hdr, pkt_octet_len)) + return srtp_err_status_no_ctx; + + if (stream->ekt->data->ekt_cipher_type != SRTP_EKT_CIPHER_AES_128_ECB) + return srtp_err_status_bad_param; + + /* decrypt the Encrypted Master Key field */ + master_key = srtcp_packet_get_emk_location(srtcp_hdr, pkt_octet_len); + /* FIX!? This decrypts the master key in-place, and never uses it */ + /* FIX!? It's also passing to ekt_dec_key (which is an aes_expanded_key_t) + * to a function which expects a raw (unexpanded) key */ + aes_decrypt_with_raw_key((void *)master_key, + &stream->ekt->data->ekt_dec_key, 16); + + /* set the SRTP ROC */ + roc = srtcp_packet_get_ekt_roc(srtcp_hdr, pkt_octet_len); + err = srtp_rdbx_set_roc(&stream->rtp_rdbx, roc); + if (err) + return err; + + err = srtp_stream_init(stream, &srtp_policy); + if (err) + return err; - return srtp_err_status_ok; + return srtp_err_status_ok; } -void srtp_ekt_write_data(srtp_ekt_stream_t ekt, uint8_t *base_tag, unsigned base_tag_len, int *packet_len, srtp_xtd_seq_num_t pkt_index) { - uint32_t roc; - uint16_t isn; - unsigned emk_len; - uint8_t *packet; - - /* if the pointer ekt is NULL, then EKT is not in effect */ - if (!ekt) { - debug_print(mod_srtp, "EKT not in use", NULL); - return; - } - - /* write zeros into the location of the base tag */ - octet_string_set_to_zero(base_tag, base_tag_len); - packet = base_tag + base_tag_len; - - /* copy encrypted master key into packet */ - emk_len = srtp_ekt_octets_after_base_tag(ekt); - memcpy(packet, ekt->encrypted_master_key, emk_len); - debug_print(mod_srtp, "writing EKT EMK: %s,", - srtp_octet_string_hex_string(packet, emk_len)); - packet += emk_len; - - /* copy ROC into packet */ - roc = (uint32_t)(pkt_index >> 16); - *((uint32_t *)packet) = be32_to_cpu(roc); - debug_print(mod_srtp, "writing EKT ROC: %s,", - srtp_octet_string_hex_string(packet, sizeof(roc))); - packet += sizeof(roc); - - /* copy ISN into packet */ - isn = (uint16_t)pkt_index; - *((uint16_t *)packet) = htons(isn); - debug_print(mod_srtp, "writing EKT ISN: %s,", - srtp_octet_string_hex_string(packet, sizeof(isn))); - packet += sizeof(isn); - - /* copy SPI into packet */ - *((uint16_t *)packet) = htons(ekt->data->spi); - debug_print(mod_srtp, "writing EKT SPI: %s,", - srtp_octet_string_hex_string(packet, sizeof(ekt->data->spi))); +void srtp_ekt_write_data(srtp_ekt_stream_t ekt, + uint8_t *base_tag, + unsigned base_tag_len, + int *packet_len, + srtp_xtd_seq_num_t pkt_index) +{ + uint32_t roc; + uint16_t isn; + unsigned emk_len; + uint8_t *packet; + + /* if the pointer ekt is NULL, then EKT is not in effect */ + if (!ekt) { + debug_print(mod_srtp, "EKT not in use", NULL); + return; + } + + /* write zeros into the location of the base tag */ + octet_string_set_to_zero(base_tag, base_tag_len); + packet = base_tag + base_tag_len; + + /* copy encrypted master key into packet */ + emk_len = srtp_ekt_octets_after_base_tag(ekt); + memcpy(packet, ekt->encrypted_master_key, emk_len); + debug_print(mod_srtp, "writing EKT EMK: %s,", + srtp_octet_string_hex_string(packet, emk_len)); + packet += emk_len; + + /* copy ROC into packet */ + roc = (uint32_t)(pkt_index >> 16); + *((uint32_t *)packet) = be32_to_cpu(roc); + debug_print(mod_srtp, "writing EKT ROC: %s,", + srtp_octet_string_hex_string(packet, sizeof(roc))); + packet += sizeof(roc); + + /* copy ISN into packet */ + isn = (uint16_t)pkt_index; + *((uint16_t *)packet) = htons(isn); + debug_print(mod_srtp, "writing EKT ISN: %s,", + srtp_octet_string_hex_string(packet, sizeof(isn))); + packet += sizeof(isn); + + /* copy SPI into packet */ + *((uint16_t *)packet) = htons(ekt->data->spi); + debug_print(mod_srtp, "writing EKT SPI: %s,", + srtp_octet_string_hex_string(packet, sizeof(ekt->data->spi))); - /* increase packet length appropriately */ - *packet_len += EKT_OCTETS_AFTER_EMK + emk_len; + /* increase packet length appropriately */ + *packet_len += EKT_OCTETS_AFTER_EMK + emk_len; } - /* * The function call srtcp_ekt_trailer(ekt, auth_len, auth_tag ) - * + * * If the pointer ekt is NULL, then the other inputs are unaffected. * * auth_tag is a pointer to the pointer to the location of the * authentication tag in the packet. If EKT is in effect, then the - * auth_tag pointer is set to the location + * auth_tag pointer is set to the location */ -void srtcp_ekt_trailer(srtp_ekt_stream_t ekt, unsigned *auth_len, void **auth_tag, void *tag_copy) { - /* - * if there is no EKT policy, then the other inputs are unaffected - */ - if (!ekt) - return; - - /* copy auth_tag into temporary location */ - -} +void srtcp_ekt_trailer(srtp_ekt_stream_t ekt, + unsigned *auth_len, + void **auth_tag, + void *tag_copy) +{ + /* + * if there is no EKT policy, then the other inputs are unaffected + */ + if (!ekt) + return; + /* copy auth_tag into temporary location */ +} diff -Nru libsrtp2-2.1.0/srtp/srtp.c libsrtp2-2.2.0/srtp/srtp.c --- libsrtp2-2.1.0/srtp/srtp.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/srtp/srtp.c 2018-05-15 19:33:24.000000000 +0000 @@ -7,26 +7,26 @@ * Cisco Systems, Inc. */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -48,66 +48,67 @@ #include "srtp_priv.h" #include "crypto_types.h" #include "err.h" -#include "ekt.h" /* for SRTP Encrypted Key Transport */ -#include "alloc.h" /* for srtp_crypto_alloc() */ +#include "ekt.h" /* for SRTP Encrypted Key Transport */ +#include "alloc.h" /* for srtp_crypto_alloc() */ + #ifdef OPENSSL -#include "aes_gcm_ossl.h" /* for AES GCM mode */ -# ifdef OPENSSL_KDF -# include <openssl/kdf.h> -# include "aes_icm_ossl.h" /* for AES GCM mode */ -# endif +#include "aes_gcm_ossl.h" /* for AES GCM mode */ +#ifdef OPENSSL_KDF +#include <openssl/kdf.h> +#include "aes_icm_ossl.h" /* for AES GCM mode */ +#endif #endif #include <limits.h> #ifdef HAVE_NETINET_IN_H -# include <netinet/in.h> +#include <netinet/in.h> #elif defined(HAVE_WINSOCK2_H) -# include <winsock2.h> +#include <winsock2.h> #endif - /* the debug module for srtp */ - srtp_debug_module_t mod_srtp = { - 0, /* debugging is off by default */ - "srtp" /* printable name for module */ + 0, /* debugging is off by default */ + "srtp" /* printable name for module */ }; -#define octets_in_rtp_header 12 -#define uint32s_in_rtp_header 3 -#define octets_in_rtcp_header 8 +#define octets_in_rtp_header 12 +#define uint32s_in_rtp_header 3 +#define octets_in_rtcp_header 8 #define uint32s_in_rtcp_header 2 #define octets_in_rtp_extn_hdr 4 -static srtp_err_status_t -srtp_validate_rtp_header(void *rtp_hdr, int *pkt_octet_len) { - if (*pkt_octet_len < octets_in_rtp_header) - return srtp_err_status_bad_param; - - srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr; - - /* Check RTP header length */ - int rtp_header_len = octets_in_rtp_header + 4 * hdr->cc; - if (hdr->x == 1) - rtp_header_len += octets_in_rtp_extn_hdr; - - if (*pkt_octet_len < rtp_header_len) - return srtp_err_status_bad_param; - - /* Verifing profile length. */ - if (hdr->x == 1) { - srtp_hdr_xtnd_t *xtn_hdr = - (srtp_hdr_xtnd_t *)((uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc); - int profile_len = ntohs(xtn_hdr->length); - rtp_header_len += profile_len * 4; - /* profile length counts the number of 32-bit words */ +static srtp_err_status_t srtp_validate_rtp_header(void *rtp_hdr, + int *pkt_octet_len) +{ + if (*pkt_octet_len < octets_in_rtp_header) + return srtp_err_status_bad_param; + + srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr; + + /* Check RTP header length */ + int rtp_header_len = octets_in_rtp_header + 4 * hdr->cc; + if (hdr->x == 1) + rtp_header_len += octets_in_rtp_extn_hdr; + if (*pkt_octet_len < rtp_header_len) - return srtp_err_status_bad_param; - } - return srtp_err_status_ok; + return srtp_err_status_bad_param; + + /* Verifing profile length. */ + if (hdr->x == 1) { + srtp_hdr_xtnd_t *xtn_hdr = + (srtp_hdr_xtnd_t *)((uint32_t *)hdr + uint32s_in_rtp_header + + hdr->cc); + int profile_len = ntohs(xtn_hdr->length); + rtp_header_len += profile_len * 4; + /* profile length counts the number of 32-bit words */ + if (*pkt_octet_len < rtp_header_len) + return srtp_err_status_bad_param; + } + return srtp_err_status_ok; } -const char *srtp_get_version_string () +const char *srtp_get_version_string() { /* * Simply return the autotools generated string @@ -115,29 +116,29 @@ return SRTP_VER_STRING; } -unsigned int srtp_get_version () +unsigned int srtp_get_version() { unsigned int major = 0, minor = 0, micro = 0; unsigned int rv = 0; int parse_rv; /* - * Parse the autotools generated version + * Parse the autotools generated version */ parse_rv = sscanf(SRTP_VERSION, "%u.%u.%u", &major, &minor, &micro); if (parse_rv != 3) { - /* - * We're expected to parse all 3 version levels. - * If not, then this must not be an official release. - * Return all zeros on the version - */ - return (0); + /* + * We're expected to parse all 3 version levels. + * If not, then this must not be an official release. + * Return all zeros on the version + */ + return (0); } - /* + /* * We allow 8 bits for the major and minor, while * allowing 16 bits for the micro. 16 bits for the micro - * may be beneficial for a continuous delivery model + * may be beneficial for a continuous delivery model * in the future. */ rv |= (major & 0xFF) << 24; @@ -146,445 +147,409 @@ return rv; } -/* Release (maybe partially allocated) stream. */ -static void -srtp_stream_free(srtp_stream_ctx_t *str) { - unsigned int i = 0; - srtp_session_keys_t *session_keys = NULL; - - for (i = 0; i < str->num_master_keys; i++) { - session_keys = &str->session_keys[i]; +srtp_err_status_t srtp_stream_dealloc(srtp_stream_ctx_t *stream, + const srtp_stream_ctx_t *stream_template) +{ + srtp_err_status_t status; + unsigned int i = 0; + srtp_session_keys_t *session_keys = NULL; + srtp_session_keys_t *template_session_keys = NULL; + + /* + * we use a conservative deallocation strategy - if any deallocation + * fails, then we report that fact without trying to deallocate + * anything else + */ + if (stream->session_keys) { + for (i = 0; i < stream->num_master_keys; i++) { + session_keys = &stream->session_keys[i]; + + if (stream_template && + stream->num_master_keys == stream_template->num_master_keys) { + template_session_keys = &stream_template->session_keys[i]; + } else { + template_session_keys = NULL; + } - if (session_keys->rtp_xtn_hdr_cipher) { - srtp_cipher_dealloc(session_keys->rtp_xtn_hdr_cipher); - } + /* + * deallocate cipher, if it is not the same as that in template + */ + if (template_session_keys && + session_keys->rtp_cipher == template_session_keys->rtp_cipher) { + /* do nothing */ + } else if (session_keys->rtp_cipher) { + status = srtp_cipher_dealloc(session_keys->rtp_cipher); + if (status) + return status; + } - if (session_keys->rtcp_cipher) { - srtp_cipher_dealloc(session_keys->rtcp_cipher); - } + /* + * deallocate auth function, if it is not the same as that in + * template + */ + if (template_session_keys && + session_keys->rtp_auth == template_session_keys->rtp_auth) { + /* do nothing */ + } else if (session_keys->rtp_auth) { + status = srtp_auth_dealloc(session_keys->rtp_auth); + if (status) + return status; + } - if (session_keys->rtcp_auth) { - srtp_auth_dealloc(session_keys->rtcp_auth); - } + if (template_session_keys && + session_keys->rtp_xtn_hdr_cipher == + template_session_keys->rtp_xtn_hdr_cipher) { + /* do nothing */ + } else if (session_keys->rtp_xtn_hdr_cipher) { + status = srtp_cipher_dealloc(session_keys->rtp_xtn_hdr_cipher); + if (status) + return status; + } - if (session_keys->rtp_cipher) { - srtp_cipher_dealloc(session_keys->rtp_cipher); - } + /* + * deallocate rtcp cipher, if it is not the same as that in + * template + */ + if (template_session_keys && + session_keys->rtcp_cipher == + template_session_keys->rtcp_cipher) { + /* do nothing */ + } else if (session_keys->rtcp_cipher) { + status = srtp_cipher_dealloc(session_keys->rtcp_cipher); + if (status) + return status; + } - if (session_keys->rtp_auth) { - srtp_auth_dealloc(session_keys->rtp_auth); - } + /* + * deallocate rtcp auth function, if it is not the same as that in + * template + */ + if (template_session_keys && + session_keys->rtcp_auth == template_session_keys->rtcp_auth) { + /* do nothing */ + } else if (session_keys->rtcp_auth) { + status = srtp_auth_dealloc(session_keys->rtcp_auth); + if (status) + return status; + } - if (session_keys->mki_id) { - srtp_crypto_free(session_keys->mki_id); - } + /* + * zeroize the salt value + */ + octet_string_set_to_zero(session_keys->salt, SRTP_AEAD_SALT_LEN); + octet_string_set_to_zero(session_keys->c_salt, SRTP_AEAD_SALT_LEN); + + if (session_keys->mki_id) { + octet_string_set_to_zero(session_keys->mki_id, + session_keys->mki_size); + srtp_crypto_free(session_keys->mki_id); + session_keys->mki_id = NULL; + } - if (session_keys->limit) { - srtp_crypto_free(session_keys->limit); + /* + * deallocate key usage limit, if it is not the same as that in + * template + */ + if (template_session_keys && + session_keys->limit == template_session_keys->limit) { + /* do nothing */ + } else if (session_keys->limit) { + srtp_crypto_free(session_keys->limit); + } + } + srtp_crypto_free(stream->session_keys); } - } - - srtp_crypto_free(str->session_keys); - - if (str->enc_xtn_hdr) { - srtp_crypto_free(str->enc_xtn_hdr); - } - - srtp_crypto_free(str); -} - -srtp_err_status_t -srtp_stream_alloc(srtp_stream_ctx_t **str_ptr, - const srtp_policy_t *p) { - srtp_stream_ctx_t *str; - srtp_err_status_t stat; - unsigned int i = 0; - srtp_session_keys_t *session_keys = NULL; - - /* - * This function allocates the stream context, rtp and rtcp ciphers - * and auth functions, and key limit structure. If there is a - * failure during allocation, we free all previously allocated - * memory and return a failure code. The code could probably - * be improved, but it works and should be clear. - */ - /* allocate srtp stream and set str_ptr */ - str = (srtp_stream_ctx_t *) srtp_crypto_alloc(sizeof(srtp_stream_ctx_t)); - if (str == NULL) - return srtp_err_status_alloc_fail; + status = srtp_rdbx_dealloc(&stream->rtp_rdbx); + if (status) + return status; - memset(str, 0, sizeof(srtp_stream_ctx_t)); - *str_ptr = str; + /* DAM - need to deallocate EKT here */ - /* To keep backwards API compatible if someone is using multiple master - * keys then key should be set to NULL - */ - if (p->key != NULL) { - str->num_master_keys = 1; - } else { - str->num_master_keys = p->num_master_keys; - } + if (stream_template && + stream->enc_xtn_hdr == stream_template->enc_xtn_hdr) { + /* do nothing */ + } else if (stream->enc_xtn_hdr) { + srtp_crypto_free(stream->enc_xtn_hdr); + } - str->session_keys = (srtp_session_keys_t *)srtp_crypto_alloc( - sizeof(srtp_session_keys_t) * str->num_master_keys); + /* deallocate srtp stream context */ + srtp_crypto_free(stream); - if (str->session_keys == NULL) { - srtp_stream_free(str); - return srtp_err_status_alloc_fail; - } + return srtp_err_status_ok; +} - memset(str->session_keys, 0, sizeof(srtp_session_keys_t) * str->num_master_keys); +srtp_err_status_t srtp_stream_alloc(srtp_stream_ctx_t **str_ptr, + const srtp_policy_t *p) +{ + srtp_stream_ctx_t *str; + srtp_err_status_t stat; + unsigned int i = 0; + srtp_session_keys_t *session_keys = NULL; - for (i = 0; i < str->num_master_keys; i++) { - session_keys = &str->session_keys[i]; + /* + * This function allocates the stream context, rtp and rtcp ciphers + * and auth functions, and key limit structure. If there is a + * failure during allocation, we free all previously allocated + * memory and return a failure code. The code could probably + * be improved, but it works and should be clear. + */ - /* allocate cipher */ - stat = srtp_crypto_kernel_alloc_cipher(p->rtp.cipher_type, - &session_keys->rtp_cipher, - p->rtp.cipher_key_len, - p->rtp.auth_tag_len); - if (stat) { - srtp_stream_free(str); - return stat; - } + /* allocate srtp stream and set str_ptr */ + str = (srtp_stream_ctx_t *)srtp_crypto_alloc(sizeof(srtp_stream_ctx_t)); + if (str == NULL) + return srtp_err_status_alloc_fail; - /* allocate auth function */ - stat = srtp_crypto_kernel_alloc_auth(p->rtp.auth_type, - &session_keys->rtp_auth, - p->rtp.auth_key_len, - p->rtp.auth_tag_len); - if (stat) { - srtp_stream_free(str); - return stat; - } + *str_ptr = str; /* - * ...and now the RTCP-specific initialization - first, allocate - * the cipher + *To keep backwards API compatible if someone is using multiple master + * keys then key should be set to NULL */ - stat = srtp_crypto_kernel_alloc_cipher(p->rtcp.cipher_type, - &session_keys->rtcp_cipher, - p->rtcp.cipher_key_len, - p->rtcp.auth_tag_len); - if (stat) { - srtp_stream_free(str); - return stat; + if (p->key != NULL) { + str->num_master_keys = 1; + } else { + str->num_master_keys = p->num_master_keys; } - /* allocate auth function */ - stat = srtp_crypto_kernel_alloc_auth(p->rtcp.auth_type, - &session_keys->rtcp_auth, - p->rtcp.auth_key_len, - p->rtcp.auth_tag_len); - if (stat) { - srtp_stream_free(str); - return stat; - } - - session_keys->mki_id = NULL; + str->session_keys = (srtp_session_keys_t *)srtp_crypto_alloc( + sizeof(srtp_session_keys_t) * str->num_master_keys); - /* allocate key limit structure */ - session_keys->limit = (srtp_key_limit_ctx_t*) srtp_crypto_alloc(sizeof(srtp_key_limit_ctx_t)); - if (session_keys->limit == NULL) { - srtp_stream_free(str); + if (str->session_keys == NULL) { + srtp_stream_dealloc(str, NULL); return srtp_err_status_alloc_fail; } - } - - /* allocate ekt data associated with stream */ - stat = srtp_ekt_alloc(&str->ekt, p->ekt); - if (stat) { - srtp_stream_free(str); - return stat; - } - - if (p->enc_xtn_hdr && p->enc_xtn_hdr_count > 0) { - srtp_cipher_type_id_t enc_xtn_hdr_cipher_type; - int enc_xtn_hdr_cipher_key_len; - - str->enc_xtn_hdr = (int*) srtp_crypto_alloc(p->enc_xtn_hdr_count * sizeof(p->enc_xtn_hdr[0])); - if (!str->enc_xtn_hdr) { - srtp_stream_free(str); - return srtp_err_status_alloc_fail; - } - memcpy(str->enc_xtn_hdr, p->enc_xtn_hdr, p->enc_xtn_hdr_count * sizeof(p->enc_xtn_hdr[0])); - str->enc_xtn_hdr_count = p->enc_xtn_hdr_count; - - /* For GCM ciphers, the corresponding ICM cipher is used for header extensions encryption. */ - switch (p->rtp.cipher_type) { - case SRTP_AES_GCM_128: - enc_xtn_hdr_cipher_type = SRTP_AES_ICM_128; - enc_xtn_hdr_cipher_key_len = SRTP_AES_ICM_128_KEY_LEN_WSALT; - break; - case SRTP_AES_GCM_256: - enc_xtn_hdr_cipher_type = SRTP_AES_ICM_256; - enc_xtn_hdr_cipher_key_len = SRTP_AES_ICM_256_KEY_LEN_WSALT; - break; - default: - enc_xtn_hdr_cipher_type = p->rtp.cipher_type; - enc_xtn_hdr_cipher_key_len = p->rtp.cipher_key_len; - break; - } for (i = 0; i < str->num_master_keys; i++) { - session_keys = &str->session_keys[i]; + session_keys = &str->session_keys[i]; - /* allocate cipher for extensions header encryption */ - stat = srtp_crypto_kernel_alloc_cipher(enc_xtn_hdr_cipher_type, - &session_keys->rtp_xtn_hdr_cipher, - enc_xtn_hdr_cipher_key_len, - 0); - if (stat) { - srtp_stream_free(str); - return stat; - } - } - } else { - for (i = 0; i < str->num_master_keys; i++) { - session_keys = &str->session_keys[i]; - session_keys->rtp_xtn_hdr_cipher = NULL; - } + /* allocate cipher */ + stat = srtp_crypto_kernel_alloc_cipher( + p->rtp.cipher_type, &session_keys->rtp_cipher, + p->rtp.cipher_key_len, p->rtp.auth_tag_len); + if (stat) { + srtp_stream_dealloc(str, NULL); + return stat; + } - str->enc_xtn_hdr = NULL; - str->enc_xtn_hdr_count = 0; - } - - return srtp_err_status_ok; -} - -srtp_err_status_t -srtp_stream_dealloc(srtp_stream_ctx_t *stream, srtp_stream_ctx_t *stream_template) { - srtp_err_status_t status; - unsigned int i = 0; - srtp_session_keys_t *session_keys = NULL; - srtp_session_keys_t *template_session_keys = NULL; - - /* - * we use a conservative deallocation strategy - if any deallocation - * fails, then we report that fact without trying to deallocate - * anything else - */ - for ( i = 0; i < stream->num_master_keys; i++) { - session_keys = &stream->session_keys[i]; + /* allocate auth function */ + stat = srtp_crypto_kernel_alloc_auth( + p->rtp.auth_type, &session_keys->rtp_auth, p->rtp.auth_key_len, + p->rtp.auth_tag_len); + if (stat) { + srtp_stream_dealloc(str, NULL); + return stat; + } - if (stream_template) { - template_session_keys = &stream_template->session_keys[i]; - } else { - template_session_keys = NULL; - } + /* + * ...and now the RTCP-specific initialization - first, allocate + * the cipher + */ + stat = srtp_crypto_kernel_alloc_cipher( + p->rtcp.cipher_type, &session_keys->rtcp_cipher, + p->rtcp.cipher_key_len, p->rtcp.auth_tag_len); + if (stat) { + srtp_stream_dealloc(str, NULL); + return stat; + } - /* deallocate cipher, if it is not the same as that in template */ - if (template_session_keys - && session_keys->rtp_cipher == template_session_keys->rtp_cipher) { - /* do nothing */ - } else { - status = srtp_cipher_dealloc(session_keys->rtp_cipher); - if (status) - return status; - } + /* allocate auth function */ + stat = srtp_crypto_kernel_alloc_auth( + p->rtcp.auth_type, &session_keys->rtcp_auth, p->rtcp.auth_key_len, + p->rtcp.auth_tag_len); + if (stat) { + srtp_stream_dealloc(str, NULL); + return stat; + } - /* deallocate auth function, if it is not the same as that in template */ - if (template_session_keys - && session_keys->rtp_auth == template_session_keys->rtp_auth) { - /* do nothing */ - } else { - status = srtp_auth_dealloc(session_keys->rtp_auth); - if (status) - return status; - } + session_keys->mki_id = NULL; - if (template_session_keys - && session_keys->rtp_xtn_hdr_cipher == template_session_keys->rtp_xtn_hdr_cipher) { - /* do nothing */ - } else if (session_keys->rtp_xtn_hdr_cipher) { - status = srtp_cipher_dealloc(session_keys->rtp_xtn_hdr_cipher); - if (status) - return status; + /* allocate key limit structure */ + session_keys->limit = (srtp_key_limit_ctx_t *)srtp_crypto_alloc( + sizeof(srtp_key_limit_ctx_t)); + if (session_keys->limit == NULL) { + srtp_stream_dealloc(str, NULL); + return srtp_err_status_alloc_fail; + } } - /* - * deallocate rtcp cipher, if it is not the same as that in - * template - */ - if (template_session_keys - && session_keys->rtcp_cipher == template_session_keys->rtcp_cipher) { - /* do nothing */ - } else { - status = srtp_cipher_dealloc(session_keys->rtcp_cipher); - if (status) - return status; + /* allocate ekt data associated with stream */ + stat = srtp_ekt_alloc(&str->ekt, p->ekt); + if (stat) { + srtp_stream_dealloc(str, NULL); + return stat; } - /* - * deallocate rtcp auth function, if it is not the same as that in - * template - */ - if (template_session_keys - && session_keys->rtcp_auth == template_session_keys->rtcp_auth) { - /* do nothing */ - } else { - status = srtp_auth_dealloc(session_keys->rtcp_auth); - if (status) - return status; - } + if (p->enc_xtn_hdr && p->enc_xtn_hdr_count > 0) { + srtp_cipher_type_id_t enc_xtn_hdr_cipher_type; + int enc_xtn_hdr_cipher_key_len; + + str->enc_xtn_hdr = (int *)srtp_crypto_alloc(p->enc_xtn_hdr_count * + sizeof(p->enc_xtn_hdr[0])); + if (!str->enc_xtn_hdr) { + srtp_stream_dealloc(str, NULL); + return srtp_err_status_alloc_fail; + } + memcpy(str->enc_xtn_hdr, p->enc_xtn_hdr, + p->enc_xtn_hdr_count * sizeof(p->enc_xtn_hdr[0])); + str->enc_xtn_hdr_count = p->enc_xtn_hdr_count; - /* - * zeroize the salt value - */ - octet_string_set_to_zero(session_keys->salt, SRTP_AEAD_SALT_LEN); - octet_string_set_to_zero(session_keys->c_salt, SRTP_AEAD_SALT_LEN); + /* + * For GCM ciphers, the corresponding ICM cipher is used for header + * extensions encryption. + */ + switch (p->rtp.cipher_type) { + case SRTP_AES_GCM_128: + enc_xtn_hdr_cipher_type = SRTP_AES_ICM_128; + enc_xtn_hdr_cipher_key_len = SRTP_AES_ICM_128_KEY_LEN_WSALT; + break; + case SRTP_AES_GCM_256: + enc_xtn_hdr_cipher_type = SRTP_AES_ICM_256; + enc_xtn_hdr_cipher_key_len = SRTP_AES_ICM_256_KEY_LEN_WSALT; + break; + default: + enc_xtn_hdr_cipher_type = p->rtp.cipher_type; + enc_xtn_hdr_cipher_key_len = p->rtp.cipher_key_len; + break; + } - if (session_keys->mki_id) { - octet_string_set_to_zero(session_keys->mki_id, session_keys->mki_size); - srtp_crypto_free(session_keys->mki_id); - session_keys->mki_id = NULL; - } + for (i = 0; i < str->num_master_keys; i++) { + session_keys = &str->session_keys[i]; - /* deallocate key usage limit, if it is not the same as that in template */ - if (template_session_keys - && session_keys->limit == template_session_keys->limit) { - /* do nothing */ + /* allocate cipher for extensions header encryption */ + stat = srtp_crypto_kernel_alloc_cipher( + enc_xtn_hdr_cipher_type, &session_keys->rtp_xtn_hdr_cipher, + enc_xtn_hdr_cipher_key_len, 0); + if (stat) { + srtp_stream_dealloc(str, NULL); + return stat; + } + } } else { - srtp_crypto_free(session_keys->limit); - } - - } - - if (stream_template - && stream->session_keys == stream_template->session_keys) { - /* do nothing */ - } else { - srtp_crypto_free(stream->session_keys); - } - - status = srtp_rdbx_dealloc(&stream->rtp_rdbx); - if (status) - return status; - - /* DAM - need to deallocate EKT here */ - - if (stream_template - && stream->enc_xtn_hdr == stream_template->enc_xtn_hdr) { - /* do nothing */ - } else if (stream->enc_xtn_hdr) { - srtp_crypto_free(stream->enc_xtn_hdr); - } + for (i = 0; i < str->num_master_keys; i++) { + session_keys = &str->session_keys[i]; + session_keys->rtp_xtn_hdr_cipher = NULL; + } - /* deallocate srtp stream context */ - srtp_crypto_free(stream); + str->enc_xtn_hdr = NULL; + str->enc_xtn_hdr_count = 0; + } - return srtp_err_status_ok; + return srtp_err_status_ok; } - /* * srtp_stream_clone(stream_template, new) allocates a new stream and * initializes it using the cipher and auth of the stream_template - * + * * the only unique data in a cloned stream is the replay database and * the SSRC */ -srtp_err_status_t -srtp_stream_clone(const srtp_stream_ctx_t *stream_template, - uint32_t ssrc, - srtp_stream_ctx_t **str_ptr) { - srtp_err_status_t status; - srtp_stream_ctx_t *str; - unsigned int i = 0; - srtp_session_keys_t *session_keys = NULL; - const srtp_session_keys_t *template_session_keys = NULL; - - debug_print(mod_srtp, "cloning stream (SSRC: 0x%08x)", ntohl(ssrc)); - - /* allocate srtp stream and set str_ptr */ - str = (srtp_stream_ctx_t *) srtp_crypto_alloc(sizeof(srtp_stream_ctx_t)); - if (str == NULL) - return srtp_err_status_alloc_fail; - *str_ptr = str; - - str->num_master_keys = stream_template->num_master_keys; - str->session_keys = (srtp_session_keys_t *)srtp_crypto_alloc( - sizeof(srtp_session_keys_t) * str->num_master_keys); - - if (str->session_keys == NULL) { - srtp_crypto_free(*str_ptr); - *str_ptr = NULL; - return srtp_err_status_alloc_fail; - } - - for (i = 0; i < stream_template->num_master_keys; i++){ - session_keys = &str->session_keys[i]; - template_session_keys = &stream_template->session_keys[i]; - - /* set cipher and auth pointers to those of the template */ - session_keys->rtp_cipher = template_session_keys->rtp_cipher; - session_keys->rtp_auth = template_session_keys->rtp_auth; - session_keys->rtp_xtn_hdr_cipher = template_session_keys->rtp_xtn_hdr_cipher; - session_keys->rtcp_cipher = template_session_keys->rtcp_cipher; - session_keys->rtcp_auth = template_session_keys->rtcp_auth; - session_keys->mki_size = template_session_keys->mki_size; +srtp_err_status_t srtp_stream_clone(const srtp_stream_ctx_t *stream_template, + uint32_t ssrc, + srtp_stream_ctx_t **str_ptr) +{ + srtp_err_status_t status; + srtp_stream_ctx_t *str; + unsigned int i = 0; + srtp_session_keys_t *session_keys = NULL; + const srtp_session_keys_t *template_session_keys = NULL; + + debug_print(mod_srtp, "cloning stream (SSRC: 0x%08x)", ntohl(ssrc)); + + /* allocate srtp stream and set str_ptr */ + str = (srtp_stream_ctx_t *)srtp_crypto_alloc(sizeof(srtp_stream_ctx_t)); + if (str == NULL) + return srtp_err_status_alloc_fail; + *str_ptr = str; - if (template_session_keys->mki_size == 0) { - session_keys->mki_id = NULL; - } else { - session_keys->mki_id = srtp_crypto_alloc(template_session_keys->mki_size); + str->num_master_keys = stream_template->num_master_keys; + str->session_keys = (srtp_session_keys_t *)srtp_crypto_alloc( + sizeof(srtp_session_keys_t) * str->num_master_keys); + + if (str->session_keys == NULL) { + srtp_stream_dealloc(*str_ptr, stream_template); + *str_ptr = NULL; + return srtp_err_status_alloc_fail; + } - if (session_keys->mki_id == NULL) { - return srtp_err_status_init_fail; - } - memset(session_keys->mki_id, 0x0, session_keys->mki_size); - memcpy(session_keys->mki_id, template_session_keys->mki_id, session_keys->mki_size); - } - /* Copy the salt values */ - memcpy(session_keys->salt, template_session_keys->salt, SRTP_AEAD_SALT_LEN); - memcpy(session_keys->c_salt, template_session_keys->c_salt, SRTP_AEAD_SALT_LEN); - - /* set key limit to point to that of the template */ - status = srtp_key_limit_clone(template_session_keys->limit, &session_keys->limit); - if (status) { - srtp_crypto_free(*str_ptr); - *str_ptr = NULL; - return status; - } - } - - - /* initialize replay databases */ - status = srtp_rdbx_init(&str->rtp_rdbx, - srtp_rdbx_get_window_size(&stream_template->rtp_rdbx)); - if (status) { - srtp_crypto_free(*str_ptr); - *str_ptr = NULL; - return status; - } - srtp_rdb_init(&str->rtcp_rdb); - str->allow_repeat_tx = stream_template->allow_repeat_tx; - - /* set ssrc to that provided */ - str->ssrc = ssrc; - - /* reset pending ROC */ - str->pending_roc = 0; - - /* set direction and security services */ - str->direction = stream_template->direction; - str->rtp_services = stream_template->rtp_services; - str->rtcp_services = stream_template->rtcp_services; - - /* set pointer to EKT data associated with stream */ - str->ekt = stream_template->ekt; - - /* copy information about extensions header encryption */ - str->enc_xtn_hdr = stream_template->enc_xtn_hdr; - str->enc_xtn_hdr_count = stream_template->enc_xtn_hdr_count; - - /* defensive coding */ - str->next = NULL; - return srtp_err_status_ok; -} + for (i = 0; i < stream_template->num_master_keys; i++) { + session_keys = &str->session_keys[i]; + template_session_keys = &stream_template->session_keys[i]; + + /* set cipher and auth pointers to those of the template */ + session_keys->rtp_cipher = template_session_keys->rtp_cipher; + session_keys->rtp_auth = template_session_keys->rtp_auth; + session_keys->rtp_xtn_hdr_cipher = + template_session_keys->rtp_xtn_hdr_cipher; + session_keys->rtcp_cipher = template_session_keys->rtcp_cipher; + session_keys->rtcp_auth = template_session_keys->rtcp_auth; + session_keys->mki_size = template_session_keys->mki_size; + + if (template_session_keys->mki_size == 0) { + session_keys->mki_id = NULL; + } else { + session_keys->mki_id = + srtp_crypto_alloc(template_session_keys->mki_size); + + if (session_keys->mki_id == NULL) { + srtp_stream_dealloc(*str_ptr, stream_template); + *str_ptr = NULL; + return srtp_err_status_init_fail; + } + memcpy(session_keys->mki_id, template_session_keys->mki_id, + session_keys->mki_size); + } + /* Copy the salt values */ + memcpy(session_keys->salt, template_session_keys->salt, + SRTP_AEAD_SALT_LEN); + memcpy(session_keys->c_salt, template_session_keys->c_salt, + SRTP_AEAD_SALT_LEN); + + /* set key limit to point to that of the template */ + status = srtp_key_limit_clone(template_session_keys->limit, + &session_keys->limit); + if (status) { + srtp_stream_dealloc(*str_ptr, stream_template); + *str_ptr = NULL; + return status; + } + } + + /* initialize replay databases */ + status = srtp_rdbx_init( + &str->rtp_rdbx, srtp_rdbx_get_window_size(&stream_template->rtp_rdbx)); + if (status) { + srtp_stream_dealloc(*str_ptr, stream_template); + *str_ptr = NULL; + return status; + } + srtp_rdb_init(&str->rtcp_rdb); + str->allow_repeat_tx = stream_template->allow_repeat_tx; + + /* set ssrc to that provided */ + str->ssrc = ssrc; + /* reset pending ROC */ + str->pending_roc = 0; + + /* set direction and security services */ + str->direction = stream_template->direction; + str->rtp_services = stream_template->rtp_services; + str->rtcp_services = stream_template->rtcp_services; + + /* set pointer to EKT data associated with stream */ + str->ekt = stream_template->ekt; + + /* copy information about extensions header encryption */ + str->enc_xtn_hdr = stream_template->enc_xtn_hdr; + str->enc_xtn_hdr_count = stream_template->enc_xtn_hdr_count; + + /* defensive coding */ + str->next = NULL; + return srtp_err_status_ok; +} /* * key derivation functions, internal to libSRTP @@ -593,7 +558,7 @@ * * srtp_kdf_init(&kdf, cipher_id, k, keylen) initializes kdf to use cipher * described by cipher_id, with the master key k with length in octets keylen. - * + * * srtp_kdf_generate(&kdf, l, kl, keylen) derives the key * corresponding to label l and puts it into kl; the length * of the key in octets is provided as keylen. this function @@ -603,39 +568,42 @@ */ typedef enum { - label_rtp_encryption = 0x00, - label_rtp_msg_auth = 0x01, - label_rtp_salt = 0x02, - label_rtcp_encryption = 0x03, - label_rtcp_msg_auth = 0x04, - label_rtcp_salt = 0x05, - label_rtp_header_encryption = 0x06, - label_rtp_header_salt = 0x07 + label_rtp_encryption = 0x00, + label_rtp_msg_auth = 0x01, + label_rtp_salt = 0x02, + label_rtcp_encryption = 0x03, + label_rtcp_msg_auth = 0x04, + label_rtcp_salt = 0x05, + label_rtp_header_encryption = 0x06, + label_rtp_header_salt = 0x07 } srtp_prf_label; #define MAX_SRTP_KEY_LEN 256 #if defined(OPENSSL) && defined(OPENSSL_KDF) #define MAX_SRTP_AESKEY_LEN 32 -#define MAX_SRTP_SALT_LEN 14 +#define MAX_SRTP_SALT_LEN 14 /* * srtp_kdf_t represents a key derivation function. The SRTP * default KDF is the only one implemented at present. */ -typedef struct { +typedef struct { uint8_t master_key[MAX_SRTP_AESKEY_LEN]; uint8_t master_salt[MAX_SRTP_SALT_LEN]; const EVP_CIPHER *evp; } srtp_kdf_t; - -static srtp_err_status_t srtp_kdf_init(srtp_kdf_t *kdf, const uint8_t *key, int key_len, int salt_len) +static srtp_err_status_t srtp_kdf_init(srtp_kdf_t *kdf, + const uint8_t *key, + int key_len, + int salt_len) { memset(kdf, 0x0, sizeof(srtp_kdf_t)); /* The NULL cipher has zero key length */ - if (key_len == 0) return srtp_err_status_ok; + if (key_len == 0) + return srtp_err_status_ok; if ((key_len > MAX_SRTP_AESKEY_LEN) || (salt_len > MAX_SRTP_SALT_LEN)) { return srtp_err_status_bad_param; @@ -654,17 +622,21 @@ return srtp_err_status_bad_param; break; } - memcpy(kdf->master_key, key, key_len); - memcpy(kdf->master_salt, key+key_len, salt_len); + memcpy(kdf->master_key, key, key_len); + memcpy(kdf->master_salt, key + key_len, salt_len); return srtp_err_status_ok; } -static srtp_err_status_t srtp_kdf_generate(srtp_kdf_t *kdf, srtp_prf_label label, uint8_t *key, unsigned int length) +static srtp_err_status_t srtp_kdf_generate(srtp_kdf_t *kdf, + srtp_prf_label label, + uint8_t *key, + unsigned int length) { int ret; /* The NULL cipher will not have an EVP */ - if (!kdf->evp) return srtp_err_status_ok; + if (!kdf->evp) + return srtp_err_status_ok; octet_string_set_to_zero(key, length); /* @@ -672,7 +644,8 @@ * This is useful if OpenSSL is in FIPS mode and FIP * compliance is required for SRTP. */ - ret = kdf_srtp(kdf->evp, (char *)&kdf->master_key, (char *)&kdf->master_salt, NULL, NULL, label, (char *)key); + ret = kdf_srtp(kdf->evp, (char *)&kdf->master_key, + (char *)&kdf->master_salt, NULL, NULL, label, (char *)key); if (ret == -1) { return (srtp_err_status_algo_fail); } @@ -680,25 +653,28 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_kdf_clear(srtp_kdf_t *kdf) { +static srtp_err_status_t srtp_kdf_clear(srtp_kdf_t *kdf) +{ octet_string_set_to_zero(kdf->master_key, MAX_SRTP_AESKEY_LEN); octet_string_set_to_zero(kdf->master_salt, MAX_SRTP_SALT_LEN); kdf->evp = NULL; - return srtp_err_status_ok; + return srtp_err_status_ok; } -#else /* if OPENSSL_KDF */ +#else /* if OPENSSL_KDF */ /* * srtp_kdf_t represents a key derivation function. The SRTP * default KDF is the only one implemented at present. */ -typedef struct { - srtp_cipher_t *cipher; /* cipher used for key derivation */ +typedef struct { + srtp_cipher_t *cipher; /* cipher used for key derivation */ } srtp_kdf_t; -static srtp_err_status_t srtp_kdf_init(srtp_kdf_t *kdf, const uint8_t *key, int key_len) +static srtp_err_status_t srtp_kdf_init(srtp_kdf_t *kdf, + const uint8_t *key, + int key_len) { srtp_cipher_type_id_t cipher_id; switch (key_len) { @@ -718,7 +694,8 @@ srtp_err_status_t stat; stat = srtp_crypto_kernel_alloc_cipher(cipher_id, &kdf->cipher, key_len, 0); - if (stat) return stat; + if (stat) + return stat; stat = srtp_cipher_init(kdf->cipher, key); if (stat) { @@ -728,105 +705,113 @@ return srtp_err_status_ok; } -static srtp_err_status_t srtp_kdf_generate(srtp_kdf_t *kdf, srtp_prf_label label, uint8_t *key, unsigned int length) +static srtp_err_status_t srtp_kdf_generate(srtp_kdf_t *kdf, + srtp_prf_label label, + uint8_t *key, + unsigned int length) { srtp_err_status_t status; v128_t nonce; - + /* set eigth octet of nonce to <label>, set the rest of it to zero */ v128_set_to_zero(&nonce); nonce.v8[7] = label; - - status = srtp_cipher_set_iv(kdf->cipher, (uint8_t*)&nonce, srtp_direction_encrypt); - if (status) return status; - + + status = srtp_cipher_set_iv(kdf->cipher, (uint8_t *)&nonce, + srtp_direction_encrypt); + if (status) + return status; + /* generate keystream output */ octet_string_set_to_zero(key, length); status = srtp_cipher_encrypt(kdf->cipher, key, &length); - if (status) return status; + if (status) + return status; return srtp_err_status_ok; } -static srtp_err_status_t srtp_kdf_clear(srtp_kdf_t *kdf) { +static srtp_err_status_t srtp_kdf_clear(srtp_kdf_t *kdf) +{ srtp_err_status_t status; status = srtp_cipher_dealloc(kdf->cipher); - if (status) return status; + if (status) + return status; kdf->cipher = NULL; - return srtp_err_status_ok; + return srtp_err_status_ok; } #endif /* else OPENSSL_KDF */ /* - * end of key derivation functions + * end of key derivation functions */ - - /* Get the base key length corresponding to a given combined key+salt * length for the given cipher. * TODO: key and salt lengths should be separate fields in the policy. */ -static inline int base_key_length(const srtp_cipher_type_t *cipher, int key_length) +static inline int base_key_length(const srtp_cipher_type_t *cipher, + int key_length) { - switch (cipher->id) { - case SRTP_AES_ICM_128: - case SRTP_AES_ICM_192: - case SRTP_AES_ICM_256: - /* The legacy modes are derived from - * the configured key length on the policy */ - return key_length - SRTP_SALT_LEN; - break; - case SRTP_AES_GCM_128: - return key_length - SRTP_AEAD_SALT_LEN; - break; - case SRTP_AES_GCM_256: - return key_length - SRTP_AEAD_SALT_LEN; - break; - default: - return key_length; - break; - } + switch (cipher->id) { + case SRTP_AES_ICM_128: + case SRTP_AES_ICM_192: + case SRTP_AES_ICM_256: + /* The legacy modes are derived from + * the configured key length on the policy */ + return key_length - SRTP_SALT_LEN; + break; + case SRTP_AES_GCM_128: + return key_length - SRTP_AEAD_SALT_LEN; + break; + case SRTP_AES_GCM_256: + return key_length - SRTP_AEAD_SALT_LEN; + break; + default: + return key_length; + break; + } } -unsigned int -srtp_validate_policy_master_keys(const srtp_policy_t *policy) +unsigned int srtp_validate_policy_master_keys(const srtp_policy_t *policy) { - int i = 0; + unsigned long i = 0; if (policy->key == NULL) { if (policy->num_master_keys <= 0) return 0; if (policy->num_master_keys > SRTP_MAX_NUM_MASTER_KEYS) - return 0; - + return 0; + for (i = 0; i < policy->num_master_keys; i++) { if (policy->keys[i]->key == NULL) return 0; - if (policy->keys[i]->mki_size > SRTP_MAX_MKI_LEN) - return 0; + if (policy->keys[i]->mki_size > SRTP_MAX_MKI_LEN) + return 0; } } return 1; } -srtp_session_keys_t* -srtp_get_session_keys_with_mki_index(srtp_stream_ctx_t *stream, - unsigned int use_mki, - unsigned int mki_index) { +srtp_session_keys_t *srtp_get_session_keys_with_mki_index( + srtp_stream_ctx_t *stream, + unsigned int use_mki, + unsigned int mki_index) +{ if (use_mki) { - if (mki_index < stream->num_master_keys) { - return &stream->session_keys[mki_index]; + if (mki_index >= stream->num_master_keys) { + return NULL; } + return &stream->session_keys[mki_index]; } return &stream->session_keys[0]; } -unsigned int -srtp_inject_mki(uint8_t *mki_tag_location, srtp_session_keys_t* session_keys, - unsigned int use_mki) +unsigned int srtp_inject_mki(uint8_t *mki_tag_location, + srtp_session_keys_t *session_keys, + unsigned int use_mki) { unsigned int mki_size = 0; @@ -842,16 +827,17 @@ return mki_size; } -srtp_err_status_t -srtp_stream_init_all_master_keys(srtp_stream_ctx_t *srtp, - unsigned char *key, - srtp_master_key_t **keys, - const unsigned int max_master_keys) { - int i = 0; +srtp_err_status_t srtp_stream_init_all_master_keys( + srtp_stream_ctx_t *srtp, + unsigned char *key, + srtp_master_key_t **keys, + const unsigned int max_master_keys) +{ + unsigned int i = 0; srtp_err_status_t status = srtp_err_status_ok; srtp_master_key_t single_master_key; - if ( key != NULL ) { + if (key != NULL) { srtp->num_master_keys = 1; single_master_key.key = key; single_master_key.mki_id = NULL; @@ -860,7 +846,8 @@ } else { srtp->num_master_keys = max_master_keys; - for (i = 0; i < srtp->num_master_keys && i < SRTP_MAX_NUM_MASTER_KEYS; i++) { + for (i = 0; i < srtp->num_master_keys && i < SRTP_MAX_NUM_MASTER_KEYS; + i++) { status = srtp_stream_init_keys(srtp, keys[i], i); if (status) { @@ -872,576 +859,608 @@ return status; } -srtp_err_status_t -srtp_stream_init_keys(srtp_stream_ctx_t *srtp, srtp_master_key_t *master_key, - const unsigned int current_mki_index) { - srtp_err_status_t stat; - srtp_kdf_t kdf; - uint8_t tmp_key[MAX_SRTP_KEY_LEN]; - int kdf_keylen = 30, rtp_keylen, rtcp_keylen; - int rtp_base_key_len, rtp_salt_len; - int rtcp_base_key_len, rtcp_salt_len; - srtp_session_keys_t *session_keys = NULL; - unsigned char *key = master_key->key; - - /* If RTP or RTCP have a key length > AES-128, assume matching kdf. */ - /* TODO: kdf algorithm, master key length, and master salt length should - * be part of srtp_policy_t. */ - session_keys = &srtp->session_keys[current_mki_index]; +srtp_err_status_t srtp_stream_init_keys(srtp_stream_ctx_t *srtp, + srtp_master_key_t *master_key, + const unsigned int current_mki_index) +{ + srtp_err_status_t stat; + srtp_kdf_t kdf; + uint8_t tmp_key[MAX_SRTP_KEY_LEN]; + int kdf_keylen = 30, rtp_keylen, rtcp_keylen; + int rtp_base_key_len, rtp_salt_len; + int rtcp_base_key_len, rtcp_salt_len; + srtp_session_keys_t *session_keys = NULL; + unsigned char *key = master_key->key; + + /* If RTP or RTCP have a key length > AES-128, assume matching kdf. */ + /* TODO: kdf algorithm, master key length, and master salt length should + * be part of srtp_policy_t. + */ + session_keys = &srtp->session_keys[current_mki_index]; - /* initialize key limit to maximum value */ +/* initialize key limit to maximum value */ #ifdef NO_64BIT_MATH -{ - uint64_t temp; - temp = make64(UINT_MAX,UINT_MAX); - srtp_key_limit_set(session_keys->limit, temp); -} + { + uint64_t temp; + temp = make64(UINT_MAX, UINT_MAX); + srtp_key_limit_set(session_keys->limit, temp); + } #else - srtp_key_limit_set(session_keys->limit, 0xffffffffffffLL); + srtp_key_limit_set(session_keys->limit, 0xffffffffffffLL); #endif + if (master_key->mki_size != 0) { + session_keys->mki_id = srtp_crypto_alloc(master_key->mki_size); - if ( master_key->mki_size != 0 ) { - session_keys->mki_id = srtp_crypto_alloc(master_key->mki_size); + if (session_keys->mki_id == NULL) { + return srtp_err_status_init_fail; + } + memcpy(session_keys->mki_id, master_key->mki_id, master_key->mki_size); + } else { + session_keys->mki_id = NULL; + } - if (session_keys->mki_id == NULL) { - return srtp_err_status_init_fail; - } - memset(session_keys->mki_id, 0x0, master_key->mki_size); - memcpy(session_keys->mki_id, master_key->mki_id, master_key->mki_size); - } else { - session_keys->mki_id = NULL; - } - - session_keys->mki_size = master_key->mki_size; - - rtp_keylen = srtp_cipher_get_key_length(session_keys->rtp_cipher); - rtcp_keylen = srtp_cipher_get_key_length(session_keys->rtcp_cipher); - rtp_base_key_len = base_key_length(session_keys->rtp_cipher->type, rtp_keylen); - rtp_salt_len = rtp_keylen - rtp_base_key_len; - - if (rtp_keylen > kdf_keylen) { - kdf_keylen = 46; /* AES-CTR mode is always used for KDF */ - } - - if (rtcp_keylen > kdf_keylen) { - kdf_keylen = 46; /* AES-CTR mode is always used for KDF */ - } - - debug_print(mod_srtp, "srtp key len: %d", rtp_keylen); - debug_print(mod_srtp, "srtcp key len: %d", rtcp_keylen); - debug_print(mod_srtp, "base key len: %d", rtp_base_key_len); - debug_print(mod_srtp, "kdf key len: %d", kdf_keylen); - debug_print(mod_srtp, "rtp salt len: %d", rtp_salt_len); - - /* - * Make sure the key given to us is 'zero' appended. GCM - * mode uses a shorter master SALT (96 bits), but still relies on - * the legacy CTR mode KDF, which uses a 112 bit master SALT. - */ - memset(tmp_key, 0x0, MAX_SRTP_KEY_LEN); - memcpy(tmp_key, key, (rtp_base_key_len + rtp_salt_len)); + session_keys->mki_size = master_key->mki_size; - /* initialize KDF state */ -#if defined(OPENSSL) && defined(OPENSSL_KDF) - stat = srtp_kdf_init(&kdf, (const uint8_t *)tmp_key, rtp_base_key_len, rtp_salt_len); -#else - stat = srtp_kdf_init(&kdf, (const uint8_t *)tmp_key, kdf_keylen); -#endif - if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } - - /* generate encryption key */ - stat = srtp_kdf_generate(&kdf, label_rtp_encryption, - tmp_key, rtp_base_key_len); - if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } - debug_print(mod_srtp, "cipher key: %s", - srtp_octet_string_hex_string(tmp_key, rtp_base_key_len)); - - /* - * if the cipher in the srtp context uses a salt, then we need - * to generate the salt value - */ - if (rtp_salt_len > 0) { - debug_print(mod_srtp, "found rtp_salt_len > 0, generating salt", NULL); - - /* generate encryption salt, put after encryption key */ - stat = srtp_kdf_generate(&kdf, label_rtp_salt, - tmp_key + rtp_base_key_len, rtp_salt_len); - if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } - memcpy(session_keys->salt, tmp_key + rtp_base_key_len, SRTP_AEAD_SALT_LEN); - } - if (rtp_salt_len > 0) { - debug_print(mod_srtp, "cipher salt: %s", - srtp_octet_string_hex_string(tmp_key + rtp_base_key_len, rtp_salt_len)); - } - - /* initialize cipher */ - stat = srtp_cipher_init(session_keys->rtp_cipher, tmp_key); - if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } + rtp_keylen = srtp_cipher_get_key_length(session_keys->rtp_cipher); + rtcp_keylen = srtp_cipher_get_key_length(session_keys->rtcp_cipher); + rtp_base_key_len = + base_key_length(session_keys->rtp_cipher->type, rtp_keylen); + rtp_salt_len = rtp_keylen - rtp_base_key_len; - if (session_keys->rtp_xtn_hdr_cipher) { - /* generate extensions header encryption key */ - int rtp_xtn_hdr_keylen; - int rtp_xtn_hdr_base_key_len; - int rtp_xtn_hdr_salt_len; - srtp_kdf_t tmp_kdf; - srtp_kdf_t *xtn_hdr_kdf; - - if (session_keys->rtp_xtn_hdr_cipher->type != session_keys->rtp_cipher->type) { - /* With GCM ciphers, the header extensions are still encrypted using the corresponding ICM cipher. */ - /* See https://tools.ietf.org/html/rfc7714#section-8.3 */ - uint8_t tmp_xtn_hdr_key[MAX_SRTP_KEY_LEN]; - rtp_xtn_hdr_keylen = srtp_cipher_get_key_length(session_keys->rtp_xtn_hdr_cipher); - rtp_xtn_hdr_base_key_len = base_key_length(session_keys->rtp_xtn_hdr_cipher->type, - rtp_xtn_hdr_keylen); - rtp_xtn_hdr_salt_len = rtp_xtn_hdr_keylen - rtp_xtn_hdr_base_key_len; - if (rtp_xtn_hdr_salt_len > rtp_salt_len) { - switch (session_keys->rtp_cipher->type->id) { - case SRTP_AES_GCM_128: - case SRTP_AES_GCM_256: - /* The shorter GCM salt is padded to the required ICM salt length. */ - rtp_xtn_hdr_salt_len = rtp_salt_len; - break; - default: - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_bad_param; - } - } - memset(tmp_xtn_hdr_key, 0x0, MAX_SRTP_KEY_LEN); - memcpy(tmp_xtn_hdr_key, key, (rtp_xtn_hdr_base_key_len + rtp_xtn_hdr_salt_len)); - xtn_hdr_kdf = &tmp_kdf; + if (rtp_keylen > kdf_keylen) { + kdf_keylen = 46; /* AES-CTR mode is always used for KDF */ + } + + if (rtcp_keylen > kdf_keylen) { + kdf_keylen = 46; /* AES-CTR mode is always used for KDF */ + } + + debug_print(mod_srtp, "srtp key len: %d", rtp_keylen); + debug_print(mod_srtp, "srtcp key len: %d", rtcp_keylen); + debug_print(mod_srtp, "base key len: %d", rtp_base_key_len); + debug_print(mod_srtp, "kdf key len: %d", kdf_keylen); + debug_print(mod_srtp, "rtp salt len: %d", rtp_salt_len); + + /* + * Make sure the key given to us is 'zero' appended. GCM + * mode uses a shorter master SALT (96 bits), but still relies on + * the legacy CTR mode KDF, which uses a 112 bit master SALT. + */ + memset(tmp_key, 0x0, MAX_SRTP_KEY_LEN); + memcpy(tmp_key, key, (rtp_base_key_len + rtp_salt_len)); - /* initialize KDF state */ +/* initialize KDF state */ #if defined(OPENSSL) && defined(OPENSSL_KDF) - stat = srtp_kdf_init(xtn_hdr_kdf, (const uint8_t *)tmp_xtn_hdr_key, rtp_xtn_hdr_base_key_len, rtp_xtn_hdr_salt_len); + stat = srtp_kdf_init(&kdf, (const uint8_t *)tmp_key, rtp_base_key_len, + rtp_salt_len); #else - stat = srtp_kdf_init(xtn_hdr_kdf, (const uint8_t *)tmp_xtn_hdr_key, kdf_keylen); + stat = srtp_kdf_init(&kdf, (const uint8_t *)tmp_key, kdf_keylen); #endif - octet_string_set_to_zero(tmp_xtn_hdr_key, MAX_SRTP_KEY_LEN); - if (stat) { + if (stat) { /* zeroize temp buffer */ octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); return srtp_err_status_init_fail; - } - } else { - /* Reuse main KDF. */ - rtp_xtn_hdr_keylen = rtp_keylen; - rtp_xtn_hdr_base_key_len = rtp_base_key_len; - rtp_xtn_hdr_salt_len = rtp_salt_len; - xtn_hdr_kdf = &kdf; } - stat = srtp_kdf_generate(xtn_hdr_kdf, label_rtp_header_encryption, - tmp_key, rtp_xtn_hdr_base_key_len); + /* generate encryption key */ + stat = srtp_kdf_generate(&kdf, label_rtp_encryption, tmp_key, + rtp_base_key_len); if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; } - debug_print(mod_srtp, "extensions cipher key: %s", - srtp_octet_string_hex_string(tmp_key, rtp_xtn_hdr_base_key_len)); + debug_print(mod_srtp, "cipher key: %s", + srtp_octet_string_hex_string(tmp_key, rtp_base_key_len)); /* * if the cipher in the srtp context uses a salt, then we need * to generate the salt value */ - if (rtp_xtn_hdr_salt_len > 0) { - debug_print(mod_srtp, "found rtp_xtn_hdr_salt_len > 0, generating salt", NULL); + if (rtp_salt_len > 0) { + debug_print(mod_srtp, "found rtp_salt_len > 0, generating salt", NULL); - /* generate encryption salt, put after encryption key */ - stat = srtp_kdf_generate(xtn_hdr_kdf, label_rtp_header_salt, - tmp_key + rtp_xtn_hdr_base_key_len, rtp_xtn_hdr_salt_len); - if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } + /* generate encryption salt, put after encryption key */ + stat = srtp_kdf_generate(&kdf, label_rtp_salt, + tmp_key + rtp_base_key_len, rtp_salt_len); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; + } + memcpy(session_keys->salt, tmp_key + rtp_base_key_len, + SRTP_AEAD_SALT_LEN); } - if (rtp_xtn_hdr_salt_len > 0) { - debug_print(mod_srtp, "extensions cipher salt: %s", - srtp_octet_string_hex_string(tmp_key + rtp_xtn_hdr_base_key_len, rtp_xtn_hdr_salt_len)); + if (rtp_salt_len > 0) { + debug_print(mod_srtp, "cipher salt: %s", + srtp_octet_string_hex_string(tmp_key + rtp_base_key_len, + rtp_salt_len)); } - /* initialize extensions header cipher */ - stat = srtp_cipher_init(session_keys->rtp_xtn_hdr_cipher, tmp_key); + /* initialize cipher */ + stat = srtp_cipher_init(session_keys->rtp_cipher, tmp_key); if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } - - if (xtn_hdr_kdf != &kdf) { - /* release memory for custom header extension encryption kdf */ - stat = srtp_kdf_clear(xtn_hdr_kdf); - if (stat) { /* zeroize temp buffer */ octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); return srtp_err_status_init_fail; - } } - } - /* generate authentication key */ - stat = srtp_kdf_generate(&kdf, label_rtp_msg_auth, - tmp_key, srtp_auth_get_key_length(session_keys->rtp_auth)); - if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } - debug_print(mod_srtp, "auth key: %s", - srtp_octet_string_hex_string(tmp_key, - srtp_auth_get_key_length(session_keys->rtp_auth))); - - /* initialize auth function */ - stat = srtp_auth_init(session_keys->rtp_auth, tmp_key); - if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } - - /* - * ...now initialize SRTCP keys - */ - - rtcp_base_key_len = base_key_length(session_keys->rtcp_cipher->type, rtcp_keylen); - rtcp_salt_len = rtcp_keylen - rtcp_base_key_len; - debug_print(mod_srtp, "rtcp salt len: %d", rtcp_salt_len); - - /* generate encryption key */ - stat = srtp_kdf_generate(&kdf, label_rtcp_encryption, - tmp_key, rtcp_base_key_len); - if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } + if (session_keys->rtp_xtn_hdr_cipher) { + /* generate extensions header encryption key */ + int rtp_xtn_hdr_keylen; + int rtp_xtn_hdr_base_key_len; + int rtp_xtn_hdr_salt_len; + srtp_kdf_t tmp_kdf; + srtp_kdf_t *xtn_hdr_kdf; + + if (session_keys->rtp_xtn_hdr_cipher->type != + session_keys->rtp_cipher->type) { + /* + * With GCM ciphers, the header extensions are still encrypted using + * the corresponding ICM cipher. + * See https://tools.ietf.org/html/rfc7714#section-8.3 + */ + uint8_t tmp_xtn_hdr_key[MAX_SRTP_KEY_LEN]; + rtp_xtn_hdr_keylen = + srtp_cipher_get_key_length(session_keys->rtp_xtn_hdr_cipher); + rtp_xtn_hdr_base_key_len = base_key_length( + session_keys->rtp_xtn_hdr_cipher->type, rtp_xtn_hdr_keylen); + rtp_xtn_hdr_salt_len = + rtp_xtn_hdr_keylen - rtp_xtn_hdr_base_key_len; + if (rtp_xtn_hdr_salt_len > rtp_salt_len) { + switch (session_keys->rtp_cipher->type->id) { + case SRTP_AES_GCM_128: + case SRTP_AES_GCM_256: + /* + * The shorter GCM salt is padded to the required ICM salt + * length. + */ + rtp_xtn_hdr_salt_len = rtp_salt_len; + break; + default: + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_bad_param; + } + } + memset(tmp_xtn_hdr_key, 0x0, MAX_SRTP_KEY_LEN); + memcpy(tmp_xtn_hdr_key, key, + (rtp_xtn_hdr_base_key_len + rtp_xtn_hdr_salt_len)); + xtn_hdr_kdf = &tmp_kdf; - /* - * if the cipher in the srtp context uses a salt, then we need - * to generate the salt value - */ - if (rtcp_salt_len > 0) { - debug_print(mod_srtp, "found rtcp_salt_len > 0, generating rtcp salt", - NULL); - - /* generate encryption salt, put after encryption key */ - stat = srtp_kdf_generate(&kdf, label_rtcp_salt, - tmp_key + rtcp_base_key_len, rtcp_salt_len); - if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } - memcpy(session_keys->c_salt, tmp_key + rtcp_base_key_len, SRTP_AEAD_SALT_LEN); - } - debug_print(mod_srtp, "rtcp cipher key: %s", - srtp_octet_string_hex_string(tmp_key, rtcp_base_key_len)); - if (rtcp_salt_len > 0) { - debug_print(mod_srtp, "rtcp cipher salt: %s", - srtp_octet_string_hex_string(tmp_key + rtcp_base_key_len, rtcp_salt_len)); - } - - /* initialize cipher */ - stat = srtp_cipher_init(session_keys->rtcp_cipher, tmp_key); - if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } +/* initialize KDF state */ +#if defined(OPENSSL) && defined(OPENSSL_KDF) + stat = + srtp_kdf_init(xtn_hdr_kdf, (const uint8_t *)tmp_xtn_hdr_key, + rtp_xtn_hdr_base_key_len, rtp_xtn_hdr_salt_len); +#else + stat = srtp_kdf_init(xtn_hdr_kdf, (const uint8_t *)tmp_xtn_hdr_key, + kdf_keylen); +#endif + octet_string_set_to_zero(tmp_xtn_hdr_key, MAX_SRTP_KEY_LEN); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; + } + } else { + /* Reuse main KDF. */ + rtp_xtn_hdr_keylen = rtp_keylen; + rtp_xtn_hdr_base_key_len = rtp_base_key_len; + rtp_xtn_hdr_salt_len = rtp_salt_len; + xtn_hdr_kdf = &kdf; + } - /* generate authentication key */ - stat = srtp_kdf_generate(&kdf, label_rtcp_msg_auth, - tmp_key, srtp_auth_get_key_length(session_keys->rtcp_auth)); - if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } + stat = srtp_kdf_generate(xtn_hdr_kdf, label_rtp_header_encryption, + tmp_key, rtp_xtn_hdr_base_key_len); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; + } + debug_print( + mod_srtp, "extensions cipher key: %s", + srtp_octet_string_hex_string(tmp_key, rtp_xtn_hdr_base_key_len)); - debug_print(mod_srtp, "rtcp auth key: %s", - srtp_octet_string_hex_string(tmp_key, - srtp_auth_get_key_length(session_keys->rtcp_auth))); - - /* initialize auth function */ - stat = srtp_auth_init(session_keys->rtcp_auth, tmp_key); - if (stat) { - /* zeroize temp buffer */ - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - return srtp_err_status_init_fail; - } + /* + * if the cipher in the srtp context uses a salt, then we need + * to generate the salt value + */ + if (rtp_xtn_hdr_salt_len > 0) { + debug_print(mod_srtp, + "found rtp_xtn_hdr_salt_len > 0, generating salt", + NULL); + + /* generate encryption salt, put after encryption key */ + stat = srtp_kdf_generate(xtn_hdr_kdf, label_rtp_header_salt, + tmp_key + rtp_xtn_hdr_base_key_len, + rtp_xtn_hdr_salt_len); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; + } + } + if (rtp_xtn_hdr_salt_len > 0) { + debug_print( + mod_srtp, "extensions cipher salt: %s", + srtp_octet_string_hex_string(tmp_key + rtp_xtn_hdr_base_key_len, + rtp_xtn_hdr_salt_len)); + } - /* clear memory then return */ - stat = srtp_kdf_clear(&kdf); - octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); - if (stat) - return srtp_err_status_init_fail; - - return srtp_err_status_ok; -} - -srtp_err_status_t -srtp_stream_init(srtp_stream_ctx_t *srtp, - const srtp_policy_t *p) { - srtp_err_status_t err; - - debug_print(mod_srtp, "initializing stream (SSRC: 0x%08x)", - p->ssrc.value); - - /* initialize replay database */ - /* window size MUST be at least 64. MAY be larger. Values more than - * 2^15 aren't meaningful due to how extended sequence numbers are - * calculated. Let a window size of 0 imply the default value. */ - - if (p->window_size != 0 && (p->window_size < 64 || p->window_size >= 0x8000)) - return srtp_err_status_bad_param; - - if (p->window_size != 0) - err = srtp_rdbx_init(&srtp->rtp_rdbx, p->window_size); - else - err = srtp_rdbx_init(&srtp->rtp_rdbx, 128); - if (err) return err; - - /* set the SSRC value */ - srtp->ssrc = htonl(p->ssrc.value); - - /* reset pending ROC */ - srtp->pending_roc = 0; - - /* set the security service flags */ - srtp->rtp_services = p->rtp.sec_serv; - srtp->rtcp_services = p->rtcp.sec_serv; - - /* - * set direction to unknown - this flag gets checked in srtp_protect(), - * srtp_unprotect(), srtp_protect_rtcp(), and srtp_unprotect_rtcp(), and - * gets set appropriately if it is set to unknown. - */ - srtp->direction = dir_unknown; + /* initialize extensions header cipher */ + stat = srtp_cipher_init(session_keys->rtp_xtn_hdr_cipher, tmp_key); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; + } - /* initialize SRTCP replay database */ - srtp_rdb_init(&srtp->rtcp_rdb); + if (xtn_hdr_kdf != &kdf) { + /* release memory for custom header extension encryption kdf */ + stat = srtp_kdf_clear(xtn_hdr_kdf); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; + } + } + } - /* initialize allow_repeat_tx */ - /* guard against uninitialized memory: allow only 0 or 1 here */ - if (p->allow_repeat_tx != 0 && p->allow_repeat_tx != 1) { - srtp_rdbx_dealloc(&srtp->rtp_rdbx); - return srtp_err_status_bad_param; - } - srtp->allow_repeat_tx = p->allow_repeat_tx; - - /* DAM - no RTCP key limit at present */ - - /* initialize keys */ - err = srtp_stream_init_all_master_keys(srtp, p->key, p->keys, p->num_master_keys); - if (err) { - srtp_rdbx_dealloc(&srtp->rtp_rdbx); - return err; - } - - /* - * if EKT is in use, then initialize the EKT data associated with - * the stream - */ - err = srtp_ekt_stream_init_from_policy(srtp->ekt, p->ekt); - if (err) { - srtp_rdbx_dealloc(&srtp->rtp_rdbx); - return err; - } - - return srtp_err_status_ok; - } - - - /* - * srtp_event_reporter is an event handler function that merely - * reports the events that are reported by the callbacks - */ - - void - srtp_event_reporter(srtp_event_data_t *data) { - - srtp_err_report(srtp_err_level_warning, "srtp: in stream 0x%x: ", - data->ssrc); - - switch(data->event) { - case event_ssrc_collision: - srtp_err_report(srtp_err_level_warning, "\tSSRC collision\n"); - break; - case event_key_soft_limit: - srtp_err_report(srtp_err_level_warning, "\tkey usage soft limit reached\n"); - break; - case event_key_hard_limit: - srtp_err_report(srtp_err_level_warning, "\tkey usage hard limit reached\n"); - break; - case event_packet_index_limit: - srtp_err_report(srtp_err_level_warning, "\tpacket index limit reached\n"); - break; - default: - srtp_err_report(srtp_err_level_warning, "\tunknown event reported to handler\n"); - } - } - - /* - * srtp_event_handler is a global variable holding a pointer to the - * event handler function; this function is called for any unexpected - * event that needs to be handled out of the SRTP data path. see - * srtp_event_t in srtp.h for more info - * - * it is okay to set srtp_event_handler to NULL, but we set - * it to the srtp_event_reporter. - */ - - static srtp_event_handler_func_t *srtp_event_handler = srtp_event_reporter; - - srtp_err_status_t - srtp_install_event_handler(srtp_event_handler_func_t func) { - - /* - * note that we accept NULL arguments intentionally - calling this - * function with a NULL arguments removes an event handler that's - * been previously installed - */ + /* generate authentication key */ + stat = srtp_kdf_generate(&kdf, label_rtp_msg_auth, tmp_key, + srtp_auth_get_key_length(session_keys->rtp_auth)); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; + } + debug_print(mod_srtp, "auth key: %s", + srtp_octet_string_hex_string( + tmp_key, srtp_auth_get_key_length(session_keys->rtp_auth))); - /* set global event handling function */ - srtp_event_handler = func; - return srtp_err_status_ok; - } + /* initialize auth function */ + stat = srtp_auth_init(session_keys->rtp_auth, tmp_key); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; + } + /* + * ...now initialize SRTCP keys + */ -/* - * Check if the given extension header id is / should be encrypted. - * Returns 1 if yes, otherwise 0. - */ -static int -srtp_protect_extension_header(srtp_stream_ctx_t *stream, int id) { - int* enc_xtn_hdr = stream->enc_xtn_hdr; - int count = stream->enc_xtn_hdr_count; + rtcp_base_key_len = + base_key_length(session_keys->rtcp_cipher->type, rtcp_keylen); + rtcp_salt_len = rtcp_keylen - rtcp_base_key_len; + debug_print(mod_srtp, "rtcp salt len: %d", rtcp_salt_len); - if (!enc_xtn_hdr || count <= 0) { - return 0; - } + /* generate encryption key */ + stat = srtp_kdf_generate(&kdf, label_rtcp_encryption, tmp_key, + rtcp_base_key_len); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; + } + + /* + * if the cipher in the srtp context uses a salt, then we need + * to generate the salt value + */ + if (rtcp_salt_len > 0) { + debug_print(mod_srtp, "found rtcp_salt_len > 0, generating rtcp salt", + NULL); + + /* generate encryption salt, put after encryption key */ + stat = srtp_kdf_generate(&kdf, label_rtcp_salt, + tmp_key + rtcp_base_key_len, rtcp_salt_len); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; + } + memcpy(session_keys->c_salt, tmp_key + rtcp_base_key_len, + SRTP_AEAD_SALT_LEN); + } + debug_print(mod_srtp, "rtcp cipher key: %s", + srtp_octet_string_hex_string(tmp_key, rtcp_base_key_len)); + if (rtcp_salt_len > 0) { + debug_print(mod_srtp, "rtcp cipher salt: %s", + srtp_octet_string_hex_string(tmp_key + rtcp_base_key_len, + rtcp_salt_len)); + } + + /* initialize cipher */ + stat = srtp_cipher_init(session_keys->rtcp_cipher, tmp_key); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; + } + + /* generate authentication key */ + stat = srtp_kdf_generate(&kdf, label_rtcp_msg_auth, tmp_key, + srtp_auth_get_key_length(session_keys->rtcp_auth)); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; + } + + debug_print( + mod_srtp, "rtcp auth key: %s", + srtp_octet_string_hex_string( + tmp_key, srtp_auth_get_key_length(session_keys->rtcp_auth))); - while (count > 0) { - if (*enc_xtn_hdr == id) { - return 1; + /* initialize auth function */ + stat = srtp_auth_init(session_keys->rtcp_auth, tmp_key); + if (stat) { + /* zeroize temp buffer */ + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + return srtp_err_status_init_fail; } - enc_xtn_hdr++; - count--; - } - return 0; + /* clear memory then return */ + stat = srtp_kdf_clear(&kdf); + octet_string_set_to_zero(tmp_key, MAX_SRTP_KEY_LEN); + if (stat) + return srtp_err_status_init_fail; + + return srtp_err_status_ok; } +srtp_err_status_t srtp_stream_init(srtp_stream_ctx_t *srtp, + const srtp_policy_t *p) +{ + srtp_err_status_t err; + + debug_print(mod_srtp, "initializing stream (SSRC: 0x%08x)", p->ssrc.value); + + /* initialize replay database */ + /* + * window size MUST be at least 64. MAY be larger. Values more than + * 2^15 aren't meaningful due to how extended sequence numbers are + * calculated. + * Let a window size of 0 imply the default value. + */ + + if (p->window_size != 0 && + (p->window_size < 64 || p->window_size >= 0x8000)) + return srtp_err_status_bad_param; + + if (p->window_size != 0) + err = srtp_rdbx_init(&srtp->rtp_rdbx, p->window_size); + else + err = srtp_rdbx_init(&srtp->rtp_rdbx, 128); + if (err) + return err; + + /* set the SSRC value */ + srtp->ssrc = htonl(p->ssrc.value); + + /* reset pending ROC */ + srtp->pending_roc = 0; + + /* set the security service flags */ + srtp->rtp_services = p->rtp.sec_serv; + srtp->rtcp_services = p->rtcp.sec_serv; + + /* + * set direction to unknown - this flag gets checked in srtp_protect(), + * srtp_unprotect(), srtp_protect_rtcp(), and srtp_unprotect_rtcp(), and + * gets set appropriately if it is set to unknown. + */ + srtp->direction = dir_unknown; + + /* initialize SRTCP replay database */ + srtp_rdb_init(&srtp->rtcp_rdb); + + /* initialize allow_repeat_tx */ + /* guard against uninitialized memory: allow only 0 or 1 here */ + if (p->allow_repeat_tx != 0 && p->allow_repeat_tx != 1) { + srtp_rdbx_dealloc(&srtp->rtp_rdbx); + return srtp_err_status_bad_param; + } + srtp->allow_repeat_tx = p->allow_repeat_tx; + + /* DAM - no RTCP key limit at present */ + + /* initialize keys */ + err = srtp_stream_init_all_master_keys(srtp, p->key, p->keys, + p->num_master_keys); + if (err) { + srtp_rdbx_dealloc(&srtp->rtp_rdbx); + return err; + } + + /* + * if EKT is in use, then initialize the EKT data associated with + * the stream + */ + err = srtp_ekt_stream_init_from_policy(srtp->ekt, p->ekt); + if (err) { + srtp_rdbx_dealloc(&srtp->rtp_rdbx); + return err; + } + + return srtp_err_status_ok; +} /* - * extensions header encryption RFC 6904 + * srtp_event_reporter is an event handler function that merely + * reports the events that are reported by the callbacks */ -static srtp_err_status_t -srtp_process_header_encryption(srtp_stream_ctx_t *stream, - srtp_hdr_xtnd_t *xtn_hdr, - srtp_session_keys_t *session_keys) { - srtp_err_status_t status; - uint8_t keystream[257]; /* Maximum 2 bytes header + 255 bytes data. */ - int keystream_pos; - uint8_t* xtn_hdr_data = ((uint8_t *)xtn_hdr) + octets_in_rtp_extn_hdr; - uint8_t* xtn_hdr_end = xtn_hdr_data + (ntohs(xtn_hdr->length) * sizeof(uint32_t)); - - if (ntohs(xtn_hdr->profile_specific) == 0xbede) { - /* RFC 5285, section 4.2. One-Byte Header */ - while (xtn_hdr_data < xtn_hdr_end) { - uint8_t xid = (*xtn_hdr_data & 0xf0) >> 4; - unsigned int xlen = (*xtn_hdr_data & 0x0f) + 1; - uint32_t xlen_with_header = 1+xlen; - xtn_hdr_data++; - if (xtn_hdr_data + xlen > xtn_hdr_end) - return srtp_err_status_parse_err; +void srtp_event_reporter(srtp_event_data_t *data) +{ + srtp_err_report(srtp_err_level_warning, "srtp: in stream 0x%x: ", + data->ssrc); - if (xid == 15) { - /* found header 15, stop further processing. */ + switch (data->event) { + case event_ssrc_collision: + srtp_err_report(srtp_err_level_warning, "\tSSRC collision\n"); + break; + case event_key_soft_limit: + srtp_err_report(srtp_err_level_warning, + "\tkey usage soft limit reached\n"); break; - } + case event_key_hard_limit: + srtp_err_report(srtp_err_level_warning, + "\tkey usage hard limit reached\n"); + break; + case event_packet_index_limit: + srtp_err_report(srtp_err_level_warning, + "\tpacket index limit reached\n"); + break; + default: + srtp_err_report(srtp_err_level_warning, + "\tunknown event reported to handler\n"); + } +} - status = srtp_cipher_output(session_keys->rtp_xtn_hdr_cipher, - keystream, &xlen_with_header); - if (status) - return srtp_err_status_cipher_fail; +/* + * srtp_event_handler is a global variable holding a pointer to the + * event handler function; this function is called for any unexpected + * event that needs to be handled out of the SRTP data path. see + * srtp_event_t in srtp.h for more info + * + * it is okay to set srtp_event_handler to NULL, but we set + * it to the srtp_event_reporter. + */ - if (srtp_protect_extension_header(stream, xid)) { - keystream_pos = 1; - while (xlen > 0) { - *xtn_hdr_data ^= keystream[keystream_pos++]; - xtn_hdr_data++; - xlen--; - } - } else { - xtn_hdr_data += xlen; - } - - /* skip padding bytes. */ - while (xtn_hdr_data < xtn_hdr_end && *xtn_hdr_data == 0) { - xtn_hdr_data++; - } - } - } else if ((ntohs(xtn_hdr->profile_specific) & 0x1fff) == 0x100) { - /* RFC 5285, section 4.3. Two-Byte Header */ - while (xtn_hdr_data + 1 < xtn_hdr_end) { - uint8_t xid = *xtn_hdr_data; - unsigned int xlen = *(xtn_hdr_data+1); - uint32_t xlen_with_header = 2+xlen; - xtn_hdr_data += 2; +static srtp_event_handler_func_t *srtp_event_handler = srtp_event_reporter; - if (xtn_hdr_data + xlen > xtn_hdr_end) - return srtp_err_status_parse_err; +srtp_err_status_t srtp_install_event_handler(srtp_event_handler_func_t func) +{ + /* + * note that we accept NULL arguments intentionally - calling this + * function with a NULL arguments removes an event handler that's + * been previously installed + */ - status = srtp_cipher_output(session_keys->rtp_xtn_hdr_cipher, - keystream, &xlen_with_header); - if (status) - return srtp_err_status_cipher_fail; + /* set global event handling function */ + srtp_event_handler = func; + return srtp_err_status_ok; +} + +/* + * Check if the given extension header id is / should be encrypted. + * Returns 1 if yes, otherwise 0. + */ +static int srtp_protect_extension_header(srtp_stream_ctx_t *stream, int id) +{ + int *enc_xtn_hdr = stream->enc_xtn_hdr; + int count = stream->enc_xtn_hdr_count; - if (xlen > 0 && srtp_protect_extension_header(stream, xid)) { - keystream_pos = 2; - while (xlen > 0) { - *xtn_hdr_data ^= keystream[keystream_pos++]; - xtn_hdr_data++; - xlen--; - } - } else { - xtn_hdr_data += xlen; - } - - /* skip padding bytes. */ - while (xtn_hdr_data < xtn_hdr_end && *xtn_hdr_data == 0) { - xtn_hdr_data++; - } - } - } else { - /* unsupported extension header format. */ - return srtp_err_status_parse_err; - } + if (!enc_xtn_hdr || count <= 0) { + return 0; + } + + while (count > 0) { + if (*enc_xtn_hdr == id) { + return 1; + } - return srtp_err_status_ok; + enc_xtn_hdr++; + count--; + } + return 0; } +/* + * extensions header encryption RFC 6904 + */ +static srtp_err_status_t srtp_process_header_encryption( + srtp_stream_ctx_t *stream, + srtp_hdr_xtnd_t *xtn_hdr, + srtp_session_keys_t *session_keys) +{ + srtp_err_status_t status; + uint8_t keystream[257]; /* Maximum 2 bytes header + 255 bytes data. */ + int keystream_pos; + uint8_t *xtn_hdr_data = ((uint8_t *)xtn_hdr) + octets_in_rtp_extn_hdr; + uint8_t *xtn_hdr_end = + xtn_hdr_data + (ntohs(xtn_hdr->length) * sizeof(uint32_t)); + + if (ntohs(xtn_hdr->profile_specific) == 0xbede) { + /* RFC 5285, section 4.2. One-Byte Header */ + while (xtn_hdr_data < xtn_hdr_end) { + uint8_t xid = (*xtn_hdr_data & 0xf0) >> 4; + unsigned int xlen = (*xtn_hdr_data & 0x0f) + 1; + uint32_t xlen_with_header = 1 + xlen; + xtn_hdr_data++; + + if (xtn_hdr_data + xlen > xtn_hdr_end) + return srtp_err_status_parse_err; + + if (xid == 15) { + /* found header 15, stop further processing. */ + break; + } + + status = srtp_cipher_output(session_keys->rtp_xtn_hdr_cipher, + keystream, &xlen_with_header); + if (status) + return srtp_err_status_cipher_fail; + + if (srtp_protect_extension_header(stream, xid)) { + keystream_pos = 1; + while (xlen > 0) { + *xtn_hdr_data ^= keystream[keystream_pos++]; + xtn_hdr_data++; + xlen--; + } + } else { + xtn_hdr_data += xlen; + } + + /* skip padding bytes. */ + while (xtn_hdr_data < xtn_hdr_end && *xtn_hdr_data == 0) { + xtn_hdr_data++; + } + } + } else if ((ntohs(xtn_hdr->profile_specific) & 0x1fff) == 0x100) { + /* RFC 5285, section 4.3. Two-Byte Header */ + while (xtn_hdr_data + 1 < xtn_hdr_end) { + uint8_t xid = *xtn_hdr_data; + unsigned int xlen = *(xtn_hdr_data + 1); + uint32_t xlen_with_header = 2 + xlen; + xtn_hdr_data += 2; + + if (xtn_hdr_data + xlen > xtn_hdr_end) + return srtp_err_status_parse_err; + + status = srtp_cipher_output(session_keys->rtp_xtn_hdr_cipher, + keystream, &xlen_with_header); + if (status) + return srtp_err_status_cipher_fail; + + if (xlen > 0 && srtp_protect_extension_header(stream, xid)) { + keystream_pos = 2; + while (xlen > 0) { + *xtn_hdr_data ^= keystream[keystream_pos++]; + xtn_hdr_data++; + xlen--; + } + } else { + xtn_hdr_data += xlen; + } + + /* skip padding bytes. */ + while (xtn_hdr_data < xtn_hdr_end && *xtn_hdr_data == 0) { + xtn_hdr_data++; + } + } + } else { + /* unsupported extension header format. */ + return srtp_err_status_parse_err; + } + + return srtp_err_status_ok; +} /* * AEAD uses a new IV formation method. This function implements @@ -1464,7 +1483,7 @@ * +--+--+--+--+--+--+--+--+--+--+--+--+* * * Input: *session_keys - pointer to SRTP stream context session keys, - * used to retrieve the SALT + * used to retrieve the SALT * *iv - Pointer to receive the calculated IV * *seq - The ROC and SEQ value to use for the * IV calculation. @@ -1472,19 +1491,20 @@ * */ -static void srtp_calc_aead_iv(srtp_session_keys_t *session_keys, v128_t *iv, - srtp_xtd_seq_num_t *seq, srtp_hdr_t *hdr) +static void srtp_calc_aead_iv(srtp_session_keys_t *session_keys, + v128_t *iv, + srtp_xtd_seq_num_t *seq, + srtp_hdr_t *hdr) { - v128_t in; - v128_t salt; + v128_t in; + v128_t salt; #ifdef NO_64BIT_MATH - uint32_t local_roc = ((high32(*seq) << 16) | - (low32(*seq) >> 16)); - uint16_t local_seq = (uint16_t) (low32(*seq)); + uint32_t local_roc = ((high32(*seq) << 16) | (low32(*seq) >> 16)); + uint16_t local_seq = (uint16_t)(low32(*seq)); #else uint32_t local_roc = (uint32_t)(*seq >> 16); - uint16_t local_seq = (uint16_t) *seq; + uint16_t local_seq = (uint16_t)*seq; #endif memset(&in, 0, sizeof(v128_t)); @@ -1512,149 +1532,145 @@ v128_xor(iv, &in, &salt); } +srtp_session_keys_t *srtp_get_session_keys(srtp_stream_ctx_t *stream, + uint8_t *hdr, + const unsigned int *pkt_octet_len, + unsigned int *mki_size) +{ + unsigned int base_mki_start_location = *pkt_octet_len; + unsigned int mki_start_location = 0; + unsigned int tag_len = 0; + unsigned int i = 0; + + // Determine the authentication tag size + if (stream->session_keys[0].rtp_cipher->algorithm == SRTP_AES_GCM_128 || + stream->session_keys[0].rtp_cipher->algorithm == SRTP_AES_GCM_256) { + tag_len = 0; + } else { + tag_len = srtp_auth_get_tag_length(stream->session_keys[0].rtp_auth); + } + + if (tag_len > base_mki_start_location) { + *mki_size = 0; + return NULL; + } + + base_mki_start_location -= tag_len; + + for (i = 0; i < stream->num_master_keys; i++) { + if (stream->session_keys[i].mki_size != 0 && + stream->session_keys[i].mki_size <= base_mki_start_location) { + *mki_size = stream->session_keys[i].mki_size; + mki_start_location = base_mki_start_location - *mki_size; + + if (memcmp(hdr + mki_start_location, stream->session_keys[i].mki_id, + *mki_size) == 0) { + return &stream->session_keys[i]; + } + } + } + + *mki_size = 0; + return NULL; +} -srtp_session_keys_t* -srtp_get_session_keys(srtp_stream_ctx_t *stream, uint8_t* hdr, - const unsigned int* pkt_octet_len, - unsigned int* mki_size) { - unsigned int base_mki_start_location = *pkt_octet_len; - unsigned int mki_start_location = 0; - unsigned int tag_len = 0; - unsigned int i = 0; - - // Determine the authentication tag size - if (stream->session_keys[0].rtp_cipher->algorithm == SRTP_AES_GCM_128 || - stream->session_keys[0].rtp_cipher->algorithm == SRTP_AES_GCM_256) { - tag_len = 0; - } else { - tag_len = srtp_auth_get_tag_length(stream->session_keys[0].rtp_auth); - } - - if (tag_len > base_mki_start_location) { - *mki_size = 0; - return NULL; - } - - base_mki_start_location -= tag_len; - - for (i = 0; i < stream->num_master_keys; i++) { - if (stream->session_keys[i].mki_size != 0) { - *mki_size = stream->session_keys[i].mki_size; - mki_start_location = base_mki_start_location - *mki_size; - - if ( mki_start_location >= *mki_size && - memcmp(hdr + mki_start_location, stream->session_keys[i].mki_id, *mki_size) == 0 ) { - return &stream->session_keys[i]; - } - } - } - - *mki_size = 0; - return NULL; -} - -static srtp_err_status_t -srtp_estimate_index(srtp_rdbx_t *rdbx, - uint32_t roc, - srtp_xtd_seq_num_t *est, - srtp_sequence_number_t seq, - int *delta) +static srtp_err_status_t srtp_estimate_index(srtp_rdbx_t *rdbx, + uint32_t roc, + srtp_xtd_seq_num_t *est, + srtp_sequence_number_t seq, + int *delta) { #ifdef NO_64BIT_MATH - uint32_t internal_pkt_idx_reduced; - uint32_t external_pkt_idx_reduced; - uint32_t internal_roc; - uint32_t roc_difference; + uint32_t internal_pkt_idx_reduced; + uint32_t external_pkt_idx_reduced; + uint32_t internal_roc; + uint32_t roc_difference; #endif #ifdef NO_64BIT_MATH - *est = (srtp_xtd_seq_num_t)make64(roc >> 16, (roc << 16) | seq); - *delta = low32(est) - rdbx->index; + *est = (srtp_xtd_seq_num_t)make64(roc >> 16, (roc << 16) | seq); + *delta = low32(est) - rdbx->index; #else - *est = (srtp_xtd_seq_num_t)(((uint64_t)roc) << 16) | seq; - *delta = (int)(*est - rdbx->index); + *est = (srtp_xtd_seq_num_t)(((uint64_t)roc) << 16) | seq; + *delta = (int)(*est - rdbx->index); #endif - if (*est > rdbx->index) { + if (*est > rdbx->index) { #ifdef NO_64BIT_MATH - internal_roc = (uint32_t)(rdbx->index >> 16); - roc_difference = roc - internal_roc; - if (roc_difference > 1) { - *delta = 0; - return srtp_err_status_pkt_idx_adv; - } + internal_roc = (uint32_t)(rdbx->index >> 16); + roc_difference = roc - internal_roc; + if (roc_difference > 1) { + *delta = 0; + return srtp_err_status_pkt_idx_adv; + } - internal_pkt_idx_reduced = (uint32_t)(rdbx->index & 0xFFFF); - external_pkt_idx_reduced = (uint32_t)((roc_difference << 16) | seq); - - if (external_pkt_idx_reduced - internal_pkt_idx_reduced > - seq_num_median) { - *delta = 0; - return srtp_err_status_pkt_idx_adv; - } + internal_pkt_idx_reduced = (uint32_t)(rdbx->index & 0xFFFF); + external_pkt_idx_reduced = (uint32_t)((roc_difference << 16) | seq); + + if (external_pkt_idx_reduced - internal_pkt_idx_reduced > + seq_num_median) { + *delta = 0; + return srtp_err_status_pkt_idx_adv; + } #else - if (*est - rdbx->index > seq_num_median) { - *delta = 0; - return srtp_err_status_pkt_idx_adv; - } + if (*est - rdbx->index > seq_num_median) { + *delta = 0; + return srtp_err_status_pkt_idx_adv; + } #endif - } else if (*est < rdbx->index) { + } else if (*est < rdbx->index) { #ifdef NO_64BIT_MATH - internal_roc = (uint32_t)(rdbx->index >> 16); - roc_difference = internal_roc - roc; - if (roc_difference > 1) { - *delta = 0; - return srtp_err_status_pkt_idx_adv; - } + internal_roc = (uint32_t)(rdbx->index >> 16); + roc_difference = internal_roc - roc; + if (roc_difference > 1) { + *delta = 0; + return srtp_err_status_pkt_idx_adv; + } - internal_pkt_idx_reduced = - (uint32_t)((roc_difference << 16) | rdbx->index & 0xFFFF); - external_pkt_idx_reduced = (uint32_t)(seq); - - if (internal_pkt_idx_reduced - external_pkt_idx_reduced > - seq_num_median) { - *delta = 0; - return srtp_err_status_pkt_idx_old; - } + internal_pkt_idx_reduced = + (uint32_t)((roc_difference << 16) | rdbx->index & 0xFFFF); + external_pkt_idx_reduced = (uint32_t)(seq); + + if (internal_pkt_idx_reduced - external_pkt_idx_reduced > + seq_num_median) { + *delta = 0; + return srtp_err_status_pkt_idx_old; + } #else - if (rdbx->index - *est > seq_num_median) { - *delta = 0; - return srtp_err_status_pkt_idx_old; - } + if (rdbx->index - *est > seq_num_median) { + *delta = 0; + return srtp_err_status_pkt_idx_old; + } #endif - } + } - return srtp_err_status_ok; + return srtp_err_status_ok; } -static srtp_err_status_t -srtp_get_est_pkt_index(srtp_hdr_t *hdr, - srtp_stream_ctx_t *stream, - srtp_xtd_seq_num_t *est, - int *delta) -{ - srtp_err_status_t result = srtp_err_status_ok; - - if (stream->pending_roc) { - result = srtp_estimate_index(&stream->rtp_rdbx, - stream->pending_roc, - est, - ntohs(hdr->seq), - delta); - } else { - /* estimate packet index from seq. num. in header */ - *delta = srtp_rdbx_estimate_index(&stream->rtp_rdbx, - est, - ntohs(hdr->seq)); - } +static srtp_err_status_t srtp_get_est_pkt_index(srtp_hdr_t *hdr, + srtp_stream_ctx_t *stream, + srtp_xtd_seq_num_t *est, + int *delta) +{ + srtp_err_status_t result = srtp_err_status_ok; + + if (stream->pending_roc) { + result = srtp_estimate_index(&stream->rtp_rdbx, stream->pending_roc, + est, ntohs(hdr->seq), delta); + } else { + /* estimate packet index from seq. num. in header */ + *delta = + srtp_rdbx_estimate_index(&stream->rtp_rdbx, est, ntohs(hdr->seq)); + } #ifdef NO_64BIT_MATH - debug_print2(mod_srtp, "estimated u_packet index: %08x%08x", high32(*est), low32(*est)); + debug_print2(mod_srtp, "estimated u_packet index: %08x%08x", high32(*est), + low32(*est)); #else - debug_print(mod_srtp, "estimated u_packet index: %016llx", *est); + debug_print(mod_srtp, "estimated u_packet index: %016llx", *est); #endif - return result; + return result; } /* @@ -1662,16 +1678,18 @@ * which currently supports AES-GCM encryption. All packets are * encrypted and authenticated. */ -static srtp_err_status_t -srtp_protect_aead (srtp_ctx_t *ctx, srtp_stream_ctx_t *stream, - void *rtp_hdr, unsigned int *pkt_octet_len, - srtp_session_keys_t *session_keys, unsigned int use_mki) -{ - srtp_hdr_t *hdr = (srtp_hdr_t*)rtp_hdr; - uint32_t *enc_start; /* pointer to start of encrypted portion */ - int enc_octet_len = 0; /* number of octets in encrypted portion */ - srtp_xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */ - int delta; /* delta of local pkt idx and that in hdr */ +static srtp_err_status_t srtp_protect_aead(srtp_ctx_t *ctx, + srtp_stream_ctx_t *stream, + void *rtp_hdr, + unsigned int *pkt_octet_len, + srtp_session_keys_t *session_keys, + unsigned int use_mki) +{ + srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr; + uint32_t *enc_start; /* pointer to start of encrypted portion */ + int enc_octet_len = 0; /* number of octets in encrypted portion */ + srtp_xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */ + int delta; /* delta of local pkt idx and that in hdr */ srtp_err_status_t status; uint32_t tag_len; v128_t iv; @@ -1708,17 +1726,18 @@ * extension, if present; otherwise, it starts after the last csrc, * if any are present */ - enc_start = (uint32_t*)hdr + uint32s_in_rtp_header + hdr->cc; - if (hdr->x == 1) { - xtn_hdr = (srtp_hdr_xtnd_t*)enc_start; - enc_start += (ntohs(xtn_hdr->length) + 1); - } - /* note: the passed size is without the auth tag */ - if (!((uint8_t*)enc_start <= (uint8_t*)hdr + *pkt_octet_len)) - return srtp_err_status_parse_err; - enc_octet_len = (int)(*pkt_octet_len - - ((uint8_t*)enc_start - (uint8_t*)hdr)); - if (enc_octet_len < 0) return srtp_err_status_parse_err; + enc_start = (uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc; + if (hdr->x == 1) { + xtn_hdr = (srtp_hdr_xtnd_t *)enc_start; + enc_start += (ntohs(xtn_hdr->length) + 1); + } + /* note: the passed size is without the auth tag */ + if (!((uint8_t *)enc_start <= (uint8_t *)hdr + *pkt_octet_len)) + return srtp_err_status_parse_err; + enc_octet_len = + (int)(*pkt_octet_len - ((uint8_t *)enc_start - (uint8_t *)hdr)); + if (enc_octet_len < 0) + return srtp_err_status_parse_err; /* * estimate the packet index using the start of the replay window @@ -1727,16 +1746,16 @@ delta = srtp_rdbx_estimate_index(&stream->rtp_rdbx, &est, ntohs(hdr->seq)); status = srtp_rdbx_check(&stream->rtp_rdbx, delta); if (status) { - if (status != srtp_err_status_replay_fail || !stream->allow_repeat_tx) { - return status; /* we've been asked to reuse an index */ - } + if (status != srtp_err_status_replay_fail || !stream->allow_repeat_tx) { + return status; /* we've been asked to reuse an index */ + } } else { - srtp_rdbx_add_index(&stream->rtp_rdbx, delta); + srtp_rdbx_add_index(&stream->rtp_rdbx, delta); } #ifdef NO_64BIT_MATH - debug_print2(mod_srtp, "estimated packet index: %08x%08x", - high32(est), low32(est)); + debug_print2(mod_srtp, "estimated packet index: %08x%08x", high32(est), + low32(est)); #else debug_print(mod_srtp, "estimated packet index: %016llx", est); #endif @@ -1745,50 +1764,50 @@ * AEAD uses a new IV formation method */ srtp_calc_aead_iv(session_keys, &iv, &est, hdr); - /* shift est, put into network byte order */ +/* shift est, put into network byte order */ #ifdef NO_64BIT_MATH - est = be64_to_cpu(make64((high32(est) << 16) | - (low32(est) >> 16), - low32(est) << 16)); + est = be64_to_cpu( + make64((high32(est) << 16) | (low32(est) >> 16), low32(est) << 16)); #else est = be64_to_cpu(est << 16); #endif - status = srtp_cipher_set_iv(session_keys->rtp_cipher, - (uint8_t*)&iv, srtp_direction_encrypt); + status = srtp_cipher_set_iv(session_keys->rtp_cipher, (uint8_t *)&iv, + srtp_direction_encrypt); if (!status && session_keys->rtp_xtn_hdr_cipher) { - iv.v32[0] = 0; - iv.v32[1] = hdr->ssrc; - iv.v64[1] = est; - status = srtp_cipher_set_iv(session_keys->rtp_xtn_hdr_cipher, - (uint8_t*)&iv, srtp_direction_encrypt); + iv.v32[0] = 0; + iv.v32[1] = hdr->ssrc; + iv.v64[1] = est; + status = srtp_cipher_set_iv(session_keys->rtp_xtn_hdr_cipher, + (uint8_t *)&iv, srtp_direction_encrypt); } if (status) { return srtp_err_status_cipher_fail; } if (xtn_hdr && session_keys->rtp_xtn_hdr_cipher) { - /* - * extensions header encryption RFC 6904 - */ - status = srtp_process_header_encryption(stream, xtn_hdr, session_keys); - if (status) { - return status; - } + /* + * extensions header encryption RFC 6904 + */ + status = srtp_process_header_encryption(stream, xtn_hdr, session_keys); + if (status) { + return status; + } } /* - * Set the AAD over the RTP header + * Set the AAD over the RTP header */ aad_len = (uint8_t *)enc_start - (uint8_t *)hdr; - status = srtp_cipher_set_aad(session_keys->rtp_cipher, (uint8_t*)hdr, aad_len); + status = + srtp_cipher_set_aad(session_keys->rtp_cipher, (uint8_t *)hdr, aad_len); if (status) { - return ( srtp_err_status_cipher_fail); + return (srtp_err_status_cipher_fail); } /* Encrypt the payload */ - status = srtp_cipher_encrypt(session_keys->rtp_cipher, - (uint8_t*)enc_start, (unsigned int *)&enc_octet_len); + status = srtp_cipher_encrypt(session_keys->rtp_cipher, (uint8_t *)enc_start, + (unsigned int *)&enc_octet_len); if (status) { return srtp_err_status_cipher_fail; } @@ -1796,10 +1815,11 @@ * If we're doing GCM, we need to get the tag * and append that to the output */ - status = srtp_cipher_get_tag(session_keys->rtp_cipher, - (uint8_t*)enc_start+enc_octet_len, &tag_len); + status = + srtp_cipher_get_tag(session_keys->rtp_cipher, + (uint8_t *)enc_start + enc_octet_len, &tag_len); if (status) { - return ( srtp_err_status_cipher_fail); + return (srtp_err_status_cipher_fail); } mki_location = (uint8_t *)hdr + *pkt_octet_len + tag_len; @@ -1814,7 +1834,6 @@ return srtp_err_status_ok; } - /* * This function handles incoming SRTP packets while in AEAD mode, * which currently supports AES-GCM encryption. All packets are @@ -1822,13 +1841,17 @@ * of the packet stream and is automatically checked by GCM * when decrypting the payload. */ -static srtp_err_status_t -srtp_unprotect_aead (srtp_ctx_t *ctx, srtp_stream_ctx_t *stream, int delta, - srtp_xtd_seq_num_t est, void *srtp_hdr, unsigned int *pkt_octet_len, - srtp_session_keys_t *session_keys, unsigned int mki_size) +static srtp_err_status_t srtp_unprotect_aead(srtp_ctx_t *ctx, + srtp_stream_ctx_t *stream, + int delta, + srtp_xtd_seq_num_t est, + void *srtp_hdr, + unsigned int *pkt_octet_len, + srtp_session_keys_t *session_keys, + unsigned int mki_size) { - srtp_hdr_t *hdr = (srtp_hdr_t*)srtp_hdr; - uint32_t *enc_start; /* pointer to start of encrypted portion */ + srtp_hdr_t *hdr = (srtp_hdr_t *)srtp_hdr; + uint32_t *enc_start; /* pointer to start of encrypted portion */ unsigned int enc_octet_len = 0; /* number of octets in encrypted portion */ v128_t iv; srtp_err_status_t status; @@ -1839,7 +1862,8 @@ debug_print(mod_srtp, "function srtp_unprotect_aead", NULL); #ifdef NO_64BIT_MATH - debug_print2(mod_srtp, "estimated u_packet index: %08x%08x", high32(est), low32(est)); + debug_print2(mod_srtp, "estimated u_packet index: %08x%08x", high32(est), + low32(est)); #else debug_print(mod_srtp, "estimated u_packet index: %016llx", est); #endif @@ -1848,21 +1872,22 @@ tag_len = srtp_auth_get_tag_length(session_keys->rtp_auth); /* - * AEAD uses a new IV formation method + * AEAD uses a new IV formation method */ srtp_calc_aead_iv(session_keys, &iv, &est, hdr); - status = srtp_cipher_set_iv(session_keys->rtp_cipher, - (uint8_t*)&iv, srtp_direction_decrypt); + status = srtp_cipher_set_iv(session_keys->rtp_cipher, (uint8_t *)&iv, + srtp_direction_decrypt); if (!status && session_keys->rtp_xtn_hdr_cipher) { - iv.v32[0] = 0; - iv.v32[1] = hdr->ssrc; + iv.v32[0] = 0; + iv.v32[1] = hdr->ssrc; #ifdef NO_64BIT_MATH - iv.v64[1] = be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16), - low32(est) << 16)); + iv.v64[1] = be64_to_cpu( + make64((high32(est) << 16) | (low32(est) >> 16), low32(est) << 16)); #else - iv.v64[1] = be64_to_cpu(est << 16); + iv.v64[1] = be64_to_cpu(est << 16); #endif - status = srtp_cipher_set_iv(session_keys->rtp_xtn_hdr_cipher, (uint8_t*)&iv, srtp_direction_encrypt); + status = srtp_cipher_set_iv(session_keys->rtp_xtn_hdr_cipher, + (uint8_t *)&iv, srtp_direction_encrypt); } if (status) { return srtp_err_status_cipher_fail; @@ -1874,25 +1899,26 @@ * extension, if present; otherwise, it starts after the last csrc, * if any are present */ - enc_start = (uint32_t*)hdr + uint32s_in_rtp_header + hdr->cc; + enc_start = (uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc; if (hdr->x == 1) { - xtn_hdr = (srtp_hdr_xtnd_t*)enc_start; + xtn_hdr = (srtp_hdr_xtnd_t *)enc_start; enc_start += (ntohs(xtn_hdr->length) + 1); } - if (!((uint8_t*)enc_start <= (uint8_t*)hdr + (*pkt_octet_len - tag_len - mki_size))) + if (!((uint8_t *)enc_start <= + (uint8_t *)hdr + (*pkt_octet_len - tag_len - mki_size))) return srtp_err_status_parse_err; /* - * We pass the tag down to the cipher when doing GCM mode + * We pass the tag down to the cipher when doing GCM mode */ enc_octet_len = (unsigned int)(*pkt_octet_len - mki_size - - ((uint8_t*)enc_start - (uint8_t*)hdr)); + ((uint8_t *)enc_start - (uint8_t *)hdr)); /* * Sanity check the encrypted payload length against * the tag size. It must always be at least as large * as the tag length. */ - if (enc_octet_len < (unsigned int) tag_len) { + if (enc_octet_len < (unsigned int)tag_len) { return srtp_err_status_cipher_fail; } @@ -1918,27 +1944,28 @@ * Set the AAD for AES-GCM, which is the RTP header */ aad_len = (uint8_t *)enc_start - (uint8_t *)hdr; - status = srtp_cipher_set_aad(session_keys->rtp_cipher, (uint8_t*)hdr, aad_len); + status = + srtp_cipher_set_aad(session_keys->rtp_cipher, (uint8_t *)hdr, aad_len); if (status) { - return ( srtp_err_status_cipher_fail); + return (srtp_err_status_cipher_fail); } /* Decrypt the ciphertext. This also checks the auth tag based * on the AAD we just specified above */ - status = srtp_cipher_decrypt(session_keys->rtp_cipher, - (uint8_t*)enc_start, &enc_octet_len); + status = srtp_cipher_decrypt(session_keys->rtp_cipher, (uint8_t *)enc_start, + &enc_octet_len); if (status) { return status; } if (xtn_hdr && session_keys->rtp_xtn_hdr_cipher) { - /* - * extensions header encryption RFC 6904 - */ - status = srtp_process_header_encryption(stream, xtn_hdr, session_keys); - if (status) { - return status; - } + /* + * extensions header encryption RFC 6904 + */ + status = srtp_process_header_encryption(stream, xtn_hdr, session_keys); + if (status) { + return status; + } } /* @@ -1974,7 +2001,8 @@ * stream, and some implementations will want to not return * failure here */ - status = srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); + status = + srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); if (status) { return status; } @@ -2002,724 +2030,730 @@ return srtp_err_status_ok; } +srtp_err_status_t srtp_protect(srtp_ctx_t *ctx, + void *rtp_hdr, + int *pkt_octet_len) +{ + return srtp_protect_mki(ctx, rtp_hdr, pkt_octet_len, 0, 0); +} - srtp_err_status_t - srtp_protect(srtp_ctx_t *ctx, void *rtp_hdr, int *pkt_octet_len) { - return srtp_protect_mki(ctx, rtp_hdr, pkt_octet_len, 0, 0); - } - -srtp_err_status_t -srtp_protect_mki(srtp_ctx_t *ctx, void *rtp_hdr, int *pkt_octet_len, - unsigned int use_mki, unsigned int mki_index ) { - srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr; - uint32_t *enc_start; /* pointer to start of encrypted portion */ - uint32_t *auth_start; /* pointer to start of auth. portion */ - int enc_octet_len = 0; /* number of octets in encrypted portion */ - srtp_xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */ - int delta; /* delta of local pkt idx and that in hdr */ - uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ - srtp_err_status_t status; - int tag_len; - srtp_stream_ctx_t *stream; - uint32_t prefix_len; - srtp_hdr_xtnd_t *xtn_hdr = NULL; - unsigned int mki_size = 0; - srtp_session_keys_t *session_keys = NULL; - uint8_t* mki_location = NULL; - int advance_packet_index = 0; - - debug_print(mod_srtp, "function srtp_protect", NULL); - - /* we assume the hdr is 32-bit aligned to start */ - - /* Verify RTP header */ - status = srtp_validate_rtp_header(rtp_hdr, pkt_octet_len); - if (status) - return status; - - /* check the packet length - it must at least contain a full header */ - if (*pkt_octet_len < octets_in_rtp_header) - return srtp_err_status_bad_param; - - /* - * look up ssrc in srtp_stream list, and process the packet with - * the appropriate stream. if we haven't seen this stream before, - * there's a template key for this srtp_session, and the cipher - * supports key-sharing, then we assume that a new stream using - * that key has just started up - */ - stream = srtp_get_stream(ctx, hdr->ssrc); - if (stream == NULL) { - if (ctx->stream_template != NULL) { - srtp_stream_ctx_t *new_stream; - - /* allocate and initialize a new stream */ - status = srtp_stream_clone(ctx->stream_template, - hdr->ssrc, &new_stream); - if (status) - return status; - - /* add new stream to the head of the stream_list */ - new_stream->next = ctx->stream_list; - ctx->stream_list = new_stream; - - /* set direction to outbound */ - new_stream->direction = dir_srtp_sender; - - /* set stream (the pointer used in this function) */ - stream = new_stream; - } else { - /* no template stream, so we return an error */ - return srtp_err_status_no_ctx; - } - } - - /* - * verify that stream is for sending traffic - this check will - * detect SSRC collisions, since a stream that appears in both - * srtp_protect() and srtp_unprotect() will fail this test in one of - * those functions. - */ +srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, + void *rtp_hdr, + int *pkt_octet_len, + unsigned int use_mki, + unsigned int mki_index) +{ + srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr; + uint32_t *enc_start; /* pointer to start of encrypted portion */ + uint32_t *auth_start; /* pointer to start of auth. portion */ + int enc_octet_len = 0; /* number of octets in encrypted portion */ + srtp_xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */ + int delta; /* delta of local pkt idx and that in hdr */ + uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ + srtp_err_status_t status; + int tag_len; + srtp_stream_ctx_t *stream; + uint32_t prefix_len; + srtp_hdr_xtnd_t *xtn_hdr = NULL; + unsigned int mki_size = 0; + srtp_session_keys_t *session_keys = NULL; + uint8_t *mki_location = NULL; + int advance_packet_index = 0; - if (stream->direction != dir_srtp_sender) { - if (stream->direction == dir_unknown) { - stream->direction = dir_srtp_sender; - } else { - srtp_handle_event(ctx, stream, event_ssrc_collision); - } - } - - session_keys = srtp_get_session_keys_with_mki_index(stream, use_mki, mki_index); - - /* - * Check if this is an AEAD stream (GCM mode). If so, then dispatch - * the request to our AEAD handler. - */ - if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || - session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { - return srtp_protect_aead(ctx, stream, rtp_hdr, - (unsigned int*)pkt_octet_len, session_keys, - use_mki); - } - - /* - * update the key usage limit, and check it to make sure that we - * didn't just hit either the soft limit or the hard limit, and call - * the event handler if we hit either. - */ - switch(srtp_key_limit_update(session_keys->limit)) { - case srtp_key_event_normal: - break; - case srtp_key_event_soft_limit: - srtp_handle_event(ctx, stream, event_key_soft_limit); - break; - case srtp_key_event_hard_limit: - srtp_handle_event(ctx, stream, event_key_hard_limit); - return srtp_err_status_key_expired; - default: - break; - } - - /* get tag length from stream */ - tag_len = srtp_auth_get_tag_length(session_keys->rtp_auth); - - /* - * find starting point for encryption and length of data to be - * encrypted - the encrypted portion starts after the rtp header - * extension, if present; otherwise, it starts after the last csrc, - * if any are present - * - * if we're not providing confidentiality, set enc_start to NULL - */ - if (stream->rtp_services & sec_serv_conf) { - enc_start = (uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc; - if (hdr->x == 1) { - xtn_hdr = (srtp_hdr_xtnd_t *)enc_start; - enc_start += (ntohs(xtn_hdr->length) + 1); - } - /* note: the passed size is without the auth tag */ - if (!((uint8_t*)enc_start <= (uint8_t*)hdr + *pkt_octet_len)) - return srtp_err_status_parse_err; - enc_octet_len = (int)(*pkt_octet_len - - ((uint8_t*)enc_start - (uint8_t*)hdr)); - if (enc_octet_len < 0) return srtp_err_status_parse_err; - } else { - enc_start = NULL; - } - - mki_location = (uint8_t *)hdr + *pkt_octet_len; - mki_size = srtp_inject_mki(mki_location, session_keys, use_mki); - - /* - * if we're providing authentication, set the auth_start and auth_tag - * pointers to the proper locations; otherwise, set auth_start to NULL - * to indicate that no authentication is needed - */ - if (stream->rtp_services & sec_serv_auth) { - auth_start = (uint32_t *)hdr; - auth_tag = (uint8_t *)hdr + *pkt_octet_len + mki_size; - } else { - auth_start = NULL; - auth_tag = NULL; - } - - /* - * estimate the packet index using the start of the replay window - * and the sequence number from the header - */ - status = srtp_get_est_pkt_index(hdr, - stream, - &est, - &delta); + debug_print(mod_srtp, "function srtp_protect", NULL); - if (status && (status != srtp_err_status_pkt_idx_adv)) - return status; + /* we assume the hdr is 32-bit aligned to start */ - if (status == srtp_err_status_pkt_idx_adv) - advance_packet_index = 1; + /* Verify RTP header */ + status = srtp_validate_rtp_header(rtp_hdr, pkt_octet_len); + if (status) + return status; - if (advance_packet_index) { - srtp_rdbx_set_roc_seq(&stream->rtp_rdbx, - (uint32_t)(est >> 16), - (uint16_t)(est & 0xFFFF)); - stream->pending_roc = 0; - srtp_rdbx_add_index(&stream->rtp_rdbx, 0); - } else { - status = srtp_rdbx_check(&stream->rtp_rdbx, delta); - if (status) { - if (status != srtp_err_status_replay_fail || !stream->allow_repeat_tx) - return status; /* we've been asked to reuse an index */ - } - srtp_rdbx_add_index(&stream->rtp_rdbx, delta); - } + /* check the packet length - it must at least contain a full header */ + if (*pkt_octet_len < octets_in_rtp_header) + return srtp_err_status_bad_param; -#ifdef NO_64BIT_MATH - debug_print2(mod_srtp, "estimated packet index: %08x%08x", - high32(est),low32(est)); -#else - debug_print(mod_srtp, "estimated packet index: %016llx", est); -#endif + /* + * look up ssrc in srtp_stream list, and process the packet with + * the appropriate stream. if we haven't seen this stream before, + * there's a template key for this srtp_session, and the cipher + * supports key-sharing, then we assume that a new stream using + * that key has just started up + */ + stream = srtp_get_stream(ctx, hdr->ssrc); + if (stream == NULL) { + if (ctx->stream_template != NULL) { + srtp_stream_ctx_t *new_stream; - /* - * if we're using rindael counter mode, set nonce and seq - */ - if (session_keys->rtp_cipher->type->id == SRTP_AES_ICM_128 || - session_keys->rtp_cipher->type->id == SRTP_AES_ICM_192 || - session_keys->rtp_cipher->type->id == SRTP_AES_ICM_256) { - v128_t iv; + /* allocate and initialize a new stream */ + status = + srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); + if (status) + return status; - iv.v32[0] = 0; - iv.v32[1] = hdr->ssrc; -#ifdef NO_64BIT_MATH - iv.v64[1] = be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16), - low32(est) << 16)); -#else - iv.v64[1] = be64_to_cpu(est << 16); -#endif - status = srtp_cipher_set_iv(session_keys->rtp_cipher, (uint8_t*)&iv, srtp_direction_encrypt); - if (!status && session_keys->rtp_xtn_hdr_cipher) { - status = srtp_cipher_set_iv(session_keys->rtp_xtn_hdr_cipher, (uint8_t*)&iv, srtp_direction_encrypt); - } - } else { - v128_t iv; + /* add new stream to the head of the stream_list */ + new_stream->next = ctx->stream_list; + ctx->stream_list = new_stream; - /* otherwise, set the index to est */ -#ifdef NO_64BIT_MATH - iv.v32[0] = 0; - iv.v32[1] = 0; -#else - iv.v64[0] = 0; -#endif - iv.v64[1] = be64_to_cpu(est); - status = srtp_cipher_set_iv(session_keys->rtp_cipher, (uint8_t*)&iv, srtp_direction_encrypt); - if (!status && session_keys->rtp_xtn_hdr_cipher) { - status = srtp_cipher_set_iv(session_keys->rtp_xtn_hdr_cipher, (uint8_t*)&iv, srtp_direction_encrypt); - } - } - if (status) - return srtp_err_status_cipher_fail; + /* set direction to outbound */ + new_stream->direction = dir_srtp_sender; - /* shift est, put into network byte order */ -#ifdef NO_64BIT_MATH - est = be64_to_cpu(make64((high32(est) << 16) | - (low32(est) >> 16), - low32(est) << 16)); -#else - est = be64_to_cpu(est << 16); -#endif - - /* - * if we're authenticating using a universal hash, put the keystream - * prefix into the authentication tag - */ - if (auth_start) { - - prefix_len = srtp_auth_get_prefix_length(session_keys->rtp_auth); - if (prefix_len) { - status = srtp_cipher_output(session_keys->rtp_cipher, auth_tag, &prefix_len); - if (status) - return srtp_err_status_cipher_fail; - debug_print(mod_srtp, "keystream prefix: %s", - srtp_octet_string_hex_string(auth_tag, prefix_len)); + /* set stream (the pointer used in this function) */ + stream = new_stream; + } else { + /* no template stream, so we return an error */ + return srtp_err_status_no_ctx; + } } - } - if (xtn_hdr && session_keys->rtp_xtn_hdr_cipher) { /* - * extensions header encryption RFC 6904 + * verify that stream is for sending traffic - this check will + * detect SSRC collisions, since a stream that appears in both + * srtp_protect() and srtp_unprotect() will fail this test in one of + * those functions. */ - status = srtp_process_header_encryption(stream, xtn_hdr, session_keys); - if (status) { - return status; - } - } - - /* if we're encrypting, exor keystream into the message */ - if (enc_start) { - status = srtp_cipher_encrypt(session_keys->rtp_cipher, - (uint8_t *)enc_start, (unsigned int *)&enc_octet_len); - if (status) - return srtp_err_status_cipher_fail; - } - - /* - * if we're authenticating, run authentication function and put result - * into the auth_tag - */ - if (auth_start) { - - /* initialize auth func context */ - status = srtp_auth_start(session_keys->rtp_auth); - if (status) return status; - /* run auth func over packet */ - status = srtp_auth_update(session_keys->rtp_auth, - (uint8_t *)auth_start, *pkt_octet_len); - if (status) return status; - - /* run auth func over ROC, put result into auth_tag */ - debug_print(mod_srtp, "estimated packet index: %016llx", est); - status = srtp_auth_compute(session_keys->rtp_auth, (uint8_t *)&est, 4, auth_tag); - debug_print(mod_srtp, "srtp auth tag: %s", - srtp_octet_string_hex_string(auth_tag, tag_len)); - if (status) - return srtp_err_status_auth_fail; + if (stream->direction != dir_srtp_sender) { + if (stream->direction == dir_unknown) { + stream->direction = dir_srtp_sender; + } else { + srtp_handle_event(ctx, stream, event_ssrc_collision); + } + } - } + session_keys = + srtp_get_session_keys_with_mki_index(stream, use_mki, mki_index); - if (auth_tag) { + if (session_keys == NULL) + return srtp_err_status_bad_mki; - /* increase the packet length by the length of the auth tag */ - *pkt_octet_len += tag_len; - } + /* + * Check if this is an AEAD stream (GCM mode). If so, then dispatch + * the request to our AEAD handler. + */ + if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || + session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { + return srtp_protect_aead(ctx, stream, rtp_hdr, + (unsigned int *)pkt_octet_len, session_keys, + use_mki); + } - if (use_mki) { - /* increate the packet length by the mki size */ - *pkt_octet_len += mki_size; - } + /* + * update the key usage limit, and check it to make sure that we + * didn't just hit either the soft limit or the hard limit, and call + * the event handler if we hit either. + */ + switch (srtp_key_limit_update(session_keys->limit)) { + case srtp_key_event_normal: + break; + case srtp_key_event_soft_limit: + srtp_handle_event(ctx, stream, event_key_soft_limit); + break; + case srtp_key_event_hard_limit: + srtp_handle_event(ctx, stream, event_key_hard_limit); + return srtp_err_status_key_expired; + default: + break; + } - return srtp_err_status_ok; -} + /* get tag length from stream */ + tag_len = srtp_auth_get_tag_length(session_keys->rtp_auth); + /* + * find starting point for encryption and length of data to be + * encrypted - the encrypted portion starts after the rtp header + * extension, if present; otherwise, it starts after the last csrc, + * if any are present + * + * if we're not providing confidentiality, set enc_start to NULL + */ + if (stream->rtp_services & sec_serv_conf) { + enc_start = (uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc; + if (hdr->x == 1) { + xtn_hdr = (srtp_hdr_xtnd_t *)enc_start; + enc_start += (ntohs(xtn_hdr->length) + 1); + } + /* note: the passed size is without the auth tag */ + if (!((uint8_t *)enc_start <= (uint8_t *)hdr + *pkt_octet_len)) + return srtp_err_status_parse_err; + enc_octet_len = + (int)(*pkt_octet_len - ((uint8_t *)enc_start - (uint8_t *)hdr)); + if (enc_octet_len < 0) + return srtp_err_status_parse_err; + } else { + enc_start = NULL; + } -srtp_err_status_t -srtp_unprotect(srtp_ctx_t *ctx, void *srtp_hdr, int *pkt_octet_len) { - return srtp_unprotect_mki(ctx, srtp_hdr, pkt_octet_len, 0); -} + mki_location = (uint8_t *)hdr + *pkt_octet_len; + mki_size = srtp_inject_mki(mki_location, session_keys, use_mki); -srtp_err_status_t -srtp_unprotect_mki(srtp_ctx_t *ctx, void *srtp_hdr, int *pkt_octet_len, - unsigned int use_mki) { - srtp_hdr_t *hdr = (srtp_hdr_t *)srtp_hdr; - uint32_t *enc_start; /* pointer to start of encrypted portion */ - uint32_t *auth_start; /* pointer to start of auth. portion */ - unsigned int enc_octet_len = 0;/* number of octets in encrypted portion */ - uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ - srtp_xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */ - int delta; /* delta of local pkt idx and that in hdr */ - v128_t iv; - srtp_err_status_t status; - srtp_stream_ctx_t *stream; - uint8_t tmp_tag[SRTP_MAX_TAG_LEN]; - uint32_t tag_len, prefix_len; - srtp_hdr_xtnd_t *xtn_hdr = NULL; - unsigned int mki_size = 0; - srtp_session_keys_t *session_keys = NULL; - int advance_packet_index = 0; - uint32_t roc_to_set = 0; - uint16_t seq_to_set = 0; - - debug_print(mod_srtp, "function srtp_unprotect", NULL); - - /* we assume the hdr is 32-bit aligned to start */ - - /* Verify RTP header */ - status = srtp_validate_rtp_header(srtp_hdr, pkt_octet_len); - if (status) - return status; + /* + * if we're providing authentication, set the auth_start and auth_tag + * pointers to the proper locations; otherwise, set auth_start to NULL + * to indicate that no authentication is needed + */ + if (stream->rtp_services & sec_serv_auth) { + auth_start = (uint32_t *)hdr; + auth_tag = (uint8_t *)hdr + *pkt_octet_len + mki_size; + } else { + auth_start = NULL; + auth_tag = NULL; + } + + /* + * estimate the packet index using the start of the replay window + * and the sequence number from the header + */ + status = srtp_get_est_pkt_index(hdr, stream, &est, &delta); + + if (status && (status != srtp_err_status_pkt_idx_adv)) + return status; + + if (status == srtp_err_status_pkt_idx_adv) + advance_packet_index = 1; + + if (advance_packet_index) { + srtp_rdbx_set_roc_seq(&stream->rtp_rdbx, (uint32_t)(est >> 16), + (uint16_t)(est & 0xFFFF)); + stream->pending_roc = 0; + srtp_rdbx_add_index(&stream->rtp_rdbx, 0); + } else { + status = srtp_rdbx_check(&stream->rtp_rdbx, delta); + if (status) { + if (status != srtp_err_status_replay_fail || + !stream->allow_repeat_tx) + return status; /* we've been asked to reuse an index */ + } + srtp_rdbx_add_index(&stream->rtp_rdbx, delta); + } - /* check the packet length - it must at least contain a full header */ - if (*pkt_octet_len < octets_in_rtp_header) - return srtp_err_status_bad_param; - - /* - * look up ssrc in srtp_stream list, and process the packet with - * the appropriate stream. if we haven't seen this stream before, - * there's only one key for this srtp_session, and the cipher - * supports key-sharing, then we assume that a new stream using - * that key has just started up - */ - stream = srtp_get_stream(ctx, hdr->ssrc); - if (stream == NULL) { - if (ctx->stream_template != NULL) { - stream = ctx->stream_template; - debug_print(mod_srtp, "using provisional stream (SSRC: 0x%08x)", - ntohl(hdr->ssrc)); - - /* - * set estimated packet index to sequence number from header, - * and set delta equal to the same value - */ #ifdef NO_64BIT_MATH - est = (srtp_xtd_seq_num_t) make64(0,ntohs(hdr->seq)); - delta = low32(est); + debug_print2(mod_srtp, "estimated packet index: %08x%08x", high32(est), + low32(est)); #else - est = (srtp_xtd_seq_num_t) ntohs(hdr->seq); - delta = (int)est; + debug_print(mod_srtp, "estimated packet index: %016llx", est); #endif + + /* + * if we're using rindael counter mode, set nonce and seq + */ + if (session_keys->rtp_cipher->type->id == SRTP_AES_ICM_128 || + session_keys->rtp_cipher->type->id == SRTP_AES_ICM_192 || + session_keys->rtp_cipher->type->id == SRTP_AES_ICM_256) { + v128_t iv; + + iv.v32[0] = 0; + iv.v32[1] = hdr->ssrc; +#ifdef NO_64BIT_MATH + iv.v64[1] = be64_to_cpu( + make64((high32(est) << 16) | (low32(est) >> 16), low32(est) << 16)); +#else + iv.v64[1] = be64_to_cpu(est << 16); +#endif + status = srtp_cipher_set_iv(session_keys->rtp_cipher, (uint8_t *)&iv, + srtp_direction_encrypt); + if (!status && session_keys->rtp_xtn_hdr_cipher) { + status = srtp_cipher_set_iv(session_keys->rtp_xtn_hdr_cipher, + (uint8_t *)&iv, srtp_direction_encrypt); + } } else { - - /* - * no stream corresponding to SSRC found, and we don't do - * key-sharing, so return an error - */ - return srtp_err_status_no_ctx; - } - } else { - status = srtp_get_est_pkt_index(hdr, - stream, - &est, - &delta); + v128_t iv; - if (status && (status != srtp_err_status_pkt_idx_adv)) - return status; +/* otherwise, set the index to est */ +#ifdef NO_64BIT_MATH + iv.v32[0] = 0; + iv.v32[1] = 0; +#else + iv.v64[0] = 0; +#endif + iv.v64[1] = be64_to_cpu(est); + status = srtp_cipher_set_iv(session_keys->rtp_cipher, (uint8_t *)&iv, + srtp_direction_encrypt); + if (!status && session_keys->rtp_xtn_hdr_cipher) { + status = srtp_cipher_set_iv(session_keys->rtp_xtn_hdr_cipher, + (uint8_t *)&iv, srtp_direction_encrypt); + } + } + if (status) + return srtp_err_status_cipher_fail; - if (status == srtp_err_status_pkt_idx_adv) { - advance_packet_index = 1; - roc_to_set = (uint32_t)(est >> 16); - seq_to_set = (uint16_t)(est & 0xFFFF); +/* shift est, put into network byte order */ +#ifdef NO_64BIT_MATH + est = be64_to_cpu( + make64((high32(est) << 16) | (low32(est) >> 16), low32(est) << 16)); +#else + est = be64_to_cpu(est << 16); +#endif + + /* + * if we're authenticating using a universal hash, put the keystream + * prefix into the authentication tag + */ + if (auth_start) { + prefix_len = srtp_auth_get_prefix_length(session_keys->rtp_auth); + if (prefix_len) { + status = srtp_cipher_output(session_keys->rtp_cipher, auth_tag, + &prefix_len); + if (status) + return srtp_err_status_cipher_fail; + debug_print(mod_srtp, "keystream prefix: %s", + srtp_octet_string_hex_string(auth_tag, prefix_len)); + } } - /* check replay database */ - if (!advance_packet_index) { - status = srtp_rdbx_check(&stream->rtp_rdbx, delta); - if (status) - return status; + if (xtn_hdr && session_keys->rtp_xtn_hdr_cipher) { + /* + * extensions header encryption RFC 6904 + */ + status = srtp_process_header_encryption(stream, xtn_hdr, session_keys); + if (status) { + return status; + } + } + + /* if we're encrypting, exor keystream into the message */ + if (enc_start) { + status = + srtp_cipher_encrypt(session_keys->rtp_cipher, (uint8_t *)enc_start, + (unsigned int *)&enc_octet_len); + if (status) + return srtp_err_status_cipher_fail; } - } + /* + * if we're authenticating, run authentication function and put result + * into the auth_tag + */ + if (auth_start) { + /* initialize auth func context */ + status = srtp_auth_start(session_keys->rtp_auth); + if (status) + return status; + + /* run auth func over packet */ + status = srtp_auth_update(session_keys->rtp_auth, (uint8_t *)auth_start, + *pkt_octet_len); + if (status) + return status; + + /* run auth func over ROC, put result into auth_tag */ + debug_print(mod_srtp, "estimated packet index: %016llx", est); + status = srtp_auth_compute(session_keys->rtp_auth, (uint8_t *)&est, 4, + auth_tag); + debug_print(mod_srtp, "srtp auth tag: %s", + srtp_octet_string_hex_string(auth_tag, tag_len)); + if (status) + return srtp_err_status_auth_fail; + } + + if (auth_tag) { + /* increase the packet length by the length of the auth tag */ + *pkt_octet_len += tag_len; + } + + if (use_mki) { + /* increate the packet length by the mki size */ + *pkt_octet_len += mki_size; + } + + return srtp_err_status_ok; +} + +srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx, + void *srtp_hdr, + int *pkt_octet_len) +{ + return srtp_unprotect_mki(ctx, srtp_hdr, pkt_octet_len, 0); +} + +srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, + void *srtp_hdr, + int *pkt_octet_len, + unsigned int use_mki) +{ + srtp_hdr_t *hdr = (srtp_hdr_t *)srtp_hdr; + uint32_t *enc_start; /* pointer to start of encrypted portion */ + uint32_t *auth_start; /* pointer to start of auth. portion */ + unsigned int enc_octet_len = 0; /* number of octets in encrypted portion */ + uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ + srtp_xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */ + int delta; /* delta of local pkt idx and that in hdr */ + v128_t iv; + srtp_err_status_t status; + srtp_stream_ctx_t *stream; + uint8_t tmp_tag[SRTP_MAX_TAG_LEN]; + uint32_t tag_len, prefix_len; + srtp_hdr_xtnd_t *xtn_hdr = NULL; + unsigned int mki_size = 0; + srtp_session_keys_t *session_keys = NULL; + int advance_packet_index = 0; + uint32_t roc_to_set = 0; + uint16_t seq_to_set = 0; + + debug_print(mod_srtp, "function srtp_unprotect", NULL); + + /* we assume the hdr is 32-bit aligned to start */ + + /* Verify RTP header */ + status = srtp_validate_rtp_header(srtp_hdr, pkt_octet_len); + if (status) + return status; + + /* check the packet length - it must at least contain a full header */ + if (*pkt_octet_len < octets_in_rtp_header) + return srtp_err_status_bad_param; + + /* + * look up ssrc in srtp_stream list, and process the packet with + * the appropriate stream. if we haven't seen this stream before, + * there's only one key for this srtp_session, and the cipher + * supports key-sharing, then we assume that a new stream using + * that key has just started up + */ + stream = srtp_get_stream(ctx, hdr->ssrc); + if (stream == NULL) { + if (ctx->stream_template != NULL) { + stream = ctx->stream_template; + debug_print(mod_srtp, "using provisional stream (SSRC: 0x%08x)", + ntohl(hdr->ssrc)); + +/* + * set estimated packet index to sequence number from header, + * and set delta equal to the same value + */ #ifdef NO_64BIT_MATH - debug_print2(mod_srtp, "estimated u_packet index: %08x%08x", high32(est),low32(est)); + est = (srtp_xtd_seq_num_t)make64(0, ntohs(hdr->seq)); + delta = low32(est); #else - debug_print(mod_srtp, "estimated u_packet index: %016llx", est); + est = (srtp_xtd_seq_num_t)ntohs(hdr->seq); + delta = (int)est; #endif + } else { + /* + * no stream corresponding to SSRC found, and we don't do + * key-sharing, so return an error + */ + return srtp_err_status_no_ctx; + } + } else { + status = srtp_get_est_pkt_index(hdr, stream, &est, &delta); + + if (status && (status != srtp_err_status_pkt_idx_adv)) + return status; + + if (status == srtp_err_status_pkt_idx_adv) { + advance_packet_index = 1; + roc_to_set = (uint32_t)(est >> 16); + seq_to_set = (uint16_t)(est & 0xFFFF); + } + + /* check replay database */ + if (!advance_packet_index) { + status = srtp_rdbx_check(&stream->rtp_rdbx, delta); + if (status) + return status; + } + } - /* - * Determine if MKI is being used and what session keys should be used - */ - if (use_mki) { - session_keys = srtp_get_session_keys(stream, (uint8_t *)hdr, - (const unsigned int*)pkt_octet_len, - &mki_size); - - if (session_keys == NULL) - return srtp_err_status_bad_mki; - } else { - session_keys = &stream->session_keys[0]; - } - - /* - * Check if this is an AEAD stream (GCM mode). If so, then dispatch - * the request to our AEAD handler. - */ - if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || - session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { - return srtp_unprotect_aead(ctx, stream, delta, est, srtp_hdr, - (unsigned int*)pkt_octet_len, session_keys, - mki_size); - } - - /* get tag length from stream */ - tag_len = srtp_auth_get_tag_length(session_keys->rtp_auth); - - /* - * set the cipher's IV properly, depending on whatever cipher we - * happen to be using - */ - if (session_keys->rtp_cipher->type->id == SRTP_AES_ICM_128 || - session_keys->rtp_cipher->type->id == SRTP_AES_ICM_192 || - session_keys->rtp_cipher->type->id == SRTP_AES_ICM_256) { - /* aes counter mode */ - iv.v32[0] = 0; - iv.v32[1] = hdr->ssrc; /* still in network order */ #ifdef NO_64BIT_MATH - iv.v64[1] = be64_to_cpu(make64((high32(est) << 16) | (low32(est) >> 16), - low32(est) << 16)); + debug_print2(mod_srtp, "estimated u_packet index: %08x%08x", high32(est), + low32(est)); #else - iv.v64[1] = be64_to_cpu(est << 16); + debug_print(mod_srtp, "estimated u_packet index: %016llx", est); #endif - status = srtp_cipher_set_iv(session_keys->rtp_cipher, - (uint8_t*)&iv, srtp_direction_decrypt); - if (!status && session_keys->rtp_xtn_hdr_cipher) { - status = srtp_cipher_set_iv(session_keys->rtp_xtn_hdr_cipher, - (uint8_t*)&iv, srtp_direction_decrypt); + + /* Determine if MKI is being used and what session keys should be used */ + if (use_mki) { + session_keys = srtp_get_session_keys( + stream, (uint8_t *)hdr, (const unsigned int *)pkt_octet_len, + &mki_size); + + if (session_keys == NULL) + return srtp_err_status_bad_mki; + } else { + session_keys = &stream->session_keys[0]; + } + + /* + * Check if this is an AEAD stream (GCM mode). If so, then dispatch + * the request to our AEAD handler. + */ + if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || + session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { + return srtp_unprotect_aead(ctx, stream, delta, est, srtp_hdr, + (unsigned int *)pkt_octet_len, session_keys, + mki_size); } - } else { - - /* no particular format - set the iv to the pakcet index */ + + /* get tag length from stream */ + tag_len = srtp_auth_get_tag_length(session_keys->rtp_auth); + + /* + * set the cipher's IV properly, depending on whatever cipher we + * happen to be using + */ + if (session_keys->rtp_cipher->type->id == SRTP_AES_ICM_128 || + session_keys->rtp_cipher->type->id == SRTP_AES_ICM_192 || + session_keys->rtp_cipher->type->id == SRTP_AES_ICM_256) { + /* aes counter mode */ + iv.v32[0] = 0; + iv.v32[1] = hdr->ssrc; /* still in network order */ #ifdef NO_64BIT_MATH - iv.v32[0] = 0; - iv.v32[1] = 0; + iv.v64[1] = be64_to_cpu( + make64((high32(est) << 16) | (low32(est) >> 16), low32(est) << 16)); #else - iv.v64[0] = 0; + iv.v64[1] = be64_to_cpu(est << 16); #endif - iv.v64[1] = be64_to_cpu(est); - status = srtp_cipher_set_iv(session_keys->rtp_cipher, (uint8_t*)&iv, srtp_direction_decrypt); - if (!status && session_keys->rtp_xtn_hdr_cipher) { - status = srtp_cipher_set_iv(session_keys->rtp_xtn_hdr_cipher, (uint8_t*)&iv, srtp_direction_decrypt); + status = srtp_cipher_set_iv(session_keys->rtp_cipher, (uint8_t *)&iv, + srtp_direction_decrypt); + if (!status && session_keys->rtp_xtn_hdr_cipher) { + status = srtp_cipher_set_iv(session_keys->rtp_xtn_hdr_cipher, + (uint8_t *)&iv, srtp_direction_decrypt); + } + } else { +/* no particular format - set the iv to the pakcet index */ +#ifdef NO_64BIT_MATH + iv.v32[0] = 0; + iv.v32[1] = 0; +#else + iv.v64[0] = 0; +#endif + iv.v64[1] = be64_to_cpu(est); + status = srtp_cipher_set_iv(session_keys->rtp_cipher, (uint8_t *)&iv, + srtp_direction_decrypt); + if (!status && session_keys->rtp_xtn_hdr_cipher) { + status = srtp_cipher_set_iv(session_keys->rtp_xtn_hdr_cipher, + (uint8_t *)&iv, srtp_direction_decrypt); + } } - } - if (status) - return srtp_err_status_cipher_fail; + if (status) + return srtp_err_status_cipher_fail; - /* shift est, put into network byte order */ +/* shift est, put into network byte order */ #ifdef NO_64BIT_MATH - est = be64_to_cpu(make64((high32(est) << 16) | - (low32(est) >> 16), - low32(est) << 16)); + est = be64_to_cpu( + make64((high32(est) << 16) | (low32(est) >> 16), low32(est) << 16)); #else - est = be64_to_cpu(est << 16); + est = be64_to_cpu(est << 16); #endif - /* - * find starting point for decryption and length of data to be - * decrypted - the encrypted portion starts after the rtp header - * extension, if present; otherwise, it starts after the last csrc, - * if any are present - * - * if we're not providing confidentiality, set enc_start to NULL - */ - if (stream->rtp_services & sec_serv_conf) { - enc_start = (uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc; - if (hdr->x == 1) { - xtn_hdr = (srtp_hdr_xtnd_t *)enc_start; - enc_start += (ntohs(xtn_hdr->length) + 1); - } - if (!((uint8_t*)enc_start <= (uint8_t*)hdr + (*pkt_octet_len - tag_len - mki_size))) - return srtp_err_status_parse_err; - enc_octet_len = (uint32_t)(*pkt_octet_len - tag_len - mki_size - - ((uint8_t*)enc_start - (uint8_t*)hdr)); - } else { - enc_start = NULL; - } - - /* - * if we're providing authentication, set the auth_start and auth_tag - * pointers to the proper locations; otherwise, set auth_start to NULL - * to indicate that no authentication is needed - */ - if (stream->rtp_services & sec_serv_auth) { - auth_start = (uint32_t *)hdr; - auth_tag = (uint8_t *)hdr + *pkt_octet_len - tag_len; - } else { - auth_start = NULL; - auth_tag = NULL; - } - - /* - * if we expect message authentication, run the authentication - * function and compare the result with the value of the auth_tag - */ - if (auth_start) { - - /* - * if we're using a universal hash, then we need to compute the - * keystream prefix for encrypting the universal hash output + /* + * find starting point for decryption and length of data to be + * decrypted - the encrypted portion starts after the rtp header + * extension, if present; otherwise, it starts after the last csrc, + * if any are present * - * if the keystream prefix length is zero, then we know that - * the authenticator isn't using a universal hash function - */ - if (session_keys->rtp_auth->prefix_len != 0) { - - prefix_len = srtp_auth_get_prefix_length(session_keys->rtp_auth); - status = srtp_cipher_output(session_keys->rtp_cipher, tmp_tag, &prefix_len); - debug_print(mod_srtp, "keystream prefix: %s", - srtp_octet_string_hex_string(tmp_tag, prefix_len)); - if (status) - return srtp_err_status_cipher_fail; - } + * if we're not providing confidentiality, set enc_start to NULL + */ + if (stream->rtp_services & sec_serv_conf) { + enc_start = (uint32_t *)hdr + uint32s_in_rtp_header + hdr->cc; + if (hdr->x == 1) { + xtn_hdr = (srtp_hdr_xtnd_t *)enc_start; + enc_start += (ntohs(xtn_hdr->length) + 1); + } + if (!((uint8_t *)enc_start <= + (uint8_t *)hdr + (*pkt_octet_len - tag_len - mki_size))) + return srtp_err_status_parse_err; + enc_octet_len = (uint32_t)(*pkt_octet_len - tag_len - mki_size - + ((uint8_t *)enc_start - (uint8_t *)hdr)); + } else { + enc_start = NULL; + } - /* initialize auth func context */ - status = srtp_auth_start(session_keys->rtp_auth); - if (status) return status; - - /* now compute auth function over packet */ - status = srtp_auth_update(session_keys->rtp_auth, (uint8_t *)auth_start, - *pkt_octet_len - tag_len - mki_size); - - /* run auth func over ROC, then write tmp tag */ - status = srtp_auth_compute(session_keys->rtp_auth, (uint8_t *)&est, 4, tmp_tag); - - debug_print(mod_srtp, "computed auth tag: %s", - srtp_octet_string_hex_string(tmp_tag, tag_len)); - debug_print(mod_srtp, "packet auth tag: %s", - srtp_octet_string_hex_string(auth_tag, tag_len)); - if (status) - return srtp_err_status_auth_fail; + /* + * if we're providing authentication, set the auth_start and auth_tag + * pointers to the proper locations; otherwise, set auth_start to NULL + * to indicate that no authentication is needed + */ + if (stream->rtp_services & sec_serv_auth) { + auth_start = (uint32_t *)hdr; + auth_tag = (uint8_t *)hdr + *pkt_octet_len - tag_len; + } else { + auth_start = NULL; + auth_tag = NULL; + } - if (octet_string_is_eq(tmp_tag, auth_tag, tag_len)) - return srtp_err_status_auth_fail; - } + /* + * if we expect message authentication, run the authentication + * function and compare the result with the value of the auth_tag + */ + if (auth_start) { + /* + * if we're using a universal hash, then we need to compute the + * keystream prefix for encrypting the universal hash output + * + * if the keystream prefix length is zero, then we know that + * the authenticator isn't using a universal hash function + */ + if (session_keys->rtp_auth->prefix_len != 0) { + prefix_len = srtp_auth_get_prefix_length(session_keys->rtp_auth); + status = srtp_cipher_output(session_keys->rtp_cipher, tmp_tag, + &prefix_len); + debug_print(mod_srtp, "keystream prefix: %s", + srtp_octet_string_hex_string(tmp_tag, prefix_len)); + if (status) + return srtp_err_status_cipher_fail; + } - /* - * update the key usage limit, and check it to make sure that we - * didn't just hit either the soft limit or the hard limit, and call - * the event handler if we hit either. - */ - switch(srtp_key_limit_update(session_keys->limit)) { - case srtp_key_event_normal: - break; - case srtp_key_event_soft_limit: - srtp_handle_event(ctx, stream, event_key_soft_limit); - break; - case srtp_key_event_hard_limit: - srtp_handle_event(ctx, stream, event_key_hard_limit); - return srtp_err_status_key_expired; - default: - break; - } + /* initialize auth func context */ + status = srtp_auth_start(session_keys->rtp_auth); + if (status) + return status; + + /* now compute auth function over packet */ + status = srtp_auth_update(session_keys->rtp_auth, (uint8_t *)auth_start, + *pkt_octet_len - tag_len - mki_size); + + /* run auth func over ROC, then write tmp tag */ + status = srtp_auth_compute(session_keys->rtp_auth, (uint8_t *)&est, 4, + tmp_tag); + + debug_print(mod_srtp, "computed auth tag: %s", + srtp_octet_string_hex_string(tmp_tag, tag_len)); + debug_print(mod_srtp, "packet auth tag: %s", + srtp_octet_string_hex_string(auth_tag, tag_len)); + if (status) + return srtp_err_status_auth_fail; + + if (octet_string_is_eq(tmp_tag, auth_tag, tag_len)) + return srtp_err_status_auth_fail; + } - if (xtn_hdr && session_keys->rtp_xtn_hdr_cipher) { /* - * extensions header encryption RFC 6904 + * update the key usage limit, and check it to make sure that we + * didn't just hit either the soft limit or the hard limit, and call + * the event handler if we hit either. */ - status = srtp_process_header_encryption(stream, xtn_hdr, session_keys); - if (status) { - return status; + switch (srtp_key_limit_update(session_keys->limit)) { + case srtp_key_event_normal: + break; + case srtp_key_event_soft_limit: + srtp_handle_event(ctx, stream, event_key_soft_limit); + break; + case srtp_key_event_hard_limit: + srtp_handle_event(ctx, stream, event_key_hard_limit); + return srtp_err_status_key_expired; + default: + break; } - } - /* if we're decrypting, add keystream into ciphertext */ - if (enc_start) { - status = srtp_cipher_decrypt(session_keys->rtp_cipher, - (uint8_t *)enc_start, &enc_octet_len); - if (status) - return srtp_err_status_cipher_fail; - } + if (xtn_hdr && session_keys->rtp_xtn_hdr_cipher) { + /* extensions header encryption RFC 6904 */ + status = srtp_process_header_encryption(stream, xtn_hdr, session_keys); + if (status) { + return status; + } + } - /* - * verify that stream is for received traffic - this check will - * detect SSRC collisions, since a stream that appears in both - * srtp_protect() and srtp_unprotect() will fail this test in one of - * those functions. - * - * we do this check *after* the authentication check, so that the - * latter check will catch any attempts to fool us into thinking - * that we've got a collision - */ - if (stream->direction != dir_srtp_receiver) { - if (stream->direction == dir_unknown) { - stream->direction = dir_srtp_receiver; - } else { - srtp_handle_event(ctx, stream, event_ssrc_collision); + /* if we're decrypting, add keystream into ciphertext */ + if (enc_start) { + status = srtp_cipher_decrypt(session_keys->rtp_cipher, + (uint8_t *)enc_start, &enc_octet_len); + if (status) + return srtp_err_status_cipher_fail; } - } - /* - * if the stream is a 'provisional' one, in which the template context - * is used, then we need to allocate a new stream at this point, since - * the authentication passed - */ - if (stream == ctx->stream_template) { - srtp_stream_ctx_t *new_stream; - - /* - * allocate and initialize a new stream - * - * note that we indicate failure if we can't allocate the new - * stream, and some implementations will want to not return - * failure here + /* + * verify that stream is for received traffic - this check will + * detect SSRC collisions, since a stream that appears in both + * srtp_protect() and srtp_unprotect() will fail this test in one of + * those functions. + * + * we do this check *after* the authentication check, so that the + * latter check will catch any attempts to fool us into thinking + * that we've got a collision */ - status = srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); - if (status) - return status; - - /* add new stream to the head of the stream_list */ - new_stream->next = ctx->stream_list; - ctx->stream_list = new_stream; - - /* set stream (the pointer used in this function) */ - stream = new_stream; - } - - /* - * the message authentication function passed, so add the packet - * index into the replay database - */ - if (advance_packet_index) { - srtp_rdbx_set_roc_seq(&stream->rtp_rdbx, - roc_to_set, - seq_to_set); - stream->pending_roc = 0; - srtp_rdbx_add_index(&stream->rtp_rdbx, 0); - } else { - srtp_rdbx_add_index(&stream->rtp_rdbx, delta); - } + if (stream->direction != dir_srtp_receiver) { + if (stream->direction == dir_unknown) { + stream->direction = dir_srtp_receiver; + } else { + srtp_handle_event(ctx, stream, event_ssrc_collision); + } + } - /* decrease the packet length by the length of the auth tag */ - *pkt_octet_len -= tag_len; + /* + * if the stream is a 'provisional' one, in which the template context + * is used, then we need to allocate a new stream at this point, since + * the authentication passed + */ + if (stream == ctx->stream_template) { + srtp_stream_ctx_t *new_stream; - /* decrease the packet length by the mki size */ - *pkt_octet_len -= mki_size; + /* + * allocate and initialize a new stream + * + * note that we indicate failure if we can't allocate the new + * stream, and some implementations will want to not return + * failure here + */ + status = + srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); + if (status) + return status; - return srtp_err_status_ok; -} + /* add new stream to the head of the stream_list */ + new_stream->next = ctx->stream_list; + ctx->stream_list = new_stream; -srtp_err_status_t -srtp_init() { - srtp_err_status_t status; + /* set stream (the pointer used in this function) */ + stream = new_stream; + } - /* initialize crypto kernel */ - status = srtp_crypto_kernel_init(); - if (status) - return status; + /* + * the message authentication function passed, so add the packet + * index into the replay database + */ + if (advance_packet_index) { + srtp_rdbx_set_roc_seq(&stream->rtp_rdbx, roc_to_set, seq_to_set); + stream->pending_roc = 0; + srtp_rdbx_add_index(&stream->rtp_rdbx, 0); + } else { + srtp_rdbx_add_index(&stream->rtp_rdbx, delta); + } - /* load srtp debug module into the kernel */ - status = srtp_crypto_kernel_load_debug_module(&mod_srtp); - if (status) - return status; + /* decrease the packet length by the length of the auth tag */ + *pkt_octet_len -= tag_len; - return srtp_err_status_ok; + /* decrease the packet length by the mki size */ + *pkt_octet_len -= mki_size; + + return srtp_err_status_ok; } -srtp_err_status_t -srtp_shutdown() { - srtp_err_status_t status; +srtp_err_status_t srtp_init() +{ + srtp_err_status_t status; - /* shut down crypto kernel */ - status = srtp_crypto_kernel_shutdown(); - if (status) - return status; + /* initialize crypto kernel */ + status = srtp_crypto_kernel_init(); + if (status) + return status; - /* shutting down crypto kernel frees the srtp debug module as well */ + /* load srtp debug module into the kernel */ + status = srtp_crypto_kernel_load_debug_module(&mod_srtp); + if (status) + return status; - return srtp_err_status_ok; + return srtp_err_status_ok; } +srtp_err_status_t srtp_shutdown() +{ + srtp_err_status_t status; + + /* shut down crypto kernel */ + status = srtp_crypto_kernel_shutdown(); + if (status) + return status; + + /* shutting down crypto kernel frees the srtp debug module as well */ -/* + return srtp_err_status_ok; +} + +/* * The following code is under consideration for removal. See - * SRTP_MAX_TRAILER_LEN + * SRTP_MAX_TRAILER_LEN */ #if 0 @@ -2740,378 +2774,376 @@ * srtp_get_stream(ssrc) returns a pointer to the stream corresponding * to ssrc, or NULL if no stream exists for that ssrc * - * this is an internal function + * this is an internal function */ -srtp_stream_ctx_t * -srtp_get_stream(srtp_t srtp, uint32_t ssrc) { - srtp_stream_ctx_t *stream; - - /* walk down list until ssrc is found */ - stream = srtp->stream_list; - while (stream != NULL) { - if (stream->ssrc == ssrc) - return stream; - stream = stream->next; - } - - /* we haven't found our ssrc, so return a null */ - return NULL; -} - -srtp_err_status_t -srtp_dealloc(srtp_t session) { - srtp_stream_ctx_t *stream; - srtp_err_status_t status; - - /* - * we take a conservative deallocation strategy - if we encounter an - * error deallocating a stream, then we stop trying to deallocate - * memory and just return an error - */ - - /* walk list of streams, deallocating as we go */ - stream = session->stream_list; - while (stream != NULL) { - srtp_stream_t next = stream->next; - status = srtp_stream_dealloc(stream, session->stream_template); - if (status) - return status; - stream = next; - } - - /* deallocate stream template, if there is one */ - if (session->stream_template != NULL) { - status = srtp_stream_dealloc(session->stream_template, NULL); - if (status) - return status; - } +srtp_stream_ctx_t *srtp_get_stream(srtp_t srtp, uint32_t ssrc) +{ + srtp_stream_ctx_t *stream; + + /* walk down list until ssrc is found */ + stream = srtp->stream_list; + while (stream != NULL) { + if (stream->ssrc == ssrc) + return stream; + stream = stream->next; + } + + /* we haven't found our ssrc, so return a null */ + return NULL; +} + +srtp_err_status_t srtp_dealloc(srtp_t session) +{ + srtp_stream_ctx_t *stream; + srtp_err_status_t status; - /* deallocate session context */ - srtp_crypto_free(session); + /* + * we take a conservative deallocation strategy - if we encounter an + * error deallocating a stream, then we stop trying to deallocate + * memory and just return an error + */ + + /* walk list of streams, deallocating as we go */ + stream = session->stream_list; + while (stream != NULL) { + srtp_stream_t next = stream->next; + status = srtp_stream_dealloc(stream, session->stream_template); + if (status) + return status; + stream = next; + } - return srtp_err_status_ok; + /* deallocate stream template, if there is one */ + if (session->stream_template != NULL) { + status = srtp_stream_dealloc(session->stream_template, NULL); + if (status) + return status; + } + + /* deallocate session context */ + srtp_crypto_free(session); + + return srtp_err_status_ok; +} + +srtp_err_status_t srtp_add_stream(srtp_t session, const srtp_policy_t *policy) +{ + srtp_err_status_t status; + srtp_stream_t tmp; + + /* sanity check arguments */ + if ((session == NULL) || (policy == NULL) || + (!srtp_validate_policy_master_keys(policy))) + return srtp_err_status_bad_param; + + /* allocate stream */ + status = srtp_stream_alloc(&tmp, policy); + if (status) { + return status; + } + + /* initialize stream */ + status = srtp_stream_init(tmp, policy); + if (status) { + srtp_stream_dealloc(tmp, NULL); + return status; + } + + /* + * set the head of the stream list or the template to point to the + * stream that we've just alloced and init'ed, depending on whether + * or not it has a wildcard SSRC value or not + * + * if the template stream has already been set, then the policy is + * inconsistent, so we return a bad_param error code + */ + switch (policy->ssrc.type) { + case (ssrc_any_outbound): + if (session->stream_template) { + srtp_stream_dealloc(tmp, NULL); + return srtp_err_status_bad_param; + } + session->stream_template = tmp; + session->stream_template->direction = dir_srtp_sender; + break; + case (ssrc_any_inbound): + if (session->stream_template) { + srtp_stream_dealloc(tmp, NULL); + return srtp_err_status_bad_param; + } + session->stream_template = tmp; + session->stream_template->direction = dir_srtp_receiver; + break; + case (ssrc_specific): + tmp->next = session->stream_list; + session->stream_list = tmp; + break; + case (ssrc_undefined): + default: + srtp_stream_dealloc(tmp, NULL); + return srtp_err_status_bad_param; + } + + return srtp_err_status_ok; +} + +srtp_err_status_t srtp_create(srtp_t *session, /* handle for session */ + const srtp_policy_t *policy) +{ /* SRTP policy (list) */ + srtp_err_status_t stat; + srtp_ctx_t *ctx; + + /* sanity check arguments */ + if (session == NULL) + return srtp_err_status_bad_param; + + /* allocate srtp context and set ctx_ptr */ + ctx = (srtp_ctx_t *)srtp_crypto_alloc(sizeof(srtp_ctx_t)); + if (ctx == NULL) + return srtp_err_status_alloc_fail; + *session = ctx; + + /* + * loop over elements in the policy list, allocating and + * initializing a stream for each element + */ + ctx->stream_template = NULL; + ctx->stream_list = NULL; + ctx->user_data = NULL; + while (policy != NULL) { + stat = srtp_add_stream(ctx, policy); + if (stat) { + /* clean up everything */ + srtp_dealloc(*session); + *session = NULL; + return stat; + } + + /* set policy to next item in list */ + policy = policy->next; + } + + return srtp_err_status_ok; } +srtp_err_status_t srtp_remove_stream(srtp_t session, uint32_t ssrc) +{ + srtp_stream_ctx_t *stream, *last_stream; + srtp_err_status_t status; -srtp_err_status_t -srtp_add_stream(srtp_t session, - const srtp_policy_t *policy) { - srtp_err_status_t status; - srtp_stream_t tmp; + /* sanity check arguments */ + if (session == NULL) + return srtp_err_status_bad_param; - /* sanity check arguments */ - if ((session == NULL) || (policy == NULL) || (!srtp_validate_policy_master_keys(policy))) - return srtp_err_status_bad_param; + /* find stream in list; complain if not found */ + last_stream = stream = session->stream_list; + while ((stream != NULL) && (ssrc != stream->ssrc)) { + last_stream = stream; + stream = stream->next; + } + if (stream == NULL) + return srtp_err_status_no_ctx; - /* allocate stream */ - status = srtp_stream_alloc(&tmp, policy); - if (status) { - return status; - } - - /* initialize stream */ - status = srtp_stream_init(tmp, policy); - if (status) { - srtp_crypto_free(tmp); - return status; - } - - /* - * set the head of the stream list or the template to point to the - * stream that we've just alloced and init'ed, depending on whether - * or not it has a wildcard SSRC value or not - * - * if the template stream has already been set, then the policy is - * inconsistent, so we return a bad_param error code - */ - switch (policy->ssrc.type) { - case (ssrc_any_outbound): - if (session->stream_template) { - return srtp_err_status_bad_param; - } - session->stream_template = tmp; - session->stream_template->direction = dir_srtp_sender; - break; - case (ssrc_any_inbound): - if (session->stream_template) { - return srtp_err_status_bad_param; - } - session->stream_template = tmp; - session->stream_template->direction = dir_srtp_receiver; - break; - case (ssrc_specific): - tmp->next = session->stream_list; - session->stream_list = tmp; - break; - case (ssrc_undefined): - default: - srtp_crypto_free(tmp); - return srtp_err_status_bad_param; - } - - return srtp_err_status_ok; -} - - -srtp_err_status_t -srtp_create(srtp_t *session, /* handle for session */ - const srtp_policy_t *policy) { /* SRTP policy (list) */ - srtp_err_status_t stat; - srtp_ctx_t *ctx; - - /* sanity check arguments */ - if (session == NULL) - return srtp_err_status_bad_param; - - /* allocate srtp context and set ctx_ptr */ - ctx = (srtp_ctx_t *) srtp_crypto_alloc(sizeof(srtp_ctx_t)); - if (ctx == NULL) - return srtp_err_status_alloc_fail; - *session = ctx; - - /* - * loop over elements in the policy list, allocating and - * initializing a stream for each element - */ - ctx->stream_template = NULL; - ctx->stream_list = NULL; - ctx->user_data = NULL; - while (policy != NULL) { + /* remove stream from the list */ + if (last_stream == stream) + /* stream was first in list */ + session->stream_list = stream->next; + else + last_stream->next = stream->next; - stat = srtp_add_stream(ctx, policy); - if (stat) { - /* clean up everything */ - srtp_dealloc(*session); - *session = NULL; - return stat; - } - - /* set policy to next item in list */ - policy = policy->next; - } - - return srtp_err_status_ok; + /* deallocate the stream */ + status = srtp_stream_dealloc(stream, session->stream_template); + if (status) + return status; + + return srtp_err_status_ok; } +srtp_err_status_t srtp_update(srtp_t session, const srtp_policy_t *policy) +{ + srtp_err_status_t stat; + + /* sanity check arguments */ + if ((session == NULL) || (policy == NULL) || + (!srtp_validate_policy_master_keys(policy))) { + return srtp_err_status_bad_param; + } -srtp_err_status_t -srtp_remove_stream(srtp_t session, uint32_t ssrc) { - srtp_stream_ctx_t *stream, *last_stream; - srtp_err_status_t status; - - /* sanity check arguments */ - if (session == NULL) - return srtp_err_status_bad_param; - - /* find stream in list; complain if not found */ - last_stream = stream = session->stream_list; - while ((stream != NULL) && (ssrc != stream->ssrc)) { - last_stream = stream; - stream = stream->next; - } - if (stream == NULL) - return srtp_err_status_no_ctx; - - /* remove stream from the list */ - if (last_stream == stream) - /* stream was first in list */ - session->stream_list = stream->next; - else - last_stream->next = stream->next; - - /* deallocate the stream */ - status = srtp_stream_dealloc(stream, session->stream_template); - if (status) - return status; + while (policy != NULL) { + stat = srtp_update_stream(session, policy); + if (stat) { + return stat; + } - return srtp_err_status_ok; + /* set policy to next item in list */ + policy = policy->next; + } + return srtp_err_status_ok; } +static srtp_err_status_t update_template_streams(srtp_t session, + const srtp_policy_t *policy) +{ + srtp_err_status_t status; + srtp_stream_t new_stream_template; + srtp_stream_t new_stream_list = NULL; -srtp_err_status_t -srtp_update(srtp_t session, const srtp_policy_t *policy) { - srtp_err_status_t stat; - - /* sanity check arguments */ - if ((session == NULL) || (policy == NULL) || (!srtp_validate_policy_master_keys(policy))) { - return srtp_err_status_bad_param; - } + if (session->stream_template == NULL) { + return srtp_err_status_bad_param; + } - while (policy != NULL) { - stat = srtp_update_stream(session, policy); - if (stat) { - return stat; + /* allocate new template stream */ + status = srtp_stream_alloc(&new_stream_template, policy); + if (status) { + return status; } - /* set policy to next item in list */ - policy = policy->next; - } - return srtp_err_status_ok; -} + /* initialize new template stream */ + status = srtp_stream_init(new_stream_template, policy); + if (status) { + srtp_crypto_free(new_stream_template); + return status; + } + /* for all old templated streams */ + for (;;) { + srtp_stream_t stream; + uint32_t ssrc; + srtp_xtd_seq_num_t old_index; + srtp_rdb_t old_rtcp_rdb; + + stream = session->stream_list; + while ((stream != NULL) && + (stream->session_keys[0].rtp_auth != + session->stream_template->session_keys[0].rtp_auth)) { + stream = stream->next; + } + if (stream == NULL) { + /* no more templated streams */ + break; + } -static srtp_err_status_t -update_template_streams(srtp_t session, const srtp_policy_t *policy) { - srtp_err_status_t status; - srtp_stream_t new_stream_template; - srtp_stream_t new_stream_list = NULL; + /* save old extendard seq */ + ssrc = stream->ssrc; + old_index = stream->rtp_rdbx.index; + old_rtcp_rdb = stream->rtcp_rdb; - if (session->stream_template == NULL) { - return srtp_err_status_bad_param; - } + /* remove stream */ + status = srtp_remove_stream(session, ssrc); + if (status) { + /* free new allocations */ + while (new_stream_list != NULL) { + srtp_stream_t next = new_stream_list->next; + srtp_stream_dealloc(new_stream_list, new_stream_template); + new_stream_list = next; + } + srtp_stream_dealloc(new_stream_template, NULL); + return status; + } - /* allocate new template stream */ - status = srtp_stream_alloc(&new_stream_template, policy); - if (status) { - return status; - } + /* allocate and initialize a new stream */ + status = srtp_stream_clone(new_stream_template, ssrc, &stream); + if (status) { + /* free new allocations */ + while (new_stream_list != NULL) { + srtp_stream_t next = new_stream_list->next; + srtp_stream_dealloc(new_stream_list, new_stream_template); + new_stream_list = next; + } + srtp_stream_dealloc(new_stream_template, NULL); + return status; + } - /* initialize new template stream */ - status = srtp_stream_init(new_stream_template, policy); - if (status) { - srtp_crypto_free(new_stream_template); + /* add new stream to the head of the new_stream_list */ + stream->next = new_stream_list; + new_stream_list = stream; + + /* restore old extended seq */ + stream->rtp_rdbx.index = old_index; + stream->rtcp_rdb = old_rtcp_rdb; + } + /* dealloc old template */ + srtp_stream_dealloc(session->stream_template, NULL); + /* set new template */ + session->stream_template = new_stream_template; + /* add new list */ + if (new_stream_list) { + srtp_stream_t tail = new_stream_list; + while (tail->next) { + tail = tail->next; + } + tail->next = session->stream_list; + session->stream_list = new_stream_list; + } return status; - } +} - /* for all old templated streams */ - for (;;) { - srtp_stream_t stream; - uint32_t ssrc; +static srtp_err_status_t update_stream(srtp_t session, + const srtp_policy_t *policy) +{ + srtp_err_status_t status; srtp_xtd_seq_num_t old_index; srtp_rdb_t old_rtcp_rdb; + srtp_stream_t stream; - stream = session->stream_list; - while ((stream != NULL) && - (stream->session_keys[0].rtp_auth != - session->stream_template->session_keys[0].rtp_auth)) { - stream = stream->next; - } + stream = srtp_get_stream(session, htonl(policy->ssrc.value)); if (stream == NULL) { - /* no more templated streams */ - break; + return srtp_err_status_bad_param; } /* save old extendard seq */ - ssrc = stream->ssrc; old_index = stream->rtp_rdbx.index; old_rtcp_rdb = stream->rtcp_rdb; - /* remove stream */ - status = srtp_remove_stream(session, ssrc); + status = srtp_remove_stream(session, htonl(policy->ssrc.value)); if (status) { - /* free new allocations */ - while (new_stream_list != NULL) { - srtp_stream_t next = new_stream_list->next; - srtp_stream_dealloc(new_stream_list, new_stream_template); - new_stream_list = next; - } - srtp_stream_dealloc(new_stream_template, NULL); - return status; + return status; } - /* allocate and initialize a new stream */ - status = srtp_stream_clone(new_stream_template, ssrc, &stream); + status = srtp_add_stream(session, policy); if (status) { - /* free new allocations */ - while (new_stream_list != NULL) { - srtp_stream_t next = new_stream_list->next; - srtp_stream_dealloc(new_stream_list, new_stream_template); - new_stream_list = next; - } - srtp_stream_dealloc(new_stream_template, NULL); - return status; + return status; } - /* add new stream to the head of the new_stream_list */ - stream->next = new_stream_list; - new_stream_list = stream; + stream = srtp_get_stream(session, htonl(policy->ssrc.value)); + if (stream == NULL) { + return srtp_err_status_fail; + } /* restore old extended seq */ stream->rtp_rdbx.index = old_index; stream->rtcp_rdb = old_rtcp_rdb; - } - /* dealloc old template */ - srtp_stream_dealloc(session->stream_template, NULL); - /* set new template */ - session->stream_template = new_stream_template; - /* add new list */ - if (new_stream_list) { - srtp_stream_t tail = new_stream_list; - while (tail->next) { - tail = tail->next; - } - tail->next = session->stream_list; - session->stream_list = new_stream_list; - } - return status; + + return srtp_err_status_ok; } +srtp_err_status_t srtp_update_stream(srtp_t session, + const srtp_policy_t *policy) +{ + srtp_err_status_t status; -static srtp_err_status_t -update_stream(srtp_t session, const srtp_policy_t *policy) { - srtp_err_status_t status; - srtp_xtd_seq_num_t old_index; - srtp_rdb_t old_rtcp_rdb; - srtp_stream_t stream; - - stream = srtp_get_stream(session, htonl(policy->ssrc.value)); - if (stream == NULL) { - return srtp_err_status_bad_param; - } - - /* save old extendard seq */ - old_index = stream->rtp_rdbx.index; - old_rtcp_rdb = stream->rtcp_rdb; + /* sanity check arguments */ + if ((session == NULL) || (policy == NULL) || + (!srtp_validate_policy_master_keys(policy))) + return srtp_err_status_bad_param; - status = srtp_remove_stream(session, htonl(policy->ssrc.value)); - if (status) { - return status; - } + switch (policy->ssrc.type) { + case (ssrc_any_outbound): + case (ssrc_any_inbound): + status = update_template_streams(session, policy); + break; + case (ssrc_specific): + status = update_stream(session, policy); + break; + case (ssrc_undefined): + default: + return srtp_err_status_bad_param; + } - status = srtp_add_stream(session, policy); - if (status) { return status; - } - - stream = srtp_get_stream(session, htonl(policy->ssrc.value)); - if (stream == NULL) { - return srtp_err_status_fail; - } - - /* restore old extended seq */ - stream->rtp_rdbx.index = old_index; - stream->rtcp_rdb = old_rtcp_rdb; - - return srtp_err_status_ok; } - -srtp_err_status_t -srtp_update_stream(srtp_t session, const srtp_policy_t *policy) { - srtp_err_status_t status; - - /* sanity check arguments */ - if ((session == NULL) || (policy == NULL) || (!srtp_validate_policy_master_keys(policy))) - return srtp_err_status_bad_param; - - switch (policy->ssrc.type) { - case (ssrc_any_outbound): - case (ssrc_any_inbound): - status = update_template_streams(session, policy); - break; - case (ssrc_specific): - status = update_stream(session, policy); - break; - case (ssrc_undefined): - default: - return srtp_err_status_bad_param; - } - - return status; -} - - /* * The default policy - provides a convenient way for callers to use * the default security policy @@ -3121,283 +3153,264 @@ * */ -/* +/* * NOTE: cipher_key_len is really key len (128 bits) plus salt len * (112 bits) */ /* There are hard-coded 16's for base_key_len in the key generation code */ -void -srtp_crypto_policy_set_rtp_default(srtp_crypto_policy_t *p) { - - p->cipher_type = SRTP_AES_ICM_128; - p->cipher_key_len = SRTP_AES_ICM_128_KEY_LEN_WSALT; /* default 128 bits per RFC 3711 */ - p->auth_type = SRTP_HMAC_SHA1; - p->auth_key_len = 20; /* default 160 bits per RFC 3711 */ - p->auth_tag_len = 10; /* default 80 bits per RFC 3711 */ - p->sec_serv = sec_serv_conf_and_auth; - +void srtp_crypto_policy_set_rtp_default(srtp_crypto_policy_t *p) +{ + p->cipher_type = SRTP_AES_ICM_128; + p->cipher_key_len = + SRTP_AES_ICM_128_KEY_LEN_WSALT; /* default 128 bits per RFC 3711 */ + p->auth_type = SRTP_HMAC_SHA1; + p->auth_key_len = 20; /* default 160 bits per RFC 3711 */ + p->auth_tag_len = 10; /* default 80 bits per RFC 3711 */ + p->sec_serv = sec_serv_conf_and_auth; } -void -srtp_crypto_policy_set_rtcp_default(srtp_crypto_policy_t *p) { - - p->cipher_type = SRTP_AES_ICM_128; - p->cipher_key_len = SRTP_AES_ICM_128_KEY_LEN_WSALT; /* default 128 bits per RFC 3711 */ - p->auth_type = SRTP_HMAC_SHA1; - p->auth_key_len = 20; /* default 160 bits per RFC 3711 */ - p->auth_tag_len = 10; /* default 80 bits per RFC 3711 */ - p->sec_serv = sec_serv_conf_and_auth; - +void srtp_crypto_policy_set_rtcp_default(srtp_crypto_policy_t *p) +{ + p->cipher_type = SRTP_AES_ICM_128; + p->cipher_key_len = + SRTP_AES_ICM_128_KEY_LEN_WSALT; /* default 128 bits per RFC 3711 */ + p->auth_type = SRTP_HMAC_SHA1; + p->auth_key_len = 20; /* default 160 bits per RFC 3711 */ + p->auth_tag_len = 10; /* default 80 bits per RFC 3711 */ + p->sec_serv = sec_serv_conf_and_auth; } -void -srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(srtp_crypto_policy_t *p) { - - /* - * corresponds to RFC 4568 - * - * note that this crypto policy is intended for SRTP, but not SRTCP - */ +void srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(srtp_crypto_policy_t *p) +{ + /* + * corresponds to RFC 4568 + * + * note that this crypto policy is intended for SRTP, but not SRTCP + */ - p->cipher_type = SRTP_AES_ICM_128; - p->cipher_key_len = SRTP_AES_ICM_128_KEY_LEN_WSALT; /* 128 bit key, 112 bit salt */ - p->auth_type = SRTP_HMAC_SHA1; - p->auth_key_len = 20; /* 160 bit key */ - p->auth_tag_len = 4; /* 32 bit tag */ - p->sec_serv = sec_serv_conf_and_auth; - + p->cipher_type = SRTP_AES_ICM_128; + p->cipher_key_len = + SRTP_AES_ICM_128_KEY_LEN_WSALT; /* 128 bit key, 112 bit salt */ + p->auth_type = SRTP_HMAC_SHA1; + p->auth_key_len = 20; /* 160 bit key */ + p->auth_tag_len = 4; /* 32 bit tag */ + p->sec_serv = sec_serv_conf_and_auth; } +void srtp_crypto_policy_set_aes_cm_128_null_auth(srtp_crypto_policy_t *p) +{ + /* + * corresponds to RFC 4568 + * + * note that this crypto policy is intended for SRTP, but not SRTCP + */ -void -srtp_crypto_policy_set_aes_cm_128_null_auth(srtp_crypto_policy_t *p) { - - /* - * corresponds to RFC 4568 - * - * note that this crypto policy is intended for SRTP, but not SRTCP - */ - - p->cipher_type = SRTP_AES_ICM_128; - p->cipher_key_len = SRTP_AES_ICM_128_KEY_LEN_WSALT; /* 128 bit key, 112 bit salt */ - p->auth_type = SRTP_NULL_AUTH; - p->auth_key_len = 0; - p->auth_tag_len = 0; - p->sec_serv = sec_serv_conf; - + p->cipher_type = SRTP_AES_ICM_128; + p->cipher_key_len = + SRTP_AES_ICM_128_KEY_LEN_WSALT; /* 128 bit key, 112 bit salt */ + p->auth_type = SRTP_NULL_AUTH; + p->auth_key_len = 0; + p->auth_tag_len = 0; + p->sec_serv = sec_serv_conf; } +void srtp_crypto_policy_set_null_cipher_hmac_sha1_80(srtp_crypto_policy_t *p) +{ + /* + * corresponds to RFC 4568 + */ -void -srtp_crypto_policy_set_null_cipher_hmac_sha1_80(srtp_crypto_policy_t *p) { - - /* - * corresponds to RFC 4568 - */ - - p->cipher_type = SRTP_NULL_CIPHER; - p->cipher_key_len = 0; - p->auth_type = SRTP_HMAC_SHA1; - p->auth_key_len = 20; - p->auth_tag_len = 10; - p->sec_serv = sec_serv_auth; - + p->cipher_type = SRTP_NULL_CIPHER; + p->cipher_key_len = 0; + p->auth_type = SRTP_HMAC_SHA1; + p->auth_key_len = 20; + p->auth_tag_len = 10; + p->sec_serv = sec_serv_auth; } -void -srtp_crypto_policy_set_null_cipher_hmac_null(srtp_crypto_policy_t *p) { - - /* - * Should only be used for testing - */ +void srtp_crypto_policy_set_null_cipher_hmac_null(srtp_crypto_policy_t *p) +{ + /* + * Should only be used for testing + */ - p->cipher_type = SRTP_NULL_CIPHER; - p->cipher_key_len = 0; - p->auth_type = SRTP_NULL_AUTH; - p->auth_key_len = 0; - p->auth_tag_len = 0; - p->sec_serv = sec_serv_none; - + p->cipher_type = SRTP_NULL_CIPHER; + p->cipher_key_len = 0; + p->auth_type = SRTP_NULL_AUTH; + p->auth_key_len = 0; + p->auth_tag_len = 0; + p->sec_serv = sec_serv_none; } +void srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(srtp_crypto_policy_t *p) +{ + /* + * corresponds to RFC 6188 + */ -void -srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(srtp_crypto_policy_t *p) { - - /* - * corresponds to RFC 6188 - */ - - p->cipher_type = SRTP_AES_ICM_256; - p->cipher_key_len = SRTP_AES_ICM_256_KEY_LEN_WSALT; - p->auth_type = SRTP_HMAC_SHA1; - p->auth_key_len = 20; /* default 160 bits per RFC 3711 */ - p->auth_tag_len = 10; /* default 80 bits per RFC 3711 */ - p->sec_serv = sec_serv_conf_and_auth; + p->cipher_type = SRTP_AES_ICM_256; + p->cipher_key_len = SRTP_AES_ICM_256_KEY_LEN_WSALT; + p->auth_type = SRTP_HMAC_SHA1; + p->auth_key_len = 20; /* default 160 bits per RFC 3711 */ + p->auth_tag_len = 10; /* default 80 bits per RFC 3711 */ + p->sec_serv = sec_serv_conf_and_auth; } +void srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32(srtp_crypto_policy_t *p) +{ + /* + * corresponds to RFC 6188 + * + * note that this crypto policy is intended for SRTP, but not SRTCP + */ -void -srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32(srtp_crypto_policy_t *p) { - - /* - * corresponds to RFC 6188 - * - * note that this crypto policy is intended for SRTP, but not SRTCP - */ - - p->cipher_type = SRTP_AES_ICM_256; - p->cipher_key_len = SRTP_AES_ICM_256_KEY_LEN_WSALT; - p->auth_type = SRTP_HMAC_SHA1; - p->auth_key_len = 20; /* default 160 bits per RFC 3711 */ - p->auth_tag_len = 4; /* default 80 bits per RFC 3711 */ - p->sec_serv = sec_serv_conf_and_auth; + p->cipher_type = SRTP_AES_ICM_256; + p->cipher_key_len = SRTP_AES_ICM_256_KEY_LEN_WSALT; + p->auth_type = SRTP_HMAC_SHA1; + p->auth_key_len = 20; /* default 160 bits per RFC 3711 */ + p->auth_tag_len = 4; /* default 80 bits per RFC 3711 */ + p->sec_serv = sec_serv_conf_and_auth; } /* * AES-256 with no authentication. */ -void -srtp_crypto_policy_set_aes_cm_256_null_auth (srtp_crypto_policy_t *p) +void srtp_crypto_policy_set_aes_cm_256_null_auth(srtp_crypto_policy_t *p) { - p->cipher_type = SRTP_AES_ICM_256; - p->cipher_key_len = SRTP_AES_ICM_256_KEY_LEN_WSALT; - p->auth_type = SRTP_NULL_AUTH; - p->auth_key_len = 0; - p->auth_tag_len = 0; - p->sec_serv = sec_serv_conf; + p->cipher_type = SRTP_AES_ICM_256; + p->cipher_key_len = SRTP_AES_ICM_256_KEY_LEN_WSALT; + p->auth_type = SRTP_NULL_AUTH; + p->auth_key_len = 0; + p->auth_tag_len = 0; + p->sec_serv = sec_serv_conf; } #ifdef OPENSSL -void -srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80(srtp_crypto_policy_t *p) { +void srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80(srtp_crypto_policy_t *p) +{ + /* + * corresponds to RFC 6188 + */ - /* - * corresponds to RFC 6188 - */ - - p->cipher_type = SRTP_AES_ICM_192; - p->cipher_key_len = SRTP_AES_ICM_192_KEY_LEN_WSALT; - p->auth_type = SRTP_HMAC_SHA1; - p->auth_key_len = 20; /* default 160 bits per RFC 3711 */ - p->auth_tag_len = 10; /* default 80 bits per RFC 3711 */ - p->sec_serv = sec_serv_conf_and_auth; + p->cipher_type = SRTP_AES_ICM_192; + p->cipher_key_len = SRTP_AES_ICM_192_KEY_LEN_WSALT; + p->auth_type = SRTP_HMAC_SHA1; + p->auth_key_len = 20; /* default 160 bits per RFC 3711 */ + p->auth_tag_len = 10; /* default 80 bits per RFC 3711 */ + p->sec_serv = sec_serv_conf_and_auth; } +void srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32(srtp_crypto_policy_t *p) +{ + /* + * corresponds to RFC 6188 + * + * note that this crypto policy is intended for SRTP, but not SRTCP + */ -void -srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32(srtp_crypto_policy_t *p) { - - /* - * corresponds to RFC 6188 - * - * note that this crypto policy is intended for SRTP, but not SRTCP - */ - - p->cipher_type = SRTP_AES_ICM_192; - p->cipher_key_len = SRTP_AES_ICM_192_KEY_LEN_WSALT; - p->auth_type = SRTP_HMAC_SHA1; - p->auth_key_len = 20; /* default 160 bits per RFC 3711 */ - p->auth_tag_len = 4; /* default 80 bits per RFC 3711 */ - p->sec_serv = sec_serv_conf_and_auth; + p->cipher_type = SRTP_AES_ICM_192; + p->cipher_key_len = SRTP_AES_ICM_192_KEY_LEN_WSALT; + p->auth_type = SRTP_HMAC_SHA1; + p->auth_key_len = 20; /* default 160 bits per RFC 3711 */ + p->auth_tag_len = 4; /* default 80 bits per RFC 3711 */ + p->sec_serv = sec_serv_conf_and_auth; } /* * AES-192 with no authentication. */ -void -srtp_crypto_policy_set_aes_cm_192_null_auth (srtp_crypto_policy_t *p) +void srtp_crypto_policy_set_aes_cm_192_null_auth(srtp_crypto_policy_t *p) { - p->cipher_type = SRTP_AES_ICM_192; - p->cipher_key_len = SRTP_AES_ICM_192_KEY_LEN_WSALT; - p->auth_type = SRTP_NULL_AUTH; - p->auth_key_len = 0; - p->auth_tag_len = 0; - p->sec_serv = sec_serv_conf; + p->cipher_type = SRTP_AES_ICM_192; + p->cipher_key_len = SRTP_AES_ICM_192_KEY_LEN_WSALT; + p->auth_type = SRTP_NULL_AUTH; + p->auth_key_len = 0; + p->auth_tag_len = 0; + p->sec_serv = sec_serv_conf; } /* - * AES-128 GCM mode with 8 octet auth tag. + * AES-128 GCM mode with 8 octet auth tag. */ -void -srtp_crypto_policy_set_aes_gcm_128_8_auth(srtp_crypto_policy_t *p) { - p->cipher_type = SRTP_AES_GCM_128; - p->cipher_key_len = SRTP_AES_GCM_128_KEY_LEN_WSALT; - p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */ - p->auth_key_len = 0; - p->auth_tag_len = 8; /* 8 octet tag length */ - p->sec_serv = sec_serv_conf_and_auth; +void srtp_crypto_policy_set_aes_gcm_128_8_auth(srtp_crypto_policy_t *p) +{ + p->cipher_type = SRTP_AES_GCM_128; + p->cipher_key_len = SRTP_AES_GCM_128_KEY_LEN_WSALT; + p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */ + p->auth_key_len = 0; + p->auth_tag_len = 8; /* 8 octet tag length */ + p->sec_serv = sec_serv_conf_and_auth; } /* - * AES-256 GCM mode with 8 octet auth tag. + * AES-256 GCM mode with 8 octet auth tag. */ -void -srtp_crypto_policy_set_aes_gcm_256_8_auth(srtp_crypto_policy_t *p) { - p->cipher_type = SRTP_AES_GCM_256; - p->cipher_key_len = SRTP_AES_GCM_256_KEY_LEN_WSALT; - p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */ - p->auth_key_len = 0; - p->auth_tag_len = 8; /* 8 octet tag length */ - p->sec_serv = sec_serv_conf_and_auth; +void srtp_crypto_policy_set_aes_gcm_256_8_auth(srtp_crypto_policy_t *p) +{ + p->cipher_type = SRTP_AES_GCM_256; + p->cipher_key_len = SRTP_AES_GCM_256_KEY_LEN_WSALT; + p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */ + p->auth_key_len = 0; + p->auth_tag_len = 8; /* 8 octet tag length */ + p->sec_serv = sec_serv_conf_and_auth; } /* - * AES-128 GCM mode with 8 octet auth tag, no RTCP encryption. + * AES-128 GCM mode with 8 octet auth tag, no RTCP encryption. */ -void -srtp_crypto_policy_set_aes_gcm_128_8_only_auth(srtp_crypto_policy_t *p) { - p->cipher_type = SRTP_AES_GCM_128; - p->cipher_key_len = SRTP_AES_GCM_128_KEY_LEN_WSALT; - p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */ - p->auth_key_len = 0; - p->auth_tag_len = 8; /* 8 octet tag length */ - p->sec_serv = sec_serv_auth; /* This only applies to RTCP */ +void srtp_crypto_policy_set_aes_gcm_128_8_only_auth(srtp_crypto_policy_t *p) +{ + p->cipher_type = SRTP_AES_GCM_128; + p->cipher_key_len = SRTP_AES_GCM_128_KEY_LEN_WSALT; + p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */ + p->auth_key_len = 0; + p->auth_tag_len = 8; /* 8 octet tag length */ + p->sec_serv = sec_serv_auth; /* This only applies to RTCP */ } /* - * AES-256 GCM mode with 8 octet auth tag, no RTCP encryption. + * AES-256 GCM mode with 8 octet auth tag, no RTCP encryption. */ -void -srtp_crypto_policy_set_aes_gcm_256_8_only_auth(srtp_crypto_policy_t *p) { - p->cipher_type = SRTP_AES_GCM_256; - p->cipher_key_len = SRTP_AES_GCM_256_KEY_LEN_WSALT; - p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */ - p->auth_key_len = 0; - p->auth_tag_len = 8; /* 8 octet tag length */ - p->sec_serv = sec_serv_auth; /* This only applies to RTCP */ +void srtp_crypto_policy_set_aes_gcm_256_8_only_auth(srtp_crypto_policy_t *p) +{ + p->cipher_type = SRTP_AES_GCM_256; + p->cipher_key_len = SRTP_AES_GCM_256_KEY_LEN_WSALT; + p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */ + p->auth_key_len = 0; + p->auth_tag_len = 8; /* 8 octet tag length */ + p->sec_serv = sec_serv_auth; /* This only applies to RTCP */ } /* - * AES-128 GCM mode with 16 octet auth tag. + * AES-128 GCM mode with 16 octet auth tag. */ -void -srtp_crypto_policy_set_aes_gcm_128_16_auth(srtp_crypto_policy_t *p) { - p->cipher_type = SRTP_AES_GCM_128; - p->cipher_key_len = SRTP_AES_GCM_128_KEY_LEN_WSALT; - p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */ - p->auth_key_len = 0; - p->auth_tag_len = 16; /* 16 octet tag length */ - p->sec_serv = sec_serv_conf_and_auth; +void srtp_crypto_policy_set_aes_gcm_128_16_auth(srtp_crypto_policy_t *p) +{ + p->cipher_type = SRTP_AES_GCM_128; + p->cipher_key_len = SRTP_AES_GCM_128_KEY_LEN_WSALT; + p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */ + p->auth_key_len = 0; + p->auth_tag_len = 16; /* 16 octet tag length */ + p->sec_serv = sec_serv_conf_and_auth; } /* - * AES-256 GCM mode with 16 octet auth tag. + * AES-256 GCM mode with 16 octet auth tag. */ -void -srtp_crypto_policy_set_aes_gcm_256_16_auth(srtp_crypto_policy_t *p) { - p->cipher_type = SRTP_AES_GCM_256; - p->cipher_key_len = SRTP_AES_GCM_256_KEY_LEN_WSALT; - p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */ - p->auth_key_len = 0; - p->auth_tag_len = 16; /* 16 octet tag length */ - p->sec_serv = sec_serv_conf_and_auth; +void srtp_crypto_policy_set_aes_gcm_256_16_auth(srtp_crypto_policy_t *p) +{ + p->cipher_type = SRTP_AES_GCM_256; + p->cipher_key_len = SRTP_AES_GCM_256_KEY_LEN_WSALT; + p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */ + p->auth_key_len = 0; + p->auth_tag_len = 16; /* 16 octet tag length */ + p->sec_serv = sec_serv_conf_and_auth; } #endif -/* +/* * secure rtcp functions */ @@ -3420,7 +3433,7 @@ * +--+--+--+--+--+--+--+--+--+--+--+--+* * * Input: *session_keys - pointer to SRTP stream context session keys, - * used to retrieve the SALT + * used to retrieve the SALT * *iv - Pointer to recieve the calculated IV * seq_num - The SEQ value to use for the IV calculation. * *hdr - The RTP header, used to get the SSRC value @@ -3429,12 +3442,14 @@ * if seq_num is invalid * */ -static srtp_err_status_t -srtp_calc_aead_iv_srtcp(srtp_session_keys_t *session_keys, v128_t *iv, - uint32_t seq_num, srtcp_hdr_t *hdr) +static srtp_err_status_t srtp_calc_aead_iv_srtcp( + srtp_session_keys_t *session_keys, + v128_t *iv, + uint32_t seq_num, + srtcp_hdr_t *hdr) { - v128_t in; - v128_t salt; + v128_t in; + v128_t salt; memset(&in, 0, sizeof(v128_t)); memset(&salt, 0, sizeof(v128_t)); @@ -3469,21 +3484,196 @@ } /* - * This code handles AEAD ciphers for outgoing RTCP. We currently support - * AES-GCM mode with 128 or 256 bit keys. + * This code handles AEAD ciphers for outgoing RTCP. We currently support + * AES-GCM mode with 128 or 256 bit keys. + */ +static srtp_err_status_t srtp_protect_rtcp_aead( + srtp_t ctx, + srtp_stream_ctx_t *stream, + void *rtcp_hdr, + unsigned int *pkt_octet_len, + srtp_session_keys_t *session_keys, + unsigned int use_mki) +{ + srtcp_hdr_t *hdr = (srtcp_hdr_t *)rtcp_hdr; + uint32_t *enc_start; /* pointer to start of encrypted portion */ + uint32_t *trailer; /* pointer to start of trailer */ + unsigned int enc_octet_len = 0; /* number of octets in encrypted portion */ + uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ + srtp_err_status_t status; + uint32_t tag_len; + uint32_t seq_num; + v128_t iv; + uint32_t tseq; + unsigned int mki_size = 0; + + /* get tag length from stream context */ + tag_len = srtp_auth_get_tag_length(session_keys->rtcp_auth); + + /* + * set encryption start and encryption length - if we're not + * providing confidentiality, set enc_start to NULL + */ + enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header; + enc_octet_len = *pkt_octet_len - octets_in_rtcp_header; + + /* NOTE: hdr->length is not usable - it refers to only the first + * RTCP report in the compound packet! + */ + /* NOTE: trailer is 32-bit aligned because RTCP 'packets' are always + * multiples of 32-bits (RFC 3550 6.1) + */ + trailer = (uint32_t *)((char *)enc_start + enc_octet_len + tag_len); + + if (stream->rtcp_services & sec_serv_conf) { + *trailer = htonl(SRTCP_E_BIT); /* set encrypt bit */ + } else { + enc_start = NULL; + enc_octet_len = 0; + /* 0 is network-order independant */ + *trailer = 0x00000000; /* set encrypt bit */ + } + + mki_size = srtp_inject_mki((uint8_t *)hdr + *pkt_octet_len + tag_len + + sizeof(srtcp_trailer_t), + session_keys, use_mki); + + /* + * set the auth_tag pointer to the proper location, which is after + * the payload, but before the trailer + * (note that srtpc *always* provides authentication, unlike srtp) + */ + /* Note: This would need to change for optional mikey data */ + auth_tag = (uint8_t *)hdr + *pkt_octet_len; + + /* + * check sequence number for overruns, and copy it into the packet + * if its value isn't too big + */ + status = srtp_rdb_increment(&stream->rtcp_rdb); + if (status) { + return status; + } + seq_num = srtp_rdb_get_value(&stream->rtcp_rdb); + *trailer |= htonl(seq_num); + debug_print(mod_srtp, "srtcp index: %x", seq_num); + + /* + * Calculate and set the IV + */ + status = srtp_calc_aead_iv_srtcp(session_keys, &iv, seq_num, hdr); + if (status) { + return srtp_err_status_cipher_fail; + } + status = srtp_cipher_set_iv(session_keys->rtcp_cipher, (uint8_t *)&iv, + srtp_direction_encrypt); + if (status) { + return srtp_err_status_cipher_fail; + } + + /* + * Set the AAD for GCM mode + */ + if (enc_start) { + /* + * If payload encryption is enabled, then the AAD consist of + * the RTCP header and the seq# at the end of the packet + */ + status = srtp_cipher_set_aad(session_keys->rtcp_cipher, (uint8_t *)hdr, + octets_in_rtcp_header); + if (status) { + return (srtp_err_status_cipher_fail); + } + } else { + /* + * Since payload encryption is not enabled, we must authenticate + * the entire packet as described in RFC 7714 (Section 9.3. Data + * Types in Unencrypted SRTCP Compound Packets) + */ + status = srtp_cipher_set_aad(session_keys->rtcp_cipher, (uint8_t *)hdr, + *pkt_octet_len); + if (status) { + return (srtp_err_status_cipher_fail); + } + } + /* + * Process the sequence# as AAD + */ + tseq = *trailer; + status = srtp_cipher_set_aad(session_keys->rtcp_cipher, (uint8_t *)&tseq, + sizeof(srtcp_trailer_t)); + if (status) { + return (srtp_err_status_cipher_fail); + } + + /* if we're encrypting, exor keystream into the message */ + if (enc_start) { + status = srtp_cipher_encrypt(session_keys->rtcp_cipher, + (uint8_t *)enc_start, &enc_octet_len); + if (status) { + return srtp_err_status_cipher_fail; + } + /* + * Get the tag and append that to the output + */ + status = srtp_cipher_get_tag(session_keys->rtcp_cipher, + (uint8_t *)auth_tag, &tag_len); + if (status) { + return (srtp_err_status_cipher_fail); + } + enc_octet_len += tag_len; + } else { + /* + * Even though we're not encrypting the payload, we need + * to run the cipher to get the auth tag. + */ + unsigned int nolen = 0; + status = srtp_cipher_encrypt(session_keys->rtcp_cipher, NULL, &nolen); + if (status) { + return srtp_err_status_cipher_fail; + } + /* + * Get the tag and append that to the output + */ + status = srtp_cipher_get_tag(session_keys->rtcp_cipher, + (uint8_t *)auth_tag, &tag_len); + if (status) { + return (srtp_err_status_cipher_fail); + } + enc_octet_len += tag_len; + } + + /* increase the packet length by the length of the auth tag and seq_num*/ + *pkt_octet_len += (tag_len + sizeof(srtcp_trailer_t)); + + /* increase the packet by the mki_size */ + *pkt_octet_len += mki_size; + + return srtp_err_status_ok; +} + +/* + * This function handles incoming SRTCP packets while in AEAD mode, + * which currently supports AES-GCM encryption. Note, the auth tag is + * at the end of the packet stream and is automatically checked by GCM + * when decrypting the payload. */ -static srtp_err_status_t -srtp_protect_rtcp_aead (srtp_t ctx, srtp_stream_ctx_t *stream, - void *rtcp_hdr, unsigned int *pkt_octet_len, - srtp_session_keys_t *session_keys, unsigned int use_mki) -{ - srtcp_hdr_t *hdr = (srtcp_hdr_t*)rtcp_hdr; - uint32_t *enc_start; /* pointer to start of encrypted portion */ - uint32_t *trailer; /* pointer to start of trailer */ +static srtp_err_status_t srtp_unprotect_rtcp_aead( + srtp_t ctx, + srtp_stream_ctx_t *stream, + void *srtcp_hdr, + unsigned int *pkt_octet_len, + srtp_session_keys_t *session_keys, + unsigned int use_mki) +{ + srtcp_hdr_t *hdr = (srtcp_hdr_t *)srtcp_hdr; + uint32_t *enc_start; /* pointer to start of encrypted portion */ + uint32_t *trailer; /* pointer to start of trailer */ unsigned int enc_octet_len = 0; /* number of octets in encrypted portion */ - uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ + uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ srtp_err_status_t status; - uint32_t tag_len; + int tag_len; + unsigned int tmp_len; uint32_t seq_num; v128_t iv; uint32_t tseq; @@ -3492,50 +3682,49 @@ /* get tag length from stream context */ tag_len = srtp_auth_get_tag_length(session_keys->rtcp_auth); + if (use_mki) { + mki_size = session_keys->mki_size; + } + /* - * set encryption start and encryption length - if we're not - * providing confidentiality, set enc_start to NULL + * set encryption start, encryption length, and trailer */ - enc_start = (uint32_t*)hdr + uint32s_in_rtcp_header; - enc_octet_len = *pkt_octet_len - octets_in_rtcp_header; - - /* NOTE: hdr->length is not usable - it refers to only the first - RTCP report in the compound packet! */ - /* NOTE: trailer is 32-bit aligned because RTCP 'packets' are always - multiples of 32-bits (RFC 3550 6.1) */ - trailer = (uint32_t*)((char*)enc_start + enc_octet_len + tag_len); + /* index & E (encryption) bit follow normal data. hdr->len is the number of + * words (32-bit) in the normal packet minus 1 + */ + /* This should point trailer to the word past the end of the normal data. */ + /* This would need to be modified for optional mikey data */ + /* + * NOTE: trailer is 32-bit aligned because RTCP 'packets' are always + * multiples of 32-bits (RFC 3550 6.1) + */ + trailer = (uint32_t *)((char *)hdr + *pkt_octet_len - + sizeof(srtcp_trailer_t) - mki_size); + /* + * We pass the tag down to the cipher when doing GCM mode + */ + enc_octet_len = *pkt_octet_len - (octets_in_rtcp_header + + sizeof(srtcp_trailer_t) + mki_size); + auth_tag = (uint8_t *)hdr + *pkt_octet_len - tag_len - mki_size - + sizeof(srtcp_trailer_t); - if (stream->rtcp_services & sec_serv_conf) { - *trailer = htonl(SRTCP_E_BIT); /* set encrypt bit */ + if (*((unsigned char *)trailer) & SRTCP_E_BYTE_BIT) { + enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header; } else { - enc_start = NULL; enc_octet_len = 0; - /* 0 is network-order independant */ - *trailer = 0x00000000; /* set encrypt bit */ + enc_start = NULL; /* this indicates that there's no encryption */ } - mki_size = srtp_inject_mki((uint8_t *)hdr + *pkt_octet_len + tag_len + sizeof(srtcp_trailer_t), - session_keys, use_mki); - /* - * set the auth_tag pointer to the proper location, which is after - * the payload, but before the trailer - * (note that srtpc *always* provides authentication, unlike srtp) - */ - /* Note: This would need to change for optional mikey data */ - auth_tag = (uint8_t*)hdr + *pkt_octet_len; - - /* - * check sequence number for overruns, and copy it into the packet - * if its value isn't too big + * check the sequence number for replays */ - status = srtp_rdb_increment(&stream->rtcp_rdb); + /* this is easier than dealing with bitfield access */ + seq_num = ntohl(*trailer) & SRTCP_INDEX_MASK; + debug_print(mod_srtp, "srtcp index: %x", seq_num); + status = srtp_rdb_check(&stream->rtcp_rdb, seq_num); if (status) { return status; } - seq_num = srtp_rdb_get_value(&stream->rtcp_rdb); - *trailer |= htonl(seq_num); - debug_print(mod_srtp, "srtcp index: %x", seq_num); /* * Calculate and set the IV @@ -3544,8 +3733,8 @@ if (status) { return srtp_err_status_cipher_fail; } - status = srtp_cipher_set_iv(session_keys->rtcp_cipher, - (uint8_t*)&iv, srtp_direction_encrypt); + status = srtp_cipher_set_iv(session_keys->rtcp_cipher, (uint8_t *)&iv, + srtp_direction_decrypt); if (status) { return srtp_err_status_cipher_fail; } @@ -3558,10 +3747,10 @@ * If payload encryption is enabled, then the AAD consist of * the RTCP header and the seq# at the end of the packet */ - status = srtp_cipher_set_aad(session_keys->rtcp_cipher, - (uint8_t*)hdr, octets_in_rtcp_header); + status = srtp_cipher_set_aad(session_keys->rtcp_cipher, (uint8_t *)hdr, + octets_in_rtcp_header); if (status) { - return ( srtp_err_status_cipher_fail); + return (srtp_err_status_cipher_fail); } } else { /* @@ -3569,59 +3758,322 @@ * the entire packet as described in RFC 7714 (Section 9.3. Data * Types in Unencrypted SRTCP Compound Packets) */ - status = srtp_cipher_set_aad(session_keys->rtcp_cipher, - (uint8_t*)hdr, *pkt_octet_len); + status = srtp_cipher_set_aad( + session_keys->rtcp_cipher, (uint8_t *)hdr, + (*pkt_octet_len - tag_len - sizeof(srtcp_trailer_t) - mki_size)); if (status) { - return ( srtp_err_status_cipher_fail); + return (srtp_err_status_cipher_fail); } } + /* * Process the sequence# as AAD */ tseq = *trailer; - status = srtp_cipher_set_aad(session_keys->rtcp_cipher, (uint8_t*)&tseq, + status = srtp_cipher_set_aad(session_keys->rtcp_cipher, (uint8_t *)&tseq, sizeof(srtcp_trailer_t)); if (status) { - return ( srtp_err_status_cipher_fail); + return (srtp_err_status_cipher_fail); } - /* if we're encrypting, exor keystream into the message */ + /* if we're decrypting, exor keystream into the message */ if (enc_start) { - status = srtp_cipher_encrypt(session_keys->rtcp_cipher, - (uint8_t*)enc_start, &enc_octet_len); - if (status) { - return srtp_err_status_cipher_fail; - } - /* - * Get the tag and append that to the output - */ - status = srtp_cipher_get_tag(session_keys->rtcp_cipher, (uint8_t*)auth_tag, - &tag_len); + status = srtp_cipher_decrypt(session_keys->rtcp_cipher, + (uint8_t *)enc_start, &enc_octet_len); if (status) { - return ( srtp_err_status_cipher_fail); + return status; } - enc_octet_len += tag_len; } else { /* - * Even though we're not encrypting the payload, we need - * to run the cipher to get the auth tag. + * Still need to run the cipher to check the tag */ - unsigned int nolen = 0; - status = srtp_cipher_encrypt(session_keys->rtcp_cipher, NULL, &nolen); + tmp_len = tag_len; + status = srtp_cipher_decrypt(session_keys->rtcp_cipher, + (uint8_t *)auth_tag, &tmp_len); if (status) { - return srtp_err_status_cipher_fail; + return status; + } + } + + /* decrease the packet length by the length of the auth tag and seq_num*/ + *pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t) + mki_size); + + /* + * verify that stream is for received traffic - this check will + * detect SSRC collisions, since a stream that appears in both + * srtp_protect() and srtp_unprotect() will fail this test in one of + * those functions. + * + * we do this check *after* the authentication check, so that the + * latter check will catch any attempts to fool us into thinking + * that we've got a collision + */ + if (stream->direction != dir_srtp_receiver) { + if (stream->direction == dir_unknown) { + stream->direction = dir_srtp_receiver; + } else { + srtp_handle_event(ctx, stream, event_ssrc_collision); } + } + + /* + * if the stream is a 'provisional' one, in which the template context + * is used, then we need to allocate a new stream at this point, since + * the authentication passed + */ + if (stream == ctx->stream_template) { + srtp_stream_ctx_t *new_stream; + /* - * Get the tag and append that to the output + * allocate and initialize a new stream + * + * note that we indicate failure if we can't allocate the new + * stream, and some implementations will want to not return + * failure here */ - status = srtp_cipher_get_tag(session_keys->rtcp_cipher, (uint8_t*)auth_tag, - &tag_len); + status = + srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); if (status) { - return ( srtp_err_status_cipher_fail); + return status; } - enc_octet_len += tag_len; + + /* add new stream to the head of the stream_list */ + new_stream->next = ctx->stream_list; + ctx->stream_list = new_stream; + + /* set stream (the pointer used in this function) */ + stream = new_stream; + } + + /* we've passed the authentication check, so add seq_num to the rdb */ + srtp_rdb_add_index(&stream->rtcp_rdb, seq_num); + + return srtp_err_status_ok; +} + +srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, + void *rtcp_hdr, + int *pkt_octet_len) +{ + return srtp_protect_rtcp_mki(ctx, rtcp_hdr, pkt_octet_len, 0, 0); +} + +srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, + void *rtcp_hdr, + int *pkt_octet_len, + unsigned int use_mki, + unsigned int mki_index) +{ + srtcp_hdr_t *hdr = (srtcp_hdr_t *)rtcp_hdr; + uint32_t *enc_start; /* pointer to start of encrypted portion */ + uint32_t *auth_start; /* pointer to start of auth. portion */ + uint32_t *trailer; /* pointer to start of trailer */ + unsigned int enc_octet_len = 0; /* number of octets in encrypted portion */ + uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ + srtp_err_status_t status; + int tag_len; + srtp_stream_ctx_t *stream; + uint32_t prefix_len; + uint32_t seq_num; + unsigned int mki_size = 0; + srtp_session_keys_t *session_keys = NULL; + + /* we assume the hdr is 32-bit aligned to start */ + + /* check the packet length - it must at least contain a full header */ + if (*pkt_octet_len < octets_in_rtcp_header) + return srtp_err_status_bad_param; + + /* + * look up ssrc in srtp_stream list, and process the packet with + * the appropriate stream. if we haven't seen this stream before, + * there's only one key for this srtp_session, and the cipher + * supports key-sharing, then we assume that a new stream using + * that key has just started up + */ + stream = srtp_get_stream(ctx, hdr->ssrc); + if (stream == NULL) { + if (ctx->stream_template != NULL) { + srtp_stream_ctx_t *new_stream; + + /* allocate and initialize a new stream */ + status = + srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); + if (status) + return status; + + /* add new stream to the head of the stream_list */ + new_stream->next = ctx->stream_list; + ctx->stream_list = new_stream; + + /* set stream (the pointer used in this function) */ + stream = new_stream; + } else { + /* no template stream, so we return an error */ + return srtp_err_status_no_ctx; + } + } + + /* + * verify that stream is for sending traffic - this check will + * detect SSRC collisions, since a stream that appears in both + * srtp_protect() and srtp_unprotect() will fail this test in one of + * those functions. + */ + if (stream->direction != dir_srtp_sender) { + if (stream->direction == dir_unknown) { + stream->direction = dir_srtp_sender; + } else { + srtp_handle_event(ctx, stream, event_ssrc_collision); + } + } + + session_keys = + srtp_get_session_keys_with_mki_index(stream, use_mki, mki_index); + + if (session_keys == NULL) + return srtp_err_status_bad_mki; + + /* + * Check if this is an AEAD stream (GCM mode). If so, then dispatch + * the request to our AEAD handler. + */ + if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || + session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { + return srtp_protect_rtcp_aead(ctx, stream, rtcp_hdr, + (unsigned int *)pkt_octet_len, + session_keys, use_mki); + } + + /* get tag length from stream context */ + tag_len = srtp_auth_get_tag_length(session_keys->rtcp_auth); + + /* + * set encryption start and encryption length - if we're not + * providing confidentiality, set enc_start to NULL + */ + enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header; + enc_octet_len = *pkt_octet_len - octets_in_rtcp_header; + + /* all of the packet, except the header, gets encrypted */ + /* + * NOTE: hdr->length is not usable - it refers to only the first RTCP report + * in the compound packet! + */ + /* + * NOTE: trailer is 32-bit aligned because RTCP 'packets' are always + * multiples of 32-bits (RFC 3550 6.1) + */ + trailer = (uint32_t *)((char *)enc_start + enc_octet_len); + + if (stream->rtcp_services & sec_serv_conf) { + *trailer = htonl(SRTCP_E_BIT); /* set encrypt bit */ + } else { + enc_start = NULL; + enc_octet_len = 0; + /* 0 is network-order independant */ + *trailer = 0x00000000; /* set encrypt bit */ + } + + mki_size = srtp_inject_mki((uint8_t *)hdr + *pkt_octet_len + + sizeof(srtcp_trailer_t), + session_keys, use_mki); + + /* + * set the auth_start and auth_tag pointers to the proper locations + * (note that srtpc *always* provides authentication, unlike srtp) + */ + /* Note: This would need to change for optional mikey data */ + auth_start = (uint32_t *)hdr; + auth_tag = + (uint8_t *)hdr + *pkt_octet_len + sizeof(srtcp_trailer_t) + mki_size; + + /* perform EKT processing if needed */ + srtp_ekt_write_data(stream->ekt, auth_tag, tag_len, pkt_octet_len, + srtp_rdbx_get_packet_index(&stream->rtp_rdbx)); + + /* + * check sequence number for overruns, and copy it into the packet + * if its value isn't too big + */ + status = srtp_rdb_increment(&stream->rtcp_rdb); + if (status) + return status; + seq_num = srtp_rdb_get_value(&stream->rtcp_rdb); + *trailer |= htonl(seq_num); + debug_print(mod_srtp, "srtcp index: %x", seq_num); + + /* + * if we're using rindael counter mode, set nonce and seq + */ + if (session_keys->rtcp_cipher->type->id == SRTP_AES_ICM_128 || + session_keys->rtcp_cipher->type->id == SRTP_AES_ICM_192 || + session_keys->rtcp_cipher->type->id == SRTP_AES_ICM_256) { + v128_t iv; + + iv.v32[0] = 0; + iv.v32[1] = hdr->ssrc; /* still in network order! */ + iv.v32[2] = htonl(seq_num >> 16); + iv.v32[3] = htonl(seq_num << 16); + status = srtp_cipher_set_iv(session_keys->rtcp_cipher, (uint8_t *)&iv, + srtp_direction_encrypt); + + } else { + v128_t iv; + + /* otherwise, just set the index to seq_num */ + iv.v32[0] = 0; + iv.v32[1] = 0; + iv.v32[2] = 0; + iv.v32[3] = htonl(seq_num); + status = srtp_cipher_set_iv(session_keys->rtcp_cipher, (uint8_t *)&iv, + srtp_direction_encrypt); + } + if (status) + return srtp_err_status_cipher_fail; + + /* + * if we're authenticating using a universal hash, put the keystream + * prefix into the authentication tag + */ + + /* if auth_start is non-null, then put keystream into tag */ + if (auth_start) { + /* put keystream prefix into auth_tag */ + prefix_len = srtp_auth_get_prefix_length(session_keys->rtcp_auth); + status = srtp_cipher_output(session_keys->rtcp_cipher, auth_tag, + &prefix_len); + + debug_print(mod_srtp, "keystream prefix: %s", + srtp_octet_string_hex_string(auth_tag, prefix_len)); + + if (status) + return srtp_err_status_cipher_fail; + } + + /* if we're encrypting, exor keystream into the message */ + if (enc_start) { + status = srtp_cipher_encrypt(session_keys->rtcp_cipher, + (uint8_t *)enc_start, &enc_octet_len); + if (status) + return srtp_err_status_cipher_fail; } + /* initialize auth func context */ + srtp_auth_start(session_keys->rtcp_auth); + + /* + * run auth func over packet (including trailer), and write the + * result at auth_tag + */ + status = + srtp_auth_compute(session_keys->rtcp_auth, (uint8_t *)auth_start, + (*pkt_octet_len) + sizeof(srtcp_trailer_t), auth_tag); + debug_print(mod_srtp, "srtcp auth tag: %s", + srtp_octet_string_hex_string(auth_tag, tag_len)); + if (status) + return srtp_err_status_auth_fail; + /* increase the packet length by the length of the auth tag and seq_num*/ *pkt_octet_len += (tag_len + sizeof(srtcp_trailer_t)); @@ -3631,144 +4083,275 @@ return srtp_err_status_ok; } -/* - * This function handles incoming SRTCP packets while in AEAD mode, - * which currently supports AES-GCM encryption. Note, the auth tag is - * at the end of the packet stream and is automatically checked by GCM - * when decrypting the payload. - */ -static srtp_err_status_t -srtp_unprotect_rtcp_aead (srtp_t ctx, srtp_stream_ctx_t *stream, - void *srtcp_hdr, unsigned int *pkt_octet_len, - srtp_session_keys_t *session_keys, unsigned int use_mki) -{ - srtcp_hdr_t *hdr = (srtcp_hdr_t*)srtcp_hdr; - uint32_t *enc_start; /* pointer to start of encrypted portion */ - uint32_t *trailer; /* pointer to start of trailer */ +srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, + void *srtcp_hdr, + int *pkt_octet_len) +{ + return srtp_unprotect_rtcp_mki(ctx, srtcp_hdr, pkt_octet_len, 0); +} + +srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, + void *srtcp_hdr, + int *pkt_octet_len, + unsigned int use_mki) +{ + srtcp_hdr_t *hdr = (srtcp_hdr_t *)srtcp_hdr; + uint32_t *enc_start; /* pointer to start of encrypted portion */ + uint32_t *auth_start; /* pointer to start of auth. portion */ + uint32_t *trailer; /* pointer to start of trailer */ unsigned int enc_octet_len = 0; /* number of octets in encrypted portion */ - uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ + uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ + uint8_t tmp_tag[SRTP_MAX_TAG_LEN]; + uint8_t tag_copy[SRTP_MAX_TAG_LEN]; srtp_err_status_t status; + unsigned int auth_len; int tag_len; - unsigned int tmp_len; + srtp_stream_ctx_t *stream; + uint32_t prefix_len; uint32_t seq_num; - v128_t iv; - uint32_t tseq; + int e_bit_in_packet; /* whether the E-bit was found in the packet */ + int sec_serv_confidentiality; /* whether confidentiality was requested */ unsigned int mki_size = 0; + srtp_session_keys_t *session_keys = NULL; + + /* we assume the hdr is 32-bit aligned to start */ + + if (*pkt_octet_len < 0) + return srtp_err_status_bad_param; + + /* + * check that the length value is sane; we'll check again once we + * know the tag length, but we at least want to know that it is + * a positive value + */ + if ((unsigned int)(*pkt_octet_len) < + octets_in_rtcp_header + sizeof(srtcp_trailer_t)) + return srtp_err_status_bad_param; + + /* + * look up ssrc in srtp_stream list, and process the packet with + * the appropriate stream. if we haven't seen this stream before, + * there's only one key for this srtp_session, and the cipher + * supports key-sharing, then we assume that a new stream using + * that key has just started up + */ + stream = srtp_get_stream(ctx, hdr->ssrc); + if (stream == NULL) { + if (ctx->stream_template != NULL) { + stream = ctx->stream_template; + + /* + * check to see if stream_template has an EKT data structure, in + * which case we initialize the template using the EKT policy + * referenced by that data (which consists of decrypting the + * master key from the EKT field) + * + * this function initializes a *provisional* stream, and this + * stream should not be accepted until and unless the packet + * passes its authentication check + */ + if (stream->ekt != NULL) { + status = srtp_stream_init_from_ekt(stream, srtcp_hdr, + *pkt_octet_len); + if (status) + return status; + } + + debug_print(mod_srtp, + "srtcp using provisional stream (SSRC: 0x%08x)", + ntohl(hdr->ssrc)); + } else { + /* no template stream, so we return an error */ + return srtp_err_status_no_ctx; + } + } + + /* + * Determine if MKI is being used and what session keys should be used + */ + if (use_mki) { + session_keys = srtp_get_session_keys( + stream, (uint8_t *)hdr, (const unsigned int *)pkt_octet_len, + &mki_size); + + if (session_keys == NULL) + return srtp_err_status_bad_mki; + } else { + session_keys = &stream->session_keys[0]; + } /* get tag length from stream context */ tag_len = srtp_auth_get_tag_length(session_keys->rtcp_auth); - if (use_mki) { - mki_size = session_keys->mki_size; + /* check the packet length - it must contain at least a full RTCP + header, an auth tag (if applicable), and the SRTCP encrypted flag + and 31-bit index value */ + if (*pkt_octet_len < (int)(octets_in_rtcp_header + tag_len + mki_size + + sizeof(srtcp_trailer_t))) { + return srtp_err_status_bad_param; + } + + /* + * Check if this is an AEAD stream (GCM mode). If so, then dispatch + * the request to our AEAD handler. + */ + if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || + session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { + return srtp_unprotect_rtcp_aead(ctx, stream, srtcp_hdr, + (unsigned int *)pkt_octet_len, + session_keys, mki_size); } + sec_serv_confidentiality = stream->rtcp_services == sec_serv_conf || + stream->rtcp_services == sec_serv_conf_and_auth; + /* * set encryption start, encryption length, and trailer */ - /* index & E (encryption) bit follow normal data. hdr->len - is the number of words (32-bit) in the normal packet minus 1 */ - /* This should point trailer to the word past the end of the - normal data. */ - /* This would need to be modified for optional mikey data */ + enc_octet_len = *pkt_octet_len - (octets_in_rtcp_header + tag_len + + mki_size + sizeof(srtcp_trailer_t)); /* - * NOTE: trailer is 32-bit aligned because RTCP 'packets' are always - * multiples of 32-bits (RFC 3550 6.1) + *index & E (encryption) bit follow normal data. hdr->len is the number of + * words (32-bit) in the normal packet minus 1 */ - trailer = (uint32_t*)((char*)hdr + *pkt_octet_len - sizeof(srtcp_trailer_t) - mki_size); + /* This should point trailer to the word past the end of the normal data. */ + /* This would need to be modified for optional mikey data */ /* - * We pass the tag down to the cipher when doing GCM mode + * NOTE: trailer is 32-bit aligned because RTCP 'packets' are always + * multiples of 32-bits (RFC 3550 6.1) */ - enc_octet_len = *pkt_octet_len - (octets_in_rtcp_header + - sizeof(srtcp_trailer_t) + mki_size); - auth_tag = (uint8_t*)hdr + *pkt_octet_len - tag_len - mki_size - sizeof(srtcp_trailer_t); - - if (*((unsigned char*)trailer) & SRTCP_E_BYTE_BIT) { - enc_start = (uint32_t*)hdr + uint32s_in_rtcp_header; + trailer = (uint32_t *)((char *)hdr + *pkt_octet_len - + (tag_len + mki_size + sizeof(srtcp_trailer_t))); + e_bit_in_packet = + (*((unsigned char *)trailer) & SRTCP_E_BYTE_BIT) == SRTCP_E_BYTE_BIT; + if (e_bit_in_packet != sec_serv_confidentiality) { + return srtp_err_status_cant_check; + } + if (sec_serv_confidentiality) { + enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header; } else { enc_octet_len = 0; enc_start = NULL; /* this indicates that there's no encryption */ } /* + * set the auth_start and auth_tag pointers to the proper locations + * (note that srtcp *always* uses authentication, unlike srtp) + */ + auth_start = (uint32_t *)hdr; + + /* + * The location of the auth tag in the packet needs to know MKI + * could be present. The data needed to calculate the Auth tag + * must not include the MKI + */ + auth_len = *pkt_octet_len - tag_len - mki_size; + auth_tag = (uint8_t *)hdr + auth_len + mki_size; + + /* + * if EKT is in use, then we make a copy of the tag from the packet, + * and then zeroize the location of the base tag + * + * we first re-position the auth_tag pointer so that it points to + * the base tag + */ + if (stream->ekt) { + auth_tag -= srtp_ekt_octets_after_base_tag(stream->ekt); + memcpy(tag_copy, auth_tag, tag_len); + octet_string_set_to_zero(auth_tag, tag_len); + auth_tag = tag_copy; + auth_len += tag_len; + } + + /* * check the sequence number for replays */ /* this is easier than dealing with bitfield access */ seq_num = ntohl(*trailer) & SRTCP_INDEX_MASK; debug_print(mod_srtp, "srtcp index: %x", seq_num); status = srtp_rdb_check(&stream->rtcp_rdb, seq_num); - if (status) { + if (status) return status; - } /* - * Calculate and set the IV + * if we're using aes counter mode, set nonce and seq */ - status = srtp_calc_aead_iv_srtcp(session_keys, &iv, seq_num, hdr); - if (status) { - return srtp_err_status_cipher_fail; - } - status = srtp_cipher_set_iv(session_keys->rtcp_cipher, - (uint8_t*)&iv, srtp_direction_decrypt); - if (status) { - return srtp_err_status_cipher_fail; - } + if (session_keys->rtcp_cipher->type->id == SRTP_AES_ICM_128 || + session_keys->rtcp_cipher->type->id == SRTP_AES_ICM_192 || + session_keys->rtcp_cipher->type->id == SRTP_AES_ICM_256) { + v128_t iv; + + iv.v32[0] = 0; + iv.v32[1] = hdr->ssrc; /* still in network order! */ + iv.v32[2] = htonl(seq_num >> 16); + iv.v32[3] = htonl(seq_num << 16); + status = srtp_cipher_set_iv(session_keys->rtcp_cipher, (uint8_t *)&iv, + srtp_direction_decrypt); - /* - * Set the AAD for GCM mode - */ - if (enc_start) { - /* - * If payload encryption is enabled, then the AAD consist of - * the RTCP header and the seq# at the end of the packet - */ - status = srtp_cipher_set_aad(session_keys->rtcp_cipher, - (uint8_t*)hdr, octets_in_rtcp_header); - if (status) { - return ( srtp_err_status_cipher_fail); - } } else { - /* - * Since payload encryption is not enabled, we must authenticate - * the entire packet as described in RFC 7714 (Section 9.3. Data - * Types in Unencrypted SRTCP Compound Packets) - */ - status = srtp_cipher_set_aad( - session_keys->rtcp_cipher, (uint8_t*)hdr, - (*pkt_octet_len - tag_len - sizeof(srtcp_trailer_t) - mki_size)); - if (status) { - return ( srtp_err_status_cipher_fail); - } + v128_t iv; + + /* otherwise, just set the index to seq_num */ + iv.v32[0] = 0; + iv.v32[1] = 0; + iv.v32[2] = 0; + iv.v32[3] = htonl(seq_num); + status = srtp_cipher_set_iv(session_keys->rtcp_cipher, (uint8_t *)&iv, + srtp_direction_decrypt); } + if (status) + return srtp_err_status_cipher_fail; + + /* initialize auth func context */ + srtp_auth_start(session_keys->rtcp_auth); + + /* run auth func over packet, put result into tmp_tag */ + status = srtp_auth_compute(session_keys->rtcp_auth, (uint8_t *)auth_start, + auth_len, tmp_tag); + debug_print(mod_srtp, "srtcp computed tag: %s", + srtp_octet_string_hex_string(tmp_tag, tag_len)); + if (status) + return srtp_err_status_auth_fail; + + /* compare the tag just computed with the one in the packet */ + debug_print(mod_srtp, "srtcp tag from packet: %s", + srtp_octet_string_hex_string(auth_tag, tag_len)); + if (octet_string_is_eq(tmp_tag, auth_tag, tag_len)) + return srtp_err_status_auth_fail; /* - * Process the sequence# as AAD + * if we're authenticating using a universal hash, put the keystream + * prefix into the authentication tag */ - tseq = *trailer; - status = srtp_cipher_set_aad(session_keys->rtcp_cipher, - (uint8_t*)&tseq, sizeof(srtcp_trailer_t)); - if (status) { - return ( srtp_err_status_cipher_fail); + prefix_len = srtp_auth_get_prefix_length(session_keys->rtcp_auth); + if (prefix_len) { + status = srtp_cipher_output(session_keys->rtcp_cipher, auth_tag, + &prefix_len); + debug_print(mod_srtp, "keystream prefix: %s", + srtp_octet_string_hex_string(auth_tag, prefix_len)); + if (status) + return srtp_err_status_cipher_fail; } /* if we're decrypting, exor keystream into the message */ if (enc_start) { - status = srtp_cipher_decrypt(session_keys->rtcp_cipher, (uint8_t*)enc_start, &enc_octet_len); - if (status) { - return status; - } - } else { - /* - * Still need to run the cipher to check the tag - */ - tmp_len = tag_len; - status = srtp_cipher_decrypt(session_keys->rtcp_cipher, (uint8_t*)auth_tag, &tmp_len); - if (status) { - return status; - } + status = srtp_cipher_decrypt(session_keys->rtcp_cipher, + (uint8_t *)enc_start, &enc_octet_len); + if (status) + return srtp_err_status_cipher_fail; } - /* decrease the packet length by the length of the auth tag and seq_num*/ - *pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t) + mki_size); + /* decrease the packet length by the length of the auth tag and seq_num */ + *pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t)); + + /* decrease the packet length by the length of the mki_size */ + *pkt_octet_len -= mki_size; + + /* + * if EKT is in effect, subtract the EKT data out of the packet + * length + */ + *pkt_octet_len -= srtp_ekt_octets_after_base_tag(stream->ekt); /* * verify that stream is for received traffic - this check will @@ -3803,10 +4386,10 @@ * stream, and some implementations will want to not return * failure here */ - status = srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); - if (status) { + status = + srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); + if (status) return status; - } /* add new stream to the head of the stream_list */ new_stream->next = ctx->stream_list; @@ -3822,754 +4405,236 @@ return srtp_err_status_ok; } -srtp_err_status_t -srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len) { - return srtp_protect_rtcp_mki(ctx, rtcp_hdr, pkt_octet_len, 0, 0); -} - -srtp_err_status_t -srtp_protect_rtcp_mki(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len, - unsigned int use_mki, unsigned int mki_index) { - srtcp_hdr_t *hdr = (srtcp_hdr_t *)rtcp_hdr; - uint32_t *enc_start; /* pointer to start of encrypted portion */ - uint32_t *auth_start; /* pointer to start of auth. portion */ - uint32_t *trailer; /* pointer to start of trailer */ - unsigned int enc_octet_len = 0;/* number of octets in encrypted portion */ - uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ - srtp_err_status_t status; - int tag_len; - srtp_stream_ctx_t *stream; - uint32_t prefix_len; - uint32_t seq_num; - unsigned int mki_size = 0; - srtp_session_keys_t *session_keys = NULL; - - /* we assume the hdr is 32-bit aligned to start */ - - /* check the packet length - it must at least contain a full header */ - if (*pkt_octet_len < octets_in_rtcp_header) - return srtp_err_status_bad_param; - - /* - * look up ssrc in srtp_stream list, and process the packet with - * the appropriate stream. if we haven't seen this stream before, - * there's only one key for this srtp_session, and the cipher - * supports key-sharing, then we assume that a new stream using - * that key has just started up - */ - stream = srtp_get_stream(ctx, hdr->ssrc); - if (stream == NULL) { - if (ctx->stream_template != NULL) { - srtp_stream_ctx_t *new_stream; - - /* allocate and initialize a new stream */ - status = srtp_stream_clone(ctx->stream_template, - hdr->ssrc, &new_stream); - if (status) - return status; - - /* add new stream to the head of the stream_list */ - new_stream->next = ctx->stream_list; - ctx->stream_list = new_stream; - - /* set stream (the pointer used in this function) */ - stream = new_stream; - } else { - /* no template stream, so we return an error */ - return srtp_err_status_no_ctx; - } - } - - /* - * verify that stream is for sending traffic - this check will - * detect SSRC collisions, since a stream that appears in both - * srtp_protect() and srtp_unprotect() will fail this test in one of - * those functions. - */ - if (stream->direction != dir_srtp_sender) { - if (stream->direction == dir_unknown) { - stream->direction = dir_srtp_sender; - } else { - srtp_handle_event(ctx, stream, event_ssrc_collision); - } - } - - session_keys = srtp_get_session_keys_with_mki_index(stream, use_mki, mki_index); - - /* - * Check if this is an AEAD stream (GCM mode). If so, then dispatch - * the request to our AEAD handler. - */ - if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || - session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { - return srtp_protect_rtcp_aead(ctx, stream, rtcp_hdr, - (unsigned int*)pkt_octet_len, session_keys, - use_mki); - } - - /* get tag length from stream context */ - tag_len = srtp_auth_get_tag_length(session_keys->rtcp_auth); - - /* - * set encryption start and encryption length - if we're not - * providing confidentiality, set enc_start to NULL - */ - enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header; - enc_octet_len = *pkt_octet_len - octets_in_rtcp_header; - - /* all of the packet, except the header, gets encrypted */ - /* NOTE: hdr->length is not usable - it refers to only the first - RTCP report in the compound packet! */ - /* NOTE: trailer is 32-bit aligned because RTCP 'packets' are always - multiples of 32-bits (RFC 3550 6.1) */ - trailer = (uint32_t *) ((char *)enc_start + enc_octet_len); - - if (stream->rtcp_services & sec_serv_conf) { - *trailer = htonl(SRTCP_E_BIT); /* set encrypt bit */ - } else { - enc_start = NULL; - enc_octet_len = 0; - /* 0 is network-order independant */ - *trailer = 0x00000000; /* set encrypt bit */ - } - - mki_size = srtp_inject_mki((uint8_t *)hdr + *pkt_octet_len + sizeof(srtcp_trailer_t), - session_keys, use_mki); - - /* - * set the auth_start and auth_tag pointers to the proper locations - * (note that srtpc *always* provides authentication, unlike srtp) - */ - /* Note: This would need to change for optional mikey data */ - auth_start = (uint32_t *)hdr; - auth_tag = (uint8_t *)hdr + *pkt_octet_len + sizeof(srtcp_trailer_t) + mki_size; - - /* perform EKT processing if needed */ - srtp_ekt_write_data(stream->ekt, auth_tag, tag_len, pkt_octet_len, - srtp_rdbx_get_packet_index(&stream->rtp_rdbx)); - - /* - * check sequence number for overruns, and copy it into the packet - * if its value isn't too big - */ - status = srtp_rdb_increment(&stream->rtcp_rdb); - if (status) - return status; - seq_num = srtp_rdb_get_value(&stream->rtcp_rdb); - *trailer |= htonl(seq_num); - debug_print(mod_srtp, "srtcp index: %x", seq_num); - - /* - * if we're using rindael counter mode, set nonce and seq - */ - if (session_keys->rtcp_cipher->type->id == SRTP_AES_ICM_128 || - session_keys->rtcp_cipher->type->id == SRTP_AES_ICM_192 || - session_keys->rtcp_cipher->type->id == SRTP_AES_ICM_256) { - v128_t iv; - - iv.v32[0] = 0; - iv.v32[1] = hdr->ssrc; /* still in network order! */ - iv.v32[2] = htonl(seq_num >> 16); - iv.v32[3] = htonl(seq_num << 16); - status = srtp_cipher_set_iv(session_keys->rtcp_cipher, (uint8_t*)&iv, - srtp_direction_encrypt); - - } else { - v128_t iv; - - /* otherwise, just set the index to seq_num */ - iv.v32[0] = 0; - iv.v32[1] = 0; - iv.v32[2] = 0; - iv.v32[3] = htonl(seq_num); - status = srtp_cipher_set_iv(session_keys->rtcp_cipher, - (uint8_t*)&iv, srtp_direction_encrypt); - } - if (status) - return srtp_err_status_cipher_fail; - - /* - * if we're authenticating using a universal hash, put the keystream - * prefix into the authentication tag - */ - - /* if auth_start is non-null, then put keystream into tag */ - if (auth_start) { - - /* put keystream prefix into auth_tag */ - prefix_len = srtp_auth_get_prefix_length(session_keys->rtcp_auth); - status = srtp_cipher_output(session_keys->rtcp_cipher, auth_tag, &prefix_len); - - debug_print(mod_srtp, "keystream prefix: %s", - srtp_octet_string_hex_string(auth_tag, prefix_len)); - - if (status) - return srtp_err_status_cipher_fail; - } - - /* if we're encrypting, exor keystream into the message */ - if (enc_start) { - status = srtp_cipher_encrypt(session_keys->rtcp_cipher, - (uint8_t *)enc_start, &enc_octet_len); - if (status) - return srtp_err_status_cipher_fail; - } - - /* initialize auth func context */ - srtp_auth_start(session_keys->rtcp_auth); - - /* - * run auth func over packet (including trailer), and write the - * result at auth_tag - */ - status = srtp_auth_compute(session_keys->rtcp_auth, - (uint8_t *)auth_start, - (*pkt_octet_len) + sizeof(srtcp_trailer_t), - auth_tag); - debug_print(mod_srtp, "srtcp auth tag: %s", - srtp_octet_string_hex_string(auth_tag, tag_len)); - if (status) - return srtp_err_status_auth_fail; - - /* increase the packet length by the length of the auth tag and seq_num*/ - *pkt_octet_len += (tag_len + sizeof(srtcp_trailer_t)); - - /* increase the packet by the mki_size */ - *pkt_octet_len += mki_size; - - return srtp_err_status_ok; -} - - -srtp_err_status_t -srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) { - return srtp_unprotect_rtcp_mki(ctx, srtcp_hdr, pkt_octet_len, 0); -} - -srtp_err_status_t -srtp_unprotect_rtcp_mki(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len, - unsigned int use_mki) { - srtcp_hdr_t *hdr = (srtcp_hdr_t *)srtcp_hdr; - uint32_t *enc_start; /* pointer to start of encrypted portion */ - uint32_t *auth_start; /* pointer to start of auth. portion */ - uint32_t *trailer; /* pointer to start of trailer */ - unsigned int enc_octet_len = 0;/* number of octets in encrypted portion */ - uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ - uint8_t tmp_tag[SRTP_MAX_TAG_LEN]; - uint8_t tag_copy[SRTP_MAX_TAG_LEN]; - srtp_err_status_t status; - unsigned int auth_len; - int tag_len; - srtp_stream_ctx_t *stream; - uint32_t prefix_len; - uint32_t seq_num; - int e_bit_in_packet; /* whether the E-bit was found in the packet */ - int sec_serv_confidentiality; /* whether confidentiality was requested */ - unsigned int mki_size = 0; - srtp_session_keys_t *session_keys = NULL; - - /* we assume the hdr is 32-bit aligned to start */ - - /* check that the length value is sane; we'll check again once we - know the tag length, but we at least want to know that it is - a positive value */ - if (*pkt_octet_len < octets_in_rtcp_header + sizeof(srtcp_trailer_t)) - return srtp_err_status_bad_param; - - /* - * look up ssrc in srtp_stream list, and process the packet with - * the appropriate stream. if we haven't seen this stream before, - * there's only one key for this srtp_session, and the cipher - * supports key-sharing, then we assume that a new stream using - * that key has just started up - */ - stream = srtp_get_stream(ctx, hdr->ssrc); - if (stream == NULL) { - if (ctx->stream_template != NULL) { - stream = ctx->stream_template; - - /* - * check to see if stream_template has an EKT data structure, in - * which case we initialize the template using the EKT policy - * referenced by that data (which consists of decrypting the - * master key from the EKT field) - * - * this function initializes a *provisional* stream, and this - * stream should not be accepted until and unless the packet - * passes its authentication check - */ - if (stream->ekt != NULL) { - status = srtp_stream_init_from_ekt(stream, srtcp_hdr, *pkt_octet_len); - if (status) - return status; - } - - debug_print(mod_srtp, "srtcp using provisional stream (SSRC: 0x%08x)", - ntohl(hdr->ssrc)); - } else { - /* no template stream, so we return an error */ - return srtp_err_status_no_ctx; - } - } - - /* - * Determine if MKI is being used and what session keys should be used - */ - if (use_mki) { - session_keys = srtp_get_session_keys(stream, (uint8_t *)hdr, - (const unsigned int*)pkt_octet_len, - &mki_size); - - if (session_keys == NULL) - return srtp_err_status_bad_mki; - } else { - session_keys = &stream->session_keys[0]; - } - - - /* get tag length from stream context */ - tag_len = srtp_auth_get_tag_length(session_keys->rtcp_auth); - - /* check the packet length - it must contain at least a full RTCP - header, an auth tag (if applicable), and the SRTCP encrypted flag - and 31-bit index value */ - if (*pkt_octet_len < (int) (octets_in_rtcp_header + tag_len + mki_size + sizeof(srtcp_trailer_t))) { - return srtp_err_status_bad_param; - } - - /* - * Check if this is an AEAD stream (GCM mode). If so, then dispatch - * the request to our AEAD handler. - */ - if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || - session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { - return srtp_unprotect_rtcp_aead(ctx, stream, srtcp_hdr, - (unsigned int*)pkt_octet_len, session_keys, - mki_size); - } - - sec_serv_confidentiality = stream->rtcp_services == sec_serv_conf || - stream->rtcp_services == sec_serv_conf_and_auth; - - /* - * set encryption start, encryption length, and trailer - */ - enc_octet_len = *pkt_octet_len - - (octets_in_rtcp_header + tag_len + mki_size + sizeof(srtcp_trailer_t)); - /* index & E (encryption) bit follow normal data. hdr->len - is the number of words (32-bit) in the normal packet minus 1 */ - /* This should point trailer to the word past the end of the - normal data. */ - /* This would need to be modified for optional mikey data */ - /* - * NOTE: trailer is 32-bit aligned because RTCP 'packets' are always - * multiples of 32-bits (RFC 3550 6.1) - */ - trailer = (uint32_t *) ((char *) hdr + - *pkt_octet_len -(tag_len + mki_size + sizeof(srtcp_trailer_t))); - e_bit_in_packet = - (*((unsigned char *) trailer) & SRTCP_E_BYTE_BIT) == SRTCP_E_BYTE_BIT; - if (e_bit_in_packet != sec_serv_confidentiality) { - return srtp_err_status_cant_check; - } - if (sec_serv_confidentiality) { - enc_start = (uint32_t *)hdr + uint32s_in_rtcp_header; - } else { - enc_octet_len = 0; - enc_start = NULL; /* this indicates that there's no encryption */ - } - - /* - * set the auth_start and auth_tag pointers to the proper locations - * (note that srtcp *always* uses authentication, unlike srtp) - */ - auth_start = (uint32_t *)hdr; - - /* - * The location of the auth tag in the packet needs to know MKI - * could be present. The data needed to calculate the Auth tag - * must not include the MKI - */ - auth_len = *pkt_octet_len - tag_len - mki_size; - auth_tag = (uint8_t *)hdr + auth_len + mki_size; - - /* - * if EKT is in use, then we make a copy of the tag from the packet, - * and then zeroize the location of the base tag - * - * we first re-position the auth_tag pointer so that it points to - * the base tag - */ - if (stream->ekt) { - auth_tag -= srtp_ekt_octets_after_base_tag(stream->ekt); - memcpy(tag_copy, auth_tag, tag_len); - octet_string_set_to_zero(auth_tag, tag_len); - auth_tag = tag_copy; - auth_len += tag_len; - } - - /* - * check the sequence number for replays - */ - /* this is easier than dealing with bitfield access */ - seq_num = ntohl(*trailer) & SRTCP_INDEX_MASK; - debug_print(mod_srtp, "srtcp index: %x", seq_num); - status = srtp_rdb_check(&stream->rtcp_rdb, seq_num); - if (status) - return status; - - /* - * if we're using aes counter mode, set nonce and seq - */ - if (session_keys->rtcp_cipher->type->id == SRTP_AES_ICM_128 || - session_keys->rtcp_cipher->type->id == SRTP_AES_ICM_192 || - session_keys->rtcp_cipher->type->id == SRTP_AES_ICM_256) { - v128_t iv; - - iv.v32[0] = 0; - iv.v32[1] = hdr->ssrc; /* still in network order! */ - iv.v32[2] = htonl(seq_num >> 16); - iv.v32[3] = htonl(seq_num << 16); - status = srtp_cipher_set_iv(session_keys->rtcp_cipher, - (uint8_t*)&iv, srtp_direction_decrypt); - - } else { - v128_t iv; - - /* otherwise, just set the index to seq_num */ - iv.v32[0] = 0; - iv.v32[1] = 0; - iv.v32[2] = 0; - iv.v32[3] = htonl(seq_num); - status = srtp_cipher_set_iv(session_keys->rtcp_cipher, - (uint8_t*)&iv, srtp_direction_decrypt); - - } - if (status) - return srtp_err_status_cipher_fail; - - /* initialize auth func context */ - srtp_auth_start(session_keys->rtcp_auth); - - /* run auth func over packet, put result into tmp_tag */ - status = srtp_auth_compute(session_keys->rtcp_auth, (uint8_t *)auth_start, - auth_len, tmp_tag); - debug_print(mod_srtp, "srtcp computed tag: %s", - srtp_octet_string_hex_string(tmp_tag, tag_len)); - if (status) - return srtp_err_status_auth_fail; - - /* compare the tag just computed with the one in the packet */ - debug_print(mod_srtp, "srtcp tag from packet: %s", - srtp_octet_string_hex_string(auth_tag, tag_len)); - if (octet_string_is_eq(tmp_tag, auth_tag, tag_len)) - return srtp_err_status_auth_fail; - - /* - * if we're authenticating using a universal hash, put the keystream - * prefix into the authentication tag - */ - prefix_len = srtp_auth_get_prefix_length(session_keys->rtcp_auth); - if (prefix_len) { - status = srtp_cipher_output(session_keys->rtcp_cipher, auth_tag, &prefix_len); - debug_print(mod_srtp, "keystream prefix: %s", - srtp_octet_string_hex_string(auth_tag, prefix_len)); - if (status) - return srtp_err_status_cipher_fail; - } - - /* if we're decrypting, exor keystream into the message */ - if (enc_start) { - status = srtp_cipher_decrypt(session_keys->rtcp_cipher, (uint8_t *)enc_start, - &enc_octet_len); - if (status) - return srtp_err_status_cipher_fail; - } - - /* decrease the packet length by the length of the auth tag and seq_num */ - *pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t)); - - /* decrease the packet length by the length of the mki_size */ - *pkt_octet_len -= mki_size; - - /* - * if EKT is in effect, subtract the EKT data out of the packet - * length - */ - *pkt_octet_len -= srtp_ekt_octets_after_base_tag(stream->ekt); - - /* - * verify that stream is for received traffic - this check will - * detect SSRC collisions, since a stream that appears in both - * srtp_protect() and srtp_unprotect() will fail this test in one of - * those functions. - * - * we do this check *after* the authentication check, so that the - * latter check will catch any attempts to fool us into thinking - * that we've got a collision - */ - if (stream->direction != dir_srtp_receiver) { - if (stream->direction == dir_unknown) { - stream->direction = dir_srtp_receiver; - } else { - srtp_handle_event(ctx, stream, event_ssrc_collision); - } - } - - /* - * if the stream is a 'provisional' one, in which the template context - * is used, then we need to allocate a new stream at this point, since - * the authentication passed - */ - if (stream == ctx->stream_template) { - srtp_stream_ctx_t *new_stream; - - /* - * allocate and initialize a new stream - * - * note that we indicate failure if we can't allocate the new - * stream, and some implementations will want to not return - * failure here - */ - status = srtp_stream_clone(ctx->stream_template, hdr->ssrc, &new_stream); - if (status) - return status; - - /* add new stream to the head of the stream_list */ - new_stream->next = ctx->stream_list; - ctx->stream_list = new_stream; - - /* set stream (the pointer used in this function) */ - stream = new_stream; - } - - /* we've passed the authentication check, so add seq_num to the rdb */ - srtp_rdb_add_index(&stream->rtcp_rdb, seq_num); - - - return srtp_err_status_ok; -} - - /* * user data within srtp_t context */ -void -srtp_set_user_data(srtp_t ctx, void *data) { - ctx->user_data = data; +void srtp_set_user_data(srtp_t ctx, void *data) +{ + ctx->user_data = data; } -void* -srtp_get_user_data(srtp_t ctx) { - return ctx->user_data; +void *srtp_get_user_data(srtp_t ctx) +{ + return ctx->user_data; } - /* - * dtls keying for srtp + * dtls keying for srtp */ -srtp_err_status_t -srtp_crypto_policy_set_from_profile_for_rtp(srtp_crypto_policy_t *policy, - srtp_profile_t profile) { - - /* set SRTP policy from the SRTP profile in the key set */ - switch(profile) { - case srtp_profile_aes128_cm_sha1_80: - srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); - break; - case srtp_profile_aes128_cm_sha1_32: - srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(policy); - break; - case srtp_profile_null_sha1_80: - srtp_crypto_policy_set_null_cipher_hmac_sha1_80(policy); - break; +srtp_err_status_t srtp_crypto_policy_set_from_profile_for_rtp( + srtp_crypto_policy_t *policy, + srtp_profile_t profile) +{ + /* set SRTP policy from the SRTP profile in the key set */ + switch (profile) { + case srtp_profile_aes128_cm_sha1_80: + srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); + break; + case srtp_profile_aes128_cm_sha1_32: + srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(policy); + break; + case srtp_profile_null_sha1_80: + srtp_crypto_policy_set_null_cipher_hmac_sha1_80(policy); + break; #if defined(OPENSSL) - case srtp_profile_aead_aes_128_gcm: - srtp_crypto_policy_set_aes_gcm_128_16_auth(policy); - break; - case srtp_profile_aead_aes_256_gcm: - srtp_crypto_policy_set_aes_gcm_256_16_auth(policy); - break; + case srtp_profile_aead_aes_128_gcm: + srtp_crypto_policy_set_aes_gcm_128_16_auth(policy); + break; + case srtp_profile_aead_aes_256_gcm: + srtp_crypto_policy_set_aes_gcm_256_16_auth(policy); + break; #endif /* the following profiles are not (yet) supported */ - case srtp_profile_null_sha1_32: - default: - return srtp_err_status_bad_param; - } - - return srtp_err_status_ok; -} - -srtp_err_status_t -srtp_crypto_policy_set_from_profile_for_rtcp(srtp_crypto_policy_t *policy, - srtp_profile_t profile) { - - /* set SRTP policy from the SRTP profile in the key set */ - switch(profile) { - case srtp_profile_aes128_cm_sha1_80: - srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); - break; - case srtp_profile_aes128_cm_sha1_32: - /* We do not honor the 32-bit auth tag request since - * this is not compliant with RFC 3711 */ - srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); - break; - case srtp_profile_null_sha1_80: - srtp_crypto_policy_set_null_cipher_hmac_sha1_80(policy); - break; + case srtp_profile_null_sha1_32: + default: + return srtp_err_status_bad_param; + } + + return srtp_err_status_ok; +} + +srtp_err_status_t srtp_crypto_policy_set_from_profile_for_rtcp( + srtp_crypto_policy_t *policy, + srtp_profile_t profile) +{ + /* set SRTP policy from the SRTP profile in the key set */ + switch (profile) { + case srtp_profile_aes128_cm_sha1_80: + srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); + break; + case srtp_profile_aes128_cm_sha1_32: + /* We do not honor the 32-bit auth tag request since + * this is not compliant with RFC 3711 */ + srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(policy); + break; + case srtp_profile_null_sha1_80: + srtp_crypto_policy_set_null_cipher_hmac_sha1_80(policy); + break; #if defined(OPENSSL) - case srtp_profile_aead_aes_128_gcm: - srtp_crypto_policy_set_aes_gcm_128_16_auth(policy); - break; - case srtp_profile_aead_aes_256_gcm: - srtp_crypto_policy_set_aes_gcm_256_16_auth(policy); - break; + case srtp_profile_aead_aes_128_gcm: + srtp_crypto_policy_set_aes_gcm_128_16_auth(policy); + break; + case srtp_profile_aead_aes_256_gcm: + srtp_crypto_policy_set_aes_gcm_256_16_auth(policy); + break; #endif /* the following profiles are not (yet) supported */ - case srtp_profile_null_sha1_32: - default: - return srtp_err_status_bad_param; - } - - return srtp_err_status_ok; -} - -void srtp_append_salt_to_key(uint8_t *key, unsigned int bytes_in_key, uint8_t *salt, unsigned int bytes_in_salt) { - memcpy(key + bytes_in_key, salt, bytes_in_salt); -} - -unsigned int -srtp_profile_get_master_key_length(srtp_profile_t profile) { - - switch(profile) { - case srtp_profile_aes128_cm_sha1_80: - return SRTP_AES_128_KEY_LEN; - break; - case srtp_profile_aes128_cm_sha1_32: - return SRTP_AES_128_KEY_LEN; - break; - case srtp_profile_null_sha1_80: - return SRTP_AES_128_KEY_LEN; - break; - case srtp_profile_aead_aes_128_gcm: - return SRTP_AES_128_KEY_LEN; - break; - case srtp_profile_aead_aes_256_gcm: - return SRTP_AES_256_KEY_LEN; - break; - /* the following profiles are not (yet) supported */ - case srtp_profile_null_sha1_32: - default: - return 0; /* indicate error by returning a zero */ - } -} - -unsigned int -srtp_profile_get_master_salt_length(srtp_profile_t profile) { - - switch(profile) { - case srtp_profile_aes128_cm_sha1_80: - return SRTP_SALT_LEN; - break; - case srtp_profile_aes128_cm_sha1_32: - return SRTP_SALT_LEN; - break; - case srtp_profile_null_sha1_80: - return SRTP_SALT_LEN; - break; - case srtp_profile_aead_aes_128_gcm: - return SRTP_AEAD_SALT_LEN; - break; - case srtp_profile_aead_aes_256_gcm: - return SRTP_AEAD_SALT_LEN; - break; - /* the following profiles are not (yet) supported */ - case srtp_profile_null_sha1_32: - default: - return 0; /* indicate error by returning a zero */ - } + case srtp_profile_null_sha1_32: + default: + return srtp_err_status_bad_param; + } + + return srtp_err_status_ok; } -srtp_err_status_t -srtp_get_protect_trailer_length(srtp_t session, - uint32_t use_mki, - uint32_t mki_index, - uint32_t *length) +void srtp_append_salt_to_key(uint8_t *key, + unsigned int bytes_in_key, + uint8_t *salt, + unsigned int bytes_in_salt) { - srtp_stream_ctx_t *stream; - - if (session == NULL) - return srtp_err_status_bad_param; - - *length = 0; - - /* Try obtaining stream from stream_list */ - stream = session->stream_list; + memcpy(key + bytes_in_key, salt, bytes_in_salt); +} - if (stream == NULL) { - /* Try obtaining the template stream */ - stream = session->stream_template; +unsigned int srtp_profile_get_master_key_length(srtp_profile_t profile) +{ + switch (profile) { + case srtp_profile_aes128_cm_sha1_80: + return SRTP_AES_128_KEY_LEN; + break; + case srtp_profile_aes128_cm_sha1_32: + return SRTP_AES_128_KEY_LEN; + break; + case srtp_profile_null_sha1_80: + return SRTP_AES_128_KEY_LEN; + break; + case srtp_profile_aead_aes_128_gcm: + return SRTP_AES_128_KEY_LEN; + break; + case srtp_profile_aead_aes_256_gcm: + return SRTP_AES_256_KEY_LEN; + break; + /* the following profiles are not (yet) supported */ + case srtp_profile_null_sha1_32: + default: + return 0; /* indicate error by returning a zero */ } +} - if (stream == NULL) { - return srtp_err_status_bad_param; +unsigned int srtp_profile_get_master_salt_length(srtp_profile_t profile) +{ + switch (profile) { + case srtp_profile_aes128_cm_sha1_80: + return SRTP_SALT_LEN; + break; + case srtp_profile_aes128_cm_sha1_32: + return SRTP_SALT_LEN; + break; + case srtp_profile_null_sha1_80: + return SRTP_SALT_LEN; + break; + case srtp_profile_aead_aes_128_gcm: + return SRTP_AEAD_SALT_LEN; + break; + case srtp_profile_aead_aes_256_gcm: + return SRTP_AEAD_SALT_LEN; + break; + /* the following profiles are not (yet) supported */ + case srtp_profile_null_sha1_32: + default: + return 0; /* indicate error by returning a zero */ } +} + +srtp_err_status_t stream_get_protect_trailer_length(srtp_stream_ctx_t *stream, + uint32_t is_rtp, + uint32_t use_mki, + uint32_t mki_index, + uint32_t *length) +{ + *length = 0; + + srtp_session_keys_t *session_key; if (use_mki) { - if (mki_index > stream->num_master_keys) - return srtp_err_status_bad_mki; + if (mki_index >= stream->num_master_keys) { + return srtp_err_status_bad_mki; + } + session_key = &stream->session_keys[mki_index]; - *length += stream->session_keys[mki_index].mki_size; - *length += srtp_auth_get_tag_length(stream->session_keys[mki_index].rtp_auth); + *length += session_key->mki_size; + + } else { + session_key = &stream->session_keys[0]; + } + if (is_rtp) { + *length += srtp_auth_get_tag_length(session_key->rtp_auth); } else { - *length += srtp_auth_get_tag_length(stream->session_keys[0].rtp_auth); + *length += srtp_auth_get_tag_length(session_key->rtcp_auth); + *length += sizeof(srtcp_trailer_t); } return srtp_err_status_ok; } -srtp_err_status_t -srtp_get_protect_rtcp_trailer_length(srtp_t session, - uint32_t use_mki, - uint32_t mki_index, - uint32_t *length) +srtp_err_status_t get_protect_trailer_length(srtp_t session, + uint32_t is_rtp, + uint32_t use_mki, + uint32_t mki_index, + uint32_t *length) { srtp_stream_ctx_t *stream; - if (session == NULL) - return srtp_err_status_bad_param; + if (session == NULL) { + return srtp_err_status_bad_param; + } - *length = 0; + if (session->stream_template == NULL && session->stream_list == NULL) { + return srtp_err_status_bad_param; + } - /* Try obtaining stream from stream_list */ - stream = session->stream_list; + *length = 0; - if (stream == NULL) { - /* Try obtaining the template stream */ - stream = session->stream_template; - } + stream = session->stream_template; - if (stream == NULL) { - return srtp_err_status_bad_param; + if (stream != NULL) { + stream_get_protect_trailer_length(stream, is_rtp, use_mki, mki_index, + length); } - if (use_mki) { - if (mki_index > stream->num_master_keys) - return srtp_err_status_bad_mki; + stream = session->stream_list; - *length += stream->session_keys[mki_index].mki_size; - *length += srtp_auth_get_tag_length(stream->session_keys[mki_index].rtcp_auth); - } else { - *length += srtp_auth_get_tag_length(stream->session_keys[0].rtcp_auth); + while (stream != NULL) { + uint32_t temp_length; + if (stream_get_protect_trailer_length(stream, is_rtp, use_mki, + mki_index, &temp_length) == + srtp_err_status_ok) { + if (temp_length > *length) { + *length = temp_length; + } + } + stream = stream->next; } - - *length += sizeof(srtcp_trailer_t); return srtp_err_status_ok; } +srtp_err_status_t srtp_get_protect_trailer_length(srtp_t session, + uint32_t use_mki, + uint32_t mki_index, + uint32_t *length) +{ + return get_protect_trailer_length(session, 1, use_mki, mki_index, length); +} + +srtp_err_status_t srtp_get_protect_rtcp_trailer_length(srtp_t session, + uint32_t use_mki, + uint32_t mki_index, + uint32_t *length) +{ + return get_protect_trailer_length(session, 0, use_mki, mki_index, length); +} /* * SRTP debug interface @@ -4591,26 +4656,34 @@ */ static srtp_log_handler_func_t *srtp_log_handler = NULL; -static void * srtp_log_handler_data = NULL; +static void *srtp_log_handler_data = NULL; -void srtp_err_handler(srtp_err_reporting_level_t level, const char * msg) +void srtp_err_handler(srtp_err_reporting_level_t level, const char *msg) { if (srtp_log_handler) { srtp_log_level_t log_level = srtp_log_level_error; - switch(level) { - case srtp_err_level_error: log_level = srtp_log_level_error; break; - case srtp_err_level_warning: log_level = srtp_log_level_warning; break; - case srtp_err_level_info: log_level = srtp_log_level_info; break; - case srtp_err_level_debug: log_level = srtp_log_level_debug; break; + switch (level) { + case srtp_err_level_error: + log_level = srtp_log_level_error; + break; + case srtp_err_level_warning: + log_level = srtp_log_level_warning; + break; + case srtp_err_level_info: + log_level = srtp_log_level_info; + break; + case srtp_err_level_debug: + log_level = srtp_log_level_debug; + break; } srtp_log_handler(log_level, msg, srtp_log_handler_data); } } -srtp_err_status_t srtp_install_log_handler(srtp_log_handler_func_t func, void * data) +srtp_err_status_t srtp_install_log_handler(srtp_log_handler_func_t func, + void *data) { - /* * note that we accept NULL arguments intentionally - calling this * function with a NULL arguments removes a log handler that's @@ -4628,8 +4701,10 @@ return srtp_err_status_ok; } -srtp_err_status_t -srtp_set_stream_roc(srtp_t session, uint32_t ssrc, uint32_t roc) { +srtp_err_status_t srtp_set_stream_roc(srtp_t session, + uint32_t ssrc, + uint32_t roc) +{ srtp_stream_t stream; stream = srtp_get_stream(session, htonl(ssrc)); @@ -4641,8 +4716,10 @@ return srtp_err_status_ok; } -srtp_err_status_t -srtp_get_stream_roc(srtp_t session, uint32_t ssrc, uint32_t *roc) { +srtp_err_status_t srtp_get_stream_roc(srtp_t session, + uint32_t ssrc, + uint32_t *roc) +{ srtp_stream_t stream; stream = srtp_get_stream(session, htonl(ssrc)); diff -Nru libsrtp2-2.1.0/srtp2.vcxproj libsrtp2-2.2.0/srtp2.vcxproj --- libsrtp2-2.1.0/srtp2.vcxproj 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/srtp2.vcxproj 2018-05-15 19:33:24.000000000 +0000 @@ -370,6 +370,7 @@ <ClInclude Include="crypto\include\alloc.h" /> <ClInclude Include="crypto\include\auth.h" /> <ClInclude Include="crypto\include\cipher.h" /> + <ClInclude Include="crypto\include\cipher_types.h" /> <ClInclude Include="crypto\include\config.h" /> <ClInclude Include="crypto\include\crypto.h" /> <ClInclude Include="crypto\include\cryptoalg.h" /> @@ -401,4 +402,4 @@ <Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> <ImportGroup Label="ExtensionTargets"> </ImportGroup> -</Project> \ No newline at end of file +</Project> diff -Nru libsrtp2-2.1.0/srtp2.vcxproj.filters libsrtp2-2.2.0/srtp2.vcxproj.filters --- libsrtp2-2.1.0/srtp2.vcxproj.filters 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/srtp2.vcxproj.filters 2018-05-15 19:33:24.000000000 +0000 @@ -107,6 +107,9 @@ <ClInclude Include="crypto\include\cipher.h"> <Filter>Header Files</Filter> </ClInclude> + <ClInclude Include="crypto\include\cipher_types.h"> + <Filter>Header Files</Filter> + </ClInclude> <ClInclude Include="crypto\include\config.h"> <Filter>Header Files</Filter> </ClInclude> @@ -183,4 +186,4 @@ <Filter>Source Files</Filter> </None> </ItemGroup> -</Project> \ No newline at end of file +</Project> diff -Nru libsrtp2-2.1.0/test/cutest.h libsrtp2-2.2.0/test/cutest.h --- libsrtp2-2.1.0/test/cutest.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/cutest.h 2018-05-15 19:33:24.000000000 +0000 @@ -10,10 +10,10 @@ * the rights to use, copy, modify, merge, publish, distribute, sublicense, * and/or sell copies of the Software, and to permit persons to whom the * Software is furnished to do so, subject to the following conditions: - * + * * The above copyright notice and this permission notice shall be included in * all copies or substantial portions of the Software. - * + * * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS * OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE @@ -26,7 +26,6 @@ #ifndef CUTEST_H__ #define CUTEST_H__ - /************************ *** Public interface *** ************************/ @@ -56,8 +55,7 @@ * * void test_func(void); */ -#define TEST_LIST const struct test__ test_list__[] - +#define TEST_LIST const struct test__ test_list__[] /* Macros for testing whether an unit test succeeds or fails. These macros * can be used arbitrarily in functions implementing the unit tests. @@ -78,9 +76,9 @@ * TEST_CHECK(ptr->member2 > 200); * } */ -#define TEST_CHECK_(cond,...) test_check__((cond), __FILE__, __LINE__, __VA_ARGS__) -#define TEST_CHECK(cond) test_check__((cond), __FILE__, __LINE__, "%s", #cond) - +#define TEST_CHECK_(cond, ...) \ + test_check__((cond), __FILE__, __LINE__, __VA_ARGS__) +#define TEST_CHECK(cond) test_check__((cond), __FILE__, __LINE__, "%s", #cond) /********************** *** Implementation *** @@ -94,47 +92,43 @@ #include <string.h> #if defined(unix) || defined(__unix__) || defined(__unix) || defined(__APPLE__) - #define CUTEST_UNIX__ 1 - #include <errno.h> - #include <unistd.h> - #include <sys/types.h> - #include <sys/wait.h> - #include <signal.h> +#define CUTEST_UNIX__ 1 +#include <errno.h> +#include <unistd.h> +#include <sys/types.h> +#include <sys/wait.h> +#include <signal.h> #endif #if defined(_WIN32) || defined(__WIN32__) || defined(__WINDOWS__) - #define CUTEST_WIN__ 1 - #include <windows.h> - #include <io.h> +#define CUTEST_WIN__ 1 +#include <windows.h> +#include <io.h> #endif #ifdef __cplusplus - #include <exception> +#include <exception> #endif - /* Note our global private identifiers end with '__' to mitigate risk of clash * with the unit tests implementation. */ - #ifdef __cplusplus - extern "C" { +extern "C" { #endif - struct test__ { - const char* name; + const char *name; void (*func)(void); }; extern const struct test__ test_list__[]; -int test_check__(int cond, const char* file, int line, const char* fmt, ...); - +int test_check__(int cond, const char *file, int line, const char *fmt, ...); #ifndef TEST_NO_MAIN -static char* test_argv0__ = NULL; +static char *test_argv0__ = NULL; static int test_count__ = 0; static int test_no_exec__ = 0; static int test_no_summary__ = 0; @@ -143,21 +137,20 @@ static int test_stat_failed_units__ = 0; static int test_stat_run_units__ = 0; -static const struct test__* test_current_unit__ = NULL; +static const struct test__ *test_current_unit__ = NULL; static int test_current_already_logged__ = 0; static int test_verbose_level__ = 2; static int test_current_failures__ = 0; static int test_colorize__ = 0; -#define CUTEST_COLOR_DEFAULT__ 0 -#define CUTEST_COLOR_GREEN__ 1 -#define CUTEST_COLOR_RED__ 2 -#define CUTEST_COLOR_DEFAULT_INTENSIVE__ 3 -#define CUTEST_COLOR_GREEN_INTENSIVE__ 4 -#define CUTEST_COLOR_RED_INTENSIVE__ 5 +#define CUTEST_COLOR_DEFAULT__ 0 +#define CUTEST_COLOR_GREEN__ 1 +#define CUTEST_COLOR_RED__ 2 +#define CUTEST_COLOR_DEFAULT_INTENSIVE__ 3 +#define CUTEST_COLOR_GREEN_INTENSIVE__ 4 +#define CUTEST_COLOR_RED_INTENSIVE__ 5 -static size_t -test_print_in_color__(int color, const char* fmt, ...) +static size_t test_print_in_color__(int color, const char *fmt, ...) { va_list args; char buffer[256]; @@ -166,22 +159,34 @@ va_start(args, fmt); vsnprintf(buffer, sizeof(buffer), fmt, args); va_end(args); - buffer[sizeof(buffer)-1] = '\0'; + buffer[sizeof(buffer) - 1] = '\0'; - if(!test_colorize__) { + if (!test_colorize__) { return printf("%s", buffer); } #if defined CUTEST_UNIX__ { - const char* col_str; - switch(color) { - case CUTEST_COLOR_GREEN__: col_str = "\033[0;32m"; break; - case CUTEST_COLOR_RED__: col_str = "\033[0;31m"; break; - case CUTEST_COLOR_GREEN_INTENSIVE__: col_str = "\033[1;32m"; break; - case CUTEST_COLOR_RED_INTENSIVE__: col_str = "\033[1;30m"; break; - case CUTEST_COLOR_DEFAULT_INTENSIVE__: col_str = "\033[1m"; break; - default: col_str = "\033[0m"; break; + const char *col_str; + switch (color) { + case CUTEST_COLOR_GREEN__: + col_str = "\033[0;32m"; + break; + case CUTEST_COLOR_RED__: + col_str = "\033[0;31m"; + break; + case CUTEST_COLOR_GREEN_INTENSIVE__: + col_str = "\033[1;32m"; + break; + case CUTEST_COLOR_RED_INTENSIVE__: + col_str = "\033[1;30m"; + break; + case CUTEST_COLOR_DEFAULT_INTENSIVE__: + col_str = "\033[1m"; + break; + default: + col_str = "\033[0m"; + break; } printf("%s", col_str); n = printf("%s", buffer); @@ -197,15 +202,28 @@ h = GetStdHandle(STD_OUTPUT_HANDLE); GetConsoleScreenBufferInfo(h, &info); - switch(color) { - case CUTEST_COLOR_GREEN__: attr = FOREGROUND_GREEN; break; - case CUTEST_COLOR_RED__: attr = FOREGROUND_RED; break; - case CUTEST_COLOR_GREEN_INTENSIVE__: attr = FOREGROUND_GREEN | FOREGROUND_INTENSITY; break; - case CUTEST_COLOR_RED_INTENSIVE__: attr = FOREGROUND_RED | FOREGROUND_INTENSITY; break; - case CUTEST_COLOR_DEFAULT_INTENSIVE__: attr = FOREGROUND_BLUE | FOREGROUND_GREEN | FOREGROUND_RED | FOREGROUND_INTENSITY; break; - default: attr = 0; break; + switch (color) { + case CUTEST_COLOR_GREEN__: + attr = FOREGROUND_GREEN; + break; + case CUTEST_COLOR_RED__: + attr = FOREGROUND_RED; + break; + case CUTEST_COLOR_GREEN_INTENSIVE__: + attr = FOREGROUND_GREEN | FOREGROUND_INTENSITY; + break; + case CUTEST_COLOR_RED_INTENSIVE__: + attr = FOREGROUND_RED | FOREGROUND_INTENSITY; + break; + case CUTEST_COLOR_DEFAULT_INTENSIVE__: + attr = FOREGROUND_BLUE | FOREGROUND_GREEN | FOREGROUND_RED | + FOREGROUND_INTENSITY; + break; + default: + attr = 0; + break; } - if(attr != 0) + if (attr != 0) SetConsoleTextAttribute(h, attr); n = printf("%s", buffer); SetConsoleTextAttribute(h, info.wAttributes); @@ -217,19 +235,18 @@ #endif } -int -test_check__(int cond, const char* file, int line, const char* fmt, ...) +int test_check__(int cond, const char *file, int line, const char *fmt, ...) { const char *result_str; int result_color; int verbose_level; - if(cond) { + if (cond) { result_str = "ok"; result_color = CUTEST_COLOR_GREEN__; verbose_level = 3; } else { - if(!test_current_already_logged__ && test_current_unit__ != NULL) { + if (!test_current_already_logged__ && test_current_unit__ != NULL) { printf("[ "); test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__, "FAILED"); printf(" ]\n"); @@ -241,13 +258,13 @@ test_current_already_logged__++; } - if(test_verbose_level__ >= verbose_level) { + if (test_verbose_level__ >= verbose_level) { size_t n = 0; va_list args; printf(" "); - if(file != NULL) + if (file != NULL) n += printf("%s:%d: Check ", file, line); va_start(args, fmt); @@ -263,23 +280,21 @@ return (cond != 0); } -static void -test_list_names__(void) +static void test_list_names__(void) { - const struct test__* test; + const struct test__ *test; printf("Unit tests:\n"); - for(test = &test_list__[0]; test->func != NULL; test++) + for (test = &test_list__[0]; test->func != NULL; test++) printf(" %s\n", test->name); } -static const struct test__* -test_by_name__(const char* name) +static const struct test__ *test_by_name__(const char *name) { - const struct test__* test; + const struct test__ *test; - for(test = &test_list__[0]; test->func != NULL; test++) { - if(strcmp(test->name, name) == 0) + for (test = &test_list__[0]; test->func != NULL; test++) { + if (strcmp(test->name, name) == 0) return test; } @@ -287,24 +302,25 @@ } /* Call directly the given test unit function. */ -static int -test_do_run__(const struct test__* test) +static int test_do_run__(const struct test__ *test) { test_current_unit__ = test; test_current_failures__ = 0; test_current_already_logged__ = 0; - if(test_verbose_level__ >= 3) { - test_print_in_color__(CUTEST_COLOR_DEFAULT_INTENSIVE__, "Test %s:\n", test->name); + if (test_verbose_level__ >= 3) { + test_print_in_color__(CUTEST_COLOR_DEFAULT_INTENSIVE__, "Test %s:\n", + test->name); test_current_already_logged__++; - } else if(test_verbose_level__ >= 1) { + } else if (test_verbose_level__ >= 1) { size_t n; char spaces[32]; - n = test_print_in_color__(CUTEST_COLOR_DEFAULT_INTENSIVE__, "Test %s... ", test->name); + n = test_print_in_color__(CUTEST_COLOR_DEFAULT_INTENSIVE__, + "Test %s... ", test->name); memset(spaces, ' ', sizeof(spaces)); - if(n < sizeof(spaces)) - printf("%.*s", (int) (sizeof(spaces) - n), spaces); + if (n < sizeof(spaces)) + printf("%.*s", (int)(sizeof(spaces) - n), spaces); } else { test_current_already_logged__ = 1; } @@ -320,24 +336,34 @@ test->func(); #ifdef __cplusplus - } catch(std::exception& e) { - const char* what = e.what(); - if(what != NULL) + } catch (std::exception &e) { + const char *what = e.what(); + if (what != NULL) test_check__(0, NULL, 0, "Threw std::exception: %s", what); else test_check__(0, NULL, 0, "Threw std::exception"); - } catch(...) { + } catch (...) { test_check__(0, NULL, 0, "Threw an exception"); } #endif - if(test_verbose_level__ >= 3) { - switch(test_current_failures__) { - case 0: test_print_in_color__(CUTEST_COLOR_GREEN_INTENSIVE__, " All conditions have passed.\n\n"); break; - case 1: test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__, " One condition has FAILED.\n\n"); break; - default: test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__, " %d conditions have FAILED.\n\n", test_current_failures__); break; + if (test_verbose_level__ >= 3) { + switch (test_current_failures__) { + case 0: + test_print_in_color__(CUTEST_COLOR_GREEN_INTENSIVE__, + " All conditions have passed.\n\n"); + break; + case 1: + test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__, + " One condition has FAILED.\n\n"); + break; + default: + test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__, + " %d conditions have FAILED.\n\n", + test_current_failures__); + break; } - } else if(test_verbose_level__ >= 1 && test_current_failures__ == 0) { + } else if (test_verbose_level__ >= 1 && test_current_failures__ == 0) { printf("[ "); test_print_in_color__(CUTEST_COLOR_GREEN_INTENSIVE__, "OK"); printf(" ]\n"); @@ -351,21 +377,21 @@ /* Called if anything goes bad in cutest, or if the unit test ends in other * way then by normal returning from its function (e.g. exception or some * abnormal child process termination). */ -static void -test_error__(const char* fmt, ...) +static void test_error__(const char *fmt, ...) { va_list args; - if(test_verbose_level__ == 0) + if (test_verbose_level__ == 0) return; - if(test_verbose_level__ <= 2 && !test_current_already_logged__ && test_current_unit__ != NULL) { + if (test_verbose_level__ <= 2 && !test_current_already_logged__ && + test_current_unit__ != NULL) { printf("[ "); test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__, "FAILED"); printf(" ]\n"); } - if(test_verbose_level__ >= 2) { + if (test_verbose_level__ >= 2) { test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__, " Error: "); va_start(args, fmt); vprintf(fmt, args); @@ -378,51 +404,73 @@ /* Trigger the unit test. If possible (and not suppressed) it starts a child * process who calls test_do_run__(), otherwise it calls test_do_run__() * directly. */ -static void -test_run__(const struct test__* test) +static void test_run__(const struct test__ *test) { int failed = 1; test_current_unit__ = test; test_current_already_logged__ = 0; - if(!test_no_exec__) { - + if (!test_no_exec__) { #if defined(CUTEST_UNIX__) pid_t pid; int exit_code; pid = fork(); - if(pid == (pid_t)-1) { + if (pid == (pid_t)-1) { test_error__("Cannot fork. %s [%d]", strerror(errno), errno); failed = 1; - } else if(pid == 0) { + } else if (pid == 0) { /* Child: Do the test. */ failed = (test_do_run__(test) != 0); exit(failed ? 1 : 0); } else { /* Parent: Wait until child terminates and analyze its exit code. */ waitpid(pid, &exit_code, 0); - if(WIFEXITED(exit_code)) { - switch(WEXITSTATUS(exit_code)) { - case 0: failed = 0; break; /* test has passed. */ - case 1: /* noop */ break; /* "normal" failure. */ - default: test_error__("Unexpected exit code [%d]", WEXITSTATUS(exit_code)); + if (WIFEXITED(exit_code)) { + switch (WEXITSTATUS(exit_code)) { + case 0: + failed = 0; + break; /* test has passed. */ + case 1: /* noop */ + break; /* "normal" failure. */ + default: + test_error__("Unexpected exit code [%d]", + WEXITSTATUS(exit_code)); } - } else if(WIFSIGNALED(exit_code)) { + } else if (WIFSIGNALED(exit_code)) { char tmp[32]; - const char* signame; - switch(WTERMSIG(exit_code)) { - case SIGINT: signame = "SIGINT"; break; - case SIGHUP: signame = "SIGHUP"; break; - case SIGQUIT: signame = "SIGQUIT"; break; - case SIGABRT: signame = "SIGABRT"; break; - case SIGKILL: signame = "SIGKILL"; break; - case SIGSEGV: signame = "SIGSEGV"; break; - case SIGILL: signame = "SIGILL"; break; - case SIGTERM: signame = "SIGTERM"; break; - default: sprintf(tmp, "signal %d", WTERMSIG(exit_code)); signame = tmp; break; + const char *signame; + switch (WTERMSIG(exit_code)) { + case SIGINT: + signame = "SIGINT"; + break; + case SIGHUP: + signame = "SIGHUP"; + break; + case SIGQUIT: + signame = "SIGQUIT"; + break; + case SIGABRT: + signame = "SIGABRT"; + break; + case SIGKILL: + signame = "SIGKILL"; + break; + case SIGSEGV: + signame = "SIGSEGV"; + break; + case SIGILL: + signame = "SIGILL"; + break; + case SIGTERM: + signame = "SIGTERM"; + break; + default: + sprintf(tmp, "signal %d", WTERMSIG(exit_code)); + signame = tmp; + break; } test_error__("Test interrupted by %s", signame); } else { @@ -432,26 +480,28 @@ #elif defined(CUTEST_WIN__) - char buffer[512] = {0}; - STARTUPINFOA startupInfo = {0}; + char buffer[512] = { 0 }; + STARTUPINFOA startupInfo = { 0 }; PROCESS_INFORMATION processInfo; DWORD exitCode; /* Windows has no fork(). So we propagate all info into the child * through a command line arguments. */ - _snprintf(buffer, sizeof(buffer)-1, - "%s --no-exec --no-summary --verbose=%d --color=%s -- \"%s\"", - test_argv0__, test_verbose_level__, - test_colorize__ ? "always" : "never", test->name); + _snprintf(buffer, sizeof(buffer) - 1, + "%s --no-exec --no-summary --verbose=%d --color=%s -- \"%s\"", + test_argv0__, test_verbose_level__, + test_colorize__ ? "always" : "never", test->name); startupInfo.cb = sizeof(STARTUPINFO); - if(CreateProcessA(NULL, buffer, NULL, NULL, FALSE, 0, NULL, NULL, &startupInfo, &processInfo)) { + if (CreateProcessA(NULL, buffer, NULL, NULL, FALSE, 0, NULL, NULL, + &startupInfo, &processInfo)) { WaitForSingleObject(processInfo.hProcess, INFINITE); GetExitCodeProcess(processInfo.hProcess, &exitCode); CloseHandle(processInfo.hThread); CloseHandle(processInfo.hProcess); failed = (exitCode != 0); } else { - test_error__("Cannot create unit test subprocess [%ld].", GetLastError()); + test_error__("Cannot create unit test subprocess [%ld].", + GetLastError()); failed = 1; } @@ -470,14 +520,13 @@ test_current_unit__ = NULL; test_stat_run_units__++; - if(failed) + if (failed) test_stat_failed_units__++; } #if defined(CUTEST_WIN__) /* Callback for SEH events. */ -static LONG CALLBACK -test_exception_filter__(EXCEPTION_POINTERS *ptrs) +static LONG CALLBACK test_exception_filter__(EXCEPTION_POINTERS *ptrs) { test_error__("Unhandled SEH exception %08lx at %p.", ptrs->ExceptionRecord->ExceptionCode, @@ -488,35 +537,42 @@ } #endif -static void -test_help__(void) +static void test_help__(void) { printf("Usage: %s [options] [test...]\n", test_argv0__); - printf("Run the specified unit tests; or if the option '--skip' is used, run all\n"); - printf("tests in the suite but those listed. By default, if no tests are specified\n"); + printf("Run the specified unit tests; or if the option '--skip' is used, " + "run all\n"); + printf("tests in the suite but those listed. By default, if no tests are " + "specified\n"); printf("on the command line, all unit tests in the suite are run.\n"); printf("\n"); printf("Options:\n"); - printf(" -s, --skip Execute all unit tests but the listed ones\n"); - printf(" --no-exec Do not execute unit tests as child processes\n"); - printf(" --no-summary Suppress printing of test results summary\n"); + printf( + " -s, --skip Execute all unit tests but the listed ones\n"); + printf(" --no-exec Do not execute unit tests as child " + "processes\n"); + printf( + " --no-summary Suppress printing of test results summary\n"); printf(" -l, --list List unit tests in the suite and exit\n"); printf(" -v, --verbose Enable more verbose output\n"); printf(" --verbose=LEVEL Set verbose level to LEVEL:\n"); printf(" 0 ... Be silent\n"); - printf(" 1 ... Output one line per test (and summary)\n"); - printf(" 2 ... As 1 and failed conditions (this is default)\n"); - printf(" 3 ... As 1 and all conditions (and extended summary)\n"); - printf(" --color=WHEN Enable colorized output (WHEN is one of 'auto', 'always', 'never')\n"); + printf(" 1 ... Output one line per test (and " + "summary)\n"); + printf(" 2 ... As 1 and failed conditions (this " + "is default)\n"); + printf(" 3 ... As 1 and all conditions (and " + "extended summary)\n"); + printf(" --color=WHEN Enable colorized output (WHEN is one of " + "'auto', 'always', 'never')\n"); printf(" -h, --help Display this help and exit\n"); printf("\n"); test_list_names__(); } -int -main(int argc, char** argv) +int main(int argc, char **argv) { - const struct test__** tests = NULL; + const struct test__ **tests = NULL; int i, j, n = 0; int seen_double_dash = 0; @@ -531,42 +587,50 @@ #endif /* Parse options */ - for(i = 1; i < argc; i++) { - if(seen_double_dash || argv[i][0] != '-') { - tests = (const struct test__**) realloc((void*)tests, (n+1) * sizeof(const struct test__*)); - if(tests == NULL) { + for (i = 1; i < argc; i++) { + if (seen_double_dash || argv[i][0] != '-') { + tests = (const struct test__ **)realloc( + (void *)tests, (n + 1) * sizeof(const struct test__ *)); + if (tests == NULL) { fprintf(stderr, "Out of memory.\n"); exit(2); } tests[n] = test_by_name__(argv[i]); - if(tests[n] == NULL) { - fprintf(stderr, "%s: Unrecognized unit test '%s'\n", argv[0], argv[i]); - fprintf(stderr, "Try '%s --list' for list of unit tests.\n", argv[0]); + if (tests[n] == NULL) { + fprintf(stderr, "%s: Unrecognized unit test '%s'\n", argv[0], + argv[i]); + fprintf(stderr, "Try '%s --list' for list of unit tests.\n", + argv[0]); exit(2); } n++; - } else if(strcmp(argv[i], "--") == 0) { + } else if (strcmp(argv[i], "--") == 0) { seen_double_dash = 1; - } else if(strcmp(argv[i], "--help") == 0 || strcmp(argv[i], "-h") == 0) { + } else if (strcmp(argv[i], "--help") == 0 || + strcmp(argv[i], "-h") == 0) { test_help__(); exit(0); - } else if(strcmp(argv[i], "--verbose") == 0 || strcmp(argv[i], "-v") == 0) { + } else if (strcmp(argv[i], "--verbose") == 0 || + strcmp(argv[i], "-v") == 0) { test_verbose_level__++; - } else if(strncmp(argv[i], "--verbose=", 10) == 0) { + } else if (strncmp(argv[i], "--verbose=", 10) == 0) { test_verbose_level__ = atoi(argv[i] + 10); - } else if(strcmp(argv[i], "--color=auto") == 0) { + } else if (strcmp(argv[i], "--color=auto") == 0) { /* noop (set from above) */ - } else if(strcmp(argv[i], "--color=always") == 0 || strcmp(argv[i], "--color") == 0) { + } else if (strcmp(argv[i], "--color=always") == 0 || + strcmp(argv[i], "--color") == 0) { test_colorize__ = 1; - } else if(strcmp(argv[i], "--color=never") == 0) { + } else if (strcmp(argv[i], "--color=never") == 0) { test_colorize__ = 0; - } else if(strcmp(argv[i], "--skip") == 0 || strcmp(argv[i], "-s") == 0) { + } else if (strcmp(argv[i], "--skip") == 0 || + strcmp(argv[i], "-s") == 0) { test_skip_mode__ = 1; - } else if(strcmp(argv[i], "--no-exec") == 0) { + } else if (strcmp(argv[i], "--no-exec") == 0) { test_no_exec__ = 1; - } else if(strcmp(argv[i], "--no-summary") == 0) { + } else if (strcmp(argv[i], "--no-summary") == 0) { test_no_summary__ = 1; - } else if(strcmp(argv[i], "--list") == 0 || strcmp(argv[i], "-l") == 0) { + } else if (strcmp(argv[i], "--list") == 0 || + strcmp(argv[i], "-l") == 0) { test_list_names__(); exit(0); } else { @@ -582,66 +646,68 @@ /* Count all test units */ test_count__ = 0; - for(i = 0; test_list__[i].func != NULL; i++) + for (i = 0; test_list__[i].func != NULL; i++) test_count__++; /* Run the tests */ - if(n == 0) { + if (n == 0) { /* Run all tests */ - for(i = 0; test_list__[i].func != NULL; i++) + for (i = 0; test_list__[i].func != NULL; i++) test_run__(&test_list__[i]); - } else if(!test_skip_mode__) { + } else if (!test_skip_mode__) { /* Run the listed tests */ - for(i = 0; i < n; i++) + for (i = 0; i < n; i++) test_run__(tests[i]); } else { /* Run all tests except those listed */ - for(i = 0; test_list__[i].func != NULL; i++) { + for (i = 0; test_list__[i].func != NULL; i++) { int want_skip = 0; - for(j = 0; j < n; j++) { - if(tests[j] == &test_list__[i]) { + for (j = 0; j < n; j++) { + if (tests[j] == &test_list__[i]) { want_skip = 1; break; } } - if(!want_skip) + if (!want_skip) test_run__(&test_list__[i]); } } /* Write a summary */ - if(!test_no_summary__ && test_verbose_level__ >= 1) { + if (!test_no_summary__ && test_verbose_level__ >= 1) { test_print_in_color__(CUTEST_COLOR_DEFAULT_INTENSIVE__, "\nSummary:\n"); - if(test_verbose_level__ >= 3) { + if (test_verbose_level__ >= 3) { printf(" Count of all unit tests: %4d\n", test_count__); - printf(" Count of run unit tests: %4d\n", test_stat_run_units__); - printf(" Count of failed unit tests: %4d\n", test_stat_failed_units__); - printf(" Count of skipped unit tests: %4d\n", test_count__ - test_stat_run_units__); + printf(" Count of run unit tests: %4d\n", + test_stat_run_units__); + printf(" Count of failed unit tests: %4d\n", + test_stat_failed_units__); + printf(" Count of skipped unit tests: %4d\n", + test_count__ - test_stat_run_units__); } - if(test_stat_failed_units__ == 0) { + if (test_stat_failed_units__ == 0) { test_print_in_color__(CUTEST_COLOR_GREEN_INTENSIVE__, - " SUCCESS: All unit tests have passed.\n"); + " SUCCESS: All unit tests have passed.\n"); } else { - test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__, - " FAILED: %d of %d unit tests have failed.\n", - test_stat_failed_units__, test_stat_run_units__); + test_print_in_color__( + CUTEST_COLOR_RED_INTENSIVE__, + " FAILED: %d of %d unit tests have failed.\n", + test_stat_failed_units__, test_stat_run_units__); } } - if(tests != NULL) - free((void*)tests); + if (tests != NULL) + free((void *)tests); return (test_stat_failed_units__ == 0) ? 0 : 1; } - -#endif /* #ifndef TEST_NO_MAIN */ +#endif /* #ifndef TEST_NO_MAIN */ #ifdef __cplusplus - } /* extern "C" */ +} /* extern "C" */ #endif - -#endif /* #ifndef CUTEST_H__ */ +#endif /* #ifndef CUTEST_H__ */ diff -Nru libsrtp2-2.1.0/test/dtls_srtp_driver.c libsrtp2-2.2.0/test/dtls_srtp_driver.c --- libsrtp2-2.1.0/test/dtls_srtp_driver.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/dtls_srtp_driver.c 2018-05-15 19:33:24.000000000 +0000 @@ -7,26 +7,26 @@ * Cisco Systems, Inc. */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -46,171 +46,170 @@ #include "getopt_s.h" /* for local getopt() */ #include "srtp_priv.h" -srtp_err_status_t -test_dtls_srtp(void); +srtp_err_status_t test_dtls_srtp(void); -srtp_hdr_t * -srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc); +srtp_hdr_t *srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc); -void -usage(char *prog_name) { - printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n" - " -d <mod> turn on debugging module <mod>\n" - " -l list debugging modules\n", prog_name); - exit(1); +void usage(char *prog_name) +{ + printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n" + " -d <mod> turn on debugging module <mod>\n" + " -l list debugging modules\n", + prog_name); + exit(1); } -int -main(int argc, char *argv[]) { - unsigned do_list_mods = 0; - int q; - srtp_err_status_t err; - - printf("dtls_srtp_driver\n"); - - /* initialize srtp library */ - err = srtp_init(); - if (err) { - printf("error: srtp init failed with error code %d\n", err); - exit(1); - } +int main(int argc, char *argv[]) +{ + unsigned do_list_mods = 0; + int q; + srtp_err_status_t err; + + printf("dtls_srtp_driver\n"); - /* process input arguments */ - while (1) { - q = getopt_s(argc, argv, "ld:"); - if (q == -1) - break; - switch (q) { - case 'l': - do_list_mods = 1; - break; - case 'd': - err = srtp_crypto_kernel_set_debug_module(optarg_s, 1); - if (err) { - printf("error: set debug module (%s) failed\n", optarg_s); + /* initialize srtp library */ + err = srtp_init(); + if (err) { + printf("error: srtp init failed with error code %d\n", err); exit(1); - } - break; - default: - usage(argv[0]); - } - } + } + + /* process input arguments */ + while (1) { + q = getopt_s(argc, argv, "ld:"); + if (q == -1) + break; + switch (q) { + case 'l': + do_list_mods = 1; + break; + case 'd': + err = srtp_crypto_kernel_set_debug_module(optarg_s, 1); + if (err) { + printf("error: set debug module (%s) failed\n", optarg_s); + exit(1); + } + break; + default: + usage(argv[0]); + } + } + + if (do_list_mods) { + err = srtp_crypto_kernel_list_debug_modules(); + if (err) { + printf("error: list of debug modules failed\n"); + exit(1); + } + } - if (do_list_mods) { - err = srtp_crypto_kernel_list_debug_modules(); + printf("testing dtls_srtp..."); + err = test_dtls_srtp(); if (err) { - printf("error: list of debug modules failed\n"); - exit(1); + printf("\nerror (code %d)\n", err); + exit(1); } - } + printf("passed\n"); - printf("testing dtls_srtp..."); - err = test_dtls_srtp(); - if (err) { - printf("\nerror (code %d)\n", err); - exit(1); - } - printf("passed\n"); - - /* shut down srtp library */ - err = srtp_shutdown(); - if (err) { - printf("error: srtp shutdown failed with error code %d\n", err); - exit(1); - } + /* shut down srtp library */ + err = srtp_shutdown(); + if (err) { + printf("error: srtp shutdown failed with error code %d\n", err); + exit(1); + } - return 0; + return 0; } +srtp_err_status_t test_dtls_srtp(void) +{ + srtp_hdr_t *test_packet; + int test_packet_len = 80; + srtp_t s; + srtp_policy_t policy; + uint8_t key[SRTP_MAX_KEY_LEN]; + uint8_t salt[SRTP_MAX_KEY_LEN]; + unsigned int key_len, salt_len; + srtp_profile_t profile; + srtp_err_status_t err; + + memset(&policy, 0x0, sizeof(srtp_policy_t)); + + /* create a 'null' SRTP session */ + err = srtp_create(&s, NULL); + if (err) + return err; + + /* + * verify that packet-processing functions behave properly - we + * expect that these functions will return srtp_err_status_no_ctx + */ + test_packet = srtp_create_test_packet(80, 0xa5a5a5a5); + if (test_packet == NULL) + return srtp_err_status_alloc_fail; + + err = srtp_protect(s, test_packet, &test_packet_len); + if (err != srtp_err_status_no_ctx) { + printf("wrong return value from srtp_protect() (got code %d)\n", err); + return srtp_err_status_fail; + } -srtp_err_status_t -test_dtls_srtp(void) { - srtp_hdr_t *test_packet; - int test_packet_len = 80; - srtp_t s; - srtp_policy_t policy; - uint8_t key[SRTP_MAX_KEY_LEN]; - uint8_t salt[SRTP_MAX_KEY_LEN]; - unsigned int key_len, salt_len; - srtp_profile_t profile; - srtp_err_status_t err; - - memset(&policy, 0x0, sizeof(srtp_policy_t)); - - /* create a 'null' SRTP session */ - err = srtp_create(&s, NULL); - if (err) - return err; - - /* - * verify that packet-processing functions behave properly - we - * expect that these functions will return srtp_err_status_no_ctx - */ - test_packet = srtp_create_test_packet(80, 0xa5a5a5a5); - if (test_packet == NULL) - return srtp_err_status_alloc_fail; - err = srtp_protect(s, test_packet, &test_packet_len); - if (err != srtp_err_status_no_ctx) { - printf("wrong return value from srtp_protect() (got code %d)\n", - err); - return srtp_err_status_fail; - } - err = srtp_unprotect(s, test_packet, &test_packet_len); - if (err != srtp_err_status_no_ctx) { - printf("wrong return value from srtp_unprotect() (got code %d)\n", - err); - return srtp_err_status_fail; - } - err = srtp_protect_rtcp(s, test_packet, &test_packet_len); - if (err != srtp_err_status_no_ctx) { - printf("wrong return value from srtp_protect_rtcp() (got code %d)\n", - err); - return srtp_err_status_fail; - } - err = srtp_unprotect_rtcp(s, test_packet, &test_packet_len); - if (err != srtp_err_status_no_ctx) { - printf("wrong return value from srtp_unprotect_rtcp() (got code %d)\n", - err); - return srtp_err_status_fail; - } - - - /* - * set keys to known values for testing - */ - profile = srtp_profile_aes128_cm_sha1_80; - key_len = srtp_profile_get_master_key_length(profile); - salt_len = srtp_profile_get_master_salt_length(profile); - memset(key, 0xff, key_len); - memset(salt, 0xee, salt_len); - srtp_append_salt_to_key(key, key_len, salt, salt_len); - policy.key = key; - - /* initialize SRTP policy from profile */ - err = srtp_crypto_policy_set_from_profile_for_rtp(&policy.rtp, profile); - if (err) return err; - err = srtp_crypto_policy_set_from_profile_for_rtcp(&policy.rtcp, profile); - if (err) return err; - policy.ssrc.type = ssrc_any_inbound; - policy.ekt = NULL; - policy.window_size = 128; - policy.allow_repeat_tx = 0; - policy.next = NULL; - - err = srtp_add_stream(s, &policy); - if (err) - return err; - - err = srtp_dealloc(s); - if (err) - return err; + err = srtp_unprotect(s, test_packet, &test_packet_len); + if (err != srtp_err_status_no_ctx) { + printf("wrong return value from srtp_unprotect() (got code %d)\n", err); + return srtp_err_status_fail; + } - free(test_packet); + err = srtp_protect_rtcp(s, test_packet, &test_packet_len); + if (err != srtp_err_status_no_ctx) { + printf("wrong return value from srtp_protect_rtcp() (got code %d)\n", + err); + return srtp_err_status_fail; + } - return srtp_err_status_ok; -} + err = srtp_unprotect_rtcp(s, test_packet, &test_packet_len); + if (err != srtp_err_status_no_ctx) { + printf("wrong return value from srtp_unprotect_rtcp() (got code %d)\n", + err); + return srtp_err_status_fail; + } + + /* + * set keys to known values for testing + */ + profile = srtp_profile_aes128_cm_sha1_80; + key_len = srtp_profile_get_master_key_length(profile); + salt_len = srtp_profile_get_master_salt_length(profile); + memset(key, 0xff, key_len); + memset(salt, 0xee, salt_len); + srtp_append_salt_to_key(key, key_len, salt, salt_len); + policy.key = key; + + /* initialize SRTP policy from profile */ + err = srtp_crypto_policy_set_from_profile_for_rtp(&policy.rtp, profile); + if (err) + return err; + err = srtp_crypto_policy_set_from_profile_for_rtcp(&policy.rtcp, profile); + if (err) + return err; + policy.ssrc.type = ssrc_any_inbound; + policy.ekt = NULL; + policy.window_size = 128; + policy.allow_repeat_tx = 0; + policy.next = NULL; + + err = srtp_add_stream(s, &policy); + if (err) + return err; + + err = srtp_dealloc(s); + if (err) + return err; + free(test_packet); + return srtp_err_status_ok; +} /* * srtp_create_test_packet(len, ssrc) returns a pointer to a @@ -225,39 +224,38 @@ * deallocated with the free() call once it is no longer needed. */ -srtp_hdr_t * -srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc) { - int i; - uint8_t *buffer; - srtp_hdr_t *hdr; - int bytes_in_hdr = 12; - - /* allocate memory for test packet */ - hdr = malloc(pkt_octet_len + bytes_in_hdr - + SRTP_MAX_TRAILER_LEN + 4); - if (!hdr) - return NULL; - - hdr->version = 2; /* RTP version two */ - hdr->p = 0; /* no padding needed */ - hdr->x = 0; /* no header extension */ - hdr->cc = 0; /* no CSRCs */ - hdr->m = 0; /* marker bit */ - hdr->pt = 0xf; /* payload type */ - hdr->seq = htons(0x1234); /* sequence number */ - hdr->ts = htonl(0xdecafbad); /* timestamp */ - hdr->ssrc = htonl(ssrc); /* synch. source */ - - buffer = (uint8_t *)hdr; - buffer += bytes_in_hdr; - - /* set RTP data to 0xab */ - for (i=0; i < pkt_octet_len; i++) - *buffer++ = 0xab; - - /* set post-data value to 0xffff to enable overrun checking */ - for (i=0; i < SRTP_MAX_TRAILER_LEN+4; i++) - *buffer++ = 0xff; +srtp_hdr_t *srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc) +{ + int i; + uint8_t *buffer; + srtp_hdr_t *hdr; + int bytes_in_hdr = 12; + + /* allocate memory for test packet */ + hdr = malloc(pkt_octet_len + bytes_in_hdr + SRTP_MAX_TRAILER_LEN + 4); + if (!hdr) + return NULL; + + hdr->version = 2; /* RTP version two */ + hdr->p = 0; /* no padding needed */ + hdr->x = 0; /* no header extension */ + hdr->cc = 0; /* no CSRCs */ + hdr->m = 0; /* marker bit */ + hdr->pt = 0xf; /* payload type */ + hdr->seq = htons(0x1234); /* sequence number */ + hdr->ts = htonl(0xdecafbad); /* timestamp */ + hdr->ssrc = htonl(ssrc); /* synch. source */ + + buffer = (uint8_t *)hdr; + buffer += bytes_in_hdr; + + /* set RTP data to 0xab */ + for (i = 0; i < pkt_octet_len; i++) + *buffer++ = 0xab; + + /* set post-data value to 0xffff to enable overrun checking */ + for (i = 0; i < SRTP_MAX_TRAILER_LEN + 4; i++) + *buffer++ = 0xff; - return hdr; + return hdr; } diff -Nru libsrtp2-2.1.0/test/getopt_s.c libsrtp2-2.2.0/test/getopt_s.c --- libsrtp2-2.1.0/test/getopt_s.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/getopt_s.c 2018-05-15 19:33:24.000000000 +0000 @@ -3,30 +3,30 @@ * * a minimal implementation of the getopt() function, written so that * test applications that use that function can run on non-POSIX - * platforms + * platforms * */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -42,71 +42,67 @@ * */ -#include <stdlib.h> /* for NULL */ +#include <stdlib.h> /* for NULL */ int optind_s = 0; char *optarg_s; -#define GETOPT_FOUND_WITHOUT_ARGUMENT 2 -#define GETOPT_FOUND_WITH_ARGUMENT 1 -#define GETOPT_NOT_FOUND 0 - -static int -getopt_check_character(char c, const char *string) { - unsigned int max_string_len = 128; - - while (*string != 0) { - if (max_string_len == 0) { - return '?'; - } - if (*string++ == c) { - if (*string == ':') { - return GETOPT_FOUND_WITH_ARGUMENT; - } else { - return GETOPT_FOUND_WITHOUT_ARGUMENT; - } +#define GETOPT_FOUND_WITHOUT_ARGUMENT 2 +#define GETOPT_FOUND_WITH_ARGUMENT 1 +#define GETOPT_NOT_FOUND 0 + +static int getopt_check_character(char c, const char *string) +{ + unsigned int max_string_len = 128; + + while (*string != 0) { + if (max_string_len == 0) { + return '?'; + } + if (*string++ == c) { + if (*string == ':') { + return GETOPT_FOUND_WITH_ARGUMENT; + } else { + return GETOPT_FOUND_WITHOUT_ARGUMENT; + } + } } - } - return GETOPT_NOT_FOUND; + return GETOPT_NOT_FOUND; } -int -getopt_s(int argc, - char * const argv[], - const char *optstring) { - - - while (optind_s + 1 < argc) { - char *string; - - /* move 'string' on to next argument */ - optind_s++; - string = argv[optind_s]; - - if (string == NULL) - return '?'; /* NULL argument string */ - - if (string[0] != '-') - return -1; /* found an unexpected character */ - - switch(getopt_check_character(string[1], optstring)) { - case GETOPT_FOUND_WITH_ARGUMENT: - if (optind_s + 1 < argc) { - optind_s++; - optarg_s = argv[optind_s]; - return string[1]; - } else { - return '?'; /* argument missing */ - } - case GETOPT_FOUND_WITHOUT_ARGUMENT: - return string[1]; - case GETOPT_NOT_FOUND: - default: - return '?'; /* didn't find expected character */ - break; +int getopt_s(int argc, char *const argv[], const char *optstring) +{ + while (optind_s + 1 < argc) { + char *string; + + /* move 'string' on to next argument */ + optind_s++; + string = argv[optind_s]; + + if (string == NULL) + return '?'; /* NULL argument string */ + + if (string[0] != '-') + return -1; /* found an unexpected character */ + + switch (getopt_check_character(string[1], optstring)) { + case GETOPT_FOUND_WITH_ARGUMENT: + if (optind_s + 1 < argc) { + optind_s++; + optarg_s = argv[optind_s]; + return string[1]; + } else { + return '?'; /* argument missing */ + } + case GETOPT_FOUND_WITHOUT_ARGUMENT: + return string[1]; + case GETOPT_NOT_FOUND: + default: + return '?'; /* didn't find expected character */ + break; + } } - } - return -1; + return -1; } diff -Nru libsrtp2-2.1.0/test/rdbx_driver.c libsrtp2-2.2.0/test/rdbx_driver.c --- libsrtp2-2.1.0/test/rdbx_driver.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/rdbx_driver.c 2018-05-15 19:33:24.000000000 +0000 @@ -6,28 +6,27 @@ * David A. McGrew * Cisco Systems, Inc. */ - /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -44,7 +43,7 @@ */ #ifdef HAVE_CONFIG_H - #include <config.h> +#include <config.h> #endif #include <stdio.h> /* for printf() */ @@ -58,90 +57,85 @@ #include "ut_sim.h" -srtp_err_status_t -test_replay_dbx(int num_trials, unsigned long ws); +srtp_err_status_t test_replay_dbx(int num_trials, unsigned long ws); -double -rdbx_check_adds_per_second(int num_trials, unsigned long ws); +double rdbx_check_adds_per_second(int num_trials, unsigned long ws); -void -usage(char *prog_name) { - printf("usage: %s [ -t | -v ]\n", prog_name); - exit(255); +void usage(char *prog_name) +{ + printf("usage: %s [ -t | -v ]\n", prog_name); + exit(255); } -int -main (int argc, char *argv[]) { - double rate; - srtp_err_status_t status; - int q; - unsigned do_timing_test = 0; - unsigned do_validation = 0; - - /* process input arguments */ - while (1) { - q = getopt_s(argc, argv, "tv"); - if (q == -1) - break; - switch (q) { - case 't': - do_timing_test = 1; - break; - case 'v': - do_validation = 1; - break; - default: - usage(argv[0]); - } - } - - printf("rdbx (replay database w/ extended range) test driver\n" - "David A. McGrew\n" - "Cisco Systems, Inc.\n"); - - if (!do_validation && !do_timing_test) - usage(argv[0]); - - if (do_validation) { - printf("testing srtp_rdbx_t (ws=128)...\n"); - - status = test_replay_dbx(1 << 12, 128); - if (status) { - printf("failed\n"); - exit(1); +int main(int argc, char *argv[]) +{ + double rate; + srtp_err_status_t status; + int q; + unsigned do_timing_test = 0; + unsigned do_validation = 0; + + /* process input arguments */ + while (1) { + q = getopt_s(argc, argv, "tv"); + if (q == -1) + break; + switch (q) { + case 't': + do_timing_test = 1; + break; + case 'v': + do_validation = 1; + break; + default: + usage(argv[0]); + } } - printf("passed\n"); - printf("testing srtp_rdbx_t (ws=1024)...\n"); + printf("rdbx (replay database w/ extended range) test driver\n" + "David A. McGrew\n" + "Cisco Systems, Inc.\n"); + + if (!do_validation && !do_timing_test) + usage(argv[0]); + + if (do_validation) { + printf("testing srtp_rdbx_t (ws=128)...\n"); + + status = test_replay_dbx(1 << 12, 128); + if (status) { + printf("failed\n"); + exit(1); + } + printf("passed\n"); + + printf("testing srtp_rdbx_t (ws=1024)...\n"); + + status = test_replay_dbx(1 << 12, 1024); + if (status) { + printf("failed\n"); + exit(1); + } + printf("passed\n"); + } - status = test_replay_dbx(1 << 12, 1024); - if (status) { - printf("failed\n"); - exit(1); + if (do_timing_test) { + rate = rdbx_check_adds_per_second(1 << 18, 128); + printf("rdbx_check/replay_adds per second (ws=128): %e\n", rate); + rate = rdbx_check_adds_per_second(1 << 18, 1024); + printf("rdbx_check/replay_adds per second (ws=1024): %e\n", rate); } - printf("passed\n"); - } - if (do_timing_test) { - rate = rdbx_check_adds_per_second(1 << 18, 128); - printf("rdbx_check/replay_adds per second (ws=128): %e\n", rate); - rate = rdbx_check_adds_per_second(1 << 18, 1024); - printf("rdbx_check/replay_adds per second (ws=1024): %e\n", rate); - } - - return 0; + return 0; } -void -print_rdbx(srtp_rdbx_t *rdbx) { - char buf[2048]; - printf("rdbx: {%llu, %s}\n", - (unsigned long long)(rdbx->index), - bitvector_bit_string(&rdbx->bitmask, buf, sizeof(buf)) -); +void print_rdbx(srtp_rdbx_t *rdbx) +{ + char buf[2048]; + printf("rdbx: {%llu, %s}\n", (unsigned long long)(rdbx->index), + bitvector_bit_string(&rdbx->bitmask, buf, sizeof(buf))); } - /* * rdbx_check_add(rdbx, idx) checks a known-to-be-good idx against * rdbx, then adds it. if a failure is detected (i.e., the check @@ -150,217 +144,214 @@ * */ -srtp_err_status_t -rdbx_check_add(srtp_rdbx_t *rdbx, uint32_t idx) { - int delta; - srtp_xtd_seq_num_t est; - - delta = srtp_index_guess(&rdbx->index, &est, idx); - - if (srtp_rdbx_check(rdbx, delta) != srtp_err_status_ok) { - printf("replay_check failed at index %u\n", idx); - return srtp_err_status_algo_fail; - } - - /* - * in practice, we'd authenticate the packet containing idx, using - * the estimated value est, at this point - */ - - if (srtp_rdbx_add_index(rdbx, delta) != srtp_err_status_ok) { - printf("rdbx_add_index failed at index %u\n", idx); - return srtp_err_status_algo_fail; - } +srtp_err_status_t rdbx_check_add(srtp_rdbx_t *rdbx, uint32_t idx) +{ + int delta; + srtp_xtd_seq_num_t est; + + delta = srtp_index_guess(&rdbx->index, &est, idx); + + if (srtp_rdbx_check(rdbx, delta) != srtp_err_status_ok) { + printf("replay_check failed at index %u\n", idx); + return srtp_err_status_algo_fail; + } + + /* + * in practice, we'd authenticate the packet containing idx, using + * the estimated value est, at this point + */ + + if (srtp_rdbx_add_index(rdbx, delta) != srtp_err_status_ok) { + printf("rdbx_add_index failed at index %u\n", idx); + return srtp_err_status_algo_fail; + } - return srtp_err_status_ok; + return srtp_err_status_ok; } /* * rdbx_check_expect_failure(srtp_rdbx_t *rdbx, uint32_t idx) - * + * * checks that a sequence number idx is in the replay database * and thus will be rejected */ -srtp_err_status_t -rdbx_check_expect_failure(srtp_rdbx_t *rdbx, uint32_t idx) { - int delta; - srtp_xtd_seq_num_t est; - srtp_err_status_t status; - - delta = srtp_index_guess(&rdbx->index, &est, idx); - - status = srtp_rdbx_check(rdbx, delta); - if (status == srtp_err_status_ok) { - printf("delta: %d ", delta); - printf("replay_check failed at index %u (false positive)\n", idx); - return srtp_err_status_algo_fail; - } +srtp_err_status_t rdbx_check_expect_failure(srtp_rdbx_t *rdbx, uint32_t idx) +{ + int delta; + srtp_xtd_seq_num_t est; + srtp_err_status_t status; + + delta = srtp_index_guess(&rdbx->index, &est, idx); + + status = srtp_rdbx_check(rdbx, delta); + if (status == srtp_err_status_ok) { + printf("delta: %d ", delta); + printf("replay_check failed at index %u (false positive)\n", idx); + return srtp_err_status_algo_fail; + } - return srtp_err_status_ok; + return srtp_err_status_ok; } -srtp_err_status_t -rdbx_check_add_unordered(srtp_rdbx_t *rdbx, uint32_t idx) { - int delta; - srtp_xtd_seq_num_t est; - srtp_err_status_t rstat; - - delta = srtp_index_guess(&rdbx->index, &est, idx); - - rstat = srtp_rdbx_check(rdbx, delta); - if ((rstat != srtp_err_status_ok) && (rstat != srtp_err_status_replay_old)) { - printf("replay_check_add_unordered failed at index %u\n", idx); - return srtp_err_status_algo_fail; - } - if (rstat == srtp_err_status_replay_old) { - return srtp_err_status_ok; - } - if (srtp_rdbx_add_index(rdbx, delta) != srtp_err_status_ok) { - printf("rdbx_add_index failed at index %u\n", idx); - return srtp_err_status_algo_fail; - } +srtp_err_status_t rdbx_check_add_unordered(srtp_rdbx_t *rdbx, uint32_t idx) +{ + int delta; + srtp_xtd_seq_num_t est; + srtp_err_status_t rstat; + + delta = srtp_index_guess(&rdbx->index, &est, idx); + + rstat = srtp_rdbx_check(rdbx, delta); + if ((rstat != srtp_err_status_ok) && + (rstat != srtp_err_status_replay_old)) { + printf("replay_check_add_unordered failed at index %u\n", idx); + return srtp_err_status_algo_fail; + } + if (rstat == srtp_err_status_replay_old) { + return srtp_err_status_ok; + } + if (srtp_rdbx_add_index(rdbx, delta) != srtp_err_status_ok) { + printf("rdbx_add_index failed at index %u\n", idx); + return srtp_err_status_algo_fail; + } - return srtp_err_status_ok; + return srtp_err_status_ok; } -srtp_err_status_t -test_replay_dbx(int num_trials, unsigned long ws) { - srtp_rdbx_t rdbx; - uint32_t idx, ircvd; - ut_connection utc; - srtp_err_status_t status; - int num_fp_trials; - - status = srtp_rdbx_init(&rdbx, ws); - if (status) { - printf("replay_init failed with error code %d\n", status); - exit(1); - } - - /* - * test sequential insertion - */ - printf("\ttesting sequential insertion..."); - for (idx=0; (int) idx < num_trials; idx++) { - status = rdbx_check_add(&rdbx, idx); - if (status) - return status; - } - printf("passed\n"); - - /* - * test for false positives by checking all of the index - * values which we've just added - * - * note that we limit the number of trials here, since allowing the - * rollover counter to roll over would defeat this test - */ - num_fp_trials = num_trials % 0x10000; - if (num_fp_trials == 0) { - printf("warning: no false positive tests performed\n"); - } - printf("\ttesting for false positives..."); - for (idx=0; (int) idx < num_fp_trials; idx++) { - status = rdbx_check_expect_failure(&rdbx, idx); - if (status) - return status; - } - printf("passed\n"); - - /* re-initialize */ - srtp_rdbx_dealloc(&rdbx); - - if (srtp_rdbx_init(&rdbx, ws) != srtp_err_status_ok) { - printf("replay_init failed\n"); - return srtp_err_status_init_fail; - } - - /* - * test non-sequential insertion - * - * this test covers only fase negatives, since the values returned - * by ut_next_index(...) are distinct - */ - ut_init(&utc); - - printf("\ttesting non-sequential insertion..."); - for (idx=0; (int) idx < num_trials; idx++) { - ircvd = ut_next_index(&utc); - status = rdbx_check_add_unordered(&rdbx, ircvd); - if (status) - return status; - status = rdbx_check_expect_failure(&rdbx, ircvd); - if (status) - return status; - } - printf("passed\n"); - - /* re-initialize */ - srtp_rdbx_dealloc(&rdbx); - - if (srtp_rdbx_init(&rdbx, ws) != srtp_err_status_ok) { - printf("replay_init failed\n"); - return srtp_err_status_init_fail; - } - - /* - * test insertion with large gaps. - * check for false positives for each insertion. - */ - printf("\ttesting insertion with large gaps..."); - for (idx=0, ircvd=0; (int) idx < num_trials; idx++, ircvd += (1 << (rand() % 12))) { - status = rdbx_check_add(&rdbx, ircvd); - if (status) - return status; - status = rdbx_check_expect_failure(&rdbx, ircvd); - if (status) - return status; - } - printf("passed\n"); +srtp_err_status_t test_replay_dbx(int num_trials, unsigned long ws) +{ + srtp_rdbx_t rdbx; + uint32_t idx, ircvd; + ut_connection utc; + srtp_err_status_t status; + int num_fp_trials; - srtp_rdbx_dealloc(&rdbx); + status = srtp_rdbx_init(&rdbx, ws); + if (status) { + printf("replay_init failed with error code %d\n", status); + exit(1); + } - return srtp_err_status_ok; -} + /* + * test sequential insertion + */ + printf("\ttesting sequential insertion..."); + for (idx = 0; (int)idx < num_trials; idx++) { + status = rdbx_check_add(&rdbx, idx); + if (status) + return status; + } + printf("passed\n"); + + /* + * test for false positives by checking all of the index + * values which we've just added + * + * note that we limit the number of trials here, since allowing the + * rollover counter to roll over would defeat this test + */ + num_fp_trials = num_trials % 0x10000; + if (num_fp_trials == 0) { + printf("warning: no false positive tests performed\n"); + } + printf("\ttesting for false positives..."); + for (idx = 0; (int)idx < num_fp_trials; idx++) { + status = rdbx_check_expect_failure(&rdbx, idx); + if (status) + return status; + } + printf("passed\n"); + /* re-initialize */ + srtp_rdbx_dealloc(&rdbx); + if (srtp_rdbx_init(&rdbx, ws) != srtp_err_status_ok) { + printf("replay_init failed\n"); + return srtp_err_status_init_fail; + } + + /* + * test non-sequential insertion + * + * this test covers only fase negatives, since the values returned + * by ut_next_index(...) are distinct + */ + ut_init(&utc); + + printf("\ttesting non-sequential insertion..."); + for (idx = 0; (int)idx < num_trials; idx++) { + ircvd = ut_next_index(&utc); + status = rdbx_check_add_unordered(&rdbx, ircvd); + if (status) + return status; + status = rdbx_check_expect_failure(&rdbx, ircvd); + if (status) + return status; + } + printf("passed\n"); -#include <time.h> /* for clock() */ -#include <stdlib.h> /* for random() */ + /* re-initialize */ + srtp_rdbx_dealloc(&rdbx); -double -rdbx_check_adds_per_second(int num_trials, unsigned long ws) { - uint32_t i; - int delta; - srtp_rdbx_t rdbx; - srtp_xtd_seq_num_t est; - clock_t timer; - int failures; /* count number of failures */ - - if (srtp_rdbx_init(&rdbx, ws) != srtp_err_status_ok) { - printf("replay_init failed\n"); - exit(1); - } - - failures = 0; - timer = clock(); - for(i=0; (int) i < num_trials; i++) { - - delta = srtp_index_guess(&rdbx.index, &est, i); - - if (srtp_rdbx_check(&rdbx, delta) != srtp_err_status_ok) - ++failures; - else - if (srtp_rdbx_add_index(&rdbx, delta) != srtp_err_status_ok) - ++failures; - } - timer = clock() - timer; + if (srtp_rdbx_init(&rdbx, ws) != srtp_err_status_ok) { + printf("replay_init failed\n"); + return srtp_err_status_init_fail; + } - printf("number of failures: %d \n", failures); + /* + * test insertion with large gaps. + * check for false positives for each insertion. + */ + printf("\ttesting insertion with large gaps..."); + for (idx = 0, ircvd = 0; (int)idx < num_trials; + idx++, ircvd += (1 << (rand() % 12))) { + status = rdbx_check_add(&rdbx, ircvd); + if (status) + return status; + status = rdbx_check_expect_failure(&rdbx, ircvd); + if (status) + return status; + } + printf("passed\n"); - srtp_rdbx_dealloc(&rdbx); + srtp_rdbx_dealloc(&rdbx); - return (double) CLOCKS_PER_SEC * num_trials / timer; + return srtp_err_status_ok; } +#include <time.h> /* for clock() */ +#include <stdlib.h> /* for random() */ + +double rdbx_check_adds_per_second(int num_trials, unsigned long ws) +{ + uint32_t i; + int delta; + srtp_rdbx_t rdbx; + srtp_xtd_seq_num_t est; + clock_t timer; + int failures; /* count number of failures */ + + if (srtp_rdbx_init(&rdbx, ws) != srtp_err_status_ok) { + printf("replay_init failed\n"); + exit(1); + } + + failures = 0; + timer = clock(); + for (i = 0; (int)i < num_trials; i++) { + delta = srtp_index_guess(&rdbx.index, &est, i); + + if (srtp_rdbx_check(&rdbx, delta) != srtp_err_status_ok) + ++failures; + else if (srtp_rdbx_add_index(&rdbx, delta) != srtp_err_status_ok) + ++failures; + } + timer = clock() - timer; + + printf("number of failures: %d \n", failures); + + srtp_rdbx_dealloc(&rdbx); + + return (double)CLOCKS_PER_SEC * num_trials / timer; +} diff -Nru libsrtp2-2.1.0/test/replay_driver.c libsrtp2-2.2.0/test/replay_driver.c --- libsrtp2-2.1.0/test/replay_driver.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/replay_driver.c 2018-05-15 19:33:24.000000000 +0000 @@ -8,26 +8,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -44,7 +44,7 @@ */ #ifdef HAVE_CONFIG_H - #include <config.h> +#include <config.h> #endif #include <stdio.h> @@ -59,226 +59,225 @@ unsigned num_trials = 1 << 16; -srtp_err_status_t -test_rdb_db(void); +srtp_err_status_t test_rdb_db(void); -double -rdb_check_adds_per_second(void); +double rdb_check_adds_per_second(void); -int -main (void) { - srtp_err_status_t err; - - printf("testing anti-replay database (srtp_rdb_t)...\n"); - err = test_rdb_db(); - if (err) { - printf("failed\n"); - exit(1); - } - printf("done\n"); - - printf("rdb_check/rdb_adds per second: %e\n", - rdb_check_adds_per_second()); - - return 0; -} +int main(void) +{ + srtp_err_status_t err; + + printf("testing anti-replay database (srtp_rdb_t)...\n"); + err = test_rdb_db(); + if (err) { + printf("failed\n"); + exit(1); + } + printf("done\n"); + printf("rdb_check/rdb_adds per second: %e\n", rdb_check_adds_per_second()); -void -print_rdb(srtp_rdb_t *rdb) { - printf("rdb: {%u, %s}\n", rdb->window_start, v128_bit_string(&rdb->bitmask)); + return 0; } -srtp_err_status_t -rdb_check_add(srtp_rdb_t *rdb, uint32_t idx) { +void print_rdb(srtp_rdb_t *rdb) +{ + printf("rdb: {%u, %s}\n", rdb->window_start, + v128_bit_string(&rdb->bitmask)); +} - if (srtp_rdb_check(rdb, idx) != srtp_err_status_ok) { - printf("rdb_check failed at index %u\n", idx); - return srtp_err_status_fail; - } - if (srtp_rdb_add_index(rdb, idx) != srtp_err_status_ok) { - printf("rdb_add_index failed at index %u\n", idx); - return srtp_err_status_fail; - } +srtp_err_status_t rdb_check_add(srtp_rdb_t *rdb, uint32_t idx) +{ + if (srtp_rdb_check(rdb, idx) != srtp_err_status_ok) { + printf("rdb_check failed at index %u\n", idx); + return srtp_err_status_fail; + } + if (srtp_rdb_add_index(rdb, idx) != srtp_err_status_ok) { + printf("rdb_add_index failed at index %u\n", idx); + return srtp_err_status_fail; + } - return srtp_err_status_ok; + return srtp_err_status_ok; } -srtp_err_status_t -rdb_check_expect_failure(srtp_rdb_t *rdb, uint32_t idx) { - srtp_err_status_t err; - - err = srtp_rdb_check(rdb, idx); - if ((err != srtp_err_status_replay_old) && (err != srtp_err_status_replay_fail)) { - printf("rdb_check failed at index %u (false positive)\n", idx); - return srtp_err_status_fail; - } +srtp_err_status_t rdb_check_expect_failure(srtp_rdb_t *rdb, uint32_t idx) +{ + srtp_err_status_t err; + + err = srtp_rdb_check(rdb, idx); + if ((err != srtp_err_status_replay_old) && + (err != srtp_err_status_replay_fail)) { + printf("rdb_check failed at index %u (false positive)\n", idx); + return srtp_err_status_fail; + } - return srtp_err_status_ok; + return srtp_err_status_ok; } -srtp_err_status_t -rdb_check_add_unordered(srtp_rdb_t *rdb, uint32_t idx) { - srtp_err_status_t rstat; - - /* printf("index: %u\n", idx); */ - rstat = srtp_rdb_check(rdb, idx); - if ((rstat != srtp_err_status_ok) && (rstat != srtp_err_status_replay_old)) { - printf("rdb_check_add_unordered failed at index %u\n", idx); - return rstat; - } - if (rstat == srtp_err_status_replay_old) { - return srtp_err_status_ok; - } - if (srtp_rdb_add_index(rdb, idx) != srtp_err_status_ok) { - printf("rdb_add_index failed at index %u\n", idx); - return srtp_err_status_fail; - } +srtp_err_status_t rdb_check_add_unordered(srtp_rdb_t *rdb, uint32_t idx) +{ + srtp_err_status_t rstat; + + /* printf("index: %u\n", idx); */ + rstat = srtp_rdb_check(rdb, idx); + if ((rstat != srtp_err_status_ok) && + (rstat != srtp_err_status_replay_old)) { + printf("rdb_check_add_unordered failed at index %u\n", idx); + return rstat; + } + if (rstat == srtp_err_status_replay_old) { + return srtp_err_status_ok; + } + if (srtp_rdb_add_index(rdb, idx) != srtp_err_status_ok) { + printf("rdb_add_index failed at index %u\n", idx); + return srtp_err_status_fail; + } - return srtp_err_status_ok; + return srtp_err_status_ok; } -srtp_err_status_t -test_rdb_db() { - srtp_rdb_t rdb; - uint32_t idx, ircvd; - ut_connection utc; - srtp_err_status_t err; - - if (srtp_rdb_init(&rdb) != srtp_err_status_ok) { - printf("rdb_init failed\n"); - return srtp_err_status_init_fail; - } - - /* test sequential insertion */ - for (idx=0; idx < num_trials; idx++) { - err = rdb_check_add(&rdb, idx); - if (err) - return err; - } - - /* test for false positives */ - for (idx=0; idx < num_trials; idx++) { - err = rdb_check_expect_failure(&rdb, idx); - if (err) - return err; - } - - /* re-initialize */ - if (srtp_rdb_init(&rdb) != srtp_err_status_ok) { - printf("rdb_init failed\n"); - return srtp_err_status_fail; - } - - /* test non-sequential insertion */ - ut_init(&utc); - - for (idx=0; idx < num_trials; idx++) { - ircvd = ut_next_index(&utc); - err = rdb_check_add_unordered(&rdb, ircvd); - if (err) - return err; - err = rdb_check_expect_failure(&rdb, ircvd); - if (err) - return err; - } - - /* re-initialize */ - if (srtp_rdb_init(&rdb) != srtp_err_status_ok) { - printf("rdb_init failed\n"); - return srtp_err_status_fail; - } - - /* test insertion with large gaps */ - for (idx=0, ircvd=0; idx < num_trials; idx++, ircvd += (1 << (rand() % 10))) { - err = rdb_check_add(&rdb, ircvd); - if (err) - return err; - err = rdb_check_expect_failure(&rdb, ircvd); - if (err) - return err; - } - - /* re-initialize */ - if (srtp_rdb_init(&rdb) != srtp_err_status_ok) { - printf("rdb_init failed\n"); - return srtp_err_status_fail; - } - - /* test loss of first 513 packets */ - for (idx=0; idx < num_trials; idx++) { - err = rdb_check_add(&rdb, idx + 513); - if (err) - return err; - } - - /* test for false positives */ - for (idx=0; idx < num_trials + 513; idx++) { - err = rdb_check_expect_failure(&rdb, idx); - if (err) - return err; - } - - /* test for key expired */ - if (srtp_rdb_init(&rdb) != srtp_err_status_ok) { - printf("rdb_init failed\n"); - return srtp_err_status_fail; - } - rdb.window_start = 0x7ffffffe; - if (srtp_rdb_increment(&rdb) != srtp_err_status_ok) { - printf("srtp_rdb_increment of 0x7ffffffe failed\n"); - return srtp_err_status_fail; - } - if (srtp_rdb_get_value(&rdb) != 0x7fffffff) { - printf("rdb valiue was not 0x7fffffff\n"); - return srtp_err_status_fail; - } - if (srtp_rdb_increment(&rdb) != srtp_err_status_key_expired) { - printf("srtp_rdb_increment of 0x7fffffff did not return srtp_err_status_key_expired\n"); - return srtp_err_status_fail; - } - if (srtp_rdb_get_value(&rdb) != 0x7fffffff) { - printf("rdb valiue was not 0x7fffffff\n"); - return srtp_err_status_fail; - } - +srtp_err_status_t test_rdb_db() +{ + srtp_rdb_t rdb; + uint32_t idx, ircvd; + ut_connection utc; + srtp_err_status_t err; + + if (srtp_rdb_init(&rdb) != srtp_err_status_ok) { + printf("rdb_init failed\n"); + return srtp_err_status_init_fail; + } + + /* test sequential insertion */ + for (idx = 0; idx < num_trials; idx++) { + err = rdb_check_add(&rdb, idx); + if (err) + return err; + } + + /* test for false positives */ + for (idx = 0; idx < num_trials; idx++) { + err = rdb_check_expect_failure(&rdb, idx); + if (err) + return err; + } + + /* re-initialize */ + if (srtp_rdb_init(&rdb) != srtp_err_status_ok) { + printf("rdb_init failed\n"); + return srtp_err_status_fail; + } + + /* test non-sequential insertion */ + ut_init(&utc); + + for (idx = 0; idx < num_trials; idx++) { + ircvd = ut_next_index(&utc); + err = rdb_check_add_unordered(&rdb, ircvd); + if (err) + return err; + err = rdb_check_expect_failure(&rdb, ircvd); + if (err) + return err; + } + + /* re-initialize */ + if (srtp_rdb_init(&rdb) != srtp_err_status_ok) { + printf("rdb_init failed\n"); + return srtp_err_status_fail; + } + + /* test insertion with large gaps */ + for (idx = 0, ircvd = 0; idx < num_trials; + idx++, ircvd += (1 << (rand() % 10))) { + err = rdb_check_add(&rdb, ircvd); + if (err) + return err; + err = rdb_check_expect_failure(&rdb, ircvd); + if (err) + return err; + } + + /* re-initialize */ + if (srtp_rdb_init(&rdb) != srtp_err_status_ok) { + printf("rdb_init failed\n"); + return srtp_err_status_fail; + } + + /* test loss of first 513 packets */ + for (idx = 0; idx < num_trials; idx++) { + err = rdb_check_add(&rdb, idx + 513); + if (err) + return err; + } + + /* test for false positives */ + for (idx = 0; idx < num_trials + 513; idx++) { + err = rdb_check_expect_failure(&rdb, idx); + if (err) + return err; + } + + /* test for key expired */ + if (srtp_rdb_init(&rdb) != srtp_err_status_ok) { + printf("rdb_init failed\n"); + return srtp_err_status_fail; + } + rdb.window_start = 0x7ffffffe; + if (srtp_rdb_increment(&rdb) != srtp_err_status_ok) { + printf("srtp_rdb_increment of 0x7ffffffe failed\n"); + return srtp_err_status_fail; + } + if (srtp_rdb_get_value(&rdb) != 0x7fffffff) { + printf("rdb valiue was not 0x7fffffff\n"); + return srtp_err_status_fail; + } + if (srtp_rdb_increment(&rdb) != srtp_err_status_key_expired) { + printf("srtp_rdb_increment of 0x7fffffff did not return " + "srtp_err_status_key_expired\n"); + return srtp_err_status_fail; + } + if (srtp_rdb_get_value(&rdb) != 0x7fffffff) { + printf("rdb valiue was not 0x7fffffff\n"); + return srtp_err_status_fail; + } - return srtp_err_status_ok; + return srtp_err_status_ok; } -#include <time.h> /* for clock() */ -#include <stdlib.h> /* for random() */ +#include <time.h> /* for clock() */ +#include <stdlib.h> /* for random() */ #define REPLAY_NUM_TRIALS 10000000 -double -rdb_check_adds_per_second(void) { - uint32_t i; - srtp_rdb_t rdb; - clock_t timer; - int failures = 0; /* count number of failures */ - - if (srtp_rdb_init(&rdb) != srtp_err_status_ok) { - printf("rdb_init failed\n"); - exit(1); - } - - timer = clock(); - for(i=0; i < REPLAY_NUM_TRIALS; i+=3) { - if (srtp_rdb_check(&rdb, i+2) != srtp_err_status_ok) - ++failures; - if (srtp_rdb_add_index(&rdb, i+2) != srtp_err_status_ok) - ++failures; - if (srtp_rdb_check(&rdb, i+1) != srtp_err_status_ok) - ++failures; - if (srtp_rdb_add_index(&rdb, i+1) != srtp_err_status_ok) - ++failures; - if (srtp_rdb_check(&rdb, i) != srtp_err_status_ok) - ++failures; - if (srtp_rdb_add_index(&rdb, i) != srtp_err_status_ok) - ++failures; - } - timer = clock() - timer; +double rdb_check_adds_per_second(void) +{ + uint32_t i; + srtp_rdb_t rdb; + clock_t timer; + int failures = 0; /* count number of failures */ + + if (srtp_rdb_init(&rdb) != srtp_err_status_ok) { + printf("rdb_init failed\n"); + exit(1); + } + + timer = clock(); + for (i = 0; i < REPLAY_NUM_TRIALS; i += 3) { + if (srtp_rdb_check(&rdb, i + 2) != srtp_err_status_ok) + ++failures; + if (srtp_rdb_add_index(&rdb, i + 2) != srtp_err_status_ok) + ++failures; + if (srtp_rdb_check(&rdb, i + 1) != srtp_err_status_ok) + ++failures; + if (srtp_rdb_add_index(&rdb, i + 1) != srtp_err_status_ok) + ++failures; + if (srtp_rdb_check(&rdb, i) != srtp_err_status_ok) + ++failures; + if (srtp_rdb_add_index(&rdb, i) != srtp_err_status_ok) + ++failures; + } + timer = clock() - timer; - return (double) CLOCKS_PER_SEC * REPLAY_NUM_TRIALS / timer; + return (double)CLOCKS_PER_SEC * REPLAY_NUM_TRIALS / timer; } diff -Nru libsrtp2-2.1.0/test/roc_driver.c libsrtp2-2.2.0/test/roc_driver.c --- libsrtp2-2.1.0/test/roc_driver.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/roc_driver.c 2018-05-15 19:33:24.000000000 +0000 @@ -8,26 +8,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -43,9 +43,8 @@ * */ - #ifdef HAVE_CONFIG_H - #include <config.h> +#include <config.h> #endif #include <stdio.h> @@ -55,121 +54,117 @@ * srtp_xtd_seq_num_t - this allows the functions to be exhaustively tested. */ #if ROC_NEEDS_TO_BE_TESTED -#define ROC_TEST +#define ROC_TEST #endif #include "rdbx.h" #include "ut_sim.h" -srtp_err_status_t -roc_test(int num_trials); +srtp_err_status_t roc_test(int num_trials); -int -main (void) { - srtp_err_status_t status; - - printf("rollover counter test driver\n" - "David A. McGrew\n" - "Cisco Systems, Inc.\n"); - - printf("testing index functions..."); - status = roc_test(1 << 18); - if (status) { - printf("failed\n"); - exit(status); - } - printf("passed\n"); - return 0; +int main(void) +{ + srtp_err_status_t status; + + printf("rollover counter test driver\n" + "David A. McGrew\n" + "Cisco Systems, Inc.\n"); + + printf("testing index functions..."); + status = roc_test(1 << 18); + if (status) { + printf("failed\n"); + exit(status); + } + printf("passed\n"); + return 0; } - #define ROC_VERBOSE 0 -srtp_err_status_t -roc_test(int num_trials) { - srtp_xtd_seq_num_t local, est, ref; - ut_connection utc; - int i, num_bad_est = 0; - int delta; - uint32_t ircvd; - double failure_rate; - - srtp_index_init(&local); - srtp_index_init(&ref); - srtp_index_init(&est); - - printf("\n\ttesting sequential insertion..."); - for (i=0; i < 2048; i++) { - delta = srtp_index_guess(&local, &est, (uint16_t) ref); +srtp_err_status_t roc_test(int num_trials) +{ + srtp_xtd_seq_num_t local, est, ref; + ut_connection utc; + int i, num_bad_est = 0; + int delta; + uint32_t ircvd; + double failure_rate; + + srtp_index_init(&local); + srtp_index_init(&ref); + srtp_index_init(&est); + + printf("\n\ttesting sequential insertion..."); + for (i = 0; i < 2048; i++) { + delta = srtp_index_guess(&local, &est, (uint16_t)ref); #if ROC_VERBOSE - printf("%lld, %lld, %d\n", ref, est, i); + printf("%lld, %lld, %d\n", ref, est, i); #endif - if (ref != est) { + if (ref != est) { #if ROC_VERBOSE - printf(" *bad estimate*\n"); + printf(" *bad estimate*\n"); #endif - ++num_bad_est; + ++num_bad_est; + } + srtp_index_advance(&ref, 1); + } + failure_rate = (double)num_bad_est / num_trials; + if (failure_rate > 0.01) { + printf("error: failure rate too high (%d bad estimates in %d trials)\n", + num_bad_est, num_trials); + return srtp_err_status_algo_fail; } - srtp_index_advance(&ref, 1); - } - failure_rate = (double) num_bad_est / num_trials; - if (failure_rate > 0.01) { - printf("error: failure rate too high (%d bad estimates in %d trials)\n", - num_bad_est, num_trials); - return srtp_err_status_algo_fail; - } - printf("done\n"); - - - printf("\ttesting non-sequential insertion..."); - srtp_index_init(&local); - srtp_index_init(&ref); - srtp_index_init(&est); - ut_init(&utc); - - for (i=0; i < num_trials; i++) { - - /* get next seq num from unreliable transport simulator */ - ircvd = ut_next_index(&utc); - - /* set ref to value of ircvd */ - ref = ircvd; + printf("done\n"); + + printf("\ttesting non-sequential insertion..."); + srtp_index_init(&local); + srtp_index_init(&ref); + srtp_index_init(&est); + ut_init(&utc); + + for (i = 0; i < num_trials; i++) { + /* get next seq num from unreliable transport simulator */ + ircvd = ut_next_index(&utc); + + /* set ref to value of ircvd */ + ref = ircvd; - /* estimate index based on low bits of ircvd */ - delta = srtp_index_guess(&local, &est, (uint16_t) ref); + /* estimate index based on low bits of ircvd */ + delta = srtp_index_guess(&local, &est, (uint16_t)ref); #if ROC_VERBOSE - printf("ref: %lld, local: %lld, est: %lld, ircvd: %d, delta: %d\n", - ref, local, est, ircvd, delta); + printf("ref: %lld, local: %lld, est: %lld, ircvd: %d, delta: %d\n", ref, + local, est, ircvd, delta); #endif - - if (local + delta != est) { - printf(" *bad delta*: local %llu + delta %d != est %llu\n", - (unsigned long long)local, delta, (unsigned long long)est); - return srtp_err_status_algo_fail; - } - /* now update local srtp_xtd_seq_num_t as necessary */ - if (delta > 0) - srtp_index_advance(&local, delta); + if (local + delta != est) { + printf(" *bad delta*: local %llu + delta %d != est %llu\n", + (unsigned long long)local, delta, (unsigned long long)est); + return srtp_err_status_algo_fail; + } + + /* now update local srtp_xtd_seq_num_t as necessary */ + if (delta > 0) + srtp_index_advance(&local, delta); - if (ref != est) { + if (ref != est) { #if ROC_VERBOSE - printf(" *bad estimate*\n"); + printf(" *bad estimate*\n"); #endif - /* record failure event */ - ++num_bad_est; - - /* reset local value to correct value */ - local = ref; + /* record failure event */ + ++num_bad_est; + + /* reset local value to correct value */ + local = ref; + } + } + failure_rate = (double)num_bad_est / num_trials; + if (failure_rate > 0.01) { + printf("error: failure rate too high (%d bad estimates in %d trials)\n", + num_bad_est, num_trials); + return srtp_err_status_algo_fail; } - } - failure_rate = (double) num_bad_est / num_trials; - if (failure_rate > 0.01) { - printf("error: failure rate too high (%d bad estimates in %d trials)\n", - num_bad_est, num_trials); - return srtp_err_status_algo_fail; - } - printf("done\n"); + printf("done\n"); - return srtp_err_status_ok; + return srtp_err_status_ok; } diff -Nru libsrtp2-2.1.0/test/rtp.c libsrtp2-2.2.0/test/rtp.c --- libsrtp2-2.1.0/test/rtp.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/rtp.c 2018-05-15 19:33:24.000000000 +0000 @@ -8,26 +8,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -50,178 +50,178 @@ #include <sys/types.h> #ifdef HAVE_SYS_SOCKET_H -# include <sys/socket.h> +#include <sys/socket.h> #endif -#define PRINT_DEBUG 0 /* set to 1 to print out debugging data */ -#define VERBOSE_DEBUG 0 /* set to 1 to print out more data */ +#define PRINT_DEBUG 0 /* set to 1 to print out debugging data */ +#define VERBOSE_DEBUG 0 /* set to 1 to print out more data */ -int -rtp_sendto(rtp_sender_t sender, const void* msg, int len) { - int octets_sent; - srtp_err_status_t stat; - int pkt_len = len + RTP_HEADER_LEN; - - /* marshal data */ - strncpy(sender->message.body, msg, len); - - /* update header */ - sender->message.header.seq = ntohs(sender->message.header.seq) + 1; - sender->message.header.seq = htons(sender->message.header.seq); - sender->message.header.ts = ntohl(sender->message.header.ts) + 1; - sender->message.header.ts = htonl(sender->message.header.ts); - - /* apply srtp */ - stat = srtp_protect(sender->srtp_ctx, &sender->message.header, &pkt_len); - if (stat) { +int rtp_sendto(rtp_sender_t sender, const void *msg, int len) +{ + int octets_sent; + srtp_err_status_t stat; + int pkt_len = len + RTP_HEADER_LEN; + + /* marshal data */ + strncpy(sender->message.body, msg, len); + + /* update header */ + sender->message.header.seq = ntohs(sender->message.header.seq) + 1; + sender->message.header.seq = htons(sender->message.header.seq); + sender->message.header.ts = ntohl(sender->message.header.ts) + 1; + sender->message.header.ts = htonl(sender->message.header.ts); + + /* apply srtp */ + stat = srtp_protect(sender->srtp_ctx, &sender->message.header, &pkt_len); + if (stat) { #if PRINT_DEBUG - fprintf(stderr, "error: srtp protection failed with code %d\n", stat); + fprintf(stderr, "error: srtp protection failed with code %d\n", stat); #endif - return -1; - } + return -1; + } #if VERBOSE_DEBUG - srtp_print_packet(&sender->message.header, pkt_len); + srtp_print_packet(&sender->message.header, pkt_len); #endif - octets_sent = sendto(sender->socket, (void*)&sender->message, - pkt_len, 0, (struct sockaddr *)&sender->addr, - sizeof (struct sockaddr_in)); + octets_sent = + sendto(sender->socket, (void *)&sender->message, pkt_len, 0, + (struct sockaddr *)&sender->addr, sizeof(struct sockaddr_in)); - if (octets_sent != pkt_len) { + if (octets_sent != pkt_len) { #if PRINT_DEBUG - fprintf(stderr, "error: couldn't send message %s", (char *)msg); - perror(""); + fprintf(stderr, "error: couldn't send message %s", (char *)msg); + perror(""); #endif - } + } - return octets_sent; + return octets_sent; } -int -rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len) { - int octets_recvd; - srtp_err_status_t stat; - - octets_recvd = recvfrom(receiver->socket, (void *)&receiver->message, - *len, 0, (struct sockaddr *) NULL, 0); - - if (octets_recvd == -1) { - *len = 0; - return -1; - } - - /* verify rtp header */ - if (receiver->message.header.version != 2) { - *len = 0; - return -1; - } +int rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len) +{ + int octets_recvd; + srtp_err_status_t stat; + + octets_recvd = recvfrom(receiver->socket, (void *)&receiver->message, *len, + 0, (struct sockaddr *)NULL, 0); + + if (octets_recvd == -1) { + *len = 0; + return -1; + } + + /* verify rtp header */ + if (receiver->message.header.version != 2) { + *len = 0; + return -1; + } #if PRINT_DEBUG - fprintf(stderr, "%d octets received from SSRC %u\n", - octets_recvd, receiver->message.header.ssrc); + fprintf(stderr, "%d octets received from SSRC %u\n", octets_recvd, + receiver->message.header.ssrc); #endif #if VERBOSE_DEBUG - srtp_print_packet(&receiver->message.header, octets_recvd); + srtp_print_packet(&receiver->message.header, octets_recvd); #endif - /* apply srtp */ - stat = srtp_unprotect(receiver->srtp_ctx, - &receiver->message.header, &octets_recvd); - if (stat) { - fprintf(stderr, - "error: srtp unprotection failed with code %d%s\n", stat, - stat == srtp_err_status_replay_fail ? " (replay check failed)" : - stat == srtp_err_status_auth_fail ? " (auth check failed)" : ""); - return -1; - } - strncpy(msg, receiver->message.body, octets_recvd); - - return octets_recvd; -} + /* apply srtp */ + stat = srtp_unprotect(receiver->srtp_ctx, &receiver->message.header, + &octets_recvd); + if (stat) { + fprintf(stderr, "error: srtp unprotection failed with code %d%s\n", + stat, + stat == srtp_err_status_replay_fail + ? " (replay check failed)" + : stat == srtp_err_status_auth_fail ? " (auth check failed)" + : ""); + return -1; + } + strncpy(msg, receiver->message.body, octets_recvd); -int -rtp_sender_init(rtp_sender_t sender, - int sock, - struct sockaddr_in addr, - unsigned int ssrc) { + return octets_recvd; +} - /* set header values */ - sender->message.header.ssrc = htonl(ssrc); - sender->message.header.ts = 0; - sender->message.header.seq = (uint16_t) rand(); - sender->message.header.m = 0; - sender->message.header.pt = 0x1; - sender->message.header.version = 2; - sender->message.header.p = 0; - sender->message.header.x = 0; - sender->message.header.cc = 0; +int rtp_sender_init(rtp_sender_t sender, + int sock, + struct sockaddr_in addr, + unsigned int ssrc) +{ + /* set header values */ + sender->message.header.ssrc = htonl(ssrc); + sender->message.header.ts = 0; + sender->message.header.seq = (uint16_t)rand(); + sender->message.header.m = 0; + sender->message.header.pt = 0x1; + sender->message.header.version = 2; + sender->message.header.p = 0; + sender->message.header.x = 0; + sender->message.header.cc = 0; - /* set other stuff */ - sender->socket = sock; - sender->addr = addr; + /* set other stuff */ + sender->socket = sock; + sender->addr = addr; - return 0; + return 0; } -int -rtp_receiver_init(rtp_receiver_t rcvr, - int sock, - struct sockaddr_in addr, - unsigned int ssrc) { - - /* set header values */ - rcvr->message.header.ssrc = htonl(ssrc); - rcvr->message.header.ts = 0; - rcvr->message.header.seq = 0; - rcvr->message.header.m = 0; - rcvr->message.header.pt = 0x1; - rcvr->message.header.version = 2; - rcvr->message.header.p = 0; - rcvr->message.header.x = 0; - rcvr->message.header.cc = 0; +int rtp_receiver_init(rtp_receiver_t rcvr, + int sock, + struct sockaddr_in addr, + unsigned int ssrc) +{ + /* set header values */ + rcvr->message.header.ssrc = htonl(ssrc); + rcvr->message.header.ts = 0; + rcvr->message.header.seq = 0; + rcvr->message.header.m = 0; + rcvr->message.header.pt = 0x1; + rcvr->message.header.version = 2; + rcvr->message.header.p = 0; + rcvr->message.header.x = 0; + rcvr->message.header.cc = 0; - /* set other stuff */ - rcvr->socket = sock; - rcvr->addr = addr; + /* set other stuff */ + rcvr->socket = sock; + rcvr->addr = addr; - return 0; + return 0; } -int -rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy) { - return srtp_create(&sender->srtp_ctx, policy); +int rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy) +{ + return srtp_create(&sender->srtp_ctx, policy); } -int -rtp_sender_deinit_srtp(rtp_sender_t sender) { - return srtp_dealloc(sender->srtp_ctx); +int rtp_sender_deinit_srtp(rtp_sender_t sender) +{ + return srtp_dealloc(sender->srtp_ctx); } -int -rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy) { - return srtp_create(&sender->srtp_ctx, policy); +int rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy) +{ + return srtp_create(&sender->srtp_ctx, policy); } -int -rtp_receiver_deinit_srtp(rtp_receiver_t sender) { - return srtp_dealloc(sender->srtp_ctx); +int rtp_receiver_deinit_srtp(rtp_receiver_t sender) +{ + return srtp_dealloc(sender->srtp_ctx); } -rtp_sender_t -rtp_sender_alloc(void) { - return (rtp_sender_t)malloc(sizeof(rtp_sender_ctx_t)); +rtp_sender_t rtp_sender_alloc(void) +{ + return (rtp_sender_t)malloc(sizeof(rtp_sender_ctx_t)); } -void -rtp_sender_dealloc(rtp_sender_t rtp_ctx) { - free(rtp_ctx); +void rtp_sender_dealloc(rtp_sender_t rtp_ctx) +{ + free(rtp_ctx); } -rtp_receiver_t -rtp_receiver_alloc(void) { - return (rtp_receiver_t)malloc(sizeof(rtp_receiver_ctx_t)); +rtp_receiver_t rtp_receiver_alloc(void) +{ + return (rtp_receiver_t)malloc(sizeof(rtp_receiver_ctx_t)); } -void -rtp_receiver_dealloc(rtp_receiver_t rtp_ctx) { - free(rtp_ctx); +void rtp_receiver_dealloc(rtp_receiver_t rtp_ctx) +{ + free(rtp_ctx); } diff -Nru libsrtp2-2.1.0/test/rtp_decoder.c libsrtp2-2.2.0/test/rtp_decoder.c --- libsrtp2-2.1.0/test/rtp_decoder.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/rtp_decoder.c 2018-05-15 19:33:24.000000000 +0000 @@ -4,14 +4,19 @@ * decoder structures and functions for SRTP pcap decoder * * Example: - * $ wget --no-check-certificate https://raw.githubusercontent.com/gteissier/srtp-decrypt/master/marseillaise-srtp.pcap - * $ ./test/rtp_decoder -a -t 10 -e 128 -b aSBrbm93IGFsbCB5b3VyIGxpdHRsZSBzZWNyZXRz \ - * < ~/marseillaise-srtp.pcap | text2pcap -t "%M:%S." -u 10000,10000 - - > ./marseillaise-rtp.pcap + * $ wget --no-check-certificate \ + * https://raw.githubusercontent.com/gteissier/srtp-decrypt/master/marseillaise-srtp.pcap + * $ ./test/rtp_decoder -a -t 10 -e 128 -b \ + * aSBrbm93IGFsbCB5b3VyIGxpdHRsZSBzZWNyZXRz \ + * < ~/marseillaise-srtp.pcap \ + * | text2pcap -t "%M:%S." -u 10000,10000 - - \ + * > ./marseillaise-rtp.pcap * * There is also a different way of setting up key size and tag size * based upon RFC 4568 crypto suite specification, i.e.: * - * $ ./test/rtp_decoder -s AES_CM_128_HMAC_SHA1_80 -b aSBrbm93IGFsbCB5b3VyIGxpdHRsZSBzZWNyZXRz ... + * $ ./test/rtp_decoder -s AES_CM_128_HMAC_SHA1_80 -b \ + * aSBrbm93IGFsbCB5b3VyIGxpdHRsZSBzZWNyZXRz ... * * Audio can be extracted using extractaudio utility from the RTPproxy * package: @@ -23,26 +28,26 @@ * Some structure and code from https://github.com/gteissier/srtp-decrypt */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -57,471 +62,506 @@ * OF THE POSSIBILITY OF SUCH DAMAGE. * */ -#include "getopt_s.h" /* for local getopt() */ -#include <assert.h> /* for assert() */ +#include "getopt_s.h" /* for local getopt() */ +#include <assert.h> /* for assert() */ #include <pcap.h> #include "rtp_decoder.h" #include "util.h" -#define MAX_KEY_LEN 96 +#ifndef timersub +#define timersub(a, b, result) \ + do { \ + (result)->tv_sec = (a)->tv_sec - (b)->tv_sec; \ + (result)->tv_usec = (a)->tv_usec - (b)->tv_usec; \ + if ((result)->tv_usec < 0) { \ + --(result)->tv_sec; \ + (result)->tv_usec += 1000000; \ + } \ + } while (0) +#endif + +#define MAX_KEY_LEN 96 #define MAX_FILTER 256 struct srtp_crypto_suite { - const char *can_name; - int key_size; - int tag_size; + const char *can_name; + int key_size; + int tag_size; }; static struct srtp_crypto_suite srtp_crypto_suites[] = { - {.can_name = "AES_CM_128_HMAC_SHA1_32", .key_size = 128, .tag_size = 4}, + {.can_name = "AES_CM_128_HMAC_SHA1_32", .key_size = 128, .tag_size = 4 }, #if 0 {.can_name = "F8_128_HMAC_SHA1_32", .key_size = 128, .tag_size = 4}, #endif - {.can_name = "AES_CM_128_HMAC_SHA1_32", .key_size = 128, .tag_size = 4}, - {.can_name = "AES_CM_128_HMAC_SHA1_80", .key_size = 128, .tag_size = 10}, - {.can_name = NULL} + {.can_name = "AES_CM_128_HMAC_SHA1_32", .key_size = 128, .tag_size = 4 }, + {.can_name = "AES_CM_128_HMAC_SHA1_80", .key_size = 128, .tag_size = 10 }, + {.can_name = NULL } }; -int -main (int argc, char *argv[]) { - char errbuf[PCAP_ERRBUF_SIZE]; - bpf_u_int32 pcap_net = 0; - pcap_t *pcap_handle; +int main(int argc, char *argv[]) +{ + char errbuf[PCAP_ERRBUF_SIZE]; + bpf_u_int32 pcap_net = 0; + pcap_t *pcap_handle; #if BEW - struct sockaddr_in local; + struct sockaddr_in local; #endif - srtp_sec_serv_t sec_servs = sec_serv_none; - int c; - struct srtp_crypto_suite scs, *i_scsp; - scs.key_size = 128; - scs.tag_size = 8; - int gcm_on = 0; - char *input_key = NULL; - int b64_input = 0; - char key[MAX_KEY_LEN]; - struct bpf_program fp; - char filter_exp[MAX_FILTER] = ""; - rtp_decoder_t dec; - srtp_policy_t policy; - srtp_err_status_t status; - int len; - int expected_len; - int do_list_mods = 0; - - fprintf(stderr, "Using %s [0x%x]\n", srtp_get_version_string(), srtp_get_version()); - - /* initialize srtp library */ - status = srtp_init(); - if (status) { - fprintf(stderr, "error: srtp initialization failed with error code %d\n", status); - exit(1); - } + srtp_sec_serv_t sec_servs = sec_serv_none; + int c; + struct srtp_crypto_suite scs, *i_scsp; + scs.key_size = 128; + scs.tag_size = 8; + int gcm_on = 0; + char *input_key = NULL; + int b64_input = 0; + char key[MAX_KEY_LEN]; + struct bpf_program fp; + char filter_exp[MAX_FILTER] = ""; + rtp_decoder_t dec; + srtp_policy_t policy; + srtp_err_status_t status; + int len; + int expected_len; + int do_list_mods = 0; - /* check args */ - while (1) { - c = getopt_s(argc, argv, "b:k:gt:ae:ld:f:s:"); - if (c == -1) { - break; - } - switch (c) { - case 'b': - b64_input = 1; - /* fall thru */ - case 'k': - input_key = optarg_s; - break; - case 'e': - scs.key_size = atoi(optarg_s); - if (scs.key_size != 128 && scs.key_size != 256) { - fprintf(stderr, "error: encryption key size must be 128 or 256 (%d)\n", scs.key_size); - exit(1); - } - input_key = malloc(scs.key_size); - sec_servs |= sec_serv_conf; - break; - case 't': - scs.tag_size = atoi(optarg_s); - break; - case 'a': - sec_servs |= sec_serv_auth; - break; - case 'g': - gcm_on = 1; - sec_servs |= sec_serv_auth; - break; - case 'd': - status = srtp_crypto_kernel_set_debug_module(optarg_s, 1); - if (status) { - fprintf(stderr, "error: set debug module (%s) failed\n", optarg_s); - exit(1); - } - break; - case 'f': - if(strlen(optarg_s) > MAX_FILTER){ - fprintf(stderr, "error: filter bigger than %d characters\n", MAX_FILTER); + fprintf(stderr, "Using %s [0x%x]\n", srtp_get_version_string(), + srtp_get_version()); + + /* initialize srtp library */ + status = srtp_init(); + if (status) { + fprintf(stderr, + "error: srtp initialization failed with error code %d\n", + status); exit(1); - } - fprintf(stderr, "Setting filter as %s\n", optarg_s); - strcpy(filter_exp, optarg_s); - break; - case 'l': - do_list_mods = 1; - break; - case 's': - for (i_scsp = &srtp_crypto_suites[0]; i_scsp->can_name != NULL; i_scsp++) { - if (strcasecmp(i_scsp->can_name, optarg_s) == 0) { + } + + /* check args */ + while (1) { + c = getopt_s(argc, argv, "b:k:gt:ae:ld:f:s:"); + if (c == -1) { break; } - } - if (i_scsp->can_name == NULL) { - fprintf(stderr, "Unknown/unsupported crypto suite name %s\n", optarg_s); - exit(1); - } - scs = *i_scsp; - input_key = malloc(scs.key_size); - sec_servs |= sec_serv_conf | sec_serv_auth; - break; - default: - usage(argv[0]); - } - } - - if (gcm_on && scs.tag_size != 8 && scs.tag_size != 16) { - fprintf(stderr, "error: GCM tag size must be 8 or 16 (%d)\n", scs.tag_size); - //exit(1); - } - - if (do_list_mods) { - status = srtp_crypto_kernel_list_debug_modules(); - if (status) { - fprintf(stderr, "error: list of debug modules failed\n"); - exit(1); + switch (c) { + case 'b': + b64_input = 1; + /* fall thru */ + case 'k': + input_key = optarg_s; + break; + case 'e': + scs.key_size = atoi(optarg_s); + if (scs.key_size != 128 && scs.key_size != 256) { + fprintf(stderr, + "error: encryption key size must be 128 or 256 (%d)\n", + scs.key_size); + exit(1); + } + input_key = malloc(scs.key_size); + sec_servs |= sec_serv_conf; + break; + case 't': + scs.tag_size = atoi(optarg_s); + break; + case 'a': + sec_servs |= sec_serv_auth; + break; + case 'g': + gcm_on = 1; + sec_servs |= sec_serv_auth; + break; + case 'd': + status = srtp_crypto_kernel_set_debug_module(optarg_s, 1); + if (status) { + fprintf(stderr, "error: set debug module (%s) failed\n", + optarg_s); + exit(1); + } + break; + case 'f': + if (strlen(optarg_s) > MAX_FILTER) { + fprintf(stderr, "error: filter bigger than %d characters\n", + MAX_FILTER); + exit(1); + } + fprintf(stderr, "Setting filter as %s\n", optarg_s); + strcpy(filter_exp, optarg_s); + break; + case 'l': + do_list_mods = 1; + break; + case 's': + for (i_scsp = &srtp_crypto_suites[0]; i_scsp->can_name != NULL; + i_scsp++) { + if (strcasecmp(i_scsp->can_name, optarg_s) == 0) { + break; + } + } + if (i_scsp->can_name == NULL) { + fprintf(stderr, "Unknown/unsupported crypto suite name %s\n", + optarg_s); + exit(1); + } + scs = *i_scsp; + input_key = malloc(scs.key_size); + sec_servs |= sec_serv_conf | sec_serv_auth; + break; + default: + usage(argv[0]); + } } - return 0; - } - if ((sec_servs && !input_key) || (!sec_servs && input_key)) { - /* - * a key must be provided if and only if security services have - * been requested - */ - if(input_key == NULL){ - fprintf(stderr, "key not provided\n"); - } - if(!sec_servs){ - fprintf(stderr, "no secservs\n"); - } - fprintf(stderr, "provided\n"); - usage(argv[0]); - } + if (gcm_on && scs.tag_size != 8 && scs.tag_size != 16) { + fprintf(stderr, "error: GCM tag size must be 8 or 16 (%d)\n", + scs.tag_size); + // exit(1); + } + if (do_list_mods) { + status = srtp_crypto_kernel_list_debug_modules(); + if (status) { + fprintf(stderr, "error: list of debug modules failed\n"); + exit(1); + } + return 0; + } + if ((sec_servs && !input_key) || (!sec_servs && input_key)) { + /* + * a key must be provided if and only if security services have + * been requested + */ + if (input_key == NULL) { + fprintf(stderr, "key not provided\n"); + } + if (!sec_servs) { + fprintf(stderr, "no secservs\n"); + } + fprintf(stderr, "provided\n"); + usage(argv[0]); + } - /* report security services selected on the command line */ - fprintf(stderr, "security services: "); - if (sec_servs & sec_serv_conf) - fprintf(stderr, "confidentiality "); - if (sec_servs & sec_serv_auth) - fprintf(stderr, "message authentication"); - if (sec_servs == sec_serv_none) - fprintf(stderr, "none"); - fprintf(stderr, "\n"); - - /* set up the srtp policy and master key */ - if (sec_servs) { - /* - * create policy structure, using the default mechanisms but - * with only the security services requested on the command line, - * using the right SSRC value - */ - switch (sec_servs) { - case sec_serv_conf_and_auth: - if (gcm_on) { + /* report security services selected on the command line */ + fprintf(stderr, "security services: "); + if (sec_servs & sec_serv_conf) + fprintf(stderr, "confidentiality "); + if (sec_servs & sec_serv_auth) + fprintf(stderr, "message authentication"); + if (sec_servs == sec_serv_none) + fprintf(stderr, "none"); + fprintf(stderr, "\n"); + + /* set up the srtp policy and master key */ + if (sec_servs) { + /* + * create policy structure, using the default mechanisms but + * with only the security services requested on the command line, + * using the right SSRC value + */ + switch (sec_servs) { + case sec_serv_conf_and_auth: + if (gcm_on) { #ifdef OPENSSL - switch (scs.key_size) { - case 128: - srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp); - srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp); - break; - case 256: - srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtp); - srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtcp); - break; - } + switch (scs.key_size) { + case 128: + srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp); + srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp); + break; + case 256: + srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtp); + srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtcp); + break; + } #else - fprintf(stderr, "error: GCM mode only supported when using the OpenSSL crypto engine.\n"); - return 0; + fprintf(stderr, "error: GCM mode only supported when using the " + "OpenSSL crypto engine.\n"); + return 0; #endif - } else { - switch (scs.key_size) { - case 128: - srtp_crypto_policy_set_rtp_default(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - break; - case 256: - srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - break; - } - } - break; - case sec_serv_conf: - if (gcm_on) { - fprintf(stderr, "error: GCM mode must always be used with auth enabled\n"); - return -1; - } else { - switch (scs.key_size) { - case 128: - srtp_crypto_policy_set_aes_cm_128_null_auth(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - break; - case 256: - srtp_crypto_policy_set_aes_cm_256_null_auth(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - break; - } - } - break; - case sec_serv_auth: - if (gcm_on) { + } else { + switch (scs.key_size) { + case 128: + srtp_crypto_policy_set_rtp_default(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + break; + case 256: + srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + break; + } + } + break; + case sec_serv_conf: + if (gcm_on) { + fprintf( + stderr, + "error: GCM mode must always be used with auth enabled\n"); + return -1; + } else { + switch (scs.key_size) { + case 128: + srtp_crypto_policy_set_aes_cm_128_null_auth(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + break; + case 256: + srtp_crypto_policy_set_aes_cm_256_null_auth(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + break; + } + } + break; + case sec_serv_auth: + if (gcm_on) { #ifdef OPENSSL - switch (scs.key_size) { - case 128: - srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtp); - srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtcp); - break; - case 256: - srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtp); - srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtcp); - break; - } + switch (scs.key_size) { + case 128: + srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtp); + srtp_crypto_policy_set_aes_gcm_128_8_only_auth( + &policy.rtcp); + break; + case 256: + srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtp); + srtp_crypto_policy_set_aes_gcm_256_8_only_auth( + &policy.rtcp); + break; + } #else - printf("error: GCM mode only supported when using the OpenSSL crypto engine.\n"); - return 0; + printf("error: GCM mode only supported when using the OpenSSL " + "crypto engine.\n"); + return 0; #endif - } else { - srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - } - break; - default: - fprintf(stderr, "error: unknown security service requested\n"); - return -1; - } - - policy.key = (uint8_t *) key; - policy.ekt = NULL; - policy.next = NULL; - policy.window_size = 128; - policy.allow_repeat_tx = 0; - policy.rtp.sec_serv = sec_servs; - policy.rtcp.sec_serv = sec_servs; //sec_serv_none; /* we don't do RTCP anyway */ - fprintf(stderr, "setting tag len %d\n", scs.tag_size); - policy.rtp.auth_tag_len = scs.tag_size; - - if (gcm_on && scs.tag_size != 8) { - fprintf(stderr, "setted tag len %d\n", scs.tag_size); - policy.rtp.auth_tag_len = scs.tag_size; - } - - /* - * read key from hexadecimal or base64 on command line into an octet string - */ - if (b64_input) { - int pad; - expected_len = policy.rtp.cipher_key_len*4/3; - len = base64_string_to_octet_string(key, &pad, input_key, expected_len); - if (pad != 0) { - fprintf(stderr, "error: padding in base64 unexpected\n"); - exit(1); - } + } else { + srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + } + break; + default: + fprintf(stderr, "error: unknown security service requested\n"); + return -1; + } + + policy.key = (uint8_t *)key; + policy.ekt = NULL; + policy.next = NULL; + policy.window_size = 128; + policy.allow_repeat_tx = 0; + policy.rtp.sec_serv = sec_servs; + policy.rtcp.sec_serv = + sec_servs; // sec_serv_none; /* we don't do RTCP anyway */ + fprintf(stderr, "setting tag len %d\n", scs.tag_size); + policy.rtp.auth_tag_len = scs.tag_size; + + if (gcm_on && scs.tag_size != 8) { + fprintf(stderr, "setted tag len %d\n", scs.tag_size); + policy.rtp.auth_tag_len = scs.tag_size; + } + + /* + * read key from hexadecimal or base64 on command line into an octet + * string + */ + if (b64_input) { + int pad; + expected_len = policy.rtp.cipher_key_len * 4 / 3; + len = base64_string_to_octet_string(key, &pad, input_key, + expected_len); + if (pad != 0) { + fprintf(stderr, "error: padding in base64 unexpected\n"); + exit(1); + } + } else { + expected_len = policy.rtp.cipher_key_len * 2; + len = hex_string_to_octet_string(key, input_key, expected_len); + } + /* check that hex string is the right length */ + if (len < expected_len) { + fprintf(stderr, "error: too few digits in key/salt " + "(should be %d digits, found %d)\n", + expected_len, len); + exit(1); + } + if (strlen(input_key) > policy.rtp.cipher_key_len * 2) { + fprintf(stderr, "error: too many digits in key/salt " + "(should be %d hexadecimal digits, found %u)\n", + policy.rtp.cipher_key_len * 2, (unsigned)strlen(input_key)); + exit(1); + } + + fprintf(stderr, "set master key/salt to %s/", + octet_string_hex_string(key, 16)); + fprintf(stderr, "%s\n", octet_string_hex_string(key + 16, 14)); + } else { - expected_len = policy.rtp.cipher_key_len*2; - len = hex_string_to_octet_string(key, input_key, expected_len); + fprintf(stderr, + "error: neither encryption or authentication were selected"); + exit(1); } - /* check that hex string is the right length */ - if (len < expected_len) { - fprintf(stderr, - "error: too few digits in key/salt " - "(should be %d digits, found %d)\n", - expected_len, len); - exit(1); - } - if (strlen(input_key) > policy.rtp.cipher_key_len*2) { - fprintf(stderr, - "error: too many digits in key/salt " - "(should be %d hexadecimal digits, found %u)\n", - policy.rtp.cipher_key_len*2, (unsigned)strlen(input_key)); - exit(1); - } - - fprintf(stderr, "set master key/salt to %s/", octet_string_hex_string(key, 16)); - fprintf(stderr, "%s\n", octet_string_hex_string(key+16, 14)); - - } else { - fprintf(stderr, "error: neither encryption or authentication were selected"); - exit(1); - } - - pcap_handle = pcap_open_offline("-", errbuf); - - if (!pcap_handle) { - fprintf(stderr, "libpcap failed to open file '%s'\n", errbuf); - exit(1); - } - assert(pcap_handle != NULL); - if ((pcap_compile(pcap_handle, &fp, filter_exp, 1, pcap_net)) == -1) { - fprintf(stderr, "Couldn't parse filter %s: %s\n", filter_exp, - pcap_geterr(pcap_handle)); - return (2); - } - if (pcap_setfilter(pcap_handle, &fp) == -1) { - fprintf(stderr, "couldn't install filter %s: %s\n", filter_exp, - pcap_geterr(pcap_handle)); - return (2); - } - dec = rtp_decoder_alloc(); - if (dec == NULL) { - fprintf(stderr, "error: malloc() failed\n"); - exit(1); - } - fprintf(stderr, "Starting decoder\n"); - rtp_decoder_init(dec, policy); - - pcap_loop(pcap_handle, 0, rtp_decoder_handle_pkt, (u_char *)dec); - - rtp_decoder_deinit_srtp(dec); - rtp_decoder_dealloc(dec); - - status = srtp_shutdown(); - if (status) { - fprintf(stderr, "error: srtp shutdown failed with error code %d\n", status); - exit(1); - } - return 0; -} + pcap_handle = pcap_open_offline("-", errbuf); + if (!pcap_handle) { + fprintf(stderr, "libpcap failed to open file '%s'\n", errbuf); + exit(1); + } + assert(pcap_handle != NULL); + if ((pcap_compile(pcap_handle, &fp, filter_exp, 1, pcap_net)) == -1) { + fprintf(stderr, "Couldn't parse filter %s: %s\n", filter_exp, + pcap_geterr(pcap_handle)); + return (2); + } + if (pcap_setfilter(pcap_handle, &fp) == -1) { + fprintf(stderr, "couldn't install filter %s: %s\n", filter_exp, + pcap_geterr(pcap_handle)); + return (2); + } + dec = rtp_decoder_alloc(); + if (dec == NULL) { + fprintf(stderr, "error: malloc() failed\n"); + exit(1); + } + fprintf(stderr, "Starting decoder\n"); + rtp_decoder_init(dec, policy); -void -usage(char *string) { + pcap_loop(pcap_handle, 0, rtp_decoder_handle_pkt, (u_char *)dec); - fprintf(stderr, "usage: %s [-d <debug>]* [[-k][-b] <key> [-a][-e]]\n" - "or %s -l\n" - "where -a use message authentication\n" - " -e <key size> use encryption (use 128 or 256 for key size)\n" - " -g Use AES-GCM mode (must be used with -e)\n" - " -t <tag size> Tag size to use (in GCM mode use 8 or 16)\n" - " -k <key> sets the srtp master key given in hexadecimal\n" - " -b <key> sets the srtp master key given in base64\n" - " -l list debug modules\n" - " -f \"<pcap filter>\" to filter only the desired SRTP packets\n" - " -d <debug> turn on debugging for module <debug>\n" - " -s \"<srtp-crypto-suite>\" to set both key and tag size based\n" - " on RFC4568-style crypto suite specification\n", - string, string); - exit(1); + rtp_decoder_deinit_srtp(dec); + rtp_decoder_dealloc(dec); + status = srtp_shutdown(); + if (status) { + fprintf(stderr, "error: srtp shutdown failed with error code %d\n", + status); + exit(1); + } + + return 0; +} + +void usage(char *string) +{ + fprintf( + stderr, + "usage: %s [-d <debug>]* [[-k][-b] <key> [-a][-e]]\n" + "or %s -l\n" + "where -a use message authentication\n" + " -e <key size> use encryption (use 128 or 256 for key size)\n" + " -g Use AES-GCM mode (must be used with -e)\n" + " -t <tag size> Tag size to use (in GCM mode use 8 or 16)\n" + " -k <key> sets the srtp master key given in hexadecimal\n" + " -b <key> sets the srtp master key given in base64\n" + " -l list debug modules\n" + " -f \"<pcap filter>\" to filter only the desired SRTP packets\n" + " -d <debug> turn on debugging for module <debug>\n" + " -s \"<srtp-crypto-suite>\" to set both key and tag size based\n" + " on RFC4568-style crypto suite specification\n", + string, string); + exit(1); } -rtp_decoder_t -rtp_decoder_alloc(void) { - return (rtp_decoder_t)malloc(sizeof(rtp_decoder_ctx_t)); +rtp_decoder_t rtp_decoder_alloc(void) +{ + return (rtp_decoder_t)malloc(sizeof(rtp_decoder_ctx_t)); } -void -rtp_decoder_dealloc(rtp_decoder_t rtp_ctx) { - free(rtp_ctx); +void rtp_decoder_dealloc(rtp_decoder_t rtp_ctx) +{ + free(rtp_ctx); } -srtp_err_status_t -rtp_decoder_init_srtp(rtp_decoder_t decoder, unsigned int ssrc) { - decoder->policy.ssrc.value = htonl(ssrc); - return srtp_create(&decoder->srtp_ctx, &decoder->policy); +srtp_err_status_t rtp_decoder_init_srtp(rtp_decoder_t decoder, + unsigned int ssrc) +{ + decoder->policy.ssrc.value = htonl(ssrc); + return srtp_create(&decoder->srtp_ctx, &decoder->policy); } -int -rtp_decoder_deinit_srtp(rtp_decoder_t decoder) { - return srtp_dealloc(decoder->srtp_ctx); +int rtp_decoder_deinit_srtp(rtp_decoder_t decoder) +{ + return srtp_dealloc(decoder->srtp_ctx); } -int -rtp_decoder_init(rtp_decoder_t dcdr, srtp_policy_t policy) { - dcdr->rtp_offset = DEFAULT_RTP_OFFSET; - dcdr->srtp_ctx = NULL; - dcdr->start_tv.tv_usec = 0; - dcdr->start_tv.tv_sec = 0; - dcdr->frame_nr = -1; - dcdr->policy = policy; - dcdr->policy.ssrc.type = ssrc_specific; - return 0; +int rtp_decoder_init(rtp_decoder_t dcdr, srtp_policy_t policy) +{ + dcdr->rtp_offset = DEFAULT_RTP_OFFSET; + dcdr->srtp_ctx = NULL; + dcdr->start_tv.tv_usec = 0; + dcdr->start_tv.tv_sec = 0; + dcdr->frame_nr = -1; + dcdr->policy = policy; + dcdr->policy.ssrc.type = ssrc_specific; + return 0; } /* * decodes key as base64 */ -void hexdump(const void *ptr, size_t size) { - int i, j; - const unsigned char *cptr = ptr; - - for (i = 0; i < size; i += 16) { - fprintf(stdout, "%04x ", i); - for (j = 0; j < 16 && i+j < size; j++) { - fprintf(stdout, "%02x ", cptr[i+j]); +void hexdump(const void *ptr, size_t size) +{ + int i, j; + const unsigned char *cptr = ptr; + + for (i = 0; i < size; i += 16) { + fprintf(stdout, "%04x ", i); + for (j = 0; j < 16 && i + j < size; j++) { + fprintf(stdout, "%02x ", cptr[i + j]); + } + fprintf(stdout, "\n"); } - fprintf(stdout, "\n"); - } } -void -rtp_decoder_handle_pkt(u_char *arg, const struct pcap_pkthdr *hdr, - const u_char *bytes) { - rtp_decoder_t dcdr = (rtp_decoder_t)arg; - int pktsize; - struct timeval delta; - int octets_recvd; - srtp_err_status_t status; - dcdr->frame_nr++; - - if ((dcdr->start_tv.tv_sec == 0) && (dcdr->start_tv.tv_usec == 0)) { - dcdr->start_tv = hdr->ts; - } - - if (hdr->caplen < dcdr->rtp_offset) { - return; - } - const void *rtp_packet = bytes + dcdr->rtp_offset; - - memcpy((void *)&dcdr->message, rtp_packet, hdr->caplen - dcdr->rtp_offset); - pktsize = hdr->caplen - dcdr->rtp_offset; - octets_recvd = pktsize; - - if (octets_recvd == -1) { - return; - } - - /* verify rtp header */ - if (dcdr->message.header.version != 2) { - return; - } - if(dcdr->srtp_ctx == NULL) { - status = rtp_decoder_init_srtp(dcdr, dcdr->message.header.ssrc); +void rtp_decoder_handle_pkt(u_char *arg, + const struct pcap_pkthdr *hdr, + const u_char *bytes) +{ + rtp_decoder_t dcdr = (rtp_decoder_t)arg; + int pktsize; + struct timeval delta; + int octets_recvd; + srtp_err_status_t status; + dcdr->frame_nr++; + + if ((dcdr->start_tv.tv_sec == 0) && (dcdr->start_tv.tv_usec == 0)) { + dcdr->start_tv = hdr->ts; + } + + if (hdr->caplen < dcdr->rtp_offset) { + return; + } + const void *rtp_packet = bytes + dcdr->rtp_offset; + + memcpy((void *)&dcdr->message, rtp_packet, hdr->caplen - dcdr->rtp_offset); + pktsize = hdr->caplen - dcdr->rtp_offset; + octets_recvd = pktsize; + + if (octets_recvd == -1) { + return; + } + + /* verify rtp header */ + if (dcdr->message.header.version != 2) { + return; + } + if (dcdr->srtp_ctx == NULL) { + status = rtp_decoder_init_srtp(dcdr, dcdr->message.header.ssrc); + if (status) { + exit(1); + } + } + status = srtp_unprotect(dcdr->srtp_ctx, &dcdr->message, &octets_recvd); if (status) { - exit(1); + return; } - } - status = srtp_unprotect(dcdr->srtp_ctx, &dcdr->message, &octets_recvd); - if (status) { - return; - } - timersub(&hdr->ts, &dcdr->start_tv, &delta); - fprintf(stdout, "%02ld:%02ld.%06ld\n", delta.tv_sec/60, delta.tv_sec%60, (long)delta.tv_usec); - hexdump(&dcdr->message, octets_recvd); + timersub(&hdr->ts, &dcdr->start_tv, &delta); + fprintf(stdout, "%02ld:%02ld.%06ld\n", delta.tv_sec / 60, delta.tv_sec % 60, + (long)delta.tv_usec); + hexdump(&dcdr->message, octets_recvd); } -void rtp_print_error(srtp_err_status_t status, char *message) { +void rtp_print_error(srtp_err_status_t status, char *message) +{ + // clang-format off fprintf(stderr, "error: %s %d%s\n", message, status, status == srtp_err_status_replay_fail ? " (replay check failed)" : @@ -530,4 +570,5 @@ status == srtp_err_status_cipher_fail ? " (cipher failed)" : status == srtp_err_status_key_expired ? " (key expired)" : status == srtp_err_status_auth_fail ? " (auth check failed)" : ""); + // clang-format on } diff -Nru libsrtp2-2.1.0/test/rtp_decoder.h libsrtp2-2.2.0/test/rtp_decoder.h --- libsrtp2-2.1.0/test/rtp_decoder.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/rtp_decoder.h 2018-05-15 19:33:24.000000000 +0000 @@ -9,26 +9,26 @@ * */ /* - * + * * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -44,7 +44,6 @@ * */ - #ifndef RTP_DECODER_H #define RTP_DECODER_H @@ -54,12 +53,12 @@ #define DEFAULT_RTP_OFFSET 42 typedef struct rtp_decoder_ctx_t { - srtp_policy_t policy; - srtp_ctx_t *srtp_ctx; - int rtp_offset; - struct timeval start_tv; - int frame_nr; - rtp_msg_t message; + srtp_policy_t policy; + srtp_ctx_t *srtp_ctx; + int rtp_offset; + struct timeval start_tv; + int frame_nr; + rtp_msg_t message; } rtp_decoder_ctx_t; typedef struct rtp_decoder_ctx_t *rtp_decoder_t; @@ -69,7 +68,7 @@ */ void rtp_print_error(srtp_err_status_t status, char *message); -/* +/* * prints the output of a random buffer in hexadecimal */ void hexdump(const void *ptr, size_t size); @@ -85,10 +84,12 @@ */ char *decode_sdes(char *in, char *out); -/* +/* * pcap handling */ -void rtp_decoder_handle_pkt(u_char *arg, const struct pcap_pkthdr *hdr, const u_char *bytes); +void rtp_decoder_handle_pkt(u_char *arg, + const struct pcap_pkthdr *hdr, + const u_char *bytes); rtp_decoder_t rtp_decoder_alloc(void); @@ -96,9 +97,9 @@ int rtp_decoder_init(rtp_decoder_t dcdr, srtp_policy_t policy); -srtp_err_status_t rtp_decoder_init_srtp(rtp_decoder_t decoder, unsigned int ssrc); +srtp_err_status_t rtp_decoder_init_srtp(rtp_decoder_t decoder, + unsigned int ssrc); -int -rtp_decoder_deinit_srtp(rtp_decoder_t decoder); +int rtp_decoder_deinit_srtp(rtp_decoder_t decoder); #endif /* RTP_DECODER_H */ diff -Nru libsrtp2-2.1.0/test/rtp.h libsrtp2-2.2.0/test/rtp.h --- libsrtp2-2.1.0/test/rtp.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/rtp.h 2018-05-15 19:33:24.000000000 +0000 @@ -1,6 +1,6 @@ /* * rtp.h - * + * * rtp interface for srtp reference implementation * * David A. McGrew @@ -15,26 +15,26 @@ */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -50,14 +50,13 @@ * */ - #ifndef SRTP_RTP_H #define SRTP_RTP_H #ifdef HAVE_NETINET_IN_H -# include <netinet/in.h> +#include <netinet/in.h> #elif defined HAVE_WINSOCK2_H -# include <winsock2.h> +#include <winsock2.h> #endif #include "srtp_priv.h" @@ -69,98 +68,85 @@ /* * RTP_HEADER_LEN indicates the size of an RTP header */ -#define RTP_HEADER_LEN 12 +#define RTP_HEADER_LEN 12 -/* +/* * RTP_MAX_BUF_LEN defines the largest RTP packet in the rtp.c implementation */ -#define RTP_MAX_BUF_LEN 16384 - +#define RTP_MAX_BUF_LEN 16384 typedef srtp_hdr_t rtp_hdr_t; typedef struct { - srtp_hdr_t header; - char body[RTP_MAX_BUF_LEN]; + srtp_hdr_t header; + char body[RTP_MAX_BUF_LEN]; } rtp_msg_t; typedef struct rtp_sender_ctx_t { - rtp_msg_t message; - int socket; - srtp_ctx_t *srtp_ctx; - struct sockaddr_in addr; /* reciever's address */ + rtp_msg_t message; + int socket; + srtp_ctx_t *srtp_ctx; + struct sockaddr_in addr; /* reciever's address */ } rtp_sender_ctx_t; typedef struct rtp_receiver_ctx_t { - rtp_msg_t message; - int socket; - srtp_ctx_t *srtp_ctx; - struct sockaddr_in addr; /* receiver's address */ + rtp_msg_t message; + int socket; + srtp_ctx_t *srtp_ctx; + struct sockaddr_in addr; /* receiver's address */ } rtp_receiver_ctx_t; - typedef struct rtp_sender_ctx_t *rtp_sender_t; typedef struct rtp_receiver_ctx_t *rtp_receiver_t; -int -rtp_sendto(rtp_sender_t sender, const void* msg, int len); +int rtp_sendto(rtp_sender_t sender, const void *msg, int len); -int -rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len); +int rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len); -int -rtp_receiver_init(rtp_receiver_t rcvr, int sock, - struct sockaddr_in addr, unsigned int ssrc); - -int -rtp_sender_init(rtp_sender_t sender, int sock, - struct sockaddr_in addr, unsigned int ssrc); +int rtp_receiver_init(rtp_receiver_t rcvr, + int sock, + struct sockaddr_in addr, + unsigned int ssrc); + +int rtp_sender_init(rtp_sender_t sender, + int sock, + struct sockaddr_in addr, + unsigned int ssrc); /* * srtp_sender_init(...) initializes an rtp_sender_t */ -int -srtp_sender_init(rtp_sender_t rtp_ctx, /* structure to be init'ed */ - struct sockaddr_in name, /* socket name */ - srtp_sec_serv_t security_services, /* sec. servs. to be used */ - unsigned char *input_key /* master key/salt in hex */ - ); - -int -srtp_receiver_init(rtp_receiver_t rtp_ctx, /* structure to be init'ed */ - struct sockaddr_in name, /* socket name */ - srtp_sec_serv_t security_services, /* sec. servs. to be used */ - unsigned char *input_key /* master key/salt in hex */ - ); - - -int -rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy); +int srtp_sender_init( + rtp_sender_t rtp_ctx, /* structure to be init'ed */ + struct sockaddr_in name, /* socket name */ + srtp_sec_serv_t security_services, /* sec. servs. to be used */ + unsigned char *input_key /* master key/salt in hex */ + ); -int -rtp_sender_deinit_srtp(rtp_sender_t sender); +int srtp_receiver_init( + rtp_receiver_t rtp_ctx, /* structure to be init'ed */ + struct sockaddr_in name, /* socket name */ + srtp_sec_serv_t security_services, /* sec. servs. to be used */ + unsigned char *input_key /* master key/salt in hex */ + ); -int -rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy); +int rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy); -int -rtp_receiver_deinit_srtp(rtp_receiver_t sender); +int rtp_sender_deinit_srtp(rtp_sender_t sender); +int rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy); -rtp_sender_t -rtp_sender_alloc(void); +int rtp_receiver_deinit_srtp(rtp_receiver_t sender); -void -rtp_sender_dealloc(rtp_sender_t rtp_ctx); +rtp_sender_t rtp_sender_alloc(void); -rtp_receiver_t -rtp_receiver_alloc(void); +void rtp_sender_dealloc(rtp_sender_t rtp_ctx); -void -rtp_receiver_dealloc(rtp_receiver_t rtp_ctx); +rtp_receiver_t rtp_receiver_alloc(void); +void rtp_receiver_dealloc(rtp_receiver_t rtp_ctx); #ifdef __cplusplus } diff -Nru libsrtp2-2.1.0/test/rtpw.c libsrtp2-2.2.0/test/rtpw.c --- libsrtp2-2.1.0/test/rtpw.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/rtpw.c 2018-05-15 19:33:24.000000000 +0000 @@ -8,33 +8,33 @@ * * This app is a simple RTP application intended only for testing * libsrtp. It reads one word at a time from words.txt (or - * whatever file is specified as DICT_FILE), and sends one word out + * whatever file is specified as DICT_FILE or with -w), and sends one word out * each USEC_RATE microseconds. Secure RTP protections can be * applied. See the usage() function for more details. * */ /* - * + * * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -50,82 +50,76 @@ * */ - #ifdef HAVE_CONFIG_H - #include <config.h> +#include <config.h> #endif -#include "getopt_s.h" /* for local getopt() */ +#include "getopt_s.h" /* for local getopt() */ -#include <stdio.h> /* for printf, fprintf */ -#include <stdlib.h> /* for atoi() */ +#include <stdio.h> /* for printf, fprintf */ +#include <stdlib.h> /* for atoi() */ #include <errno.h> -#include <signal.h> /* for signal() */ +#include <signal.h> /* for signal() */ -#include <string.h> /* for strncpy() */ -#include <time.h> /* for usleep() */ +#include <string.h> /* for strncpy() */ +#include <time.h> /* for usleep() */ #ifdef HAVE_UNISTD_H -#include <unistd.h> /* for close() */ +#include <unistd.h> /* for close() */ #elif defined(_MSC_VER) -#include <io.h> /* for _close() */ +#include <io.h> /* for _close() */ #define close _close #endif #ifdef HAVE_SYS_SOCKET_H -# include <sys/socket.h> +#include <sys/socket.h> #endif #ifdef HAVE_NETINET_IN_H -# include <netinet/in.h> +#include <netinet/in.h> #elif defined HAVE_WINSOCK2_H -# include <winsock2.h> -# include <ws2tcpip.h> -# define RTPW_USE_WINSOCK2 1 +#include <winsock2.h> +#include <ws2tcpip.h> +#define RTPW_USE_WINSOCK2 1 #endif #ifdef HAVE_ARPA_INET_H -# include <arpa/inet.h> +#include <arpa/inet.h> #endif -#include "srtp.h" +#include "srtp.h" #include "rtp.h" #include "util.h" -#define DICT_FILE "words.txt" -#define USEC_RATE (5e5) -#define MAX_WORD_LEN 128 +#define DICT_FILE "words.txt" +#define USEC_RATE (5e5) +#define MAX_WORD_LEN 128 #define ADDR_IS_MULTICAST(a) IN_MULTICAST(htonl(a)) -#define MAX_KEY_LEN 96 - +#define MAX_KEY_LEN 96 #ifndef HAVE_USLEEP -# ifdef HAVE_WINDOWS_H -# define usleep(us) Sleep((us)/1000) -# else -# define usleep(us) sleep((us)/1000000) -# endif +#ifdef HAVE_WINDOWS_H +#define usleep(us) Sleep((us) / 1000) +#else +#define usleep(us) sleep((us) / 1000000) +#endif #endif - /* * the function usage() prints an error message describing how this * program should be called, then calls exit() */ -void -usage(char *prog_name); +void usage(char *prog_name); /* * leave_group(...) de-registers from a multicast group */ -void -leave_group(int sock, struct ip_mreq mreq, char *name); - +void leave_group(int sock, struct ip_mreq mreq, char *name); /* * setup_signal_handler() sets up a signal handler to trigger * cleanups after an interrupt */ -int setup_signal_handler(char* name); +int setup_signal_handler(char *name); /* * handle_signal(...) handles interrupt signal to trigger cleanups @@ -139,561 +133,568 @@ typedef enum { sender, receiver, unknown } program_type; -int -main (int argc, char *argv[]) { - char *dictfile = DICT_FILE; - FILE *dict; - char word[MAX_WORD_LEN]; - int sock, ret; - struct in_addr rcvr_addr; - struct sockaddr_in name; - struct ip_mreq mreq; +int main(int argc, char *argv[]) +{ + char *dictfile = DICT_FILE; + FILE *dict; + char word[MAX_WORD_LEN]; + int sock, ret; + struct in_addr rcvr_addr; + struct sockaddr_in name; + struct ip_mreq mreq; #if BEW - struct sockaddr_in local; -#endif - program_type prog_type = unknown; - srtp_sec_serv_t sec_servs = sec_serv_none; - unsigned char ttl = 5; - int c; - int key_size = 128; - int tag_size = 8; - int gcm_on = 0; - char *input_key = NULL; - int b64_input = 0; - char *address = NULL; - char key[MAX_KEY_LEN]; - unsigned short port = 0; - rtp_sender_t snd; - srtp_policy_t policy; - srtp_err_status_t status; - int len; - int expected_len; - int do_list_mods = 0; - uint32_t ssrc = 0xdeadbeef; /* ssrc value hardcoded for now */ + struct sockaddr_in local; +#endif + program_type prog_type = unknown; + srtp_sec_serv_t sec_servs = sec_serv_none; + unsigned char ttl = 5; + int c; + int key_size = 128; + int tag_size = 8; + int gcm_on = 0; + char *input_key = NULL; + int b64_input = 0; + char *address = NULL; + char key[MAX_KEY_LEN]; + unsigned short port = 0; + rtp_sender_t snd; + srtp_policy_t policy; + srtp_err_status_t status; + int len; + int expected_len; + int do_list_mods = 0; + uint32_t ssrc = 0xdeadbeef; /* ssrc value hardcoded for now */ #ifdef RTPW_USE_WINSOCK2 - WORD wVersionRequested = MAKEWORD(2, 0); - WSADATA wsaData; + WORD wVersionRequested = MAKEWORD(2, 0); + WSADATA wsaData; - ret = WSAStartup(wVersionRequested, &wsaData); - if (ret != 0) { - fprintf(stderr, "error: WSAStartup() failed: %d\n", ret); - exit(1); - } + ret = WSAStartup(wVersionRequested, &wsaData); + if (ret != 0) { + fprintf(stderr, "error: WSAStartup() failed: %d\n", ret); + exit(1); + } #endif - memset(&policy, 0x0, sizeof(srtp_policy_t)); + memset(&policy, 0x0, sizeof(srtp_policy_t)); - printf("Using %s [0x%x]\n", srtp_get_version_string(), srtp_get_version()); + printf("Using %s [0x%x]\n", srtp_get_version_string(), srtp_get_version()); - if (setup_signal_handler(argv[0]) != 0) { - exit(1); - } - - /* initialize srtp library */ - status = srtp_init(); - if (status) { - printf("error: srtp initialization failed with error code %d\n", status); - exit(1); - } - - /* check args */ - while (1) { - c = getopt_s(argc, argv, "b:k:rsgt:ae:ld:"); - if (c == -1) { - break; - } - switch (c) { - case 'b': - b64_input = 1; - /* fall thru */ - case 'k': - input_key = optarg_s; - break; - case 'e': - key_size = atoi(optarg_s); - if (key_size != 128 && key_size != 256) { - printf("error: encryption key size must be 128 or 256 (%d)\n", key_size); - exit(1); - } - sec_servs |= sec_serv_conf; - break; - case 't': - tag_size = atoi(optarg_s); - if (tag_size != 8 && tag_size != 16) { - printf("error: GCM tag size must be 8 or 16 (%d)\n", tag_size); + if (setup_signal_handler(argv[0]) != 0) { exit(1); - } - break; - case 'a': - sec_servs |= sec_serv_auth; - break; - case 'g': - gcm_on = 1; - sec_servs |= sec_serv_auth; - break; - case 'r': - prog_type = receiver; - break; - case 's': - prog_type = sender; - break; - case 'd': - status = srtp_set_debug_module(optarg_s, 1); - if (status) { - printf("error: set debug module (%s) failed\n", optarg_s); + } + + /* initialize srtp library */ + status = srtp_init(); + if (status) { + printf("error: srtp initialization failed with error code %d\n", + status); exit(1); - } - break; - case 'l': - do_list_mods = 1; - break; - default: - usage(argv[0]); - } - } - - if (prog_type == unknown) { - if (do_list_mods) { - status = srtp_list_debug_modules(); - if (status) { - printf("error: list of debug modules failed\n"); - exit(1); - } - return 0; - } else { - printf("error: neither sender [-s] nor receiver [-r] specified\n"); - usage(argv[0]); } - } - - if ((sec_servs && !input_key) || (!sec_servs && input_key)) { - /* - * a key must be provided if and only if security services have - * been requested - */ - usage(argv[0]); - } - - if (argc != optind_s + 2) { - /* wrong number of arguments */ - usage(argv[0]); - } - /* get address from arg */ - address = argv[optind_s++]; + /* check args */ + while (1) { + c = getopt_s(argc, argv, "b:k:rsgt:ae:ld:w:"); + if (c == -1) { + break; + } + switch (c) { + case 'b': + b64_input = 1; + /* fall thru */ + case 'k': + input_key = optarg_s; + break; + case 'e': + key_size = atoi(optarg_s); + if (key_size != 128 && key_size != 256) { + printf("error: encryption key size must be 128 or 256 (%d)\n", + key_size); + exit(1); + } + sec_servs |= sec_serv_conf; + break; + case 't': + tag_size = atoi(optarg_s); + if (tag_size != 8 && tag_size != 16) { + printf("error: GCM tag size must be 8 or 16 (%d)\n", tag_size); + exit(1); + } + break; + case 'a': + sec_servs |= sec_serv_auth; + break; + case 'g': + gcm_on = 1; + sec_servs |= sec_serv_auth; + break; + case 'r': + prog_type = receiver; + break; + case 's': + prog_type = sender; + break; + case 'd': + status = srtp_set_debug_module(optarg_s, 1); + if (status) { + printf("error: set debug module (%s) failed\n", optarg_s); + exit(1); + } + break; + case 'l': + do_list_mods = 1; + break; + case 'w': + dictfile = optarg_s; + break; + default: + usage(argv[0]); + } + } - /* get port from arg */ - port = atoi(argv[optind_s++]); + if (prog_type == unknown) { + if (do_list_mods) { + status = srtp_list_debug_modules(); + if (status) { + printf("error: list of debug modules failed\n"); + exit(1); + } + return 0; + } else { + printf("error: neither sender [-s] nor receiver [-r] specified\n"); + usage(argv[0]); + } + } + + if ((sec_servs && !input_key) || (!sec_servs && input_key)) { + /* + * a key must be provided if and only if security services have + * been requested + */ + usage(argv[0]); + } - /* set address */ + if (argc != optind_s + 2) { + /* wrong number of arguments */ + usage(argv[0]); + } + + /* get address from arg */ + address = argv[optind_s++]; + + /* get port from arg */ + port = atoi(argv[optind_s++]); + +/* set address */ #ifdef HAVE_INET_ATON - if (0 == inet_aton(address, &rcvr_addr)) { - fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], address); - exit(1); - } - if (rcvr_addr.s_addr == INADDR_NONE) { - fprintf(stderr, "%s: address error", argv[0]); - exit(1); - } + if (0 == inet_aton(address, &rcvr_addr)) { + fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], + address); + exit(1); + } + if (rcvr_addr.s_addr == INADDR_NONE) { + fprintf(stderr, "%s: address error", argv[0]); + exit(1); + } #else - rcvr_addr.s_addr = inet_addr(address); - if (0xffffffff == rcvr_addr.s_addr) { - fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], address); - exit(1); - } + rcvr_addr.s_addr = inet_addr(address); + if (0xffffffff == rcvr_addr.s_addr) { + fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], + address); + exit(1); + } #endif - /* open socket */ - sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP); - if (sock < 0) { - int err; + /* open socket */ + sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP); + if (sock < 0) { + int err; #ifdef RTPW_USE_WINSOCK2 - err = WSAGetLastError(); + err = WSAGetLastError(); #else - err = errno; + err = errno; #endif - fprintf(stderr, "%s: couldn't open socket: %d\n", argv[0], err); - exit(1); - } - - name.sin_addr = rcvr_addr; - name.sin_family = PF_INET; - name.sin_port = htons(port); - - if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { - if (prog_type == sender) { - ret = setsockopt(sock, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, - sizeof(ttl)); - if (ret < 0) { - fprintf(stderr, "%s: Failed to set TTL for multicast group", argv[0]); - perror(""); - exit(1); - } + fprintf(stderr, "%s: couldn't open socket: %d\n", argv[0], err); + exit(1); } - mreq.imr_multiaddr.s_addr = rcvr_addr.s_addr; - mreq.imr_interface.s_addr = htonl(INADDR_ANY); - ret = setsockopt(sock, IPPROTO_IP, IP_ADD_MEMBERSHIP, (void*)&mreq, - sizeof(mreq)); - if (ret < 0) { - fprintf(stderr, "%s: Failed to join multicast group", argv[0]); - perror(""); - exit(1); - } - } - - /* report security services selected on the command line */ - printf("security services: "); - if (sec_servs & sec_serv_conf) - printf("confidentiality "); - if (sec_servs & sec_serv_auth) - printf("message authentication"); - if (sec_servs == sec_serv_none) - printf("none"); - printf("\n"); - - /* set up the srtp policy and master key */ - if (sec_servs) { - /* - * create policy structure, using the default mechanisms but - * with only the security services requested on the command line, - * using the right SSRC value - */ - switch (sec_servs) { - case sec_serv_conf_and_auth: - if (gcm_on) { + name.sin_addr = rcvr_addr; + name.sin_family = PF_INET; + name.sin_port = htons(port); + + if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { + if (prog_type == sender) { + ret = setsockopt(sock, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, + sizeof(ttl)); + if (ret < 0) { + fprintf(stderr, "%s: Failed to set TTL for multicast group", + argv[0]); + perror(""); + exit(1); + } + } + + mreq.imr_multiaddr.s_addr = rcvr_addr.s_addr; + mreq.imr_interface.s_addr = htonl(INADDR_ANY); + ret = setsockopt(sock, IPPROTO_IP, IP_ADD_MEMBERSHIP, (void *)&mreq, + sizeof(mreq)); + if (ret < 0) { + fprintf(stderr, "%s: Failed to join multicast group", argv[0]); + perror(""); + exit(1); + } + } + + /* report security services selected on the command line */ + printf("security services: "); + if (sec_servs & sec_serv_conf) + printf("confidentiality "); + if (sec_servs & sec_serv_auth) + printf("message authentication"); + if (sec_servs == sec_serv_none) + printf("none"); + printf("\n"); + + /* set up the srtp policy and master key */ + if (sec_servs) { + /* + * create policy structure, using the default mechanisms but + * with only the security services requested on the command line, + * using the right SSRC value + */ + switch (sec_servs) { + case sec_serv_conf_and_auth: + if (gcm_on) { #ifdef OPENSSL - switch (key_size) { - case 128: - srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp); - srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp); - break; - case 256: - srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtp); - srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtcp); - break; - } + switch (key_size) { + case 128: + srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp); + srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp); + break; + case 256: + srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtp); + srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtcp); + break; + } #else - printf("error: GCM mode only supported when using the OpenSSL crypto engine.\n"); - return 0; -#endif - } else { - switch (key_size) { - case 128: - srtp_crypto_policy_set_rtp_default(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - break; - case 256: - srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - break; - } - } - break; - case sec_serv_conf: - if (gcm_on) { - printf("error: GCM mode must always be used with auth enabled\n"); - return -1; - } else { - switch (key_size) { - case 128: - srtp_crypto_policy_set_aes_cm_128_null_auth(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - break; - case 256: - srtp_crypto_policy_set_aes_cm_256_null_auth(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - break; - } - } - break; - case sec_serv_auth: - if (gcm_on) { + printf("error: GCM mode only supported when using the OpenSSL " + "crypto engine.\n"); + return 0; +#endif + } else { + switch (key_size) { + case 128: + srtp_crypto_policy_set_rtp_default(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + break; + case 256: + srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + break; + } + } + break; + case sec_serv_conf: + if (gcm_on) { + printf( + "error: GCM mode must always be used with auth enabled\n"); + return -1; + } else { + switch (key_size) { + case 128: + srtp_crypto_policy_set_aes_cm_128_null_auth(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + break; + case 256: + srtp_crypto_policy_set_aes_cm_256_null_auth(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + break; + } + } + break; + case sec_serv_auth: + if (gcm_on) { #ifdef OPENSSL - switch (key_size) { - case 128: - srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtp); - srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtcp); - break; - case 256: - srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtp); - srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtcp); - break; - } + switch (key_size) { + case 128: + srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtp); + srtp_crypto_policy_set_aes_gcm_128_8_only_auth( + &policy.rtcp); + break; + case 256: + srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtp); + srtp_crypto_policy_set_aes_gcm_256_8_only_auth( + &policy.rtcp); + break; + } #else - printf("error: GCM mode only supported when using the OpenSSL crypto engine.\n"); - return 0; -#endif - } else { - srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - } - break; - default: - printf("error: unknown security service requested\n"); - return -1; - } - policy.ssrc.type = ssrc_specific; - policy.ssrc.value = ssrc; - policy.key = (uint8_t *)key; - policy.ekt = NULL; - policy.next = NULL; - policy.window_size = 128; - policy.allow_repeat_tx = 0; - policy.rtp.sec_serv = sec_servs; - policy.rtcp.sec_serv = sec_serv_none; /* we don't do RTCP anyway */ - - if (gcm_on && tag_size != 8) { - policy.rtp.auth_tag_len = tag_size; - } - - /* - * read key from hexadecimal or base64 on command line into an octet string - */ - if (b64_input) { - int pad; - expected_len = (policy.rtp.cipher_key_len*4)/3; - len = base64_string_to_octet_string(key, &pad, input_key, expected_len); - if (pad != 0) { - fprintf(stderr, "error: padding in base64 unexpected\n"); - exit(1); + printf("error: GCM mode only supported when using the OpenSSL " + "crypto engine.\n"); + return 0; +#endif + } else { + srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + } + break; + default: + printf("error: unknown security service requested\n"); + return -1; } + policy.ssrc.type = ssrc_specific; + policy.ssrc.value = ssrc; + policy.key = (uint8_t *)key; + policy.ekt = NULL; + policy.next = NULL; + policy.window_size = 128; + policy.allow_repeat_tx = 0; + policy.rtp.sec_serv = sec_servs; + policy.rtcp.sec_serv = sec_serv_none; /* we don't do RTCP anyway */ + + if (gcm_on && tag_size != 8) { + policy.rtp.auth_tag_len = tag_size; + } + + /* + * read key from hexadecimal or base64 on command line into an octet + * string + */ + if (b64_input) { + int pad; + expected_len = (policy.rtp.cipher_key_len * 4) / 3; + len = base64_string_to_octet_string(key, &pad, input_key, + expected_len); + if (pad != 0) { + fprintf(stderr, "error: padding in base64 unexpected\n"); + exit(1); + } + } else { + expected_len = policy.rtp.cipher_key_len * 2; + len = hex_string_to_octet_string(key, input_key, expected_len); + } + /* check that hex string is the right length */ + if (len < expected_len) { + fprintf(stderr, "error: too few digits in key/salt " + "(should be %d digits, found %d)\n", + expected_len, len); + exit(1); + } + if ((int)strlen(input_key) > policy.rtp.cipher_key_len * 2) { + fprintf(stderr, "error: too many digits in key/salt " + "(should be %d hexadecimal digits, found %u)\n", + policy.rtp.cipher_key_len * 2, (unsigned)strlen(input_key)); + exit(1); + } + + printf("set master key/salt to %s/", octet_string_hex_string(key, 16)); + printf("%s\n", octet_string_hex_string(key + 16, 14)); + } else { - expected_len = policy.rtp.cipher_key_len*2; - len = hex_string_to_octet_string(key, input_key, expected_len); + /* + * we're not providing security services, so set the policy to the + * null policy + * + * Note that this policy does not conform to the SRTP + * specification, since RTCP authentication is required. However, + * the effect of this policy is to turn off SRTP, so that this + * application is now a vanilla-flavored RTP application. + */ + srtp_crypto_policy_set_null_cipher_hmac_null(&policy.rtp); + srtp_crypto_policy_set_null_cipher_hmac_null(&policy.rtcp); + policy.key = (uint8_t *)key; + policy.ssrc.type = ssrc_specific; + policy.ssrc.value = ssrc; + policy.window_size = 0; + policy.allow_repeat_tx = 0; + policy.ekt = NULL; + policy.next = NULL; } - /* check that hex string is the right length */ - if (len < expected_len) { - fprintf(stderr, - "error: too few digits in key/salt " - "(should be %d digits, found %d)\n", - expected_len, len); - exit(1); - } - if ((int) strlen(input_key) > policy.rtp.cipher_key_len*2) { - fprintf(stderr, - "error: too many digits in key/salt " - "(should be %d hexadecimal digits, found %u)\n", - policy.rtp.cipher_key_len*2, (unsigned)strlen(input_key)); - exit(1); - } - - printf("set master key/salt to %s/", octet_string_hex_string(key, 16)); - printf("%s\n", octet_string_hex_string(key+16, 14)); - - } else { - /* - * we're not providing security services, so set the policy to the - * null policy - * - * Note that this policy does not conform to the SRTP - * specification, since RTCP authentication is required. However, - * the effect of this policy is to turn off SRTP, so that this - * application is now a vanilla-flavored RTP application. - */ - srtp_crypto_policy_set_null_cipher_hmac_null(&policy.rtp); - srtp_crypto_policy_set_null_cipher_hmac_null(&policy.rtcp); - policy.key = (uint8_t *)key; - policy.ssrc.type = ssrc_specific; - policy.ssrc.value = ssrc; - policy.window_size = 0; - policy.allow_repeat_tx = 0; - policy.ekt = NULL; - policy.next = NULL; - } - - if (prog_type == sender) { + if (prog_type == sender) { #if BEW - /* bind to local socket (to match crypto policy, if need be) */ - memset(&local, 0, sizeof(struct sockaddr_in)); - local.sin_addr.s_addr = htonl(INADDR_ANY); - local.sin_port = htons(port); - ret = bind(sock, (struct sockaddr *) &local, sizeof(struct sockaddr_in)); - if (ret < 0) { - fprintf(stderr, "%s: bind failed\n", argv[0]); - perror(""); - exit(1); - } + /* bind to local socket (to match crypto policy, if need be) */ + memset(&local, 0, sizeof(struct sockaddr_in)); + local.sin_addr.s_addr = htonl(INADDR_ANY); + local.sin_port = htons(port); + ret = bind(sock, (struct sockaddr *)&local, sizeof(struct sockaddr_in)); + if (ret < 0) { + fprintf(stderr, "%s: bind failed\n", argv[0]); + perror(""); + exit(1); + } #endif /* BEW */ - /* initialize sender's rtp and srtp contexts */ - snd = rtp_sender_alloc(); - if (snd == NULL) { - fprintf(stderr, "error: malloc() failed\n"); - exit(1); + /* initialize sender's rtp and srtp contexts */ + snd = rtp_sender_alloc(); + if (snd == NULL) { + fprintf(stderr, "error: malloc() failed\n"); + exit(1); + } + rtp_sender_init(snd, sock, name, ssrc); + status = rtp_sender_init_srtp(snd, &policy); + if (status) { + fprintf(stderr, "error: srtp_create() failed with code %d\n", + status); + exit(1); + } + + /* open dictionary */ + dict = fopen(dictfile, "r"); + if (dict == NULL) { + fprintf(stderr, "%s: couldn't open file %s\n", argv[0], dictfile); + if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { + leave_group(sock, mreq, argv[0]); + } + exit(1); + } + + /* read words from dictionary, then send them off */ + while (!interrupted && fgets(word, MAX_WORD_LEN, dict) != NULL) { + len = strlen(word) + 1; /* plus one for null */ + + if (len > MAX_WORD_LEN) + printf("error: word %s too large to send\n", word); + else { + rtp_sendto(snd, word, len); + printf("sending word: %s", word); + } + usleep(USEC_RATE); + } + + rtp_sender_deinit_srtp(snd); + rtp_sender_dealloc(snd); + + fclose(dict); + } else { /* prog_type == receiver */ + rtp_receiver_t rcvr; + + if (bind(sock, (struct sockaddr *)&name, sizeof(name)) < 0) { + close(sock); + fprintf(stderr, "%s: socket bind error\n", argv[0]); + perror(NULL); + if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { + leave_group(sock, mreq, argv[0]); + } + exit(1); + } + + rcvr = rtp_receiver_alloc(); + if (rcvr == NULL) { + fprintf(stderr, "error: malloc() failed\n"); + exit(1); + } + rtp_receiver_init(rcvr, sock, name, ssrc); + status = rtp_receiver_init_srtp(rcvr, &policy); + if (status) { + fprintf(stderr, "error: srtp_create() failed with code %d\n", + status); + exit(1); + } + + /* get next word and loop */ + while (!interrupted) { + len = MAX_WORD_LEN; + if (rtp_recvfrom(rcvr, word, &len) > -1) + printf("\tword: %s\n", word); + } + + rtp_receiver_deinit_srtp(rcvr); + rtp_receiver_dealloc(rcvr); } - rtp_sender_init(snd, sock, name, ssrc); - status = rtp_sender_init_srtp(snd, &policy); - if (status) { - fprintf(stderr, - "error: srtp_create() failed with code %d\n", - status); - exit(1); - } - - /* open dictionary */ - dict = fopen (dictfile, "r"); - if (dict == NULL) { - fprintf(stderr, "%s: couldn't open file %s\n", argv[0], dictfile); - if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { - leave_group(sock, mreq, argv[0]); - } - exit(1); - } - - /* read words from dictionary, then send them off */ - while (!interrupted && fgets(word, MAX_WORD_LEN, dict) != NULL) { - len = strlen(word) + 1; /* plus one for null */ - - if (len > MAX_WORD_LEN) - printf("error: word %s too large to send\n", word); - else { - rtp_sendto(snd, word, len); - printf("sending word: %s", word); - } - usleep(USEC_RATE); - } - - rtp_sender_deinit_srtp(snd); - rtp_sender_dealloc(snd); - - fclose(dict); - } else { /* prog_type == receiver */ - rtp_receiver_t rcvr; - - if (bind(sock, (struct sockaddr *)&name, sizeof(name)) < 0) { - close(sock); - fprintf(stderr, "%s: socket bind error\n", argv[0]); - perror(NULL); - if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { - leave_group(sock, mreq, argv[0]); - } - exit(1); - } - - rcvr = rtp_receiver_alloc(); - if (rcvr == NULL) { - fprintf(stderr, "error: malloc() failed\n"); - exit(1); + + if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { + leave_group(sock, mreq, argv[0]); } - rtp_receiver_init(rcvr, sock, name, ssrc); - status = rtp_receiver_init_srtp(rcvr, &policy); - if (status) { - fprintf(stderr, - "error: srtp_create() failed with code %d\n", - status); - exit(1); - } - - /* get next word and loop */ - while (!interrupted) { - len = MAX_WORD_LEN; - if (rtp_recvfrom(rcvr, word, &len) > -1) - printf("\tword: %s\n", word); - } - - rtp_receiver_deinit_srtp(rcvr); - rtp_receiver_dealloc(rcvr); - } - - if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { - leave_group(sock, mreq, argv[0]); - } #ifdef RTPW_USE_WINSOCK2 - ret = closesocket(sock); + ret = closesocket(sock); #else - ret = close(sock); + ret = close(sock); #endif - if (ret < 0) { - fprintf(stderr, "%s: Failed to close socket", argv[0]); - perror(""); - } - - status = srtp_shutdown(); - if (status) { - printf("error: srtp shutdown failed with error code %d\n", status); - exit(1); - } + if (ret < 0) { + fprintf(stderr, "%s: Failed to close socket", argv[0]); + perror(""); + } + + status = srtp_shutdown(); + if (status) { + printf("error: srtp shutdown failed with error code %d\n", status); + exit(1); + } #ifdef RTPW_USE_WINSOCK2 - WSACleanup(); + WSACleanup(); #endif - return 0; + return 0; } - -void -usage(char *string) { - - printf("usage: %s [-d <debug>]* [-k <key> [-a][-e]] " - "[-s | -r] dest_ip dest_port\n" - "or %s -l\n" - "where -a use message authentication\n" - " -e <key size> use encryption (use 128 or 256 for key size)\n" - " -g Use AES-GCM mode (must be used with -e)\n" - " -t <tag size> Tag size to use in GCM mode (use 8 or 16)\n" - " -k <key> sets the srtp master key given in hexadecimal\n" - " -b <key> sets the srtp master key given in base64\n" - " -s act as rtp sender\n" - " -r act as rtp receiver\n" - " -l list debug modules\n" - " -d <debug> turn on debugging for module <debug>\n", - string, string); - exit(1); - +void usage(char *string) +{ + printf("usage: %s [-d <debug>]* [-k <key> [-a][-e]] " + "[-s | -r] dest_ip dest_port\n" + "or %s -l\n" + "where -a use message authentication\n" + " -e <key size> use encryption (use 128 or 256 for key size)\n" + " -g Use AES-GCM mode (must be used with -e)\n" + " -t <tag size> Tag size to use in GCM mode (use 8 or 16)\n" + " -k <key> sets the srtp master key given in hexadecimal\n" + " -b <key> sets the srtp master key given in base64\n" + " -s act as rtp sender\n" + " -r act as rtp receiver\n" + " -l list debug modules\n" + " -d <debug> turn on debugging for module <debug>\n" + " -w <wordsfile> use <wordsfile> for input, rather than %s\n", + string, string, DICT_FILE); + exit(1); } +void leave_group(int sock, struct ip_mreq mreq, char *name) +{ + int ret; -void -leave_group(int sock, struct ip_mreq mreq, char *name) { - int ret; - - ret = setsockopt(sock, IPPROTO_IP, IP_DROP_MEMBERSHIP, (void*)&mreq, - sizeof(mreq)); - if (ret < 0) { - fprintf(stderr, "%s: Failed to leave multicast group", name); - perror(""); - } + ret = setsockopt(sock, IPPROTO_IP, IP_DROP_MEMBERSHIP, (void *)&mreq, + sizeof(mreq)); + if (ret < 0) { + fprintf(stderr, "%s: Failed to leave multicast group", name); + perror(""); + } } void handle_signal(int signum) { - interrupted = 1; - /* Reset handler explicitly, in case we don't have sigaction() (and signal() - has BSD semantics), or we don't have SA_RESETHAND */ - signal(signum, SIG_DFL); + interrupted = 1; + /* Reset handler explicitly, in case we don't have sigaction() (and signal() + has BSD semantics), or we don't have SA_RESETHAND */ + signal(signum, SIG_DFL); } -int setup_signal_handler(char* name) +int setup_signal_handler(char *name) { #if HAVE_SIGACTION - struct sigaction act; - memset(&act, 0, sizeof(act)); + struct sigaction act; + memset(&act, 0, sizeof(act)); - act.sa_handler = handle_signal; - sigemptyset(&act.sa_mask); + act.sa_handler = handle_signal; + sigemptyset(&act.sa_mask); #if defined(SA_RESETHAND) - act.sa_flags = SA_RESETHAND; + act.sa_flags = SA_RESETHAND; #else - act.sa_flags = 0; + act.sa_flags = 0; #endif - /* Note that we're not setting SA_RESTART; we want recvfrom to return - * EINTR when we signal the receiver. */ - - if (sigaction(SIGTERM, &act, NULL) != 0) { - fprintf(stderr, "%s: error setting up signal handler", name); - perror(""); - return -1; - } + /* Note that we're not setting SA_RESTART; we want recvfrom to return + * EINTR when we signal the receiver. */ + + if (sigaction(SIGTERM, &act, NULL) != 0) { + fprintf(stderr, "%s: error setting up signal handler", name); + perror(""); + return -1; + } #else - if (signal(SIGTERM, handle_signal) == SIG_ERR) { - fprintf(stderr, "%s: error setting up signal handler", name); - perror(""); - return -1; - } + if (signal(SIGTERM, handle_signal) == SIG_ERR) { + fprintf(stderr, "%s: error setting up signal handler", name); + perror(""); + return -1; + } #endif - return 0; + return 0; } diff -Nru libsrtp2-2.1.0/test/srtp_driver.c libsrtp2-2.2.0/test/srtp_driver.c --- libsrtp2-2.1.0/test/srtp_driver.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/srtp_driver.c 2018-05-15 19:33:24.000000000 +0000 @@ -1,5 +1,3 @@ - - /* * srtp_driver.c * @@ -44,7 +42,6 @@ * */ - #include <string.h> /* for memcpy() */ #include <time.h> /* for clock() */ #include <stdlib.h> /* for malloc(), free() */ @@ -55,96 +52,73 @@ #include "util.h" #ifdef HAVE_NETINET_IN_H -# include <netinet/in.h> +#include <netinet/in.h> #elif defined HAVE_WINSOCK2_H -# include <winsock2.h> +#include <winsock2.h> #endif #define PRINT_REFERENCE_PACKET 1 -srtp_err_status_t -srtp_validate(void); +srtp_err_status_t srtp_validate(void); #ifdef OPENSSL -srtp_err_status_t -srtp_validate_gcm(void); +srtp_err_status_t srtp_validate_gcm(void); #endif -srtp_err_status_t -srtp_validate_encrypted_extensions_headers(void); +srtp_err_status_t srtp_validate_encrypted_extensions_headers(void); #ifdef OPENSSL -srtp_err_status_t -srtp_validate_encrypted_extensions_headers_gcm(void); +srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm(void); #endif -srtp_err_status_t -srtp_validate_aes_256(void); +srtp_err_status_t srtp_validate_aes_256(void); -srtp_err_status_t -srtp_create_big_policy(srtp_policy_t **list); +srtp_err_status_t srtp_create_big_policy(srtp_policy_t **list); -srtp_err_status_t -srtp_dealloc_big_policy(srtp_policy_t *list); +srtp_err_status_t srtp_dealloc_big_policy(srtp_policy_t *list); -srtp_err_status_t -srtp_test_empty_payload(void); +srtp_err_status_t srtp_test_empty_payload(void); #ifdef OPENSSL -srtp_err_status_t -srtp_test_empty_payload_gcm(void); +srtp_err_status_t srtp_test_empty_payload_gcm(void); #endif -srtp_err_status_t -srtp_test_remove_stream(void); +srtp_err_status_t srtp_test_remove_stream(void); -srtp_err_status_t -srtp_test_update(void); +srtp_err_status_t srtp_test_update(void); -srtp_err_status_t -srtp_test_protect_trailer_length(void); +srtp_err_status_t srtp_test_protect_trailer_length(void); -srtp_err_status_t -srtp_test_protect_rtcp_trailer_length(void); +srtp_err_status_t srtp_test_protect_rtcp_trailer_length(void); -srtp_err_status_t -srtp_test_get_roc(void); +srtp_err_status_t srtp_test_get_roc(void); -srtp_err_status_t -srtp_test_set_receiver_roc(void); +srtp_err_status_t srtp_test_set_receiver_roc(void); -srtp_err_status_t -srtp_test_set_sender_roc(void); +srtp_err_status_t srtp_test_set_sender_roc(void); -double -srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy); +double srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy); -double -srtp_rejections_per_second(int msg_len_octets, const srtp_policy_t *policy); +double srtp_rejections_per_second(int msg_len_octets, + const srtp_policy_t *policy); -void -srtp_do_timing(const srtp_policy_t *policy); +void srtp_do_timing(const srtp_policy_t *policy); -void -srtp_do_rejection_timing(const srtp_policy_t *policy); +void srtp_do_rejection_timing(const srtp_policy_t *policy); -srtp_err_status_t -srtp_test(const srtp_policy_t *policy, int extension_header, int mki_index); +srtp_err_status_t srtp_test(const srtp_policy_t *policy, + int extension_header, + int mki_index); -srtp_err_status_t -srtcp_test(const srtp_policy_t *policy, int mki_index); +srtp_err_status_t srtcp_test(const srtp_policy_t *policy, int mki_index); -srtp_err_status_t -srtp_session_print_policy(srtp_t srtp); +srtp_err_status_t srtp_session_print_policy(srtp_t srtp); -srtp_err_status_t -srtp_print_policy(const srtp_policy_t *policy); +srtp_err_status_t srtp_print_policy(const srtp_policy_t *policy); -char * -srtp_packet_to_string(srtp_hdr_t *hdr, int packet_len); +char *srtp_packet_to_string(srtp_hdr_t *hdr, int packet_len); -double -mips_estimate(int num_trials, int *ignore); +double mips_estimate(int num_trials, int *ignore); #define TEST_MKI_ID_SIZE 4 @@ -153,6 +127,7 @@ extern uint8_t test_mki_id[TEST_MKI_ID_SIZE]; extern uint8_t test_mki_id_2[TEST_MKI_ID_SIZE]; +// clang-format off srtp_master_key_t master_key_1 = { test_key, test_mki_id, @@ -169,9 +144,9 @@ &master_key_1, &master_key_2 }; +// clang-format on -void -usage (char *prog_name) +void usage(char *prog_name) { printf("usage: %s [ -t ][ -c ][ -v ][ -o ][-d <debug_module> ]* [ -l ]\n" " -t run timing test\n" @@ -180,19 +155,27 @@ " -v run validation tests\n" " -o output logging to stdout\n" " -d <mod> turn on debugging module <mod>\n" - " -l list debugging modules\n", prog_name); + " -l list debugging modules\n", + prog_name); exit(1); } -void -log_handler (srtp_log_level_t level, const char * msg, void * data) +void log_handler(srtp_log_level_t level, const char *msg, void *data) { char level_char = '?'; - switch(level) { - case srtp_log_level_error: level_char = 'e'; break; - case srtp_log_level_warning: level_char = 'w'; break; - case srtp_log_level_info: level_char = 'i'; break; - case srtp_log_level_debug: level_char = 'd'; break; + switch (level) { + case srtp_log_level_error: + level_char = 'e'; + break; + case srtp_log_level_warning: + level_char = 'w'; + break; + case srtp_log_level_info: + level_char = 'i'; + break; + case srtp_log_level_debug: + level_char = 'd'; + break; } printf("SRTP-LOG [%c]: %s\n", level_char, msg); } @@ -204,7 +187,6 @@ extern const srtp_policy_t *policy_array[]; - /* the wildcard_policy is declared below; it has a wildcard ssrc */ extern const srtp_policy_t wildcard_policy; @@ -217,20 +199,19 @@ */ srtp_debug_module_t mod_driver = { - 0, /* debugging is off by default */ - "driver" /* printable name for module */ + 0, /* debugging is off by default */ + "driver" /* printable name for module */ }; -int -main (int argc, char *argv[]) +int main(int argc, char *argv[]) { int q; - unsigned do_timing_test = 0; + unsigned do_timing_test = 0; unsigned do_rejection_test = 0; - unsigned do_codec_timing = 0; - unsigned do_validation = 0; - unsigned do_list_mods = 0; - unsigned do_log_stdout = 0; + unsigned do_codec_timing = 0; + unsigned do_validation = 0; + unsigned do_list_mods = 0; + unsigned do_log_stdout = 0; srtp_err_status_t status; /* @@ -255,7 +236,8 @@ status = srtp_crypto_kernel_load_debug_module(&mod_driver); if (status) { printf("error: load of srtp_driver debug module failed " - "with error code %d\n", status); + "with error code %d\n", + status); exit(1); } @@ -296,8 +278,8 @@ } } - if (!do_validation && !do_timing_test && !do_codec_timing - && !do_list_mods && !do_rejection_test) { + if (!do_validation && !do_timing_test && !do_codec_timing && + !do_list_mods && !do_rejection_test) { usage(argv[0]); } @@ -326,51 +308,56 @@ printf("testing srtp_protect and srtp_unprotect\n"); if (srtp_test(*policy, 0, -1) == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } - printf("testing srtp_protect and srtp_unprotect with encrypted extensions headers\n"); + printf("testing srtp_protect and srtp_unprotect with encrypted " + "extensions headers\n"); if (srtp_test(*policy, 1, -1) == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp\n"); if (srtcp_test(*policy, -1) == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } - printf("testing srtp_protect_rtp and srtp_unprotect_rtp with MKI index set to 0\n"); + printf("testing srtp_protect_rtp and srtp_unprotect_rtp with MKI " + "index set to 0\n"); if (srtp_test(*policy, 0, 0) == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } - printf("testing srtp_protect_rtp and srtp_unprotect_rtp with MKI index set to 1\n"); + printf("testing srtp_protect_rtp and srtp_unprotect_rtp with MKI " + "index set to 1\n"); if (srtp_test(*policy, 0, 1) == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } - printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp with MKI index set to 0\n"); + printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp with MKI " + "index set to 0\n"); if (srtcp_test(*policy, 0) == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } - printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp with MKI index set to 1\n"); + printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp with MKI " + "index set to 1\n"); if (srtcp_test(*policy, 1) == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } @@ -386,14 +373,15 @@ printf("testing srtp_protect and srtp_unprotect with big policy\n"); if (srtp_test(big_policy, 0, -1) == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } - printf("testing srtp_protect and srtp_unprotect with big policy and encrypted extensions headers\n"); + printf("testing srtp_protect and srtp_unprotect with big policy and " + "encrypted extensions headers\n"); if (srtp_test(big_policy, 1, -1) == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } @@ -408,7 +396,7 @@ "wildcard ssrc policy\n"); if (srtp_test(&wildcard_policy, 0, -1) == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } @@ -416,7 +404,7 @@ "wildcard ssrc policy and encrypted extensions headers\n"); if (srtp_test(&wildcard_policy, 1, -1) == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } @@ -429,7 +417,7 @@ "reference packet\n"); if (srtp_validate() == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } @@ -439,7 +427,7 @@ "reference packet using GCM\n"); if (srtp_validate_gcm() == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } @@ -457,9 +445,10 @@ #ifdef OPENSSL printf("testing srtp_protect and srtp_unprotect against " "reference packet with encrypted extension headers (GCM)\n"); - if (srtp_validate_encrypted_extensions_headers_gcm() == srtp_err_status_ok) { + if (srtp_validate_encrypted_extensions_headers_gcm() == + srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } @@ -473,7 +462,7 @@ "reference packet (AES-256)\n"); if (srtp_validate_aes_256() == srtp_err_status_ok) { printf("passed\n\n"); - } else{ + } else { printf("failed\n"); exit(1); } @@ -485,7 +474,7 @@ "packet with empty payload\n"); if (srtp_test_empty_payload() == srtp_err_status_ok) { printf("passed\n"); - } else{ + } else { printf("failed\n"); exit(1); } @@ -494,7 +483,7 @@ "packet with empty payload (GCM)\n"); if (srtp_test_empty_payload_gcm() == srtp_err_status_ok) { printf("passed\n"); - } else{ + } else { printf("failed\n"); exit(1); } @@ -506,7 +495,7 @@ printf("testing srtp_remove_stream()..."); if (srtp_test_remove_stream() == srtp_err_status_ok) { printf("passed\n"); - } else{ + } else { printf("failed\n"); exit(1); } @@ -565,7 +554,6 @@ printf("failed\n"); exit(1); } - } if (do_timing_test) { @@ -598,7 +586,7 @@ memset(&policy, 0, sizeof(policy)); srtp_crypto_policy_set_rtp_default(&policy.rtp); srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - policy.ssrc.type = ssrc_specific; + policy.ssrc.type = ssrc_specific; policy.ssrc.value = 0xdecafbad; policy.key = test_key; policy.ekt = NULL; @@ -612,28 +600,28 @@ printf("codec\t\tlength (octets)\t\tsrtp instructions/second\n"); printf("G.711\t\t%d\t\t\t%e\n", 80, (double)mips_value * (80 * 8) / - srtp_bits_per_second(80, &policy) / .01 ); + srtp_bits_per_second(80, &policy) / .01); printf("G.711\t\t%d\t\t\t%e\n", 160, (double)mips_value * (160 * 8) / - srtp_bits_per_second(160, &policy) / .02); + srtp_bits_per_second(160, &policy) / .02); printf("G.726-32\t%d\t\t\t%e\n", 40, (double)mips_value * (40 * 8) / - srtp_bits_per_second(40, &policy) / .01 ); + srtp_bits_per_second(40, &policy) / .01); printf("G.726-32\t%d\t\t\t%e\n", 80, (double)mips_value * (80 * 8) / - srtp_bits_per_second(80, &policy) / .02); + srtp_bits_per_second(80, &policy) / .02); printf("G.729\t\t%d\t\t\t%e\n", 10, (double)mips_value * (10 * 8) / - srtp_bits_per_second(10, &policy) / .01 ); + srtp_bits_per_second(10, &policy) / .01); printf("G.729\t\t%d\t\t\t%e\n", 20, (double)mips_value * (20 * 8) / - srtp_bits_per_second(20, &policy) / .02 ); + srtp_bits_per_second(20, &policy) / .02); printf("Wideband\t%d\t\t\t%e\n", 320, (double)mips_value * (320 * 8) / - srtp_bits_per_second(320, &policy) / .01 ); + srtp_bits_per_second(320, &policy) / .01); printf("Wideband\t%d\t\t\t%e\n", 640, (double)mips_value * (640 * 8) / - srtp_bits_per_second(640, &policy) / .02 ); + srtp_bits_per_second(640, &policy) / .02); } status = srtp_shutdown(); @@ -645,8 +633,6 @@ return 0; } - - /* * srtp_create_test_packet(len, ssrc) returns a pointer to a * (malloced) example RTP packet whose data field has the length given @@ -660,8 +646,9 @@ * deallocated with the free() call once it is no longer needed. */ -srtp_hdr_t * -srtp_create_test_packet (int pkt_octet_len, uint32_t ssrc) +srtp_hdr_t *srtp_create_test_packet(int pkt_octet_len, + uint32_t ssrc, + int *pkt_len) { int i; uint8_t *buffer; @@ -669,23 +656,23 @@ int bytes_in_hdr = 12; /* allocate memory for test packet */ - hdr = (srtp_hdr_t*)malloc(pkt_octet_len + bytes_in_hdr - + SRTP_MAX_TRAILER_LEN + 4); + hdr = (srtp_hdr_t *)malloc(pkt_octet_len + bytes_in_hdr + + SRTP_MAX_TRAILER_LEN + 4); if (!hdr) { return NULL; } - hdr->version = 2; /* RTP version two */ - hdr->p = 0; /* no padding needed */ - hdr->x = 0; /* no header extension */ - hdr->cc = 0; /* no CSRCs */ - hdr->m = 0; /* marker bit */ - hdr->pt = 0xf; /* payload type */ - hdr->seq = htons(0x1234); /* sequence number */ - hdr->ts = htonl(0xdecafbad); /* timestamp */ - hdr->ssrc = htonl(ssrc); /* synch. source */ + hdr->version = 2; /* RTP version two */ + hdr->p = 0; /* no padding needed */ + hdr->x = 0; /* no header extension */ + hdr->cc = 0; /* no CSRCs */ + hdr->m = 0; /* marker bit */ + hdr->pt = 0xf; /* payload type */ + hdr->seq = htons(0x1234); /* sequence number */ + hdr->ts = htonl(0xdecafbad); /* timestamp */ + hdr->ssrc = htonl(ssrc); /* synch. source */ - buffer = (uint8_t*)hdr; + buffer = (uint8_t *)hdr; buffer += bytes_in_hdr; /* set RTP data to 0xab */ @@ -698,85 +685,91 @@ *buffer++ = 0xff; } + *pkt_len = bytes_in_hdr + pkt_octet_len; + return hdr; } -static srtp_hdr_t * -srtp_create_test_packet_extended (int pkt_octet_len, uint32_t ssrc, uint16_t seq, uint32_t ts) +static srtp_hdr_t *srtp_create_test_packet_extended(int pkt_octet_len, + uint32_t ssrc, + uint16_t seq, + uint32_t ts, + int *pkt_len) { - srtp_hdr_t *hdr; + srtp_hdr_t *hdr; + + hdr = srtp_create_test_packet(pkt_octet_len, ssrc, pkt_len); + if (hdr == NULL) + return hdr; - hdr = srtp_create_test_packet(pkt_octet_len, ssrc); - if (hdr == NULL) + hdr->seq = htons(seq); + hdr->ts = htonl(ts); return hdr; +} - hdr->seq = htons(seq); - hdr->ts = htonl(ts); - return hdr; -} - -srtp_hdr_t * -srtp_create_test_packet_ext_hdr(int pkt_octet_len, uint32_t ssrc) { - int i; - uint8_t *buffer; - srtp_hdr_t *hdr; - int bytes_in_hdr = 12; - uint8_t extension_header[12] = { - /* one-byte header */ - 0xbe, 0xde, - /* size */ - 0x00, 0x02, - /* id 1, length 1 (i.e. 2 bytes) */ - 0x11, - /* payload */ - 0xca, - 0xfe, - /* padding */ - 0x00, - /* id 2, length 0 (i.e. 1 byte) */ - 0x20, - /* payload */ - 0xba, - /* padding */ - 0x00, - 0x00 - }; - - /* allocate memory for test packet */ - hdr = (srtp_hdr_t*) malloc(pkt_octet_len + bytes_in_hdr - + sizeof(extension_header) + SRTP_MAX_TRAILER_LEN + 4); - if (!hdr) - return NULL; - - hdr->version = 2; /* RTP version two */ - hdr->p = 0; /* no padding needed */ - hdr->x = 1; /* no header extension */ - hdr->cc = 0; /* no CSRCs */ - hdr->m = 0; /* marker bit */ - hdr->pt = 0xf; /* payload type */ - hdr->seq = htons(0x1234); /* sequence number */ - hdr->ts = htonl(0xdecafbad); /* timestamp */ - hdr->ssrc = htonl(ssrc); /* synch. source */ - - buffer = (uint8_t *)hdr; - buffer += bytes_in_hdr; - - memcpy(buffer, extension_header, sizeof(extension_header)); - buffer += sizeof(extension_header); - - /* set RTP data to 0xab */ - for (i=0; i < pkt_octet_len; i++) - *buffer++ = 0xab; - - /* set post-data value to 0xffff to enable overrun checking */ - for (i=0; i < SRTP_MAX_TRAILER_LEN+4; i++) - *buffer++ = 0xff; +srtp_hdr_t *srtp_create_test_packet_ext_hdr(int pkt_octet_len, + uint32_t ssrc, + int *pkt_len) +{ + int i; + uint8_t *buffer; + srtp_hdr_t *hdr; + int bytes_in_hdr = 12; + uint8_t extension_header[12] = { /* one-byte header */ + 0xbe, 0xde, + /* size */ + 0x00, 0x02, + /* id 1, length 1 (i.e. 2 bytes) */ + 0x11, + /* payload */ + 0xca, 0xfe, + /* padding */ + 0x00, + /* id 2, length 0 (i.e. 1 byte) */ + 0x20, + /* payload */ + 0xba, + /* padding */ + 0x00, 0x00 + }; - return hdr; + /* allocate memory for test packet */ + hdr = (srtp_hdr_t *)malloc(pkt_octet_len + bytes_in_hdr + + sizeof(extension_header) + SRTP_MAX_TRAILER_LEN + + 4); + if (!hdr) + return NULL; + + hdr->version = 2; /* RTP version two */ + hdr->p = 0; /* no padding needed */ + hdr->x = 1; /* no header extension */ + hdr->cc = 0; /* no CSRCs */ + hdr->m = 0; /* marker bit */ + hdr->pt = 0xf; /* payload type */ + hdr->seq = htons(0x1234); /* sequence number */ + hdr->ts = htonl(0xdecafbad); /* timestamp */ + hdr->ssrc = htonl(ssrc); /* synch. source */ + + buffer = (uint8_t *)hdr; + buffer += bytes_in_hdr; + + memcpy(buffer, extension_header, sizeof(extension_header)); + buffer += sizeof(extension_header); + + /* set RTP data to 0xab */ + for (i = 0; i < pkt_octet_len; i++) + *buffer++ = 0xab; + + /* set post-data value to 0xffff to enable overrun checking */ + for (i = 0; i < SRTP_MAX_TRAILER_LEN + 4; i++) + *buffer++ = 0xff; + + *pkt_len = bytes_in_hdr + sizeof(extension_header) + pkt_octet_len; + + return hdr; } -void -srtp_do_timing (const srtp_policy_t *policy) +void srtp_do_timing(const srtp_policy_t *policy) { int len; @@ -796,11 +789,9 @@ /* these extra linefeeds let gnuplot know that a dataset is done */ printf("\r\n\r\n"); - } -void -srtp_do_rejection_timing (const srtp_policy_t *policy) +void srtp_do_rejection_timing(const srtp_policy_t *policy) { int len; @@ -819,21 +810,18 @@ /* these extra linefeeds let gnuplot know that a dataset is done */ printf("\r\n\r\n"); - } - #define MAX_MSG_LEN 1024 -double -srtp_bits_per_second (int msg_len_octets, const srtp_policy_t *policy) +double srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy) { srtp_t srtp; srtp_hdr_t *mesg; int i; clock_t timer; int num_trials = 100000; - int len; + int input_len, len; uint32_t ssrc; srtp_err_status_t status; @@ -858,15 +846,13 @@ /* * create a test packet */ - mesg = srtp_create_test_packet(msg_len_octets, ssrc); + mesg = srtp_create_test_packet(msg_len_octets, ssrc, &input_len); if (mesg == NULL) { return 0.0; /* indicate failure by returning zero */ - } timer = clock(); for (i = 0; i < num_trials; i++) { - len = msg_len_octets + 12; /* add in rtp header length */ - + len = input_len; /* srtp protect message */ status = srtp_protect(srtp, mesg, &len); if (status) { @@ -876,7 +862,8 @@ /* increment message number */ { - /* hack sequence to avoid problems with macros for htons/ntohs on some systems */ + /* hack sequence to avoid problems with macros for htons/ntohs on + * some systems */ short new_seq = ntohs(mesg->seq) + 1; mesg->seq = htons(new_seq); } @@ -891,12 +878,11 @@ exit(1); } - return (double)(msg_len_octets) * 8 * - num_trials * CLOCKS_PER_SEC / timer; + return (double)(msg_len_octets)*8 * num_trials * CLOCKS_PER_SEC / timer; } -double -srtp_rejections_per_second (int msg_len_octets, const srtp_policy_t *policy) +double srtp_rejections_per_second(int msg_len_octets, + const srtp_policy_t *policy) { srtp_ctx_t *srtp; srtp_hdr_t *mesg; @@ -916,18 +902,16 @@ exit(1); } - mesg = srtp_create_test_packet(msg_len_octets, ssrc); + mesg = srtp_create_test_packet(msg_len_octets, ssrc, &len); if (mesg == NULL) { return 0.0; /* indicate failure by returning zero */ - } - len = msg_len_octets; - srtp_protect(srtp, (srtp_hdr_t*)mesg, &len); + srtp_protect(srtp, (srtp_hdr_t *)mesg, &len); timer = clock(); for (i = 0; i < num_trials; i++) { len = msg_len_octets; - srtp_unprotect(srtp, (srtp_hdr_t*)mesg, &len); + srtp_unprotect(srtp, (srtp_hdr_t *)mesg, &len); } timer = clock() - timer; @@ -942,56 +926,67 @@ return (double)num_trials * CLOCKS_PER_SEC / timer; } - -void -err_check (srtp_err_status_t s) +void err_check(srtp_err_status_t s) { if (s == srtp_err_status_ok) { return; - } else{ + } else { fprintf(stderr, "error: unexpected srtp failure (code %d)\n", s); } exit(1); } -srtp_err_status_t -srtp_test_call_protect(srtp_t srtp_sender, srtp_hdr_t *hdr, int *len, int mki_index) { +srtp_err_status_t srtp_test_call_protect(srtp_t srtp_sender, + srtp_hdr_t *hdr, + int *len, + int mki_index) +{ if (mki_index == -1) { - return srtp_protect(srtp_sender, hdr, len); + return srtp_protect(srtp_sender, hdr, len); } else { - return srtp_protect_mki(srtp_sender, hdr, len, 1, mki_index); + return srtp_protect_mki(srtp_sender, hdr, len, 1, mki_index); } } -srtp_err_status_t -srtp_test_call_protect_rtcp(srtp_t srtp_sender, srtp_hdr_t *hdr, int *len, int mki_index) { +srtp_err_status_t srtp_test_call_protect_rtcp(srtp_t srtp_sender, + srtp_hdr_t *hdr, + int *len, + int mki_index) +{ if (mki_index == -1) { - return srtp_protect_rtcp(srtp_sender, hdr, len); + return srtp_protect_rtcp(srtp_sender, hdr, len); } else { - return srtp_protect_rtcp_mki(srtp_sender, hdr, len, 1, mki_index); + return srtp_protect_rtcp_mki(srtp_sender, hdr, len, 1, mki_index); } } -srtp_err_status_t -srtp_test_call_unprotect(srtp_t srtp_sender, srtp_hdr_t *hdr, int *len, int use_mki) { +srtp_err_status_t srtp_test_call_unprotect(srtp_t srtp_sender, + srtp_hdr_t *hdr, + int *len, + int use_mki) +{ if (use_mki == -1) { - return srtp_unprotect(srtp_sender, hdr, len); + return srtp_unprotect(srtp_sender, hdr, len); } else { - return srtp_unprotect_mki(srtp_sender, hdr, len, use_mki); + return srtp_unprotect_mki(srtp_sender, hdr, len, use_mki); } } -srtp_err_status_t -srtp_test_call_unprotect_rtcp(srtp_t srtp_sender, srtp_hdr_t *hdr, int *len, int use_mki) { +srtp_err_status_t srtp_test_call_unprotect_rtcp(srtp_t srtp_sender, + srtp_hdr_t *hdr, + int *len, + int use_mki) +{ if (use_mki == -1) { - return srtp_unprotect_rtcp(srtp_sender, hdr, len); + return srtp_unprotect_rtcp(srtp_sender, hdr, len); } else { - return srtp_unprotect_rtcp_mki(srtp_sender, hdr, len, use_mki); + return srtp_unprotect_rtcp_mki(srtp_sender, hdr, len, use_mki); } } -srtp_err_status_t -srtp_test (const srtp_policy_t *policy, int extension_header, int mki_index) +srtp_err_status_t srtp_test(const srtp_policy_t *policy, + int extension_header, + int mki_index) { int i; srtp_t srtp_sender; @@ -1000,9 +995,9 @@ srtp_hdr_t *hdr, *hdr2; uint8_t hdr_enc[64]; uint8_t *pkt_end; - int msg_len_octets, msg_len_enc; - int len; - int tag_length = policy->rtp.auth_tag_len; + int msg_len_octets, msg_len_enc, msg_len; + int len, len2; + uint32_t tag_length; uint32_t ssrc; srtp_policy_t *rcvr_policy; srtp_policy_t tmp_policy; @@ -1010,7 +1005,7 @@ int use_mki = 0; if (mki_index >= 0) - use_mki = 1; + use_mki = 1; if (extension_header) { memcpy(&tmp_policy, policy, sizeof(srtp_policy_t)); @@ -1031,18 +1026,21 @@ */ if (policy->ssrc.type != ssrc_specific) { ssrc = 0xdecafbad; - } else{ + } else { ssrc = policy->ssrc.value; } msg_len_octets = 28; if (extension_header) { - hdr = srtp_create_test_packet_ext_hdr(msg_len_octets, ssrc); - hdr2 = srtp_create_test_packet_ext_hdr(msg_len_octets, ssrc); + hdr = srtp_create_test_packet_ext_hdr(msg_len_octets, ssrc, &len); + hdr2 = srtp_create_test_packet_ext_hdr(msg_len_octets, ssrc, &len2); } else { - hdr = srtp_create_test_packet(msg_len_octets, ssrc); - hdr2 = srtp_create_test_packet(msg_len_octets, ssrc); + hdr = srtp_create_test_packet(msg_len_octets, ssrc, &len); + hdr2 = srtp_create_test_packet(msg_len_octets, ssrc, &len2); } + /* save original msg len */ + msg_len = len; + if (hdr == NULL) { free(hdr2); return srtp_err_status_alloc_fail; @@ -1052,18 +1050,12 @@ return srtp_err_status_alloc_fail; } - /* set message length */ - len = msg_len_octets; - if (extension_header) { - len += 12; - } - debug_print(mod_driver, "before protection:\n%s", srtp_packet_to_string(hdr, len)); #if PRINT_REFERENCE_PACKET debug_print(mod_driver, "reference packet before protection:\n%s", - octet_string_hex_string((uint8_t*)hdr, len)); + octet_string_hex_string((uint8_t *)hdr, len)); #endif err_check(srtp_test_call_protect(srtp_sender, hdr, &len, mki_index)); @@ -1071,7 +1063,7 @@ srtp_packet_to_string(hdr, len)); #if PRINT_REFERENCE_PACKET debug_print(mod_driver, "after protection:\n%s", - octet_string_hex_string((uint8_t*)hdr, len)); + octet_string_hex_string((uint8_t *)hdr, len)); #endif /* save protected message and length */ @@ -1085,16 +1077,14 @@ * data following the packet is different, then we know that the * protect function is overwriting the end of the packet. */ - pkt_end = (uint8_t*)hdr + sizeof(srtp_hdr_t) - + msg_len_octets + tag_length; - if (extension_header) { - pkt_end += 12; - } + err_check(srtp_get_protect_trailer_length(srtp_sender, use_mki, mki_index, + &tag_length)); + pkt_end = (uint8_t *)hdr + msg_len + tag_length; for (i = 0; i < 4; i++) { if (pkt_end[i] != 0xff) { fprintf(stdout, "overwrite in srtp_protect() function " - "(expected %x, found %x in trailing octet %d)\n", - 0xff, ((uint8_t*)hdr)[i], i); + "(expected %x, found %x in trailing octet %d)\n", + 0xff, ((uint8_t *)hdr)[i], i); free(hdr); free(hdr2); return srtp_err_status_algo_fail; @@ -1114,7 +1104,7 @@ printf("testing that ciphertext is distinct from plaintext..."); status = srtp_err_status_algo_fail; for (i = 12; i < msg_len_octets + 12; i++) { - if (((uint8_t*)hdr)[i] != ((uint8_t*)hdr2)[i]) { + if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) { status = srtp_err_status_ok; } } @@ -1134,7 +1124,7 @@ * we always copy the policy into the rcvr_policy, since otherwise * the compiler would fret about the constness of the policy */ - rcvr_policy = (srtp_policy_t*)malloc(sizeof(srtp_policy_t)); + rcvr_policy = (srtp_policy_t *)malloc(sizeof(srtp_policy_t)); if (rcvr_policy == NULL) { free(hdr); free(hdr2); @@ -1160,8 +1150,8 @@ srtp_packet_to_string(hdr, len)); /* verify that the unprotected packet matches the origial one */ - for (i = 0; i < msg_len_octets; i++) { - if (((uint8_t*)hdr)[i] != ((uint8_t*)hdr2)[i]) { + for (i = 0; i < len; i++) { + if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) { fprintf(stdout, "mismatch at octet %d\n", i); status = srtp_err_status_algo_fail; } @@ -1177,15 +1167,13 @@ * if the policy includes authentication, then test for false positives */ if (policy->rtp.sec_serv & sec_serv_auth) { - char *data = ((char*)hdr) + 12; + char *data = ((char *)hdr) + (extension_header ? 24 : 12); printf("testing for false positives in replay check..."); - /* set message length */ - len = msg_len_enc; - /* unprotect a second time - should fail with a replay error */ - status = srtp_test_call_unprotect(srtp_rcvr, hdr, &len, use_mki); + status = + srtp_test_call_unprotect(srtp_rcvr, hdr, &msg_len_enc, use_mki); if (status != srtp_err_status_replay_fail) { printf("failed with error code %d\n", status); free(hdr); @@ -1201,17 +1189,11 @@ /* increment sequence number in header */ hdr->seq++; - /* set message length */ - len = msg_len_octets; - if (extension_header) { - len += 12; - } - /* apply protection */ err_check(srtp_test_call_protect(srtp_sender, hdr, &len, mki_index)); /* flip bits in packet */ - data[extension_header ? 12 : 0] ^= 0xff; + data[0] ^= 0xff; /* unprotect, and check for authentication failure */ status = srtp_test_call_unprotect(srtp_rcvr, hdr, &len, use_mki); @@ -1224,7 +1206,6 @@ } else { printf("passed\n"); } - } err_check(srtp_dealloc(srtp_sender)); @@ -1236,9 +1217,7 @@ return srtp_err_status_ok; } - -srtp_err_status_t -srtcp_test (const srtp_policy_t *policy, int mki_index) +srtp_err_status_t srtcp_test(const srtp_policy_t *policy, int mki_index) { int i; srtp_t srtcp_sender; @@ -1247,9 +1226,9 @@ srtp_hdr_t *hdr, *hdr2; uint8_t hdr_enc[64]; uint8_t *pkt_end; - int msg_len_octets, msg_len_enc; - int len; - int tag_length = policy->rtp.auth_tag_len; + int msg_len_octets, msg_len_enc, msg_len; + int len, len2; + uint32_t tag_length; uint32_t ssrc; srtp_policy_t *rcvr_policy; int use_mki = 0; @@ -1269,30 +1248,29 @@ */ if (policy->ssrc.type != ssrc_specific) { ssrc = 0xdecafbad; - } else{ + } else { ssrc = policy->ssrc.value; } msg_len_octets = 28; - hdr = srtp_create_test_packet(msg_len_octets, ssrc); + hdr = srtp_create_test_packet(msg_len_octets, ssrc, &len); + /* save message len */ + msg_len = len; if (hdr == NULL) { return srtp_err_status_alloc_fail; } - hdr2 = srtp_create_test_packet(msg_len_octets, ssrc); + hdr2 = srtp_create_test_packet(msg_len_octets, ssrc, &len2); if (hdr2 == NULL) { free(hdr); return srtp_err_status_alloc_fail; } - /* set message length */ - len = msg_len_octets; - debug_print(mod_driver, "before protection:\n%s", srtp_packet_to_string(hdr, len)); #if PRINT_REFERENCE_PACKET debug_print(mod_driver, "reference packet before protection:\n%s", - octet_string_hex_string((uint8_t*)hdr, len)); + octet_string_hex_string((uint8_t *)hdr, len)); #endif err_check(srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, mki_index)); @@ -1300,7 +1278,7 @@ srtp_packet_to_string(hdr, len)); #if PRINT_REFERENCE_PACKET debug_print(mod_driver, "after protection:\n%s", - octet_string_hex_string((uint8_t*)hdr, len)); + octet_string_hex_string((uint8_t *)hdr, len)); #endif /* save protected message and length */ @@ -1314,13 +1292,14 @@ * data following the packet is different, then we know that the * protect function is overwriting the end of the packet. */ - pkt_end = (uint8_t*)hdr + sizeof(srtp_hdr_t) - + msg_len_octets + tag_length; + srtp_get_protect_rtcp_trailer_length(srtcp_sender, use_mki, mki_index, + &tag_length); + pkt_end = (uint8_t *)hdr + msg_len + tag_length; for (i = 0; i < 4; i++) { if (pkt_end[i] != 0xff) { fprintf(stdout, "overwrite in srtp_protect_rtcp() function " - "(expected %x, found %x in trailing octet %d)\n", - 0xff, ((uint8_t*)hdr)[i], i); + "(expected %x, found %x in trailing octet %d)\n", + 0xff, ((uint8_t *)hdr)[i], i); free(hdr); free(hdr2); return srtp_err_status_algo_fail; @@ -1336,11 +1315,11 @@ * reason, we skip this check if the plaintext is less than four * octets long. */ - if ((policy->rtp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) { + if ((policy->rtcp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) { printf("testing that ciphertext is distinct from plaintext..."); status = srtp_err_status_algo_fail; for (i = 12; i < msg_len_octets + 12; i++) { - if (((uint8_t*)hdr)[i] != ((uint8_t*)hdr2)[i]) { + if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) { status = srtp_err_status_ok; } } @@ -1360,7 +1339,7 @@ * we always copy the policy into the rcvr_policy, since otherwise * the compiler would fret about the constness of the policy */ - rcvr_policy = (srtp_policy_t*)malloc(sizeof(srtp_policy_t)); + rcvr_policy = (srtp_policy_t *)malloc(sizeof(srtp_policy_t)); if (rcvr_policy == NULL) { return srtp_err_status_alloc_fail; } @@ -1377,8 +1356,8 @@ srtp_packet_to_string(hdr, len)); /* verify that the unprotected packet matches the origial one */ - for (i = 0; i < msg_len_octets; i++) { - if (((uint8_t*)hdr)[i] != ((uint8_t*)hdr2)[i]) { + for (i = 0; i < len; i++) { + if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) { fprintf(stdout, "mismatch at octet %d\n", i); status = srtp_err_status_algo_fail; } @@ -1394,15 +1373,13 @@ * if the policy includes authentication, then test for false positives */ if (policy->rtp.sec_serv & sec_serv_auth) { - char *data = ((char*)hdr) + 12; + char *data = ((char *)hdr) + 12; printf("testing for false positives in replay check..."); - /* set message length */ - len = msg_len_enc; - /* unprotect a second time - should fail with a replay error */ - status = srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &len, use_mki); + status = srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &msg_len_enc, + use_mki); if (status != srtp_err_status_replay_fail) { printf("failed with error code %d\n", status); free(hdr); @@ -1418,11 +1395,9 @@ /* increment sequence number in header */ hdr->seq++; - /* set message length */ - len = msg_len_octets; - /* apply protection */ - err_check(srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, mki_index)); + err_check( + srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, mki_index)); /* flip bits in packet */ data[0] ^= 0xff; @@ -1438,7 +1413,6 @@ } else { printf("passed\n"); } - } err_check(srtp_dealloc(srtcp_sender)); @@ -1450,21 +1424,11 @@ return srtp_err_status_ok; } - -srtp_err_status_t -srtp_session_print_policy (srtp_t srtp) +srtp_err_status_t srtp_session_print_policy(srtp_t srtp) { - char *serv_descr[4] = { - "none", - "confidentiality", - "authentication", - "confidentiality and authentication" - }; - char *direction[3] = { - "unknown", - "outbound", - "inbound" - }; + char *serv_descr[4] = { "none", "confidentiality", "authentication", + "confidentiality and authentication" }; + char *direction[3] = { "unknown", "outbound", "inbound" }; srtp_stream_t stream; srtp_session_keys_t *session_keys = NULL; @@ -1498,7 +1462,7 @@ printf("# Encrypted extension headers: "); if (stream->enc_xtn_hdr && stream->enc_xtn_hdr_count > 0) { - int* enc_xtn_hdr = stream->enc_xtn_hdr; + int *enc_xtn_hdr = stream->enc_xtn_hdr; int count = stream->enc_xtn_hdr_count; while (count > 0) { printf("%d ", *enc_xtn_hdr); @@ -1528,8 +1492,7 @@ "# rtcp services: %s\r\n" "# window size: %lu\r\n" "# tx rtx allowed:%s\r\n", - stream->ssrc, - session_keys->rtp_cipher->type->description, + stream->ssrc, session_keys->rtp_cipher->type->description, session_keys->rtp_auth->type->description, serv_descr[stream->rtp_services], session_keys->rtcp_cipher->type->description, @@ -1540,7 +1503,7 @@ printf("# Encrypted extension headers: "); if (stream->enc_xtn_hdr && stream->enc_xtn_hdr_count > 0) { - int* enc_xtn_hdr = stream->enc_xtn_hdr; + int *enc_xtn_hdr = stream->enc_xtn_hdr; int count = stream->enc_xtn_hdr_count; while (count > 0) { printf("%d ", *enc_xtn_hdr); @@ -1558,8 +1521,7 @@ return srtp_err_status_ok; } -srtp_err_status_t -srtp_print_policy (const srtp_policy_t *policy) +srtp_err_status_t srtp_print_policy(const srtp_policy_t *policy) { srtp_err_status_t status; srtp_t session; @@ -1592,11 +1554,10 @@ char packet_string[MTU]; -char * -srtp_packet_to_string (srtp_hdr_t *hdr, int pkt_octet_len) +char *srtp_packet_to_string(srtp_hdr_t *hdr, int pkt_octet_len) { int octets_in_rtp_header = 12; - uint8_t *data = ((uint8_t*)hdr) + octets_in_rtp_header; + uint8_t *data = ((uint8_t *)hdr) + octets_in_rtp_header; int hex_len = pkt_octet_len - octets_in_rtp_header; /* sanity checking */ @@ -1605,29 +1566,20 @@ } /* write packet into string */ - sprintf(packet_string, - "(s)rtp packet: {\n" - " version:\t%d\n" - " p:\t\t%d\n" - " x:\t\t%d\n" - " cc:\t\t%d\n" - " m:\t\t%d\n" - " pt:\t\t%x\n" - " seq:\t\t%x\n" - " ts:\t\t%x\n" - " ssrc:\t%x\n" - " data:\t%s\n" - "} (%d octets in total)\n", - hdr->version, - hdr->p, - hdr->x, - hdr->cc, - hdr->m, - hdr->pt, - hdr->seq, - hdr->ts, - hdr->ssrc, - octet_string_hex_string(data, hex_len), + sprintf(packet_string, "(s)rtp packet: {\n" + " version:\t%d\n" + " p:\t\t%d\n" + " x:\t\t%d\n" + " cc:\t\t%d\n" + " m:\t\t%d\n" + " pt:\t\t%x\n" + " seq:\t\t%x\n" + " ts:\t\t%x\n" + " ssrc:\t%x\n" + " data:\t%s\n" + "} (%d octets in total)\n", + hdr->version, hdr->p, hdr->x, hdr->cc, hdr->m, hdr->pt, hdr->seq, + hdr->ts, hdr->ssrc, octet_string_hex_string(data, hex_len), pkt_octet_len); return packet_string; @@ -1643,8 +1595,7 @@ * optimize away the function */ -double -mips_estimate (int num_trials, int *ignore) +double mips_estimate(int num_trials, int *ignore) { clock_t t; volatile int i, sum; @@ -1656,23 +1607,21 @@ } t = clock() - t; -/* printf("%d\n", sum); */ + /* printf("%d\n", sum); */ *ignore = sum; return (double)num_trials * CLOCKS_PER_SEC / t; } - /* * srtp_validate() verifies the correctness of libsrtp by comparing * some computed packets against some pre-computed reference values. * These packets were made with the default SRTP policy. */ - -srtp_err_status_t -srtp_validate () +srtp_err_status_t srtp_validate() { + // clang-format off uint8_t srtp_plaintext_ref[28] = { 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad, 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab, @@ -1712,6 +1661,8 @@ 0x80, 0x00, 0x00, 0x01, 0x99, 0x3e, 0x08, 0xcd, 0x54, 0xd6, 0xc1, 0x23, 0x07, 0x98 }; + // clang-format on + srtp_t srtp_snd, srtp_recv; srtp_err_status_t status; int len; @@ -1724,7 +1675,7 @@ memset(&policy, 0, sizeof(policy)); srtp_crypto_policy_set_rtp_default(&policy.rtp); srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - policy.ssrc.type = ssrc_specific; + policy.ssrc.type = ssrc_specific; policy.ssrc.value = 0xcafebabe; policy.key = test_key; policy.ekt = NULL; @@ -1826,9 +1777,9 @@ * srtp_validate_gcm() verifies the correctness of libsrtp by comparing * an computed packet against the known ciphertext for the plaintext. */ -srtp_err_status_t -srtp_validate_gcm () +srtp_err_status_t srtp_validate_gcm() { + // clang-format off unsigned char test_key_gcm[28] = { 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, @@ -1878,6 +1829,7 @@ 0xea, 0x31, 0x12, 0x3b, 0xa8, 0x8c, 0xe6, 0x1e, 0x80, 0x00, 0x00, 0x01 }; + // clang-format on srtp_t srtp_snd, srtp_recv; srtp_err_status_t status; @@ -1891,9 +1843,9 @@ memset(&policy, 0, sizeof(policy)); srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp); srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp); - policy.ssrc.type = ssrc_specific; + policy.ssrc.type = ssrc_specific; policy.ssrc.value = 0xcafebabe; - policy.key = test_key_gcm; + policy.key = test_key_gcm; policy.ekt = NULL; policy.window_size = 128; policy.allow_repeat_tx = 0; @@ -1993,8 +1945,9 @@ /* * Test vectors taken from RFC 6904, Appendix A */ -srtp_err_status_t -srtp_validate_encrypted_extensions_headers() { +srtp_err_status_t srtp_validate_encrypted_extensions_headers() +{ + // clang-format off unsigned char test_key_ext_headers[30] = { 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, @@ -2032,11 +1985,13 @@ 0x5a, 0x46, 0xb3, 0xca, 0x35, 0xc5, 0x35, 0xa8, 0x91, 0xc7 }; + // clang-format on + srtp_t srtp_snd, srtp_recv; srtp_err_status_t status; int len; srtp_policy_t policy; - int headers[3] = {1, 3, 4}; + int headers[3] = { 1, 3, 4 }; /* * create a session with a single stream using the default srtp @@ -2045,7 +2000,7 @@ memset(&policy, 0, sizeof(policy)); srtp_crypto_policy_set_rtp_default(&policy.rtp); srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - policy.ssrc.type = ssrc_specific; + policy.ssrc.type = ssrc_specific; policy.ssrc.value = 0xcafebabe; policy.key = test_key_ext_headers; policy.ekt = NULL; @@ -2108,14 +2063,14 @@ return srtp_err_status_ok; } - #ifdef OPENSSL /* * Headers of test vectors taken from RFC 6904, Appendix A */ -srtp_err_status_t -srtp_validate_encrypted_extensions_headers_gcm() { +srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm() +{ + // clang-format off unsigned char test_key_ext_headers[30] = { 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, @@ -2151,11 +2106,13 @@ 0x6c, 0xd3, 0xd2, 0x88, 0xb4, 0x9f, 0x6c, 0xa9, 0xf4, 0xb1, 0xb7, 0x59, 0x71, 0x9e, 0xb5, 0xbc }; + // clang-format on + srtp_t srtp_snd, srtp_recv; srtp_err_status_t status; int len; srtp_policy_t policy; - int headers[3] = {1, 3, 4}; + int headers[3] = { 1, 3, 4 }; /* * create a session with a single stream using the default srtp @@ -2164,7 +2121,7 @@ memset(&policy, 0, sizeof(policy)); srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp); srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp); - policy.ssrc.type = ssrc_specific; + policy.ssrc.type = ssrc_specific; policy.ssrc.value = 0xcafebabe; policy.key = test_key_ext_headers; policy.ekt = NULL; @@ -2234,10 +2191,9 @@ * These packets were made with the AES-CM-256/HMAC-SHA-1-80 policy. */ - -srtp_err_status_t -srtp_validate_aes_256 () +srtp_err_status_t srtp_validate_aes_256() { + // clang-format off unsigned char aes_256_test_key[46] = { 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76, 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29, @@ -2267,6 +2223,8 @@ 0xb0, 0xb4, 0xb4, 0x0d, 0xa0, 0x8d, 0x9d, 0x9a, 0x5b, 0x3a, 0x55, 0xd8, 0x87, 0x3b }; + // clang-format on + srtp_t srtp_snd, srtp_recv; srtp_err_status_t status; int len; @@ -2279,7 +2237,7 @@ memset(&policy, 0, sizeof(policy)); srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtp); srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtcp); - policy.ssrc.type = ssrc_specific; + policy.ssrc.type = ssrc_specific; policy.ssrc.value = 0xcafebabe; policy.key = aes_256_test_key; policy.ekt = NULL; @@ -2345,9 +2303,7 @@ return srtp_err_status_ok; } - -srtp_err_status_t -srtp_create_big_policy (srtp_policy_t **list) +srtp_err_status_t srtp_create_big_policy(srtp_policy_t **list) { extern const srtp_policy_t *policy_array[]; srtp_policy_t *p, *tmp; @@ -2365,7 +2321,7 @@ */ tmp = NULL; while (policy_array[i] != NULL) { - p = (srtp_policy_t*)malloc(sizeof(srtp_policy_t)); + p = (srtp_policy_t *)malloc(sizeof(srtp_policy_t)); if (p == NULL) { return srtp_err_status_bad_param; } @@ -2381,8 +2337,7 @@ return srtp_err_status_ok; } -srtp_err_status_t -srtp_dealloc_big_policy (srtp_policy_t *list) +srtp_err_status_t srtp_dealloc_big_policy(srtp_policy_t *list) { srtp_policy_t *p, *next; @@ -2394,8 +2349,7 @@ return srtp_err_status_ok; } -srtp_err_status_t -srtp_test_empty_payload() +srtp_err_status_t srtp_test_empty_payload() { srtp_t srtp_snd, srtp_recv; srtp_err_status_t status; @@ -2410,7 +2364,7 @@ memset(&policy, 0, sizeof(policy)); srtp_crypto_policy_set_rtp_default(&policy.rtp); srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - policy.ssrc.type = ssrc_specific; + policy.ssrc.type = ssrc_specific; policy.ssrc.value = 0xcafebabe; policy.key = test_key; policy.ekt = NULL; @@ -2423,12 +2377,11 @@ return status; } - mesg = srtp_create_test_packet(0, policy.ssrc.value); + mesg = srtp_create_test_packet(0, policy.ssrc.value, &len); if (mesg == NULL) { return srtp_err_status_fail; } - len = 12; /* only the header */ status = srtp_protect(srtp_snd, mesg, &len); if (status) { return status; @@ -2472,8 +2425,7 @@ } #ifdef OPENSSL -srtp_err_status_t -srtp_test_empty_payload_gcm() +srtp_err_status_t srtp_test_empty_payload_gcm() { srtp_t srtp_snd, srtp_recv; srtp_err_status_t status; @@ -2488,7 +2440,7 @@ memset(&policy, 0, sizeof(policy)); srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp); srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp); - policy.ssrc.type = ssrc_specific; + policy.ssrc.type = ssrc_specific; policy.ssrc.value = 0xcafebabe; policy.key = test_key; policy.ekt = NULL; @@ -2501,12 +2453,11 @@ return status; } - mesg = srtp_create_test_packet(0, policy.ssrc.value); + mesg = srtp_create_test_packet(0, policy.ssrc.value, &len); if (mesg == NULL) { return srtp_err_status_fail; } - len = 12; /* only the header */ status = srtp_protect(srtp_snd, mesg, &len); if (status) { return status; @@ -2548,10 +2499,9 @@ return srtp_err_status_ok; } -#endif // OPENSSL +#endif // OPENSSL -srtp_err_status_t -srtp_test_remove_stream () +srtp_err_status_t srtp_test_remove_stream() { srtp_err_status_t status; srtp_policy_t *policy_list, policy; @@ -2565,7 +2515,6 @@ */ extern srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc); - status = srtp_create_big_policy(&policy_list); if (status) { return status; @@ -2616,7 +2565,7 @@ memset(&policy, 0, sizeof(policy)); srtp_crypto_policy_set_rtp_default(&policy.rtp); srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - policy.ssrc.type = ssrc_specific; + policy.ssrc.type = ssrc_specific; policy.ssrc.value = 0xcafebabe; policy.key = test_key; policy.ekt = NULL; @@ -2647,7 +2596,7 @@ return srtp_err_status_ok; } - +// clang-format off unsigned char test_alt_key[46] = { 0xe5, 0x19, 0x6f, 0x01, 0x5e, 0xf1, 0x9b, 0xe1, 0xd7, 0x47, 0xa7, 0x27, 0x07, 0xd7, 0x47, 0x33, @@ -2656,6 +2605,7 @@ 0xc7, 0x15, 0xe2, 0xea, 0xfe, 0x55, 0x67, 0x96, 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6 }; +// clang-format on /* * srtp_test_update() verifies updating/rekeying exsisting streams. @@ -2664,748 +2614,776 @@ * atempts to prove that srtp_update does not reset the ROC. */ -srtp_err_status_t -srtp_test_update() { +srtp_err_status_t srtp_test_update() +{ + srtp_err_status_t status; + uint32_t ssrc = 0x12121212; + int msg_len_octets = 32; + int protected_msg_len_octets; + srtp_hdr_t *msg; + srtp_t srtp_snd, srtp_recv; + srtp_policy_t policy; + + memset(&policy, 0, sizeof(policy)); + srtp_crypto_policy_set_rtp_default(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + policy.ekt = NULL; + policy.window_size = 128; + policy.allow_repeat_tx = 0; + policy.next = NULL; + policy.ssrc.type = ssrc_any_outbound; + policy.key = test_key; + + /* create a send and recive ctx with defualt profile and test_key */ + status = srtp_create(&srtp_recv, &policy); + if (status) + return status; + + policy.ssrc.type = ssrc_any_inbound; + status = srtp_create(&srtp_snd, &policy); + if (status) + return status; + + /* protect and unprotect two msg's that will cause the ROC to be equal to 1 + */ + msg = srtp_create_test_packet(msg_len_octets, ssrc, + &protected_msg_len_octets); + if (msg == NULL) + return srtp_err_status_alloc_fail; + msg->seq = htons(65535); + + status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); + if (status) + return srtp_err_status_fail; + + status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); + if (status) + return status; + + free(msg); + + msg = srtp_create_test_packet(msg_len_octets, ssrc, + &protected_msg_len_octets); + if (msg == NULL) + return srtp_err_status_alloc_fail; + msg->seq = htons(1); + + status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); + if (status) + return srtp_err_status_fail; + + status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); + if (status) + return status; - srtp_err_status_t status; - uint32_t ssrc = 0x12121212; - int msg_len_octets = 32; - int protected_msg_len_octets; - srtp_hdr_t * msg; - srtp_t srtp_snd, srtp_recv; - srtp_policy_t policy; - - memset(&policy, 0, sizeof(policy)); - srtp_crypto_policy_set_rtp_default(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - policy.ekt = NULL; - policy.window_size = 128; - policy.allow_repeat_tx = 0; - policy.next = NULL; - policy.ssrc.type = ssrc_any_outbound; - policy.key = test_key; - - /* create a send and recive ctx with defualt profile and test_key */ - status = srtp_create(&srtp_recv, &policy); - if (status) - return status; - - policy.ssrc.type = ssrc_any_inbound; - status = srtp_create(&srtp_snd, &policy); - if (status) - return status; - - /* protect and unprotect two msg's that will cause the ROC to be equal to 1 */ - msg = srtp_create_test_packet(msg_len_octets, ssrc); - if (msg == NULL) - return srtp_err_status_alloc_fail; - msg->seq = htons(65535); - - protected_msg_len_octets = msg_len_octets; - status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); - if (status) - return srtp_err_status_fail; - - status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); - if (status) - return status; - - free(msg); - - msg = srtp_create_test_packet(msg_len_octets, ssrc); - if (msg == NULL) - return srtp_err_status_alloc_fail; - msg->seq = htons(1); - - protected_msg_len_octets = msg_len_octets; - status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); - if (status) - return srtp_err_status_fail; - - status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); - if (status) - return status; - - free(msg); - - /* update send ctx with same test_key t verify update works*/ - policy.ssrc.type = ssrc_any_outbound; - policy.key = test_key; - status = srtp_update(srtp_snd, &policy); - if (status) - return status; - - msg = srtp_create_test_packet(msg_len_octets, ssrc); - if (msg == NULL) - return srtp_err_status_alloc_fail; - msg->seq = htons(2); - - protected_msg_len_octets = msg_len_octets; - status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); - if (status) - return srtp_err_status_fail; - - status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); - if (status) - return status; - - free(msg); - - - /* update send ctx to use test_alt_key */ - policy.ssrc.type = ssrc_any_outbound; - policy.key = test_alt_key; - status = srtp_update(srtp_snd, &policy); - if (status) - return status; - - /* create and protect msg with new key and ROC still equal to 1 */ - msg = srtp_create_test_packet(msg_len_octets, ssrc); - if (msg == NULL) - return srtp_err_status_alloc_fail; - msg->seq = htons(3); - - protected_msg_len_octets = msg_len_octets; - status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); - if (status) - return srtp_err_status_fail; - - /* verify that recive ctx will fail to unprotect as it still uses test_key */ - status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); - if (status == srtp_err_status_ok) - return srtp_err_status_fail; - - /* create a new recvieve ctx with test_alt_key but since it is new it will have ROC equal to 1 - * and therefore should fail to unprotected */ - { - srtp_t srtp_recv_roc_0; + free(msg); - policy.ssrc.type = ssrc_any_inbound; + /* update send ctx with same test_key t verify update works*/ + policy.ssrc.type = ssrc_any_outbound; + policy.key = test_key; + status = srtp_update(srtp_snd, &policy); + if (status) + return status; + + msg = srtp_create_test_packet(msg_len_octets, ssrc, + &protected_msg_len_octets); + if (msg == NULL) + return srtp_err_status_alloc_fail; + msg->seq = htons(2); + + status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); + if (status) + return srtp_err_status_fail; + + status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); + if (status) + return status; + + free(msg); + + /* update send ctx to use test_alt_key */ + policy.ssrc.type = ssrc_any_outbound; policy.key = test_alt_key; - status = srtp_create(&srtp_recv_roc_0, &policy); + status = srtp_update(srtp_snd, &policy); if (status) - return status; + return status; - status = srtp_unprotect(srtp_recv_roc_0, msg, &protected_msg_len_octets); - if (status == srtp_err_status_ok) - return srtp_err_status_fail; + /* create and protect msg with new key and ROC still equal to 1 */ + msg = srtp_create_test_packet(msg_len_octets, ssrc, + &protected_msg_len_octets); + if (msg == NULL) + return srtp_err_status_alloc_fail; + msg->seq = htons(3); - status = srtp_dealloc(srtp_recv_roc_0); + status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); if (status) - return status; - } + return srtp_err_status_fail; - /* update recive ctx to use test_alt_key */ - policy.ssrc.type = ssrc_any_inbound; - policy.key = test_alt_key; - status = srtp_update(srtp_recv, &policy); - if (status) - return status; + /* verify that recive ctx will fail to unprotect as it still uses test_key + */ + status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); + if (status == srtp_err_status_ok) + return srtp_err_status_fail; - /* verify that can still unprotect, therfore key is updated and ROC value is preserved */ - status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); - if (status) - return status; + /* create a new recvieve ctx with test_alt_key but since it is new it will + * have ROC equal to 1 + * and therefore should fail to unprotected */ + { + srtp_t srtp_recv_roc_0; - free(msg); + policy.ssrc.type = ssrc_any_inbound; + policy.key = test_alt_key; + status = srtp_create(&srtp_recv_roc_0, &policy); + if (status) + return status; - status = srtp_dealloc(srtp_snd); - if (status) - return status; + status = + srtp_unprotect(srtp_recv_roc_0, msg, &protected_msg_len_octets); + if (status == srtp_err_status_ok) + return srtp_err_status_fail; + + status = srtp_dealloc(srtp_recv_roc_0); + if (status) + return status; + } - status = srtp_dealloc(srtp_recv); - if (status) - return status; + /* update recive ctx to use test_alt_key */ + policy.ssrc.type = ssrc_any_inbound; + policy.key = test_alt_key; + status = srtp_update(srtp_recv, &policy); + if (status) + return status; + + /* verify that can still unprotect, therfore key is updated and ROC value is + * preserved */ + status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets); + if (status) + return status; + + free(msg); + + status = srtp_dealloc(srtp_snd); + if (status) + return status; + + status = srtp_dealloc(srtp_recv); + if (status) + return status; - return srtp_err_status_ok; + return srtp_err_status_ok; } -srtp_err_status_t -srtp_test_setup_protect_trailer_streams(srtp_t *srtp_send, srtp_t *srtp_send_mki, - srtp_t *srtp_send_aes_gcm, srtp_t *srtp_send_aes_gcm_mki) { +srtp_err_status_t srtp_test_setup_protect_trailer_streams( + srtp_t *srtp_send, + srtp_t *srtp_send_mki, + srtp_t *srtp_send_aes_gcm, + srtp_t *srtp_send_aes_gcm_mki) +{ + srtp_err_status_t status; + srtp_policy_t policy; + srtp_policy_t policy_mki; - srtp_err_status_t status; - srtp_policy_t policy; - srtp_policy_t policy_mki; #ifdef OPENSSL - srtp_policy_t policy_aes_gcm; - srtp_policy_t policy_aes_gcm_mki; + srtp_policy_t policy_aes_gcm; + srtp_policy_t policy_aes_gcm_mki; #endif // OPENSSL - memset(&policy, 0, sizeof(policy)); - srtp_crypto_policy_set_rtp_default(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - policy.ekt = NULL; - policy.window_size = 128; - policy.allow_repeat_tx = 0; - policy.next = NULL; - policy.ssrc.type = ssrc_any_outbound; - policy.key = test_key; - - memset(&policy_mki, 0, sizeof(policy_mki)); - srtp_crypto_policy_set_rtp_default(&policy_mki.rtp); - srtp_crypto_policy_set_rtcp_default(&policy_mki.rtcp); - policy_mki.ekt = NULL; - policy_mki.window_size = 128; - policy_mki.allow_repeat_tx = 0; - policy_mki.next = NULL; - policy_mki.ssrc.type = ssrc_any_outbound; - policy_mki.key = NULL; - policy_mki.keys = test_keys; - policy_mki.num_master_keys = 2; + memset(&policy, 0, sizeof(policy)); + srtp_crypto_policy_set_rtp_default(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + policy.ekt = NULL; + policy.window_size = 128; + policy.allow_repeat_tx = 0; + policy.next = NULL; + policy.ssrc.type = ssrc_any_outbound; + policy.key = test_key; -#ifdef OPENSSL - memset(&policy_aes_gcm, 0, sizeof(policy_aes_gcm)); - srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm.rtp); - srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm.rtcp); - policy_aes_gcm.ekt = NULL; - policy_aes_gcm.window_size = 128; - policy_aes_gcm.allow_repeat_tx = 0; - policy_aes_gcm.next = NULL; - policy_aes_gcm.ssrc.type = ssrc_any_outbound; - policy_aes_gcm.key = test_key; - - memset(&policy_aes_gcm_mki, 0, sizeof(policy_aes_gcm_mki)); - srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm_mki.rtp); - srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm_mki.rtcp); - policy_aes_gcm_mki.ekt = NULL; - policy_aes_gcm_mki.window_size = 128; - policy_aes_gcm_mki.allow_repeat_tx = 0; - policy_aes_gcm_mki.next = NULL; - policy_aes_gcm_mki.ssrc.type = ssrc_any_outbound; - policy_aes_gcm_mki.key = NULL; - policy_aes_gcm_mki.keys = test_keys; - policy_aes_gcm_mki.num_master_keys = 2; + memset(&policy_mki, 0, sizeof(policy_mki)); + srtp_crypto_policy_set_rtp_default(&policy_mki.rtp); + srtp_crypto_policy_set_rtcp_default(&policy_mki.rtcp); + policy_mki.ekt = NULL; + policy_mki.window_size = 128; + policy_mki.allow_repeat_tx = 0; + policy_mki.next = NULL; + policy_mki.ssrc.type = ssrc_any_outbound; + policy_mki.key = NULL; + policy_mki.keys = test_keys; + policy_mki.num_master_keys = 2; +#ifdef OPENSSL + memset(&policy_aes_gcm, 0, sizeof(policy_aes_gcm)); + srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm.rtp); + srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm.rtcp); + policy_aes_gcm.ekt = NULL; + policy_aes_gcm.window_size = 128; + policy_aes_gcm.allow_repeat_tx = 0; + policy_aes_gcm.next = NULL; + policy_aes_gcm.ssrc.type = ssrc_any_outbound; + policy_aes_gcm.key = test_key; + + memset(&policy_aes_gcm_mki, 0, sizeof(policy_aes_gcm_mki)); + srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm_mki.rtp); + srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm_mki.rtcp); + policy_aes_gcm_mki.ekt = NULL; + policy_aes_gcm_mki.window_size = 128; + policy_aes_gcm_mki.allow_repeat_tx = 0; + policy_aes_gcm_mki.next = NULL; + policy_aes_gcm_mki.ssrc.type = ssrc_any_outbound; + policy_aes_gcm_mki.key = NULL; + policy_aes_gcm_mki.keys = test_keys; + policy_aes_gcm_mki.num_master_keys = 2; #endif - /* create a send ctx with defualt profile and test_key */ - status = srtp_create(srtp_send, &policy); - if (status) - return status; - - status = srtp_create(srtp_send_mki, &policy_mki); - if (status) - return status; + /* create a send ctx with defualt profile and test_key */ + status = srtp_create(srtp_send, &policy); + if (status) + return status; + + status = srtp_create(srtp_send_mki, &policy_mki); + if (status) + return status; #ifdef OPENSSL - status = srtp_create(srtp_send_aes_gcm, &policy_aes_gcm); - if (status) - return status; - - status = srtp_create(srtp_send_aes_gcm_mki, &policy_aes_gcm_mki); - if (status) - return status; -#endif //OPENSSL - - return srtp_err_status_ok; -} - -srtp_err_status_t -srtp_test_protect_trailer_length() { - - srtp_t srtp_send; - srtp_t srtp_send_mki; - srtp_t srtp_send_aes_gcm; - srtp_t srtp_send_aes_gcm_mki; - uint32_t length = 0; - srtp_err_status_t status; - - srtp_test_setup_protect_trailer_streams(&srtp_send, &srtp_send_mki, - &srtp_send_aes_gcm, &srtp_send_aes_gcm_mki); - - status = srtp_get_protect_trailer_length(srtp_send, 0, 0, &length); - if (status) - return status; - - /* TAG Length: 10 bytes */ - if (length != 10) - return srtp_err_status_fail; - - status = srtp_get_protect_trailer_length(srtp_send_mki, 1, 1, &length); - if (status) - return status; - - /* TAG Length: 10 bytes + MKI length: 4 bytes*/ - if (length != 14) - return srtp_err_status_fail; + status = srtp_create(srtp_send_aes_gcm, &policy_aes_gcm); + if (status) + return status; + + status = srtp_create(srtp_send_aes_gcm_mki, &policy_aes_gcm_mki); + if (status) + return status; +#endif // OPENSSL + + return srtp_err_status_ok; +} + +srtp_err_status_t srtp_test_protect_trailer_length() +{ + srtp_t srtp_send; + srtp_t srtp_send_mki; + srtp_t srtp_send_aes_gcm; + srtp_t srtp_send_aes_gcm_mki; + uint32_t length = 0; + srtp_err_status_t status; + + srtp_test_setup_protect_trailer_streams( + &srtp_send, &srtp_send_mki, &srtp_send_aes_gcm, &srtp_send_aes_gcm_mki); + + status = srtp_get_protect_trailer_length(srtp_send, 0, 0, &length); + if (status) + return status; + + /* TAG Length: 10 bytes */ + if (length != 10) + return srtp_err_status_fail; + + status = srtp_get_protect_trailer_length(srtp_send_mki, 1, 1, &length); + if (status) + return status; + + /* TAG Length: 10 bytes + MKI length: 4 bytes*/ + if (length != 14) + return srtp_err_status_fail; #ifdef OPENSSL - status = srtp_get_protect_trailer_length(srtp_send_aes_gcm, 0, 0, &length); - if (status) - return status; + status = srtp_get_protect_trailer_length(srtp_send_aes_gcm, 0, 0, &length); + if (status) + return status; - /* TAG Length: 16 bytes */ - if (length != 16) - return srtp_err_status_fail; + /* TAG Length: 16 bytes */ + if (length != 16) + return srtp_err_status_fail; + status = + srtp_get_protect_trailer_length(srtp_send_aes_gcm_mki, 1, 1, &length); + if (status) + return status; - status = srtp_get_protect_trailer_length(srtp_send_aes_gcm_mki, 1, 1, &length); - if (status) - return status; + /* TAG Length: 16 bytes + MKI length: 4 bytes*/ + if (length != 20) + return srtp_err_status_fail; +#endif // OPENSSL - /* TAG Length: 16 bytes + MKI length: 4 bytes*/ - if (length != 20) - return srtp_err_status_fail; + srtp_dealloc(srtp_send); + srtp_dealloc(srtp_send_mki); +#ifdef OPENSSL + srtp_dealloc(srtp_send_aes_gcm); + srtp_dealloc(srtp_send_aes_gcm_mki); +#endif -#endif //OPENSSL - return srtp_err_status_ok; + return srtp_err_status_ok; } -srtp_err_status_t -srtp_test_protect_rtcp_trailer_length() { +srtp_err_status_t srtp_test_protect_rtcp_trailer_length() +{ + srtp_t srtp_send; + srtp_t srtp_send_mki; + srtp_t srtp_send_aes_gcm; + srtp_t srtp_send_aes_gcm_mki; + uint32_t length = 0; + srtp_err_status_t status; - srtp_t srtp_send; - srtp_t srtp_send_mki; - srtp_t srtp_send_aes_gcm; - srtp_t srtp_send_aes_gcm_mki; - uint32_t length = 0; - srtp_err_status_t status; + srtp_test_setup_protect_trailer_streams( + &srtp_send, &srtp_send_mki, &srtp_send_aes_gcm, &srtp_send_aes_gcm_mki); - srtp_test_setup_protect_trailer_streams(&srtp_send, &srtp_send_mki, - &srtp_send_aes_gcm, &srtp_send_aes_gcm_mki); + status = srtp_get_protect_rtcp_trailer_length(srtp_send, 0, 0, &length); + if (status) + return status; - status = srtp_get_protect_rtcp_trailer_length(srtp_send, 0, 0, &length); - if (status) - return status; + /* TAG Length: 10 bytes + SRTCP Trailer 4 bytes*/ + if (length != 14) + return srtp_err_status_fail; - /* TAG Length: 10 bytes + SRTCP Trailer 4 bytes*/ - if (length != 14) - return srtp_err_status_fail; + status = srtp_get_protect_rtcp_trailer_length(srtp_send_mki, 1, 1, &length); + if (status) + return status; + + /* TAG Length: 10 bytes + SRTCP Trailer 4 bytes + MKI 4 bytes*/ + if (length != 18) + return srtp_err_status_fail; - status = srtp_get_protect_rtcp_trailer_length(srtp_send_mki, 1, 1, &length); - if (status) - return status; +#ifdef OPENSSL + status = + srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm, 0, 0, &length); + if (status) + return status; - /* TAG Length: 10 bytes + SRTCP Trailer 4 bytes + MKI 4 bytes*/ - if (length != 18) - return srtp_err_status_fail; + /* TAG Length: 16 bytes + SRTCP Trailer 4 bytes*/ + if (length != 20) + return srtp_err_status_fail; + status = srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm_mki, 1, 1, + &length); + if (status) + return status; + + /* TAG Length: 16 bytes + SRTCP Trailer 4 bytes + MKI 4 bytes*/ + if (length != 24) + return srtp_err_status_fail; +#endif // OPENSSL + + srtp_dealloc(srtp_send); + srtp_dealloc(srtp_send_mki); #ifdef OPENSSL - status = srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm, 0, 0, &length); - if (status) - return status; - - /* TAG Length: 16 bytes + SRTCP Trailer 4 bytes*/ - if (length != 20) - return srtp_err_status_fail; - - - status = srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm_mki, 1, 1, &length); - if (status) - return status; - - /* TAG Length: 16 bytes + SRTCP Trailer 4 bytes + MKI 4 bytes*/ - if (length != 24) - return srtp_err_status_fail; - -#endif //OPENSSL - return srtp_err_status_ok; -} - -srtp_err_status_t -srtp_test_get_roc() { - srtp_err_status_t status; - srtp_policy_t policy; - srtp_t session; - srtp_hdr_t *pkt; - uint32_t i; - uint32_t roc; - uint32_t ts; - uint16_t seq; - - int msg_len_octets = 32; - int protected_msg_len_octets; - - memset(&policy, 0, sizeof(policy)); - srtp_crypto_policy_set_rtp_default(&policy.rtp); - srtp_crypto_policy_set_rtcp_default(&policy.rtcp); - policy.ssrc.type = ssrc_specific; - policy.ssrc.value = 0xcafebabe; - policy.key = test_key; - policy.window_size = 128; - - /* Create a sender session */ - status = srtp_create(&session, &policy); - if (status) { - return status; - } - - /* Set start sequence so we roll over */ - seq = 65535; - ts = 0; - - for (i = 0; i < 2; i++) { - pkt = srtp_create_test_packet_extended(msg_len_octets, policy.ssrc.value, seq, ts); - protected_msg_len_octets = msg_len_octets; - status = srtp_protect(session, pkt, &protected_msg_len_octets); - free(pkt); + srtp_dealloc(srtp_send_aes_gcm); + srtp_dealloc(srtp_send_aes_gcm_mki); +#endif + + return srtp_err_status_ok; +} + +srtp_err_status_t srtp_test_get_roc() +{ + srtp_err_status_t status; + srtp_policy_t policy; + srtp_t session; + srtp_hdr_t *pkt; + uint32_t i; + uint32_t roc; + uint32_t ts; + uint16_t seq; + + int msg_len_octets = 32; + int protected_msg_len_octets; + + memset(&policy, 0, sizeof(policy)); + srtp_crypto_policy_set_rtp_default(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + policy.ssrc.type = ssrc_specific; + policy.ssrc.value = 0xcafebabe; + policy.key = test_key; + policy.window_size = 128; + + /* Create a sender session */ + status = srtp_create(&session, &policy); if (status) { - return status; + return status; } - status = srtp_get_stream_roc(session, policy.ssrc.value, &roc); + /* Set start sequence so we roll over */ + seq = 65535; + ts = 0; + + for (i = 0; i < 2; i++) { + pkt = srtp_create_test_packet_extended(msg_len_octets, + policy.ssrc.value, seq, ts, + &protected_msg_len_octets); + status = srtp_protect(session, pkt, &protected_msg_len_octets); + free(pkt); + if (status) { + return status; + } + + status = srtp_get_stream_roc(session, policy.ssrc.value, &roc); + if (status) { + return status; + } + + if (roc != i) { + return srtp_err_status_fail; + } + + seq++; + ts++; + } + + /* Cleanup */ + status = srtp_dealloc(session); + if (status) { + return status; + } + + return srtp_err_status_ok; +} + +static srtp_err_status_t test_set_receiver_roc(uint32_t packets, + uint32_t roc_to_set) +{ + srtp_err_status_t status; + + srtp_policy_t sender_policy; + srtp_t sender_session; + + srtp_policy_t receiver_policy; + srtp_t receiver_session; + + srtp_hdr_t *pkt_1; + unsigned char *recv_pkt_1; + + srtp_hdr_t *pkt_2; + unsigned char *recv_pkt_2; + + uint32_t i; + uint32_t ts; + uint16_t seq; + + int msg_len_octets = 32; + int protected_msg_len_octets_1; + int protected_msg_len_octets_2; + + /* Create sender */ + memset(&sender_policy, 0, sizeof(sender_policy)); + srtp_crypto_policy_set_rtp_default(&sender_policy.rtp); + srtp_crypto_policy_set_rtcp_default(&sender_policy.rtcp); + sender_policy.ssrc.type = ssrc_specific; + sender_policy.ssrc.value = 0xcafebabe; + sender_policy.key = test_key; + sender_policy.window_size = 128; + + status = srtp_create(&sender_session, &sender_policy); if (status) { - return status; + return status; } - if (roc != i) { - return srtp_err_status_fail; + /* Create and protect packets */ + seq = 0; + ts = 0; + for (i = 0; i < packets; i++) { + srtp_hdr_t *tmp_pkt; + int tmp_len; + + tmp_pkt = srtp_create_test_packet_extended( + msg_len_octets, sender_policy.ssrc.value, seq, ts, &tmp_len); + status = srtp_protect(sender_session, tmp_pkt, &tmp_len); + free(tmp_pkt); + if (status) { + return status; + } + seq++; + ts++; } + /* Create the first packet to decrypt and test for ROC change */ + pkt_1 = srtp_create_test_packet_extended(msg_len_octets, + sender_policy.ssrc.value, seq, ts, + &protected_msg_len_octets_1); + status = srtp_protect(sender_session, pkt_1, &protected_msg_len_octets_1); + if (status) { + return status; + } + + /* Create the second packet to decrypt and test for ROC change */ seq++; ts++; - } + pkt_2 = srtp_create_test_packet_extended(msg_len_octets, + sender_policy.ssrc.value, seq, ts, + &protected_msg_len_octets_2); + status = srtp_protect(sender_session, pkt_2, &protected_msg_len_octets_2); + if (status) { + return status; + } - /* Cleanup */ - status = srtp_dealloc(session); - if (status) { - return status; - } + /* Create the receiver */ + memset(&receiver_policy, 0, sizeof(receiver_policy)); + srtp_crypto_policy_set_rtp_default(&receiver_policy.rtp); + srtp_crypto_policy_set_rtcp_default(&receiver_policy.rtcp); + receiver_policy.ssrc.type = ssrc_specific; + receiver_policy.ssrc.value = sender_policy.ssrc.value; + receiver_policy.key = test_key; + receiver_policy.window_size = 128; + + status = srtp_create(&receiver_session, &receiver_policy); + if (status) { + return status; + } - return srtp_err_status_ok; + /* Make a copy of the first sent protected packet */ + recv_pkt_1 = malloc(protected_msg_len_octets_1); + if (recv_pkt_1 == NULL) { + return srtp_err_status_fail; + } + memcpy(recv_pkt_1, pkt_1, protected_msg_len_octets_1); + + /* Make a copy of the second sent protected packet */ + recv_pkt_2 = malloc(protected_msg_len_octets_2); + if (recv_pkt_2 == NULL) { + return srtp_err_status_fail; + } + memcpy(recv_pkt_2, pkt_2, protected_msg_len_octets_2); + + /* Set the ROC to the wanted value */ + status = srtp_set_stream_roc(receiver_session, receiver_policy.ssrc.value, + roc_to_set); + if (status) { + return status; + } + + /* Unprotect the first packet */ + status = srtp_unprotect(receiver_session, recv_pkt_1, + &protected_msg_len_octets_1); + if (status) { + return status; + } + + /* Unprotect the second packet */ + status = srtp_unprotect(receiver_session, recv_pkt_2, + &protected_msg_len_octets_2); + if (status) { + return status; + } + + /* Cleanup */ + status = srtp_dealloc(sender_session); + if (status) { + return status; + } + + status = srtp_dealloc(receiver_session); + if (status) { + return status; + } + + free(pkt_1); + free(recv_pkt_1); + free(pkt_2); + free(recv_pkt_2); + + return srtp_err_status_ok; } -static srtp_err_status_t -test_set_receiver_roc(uint32_t packets, uint32_t roc_to_set) +static srtp_err_status_t test_set_sender_roc(uint16_t seq, uint32_t roc_to_set) { - srtp_err_status_t status; + srtp_err_status_t status; - srtp_policy_t sender_policy; - srtp_t sender_session; + srtp_policy_t sender_policy; + srtp_t sender_session; - srtp_policy_t receiver_policy; - srtp_t receiver_session; + srtp_policy_t receiver_policy; + srtp_t receiver_session; - srtp_hdr_t *pkt_1; - unsigned char *recv_pkt_1; + srtp_hdr_t *pkt; + unsigned char *recv_pkt; - srtp_hdr_t *pkt_2; - unsigned char *recv_pkt_2; + uint32_t ts; - uint32_t i; - uint32_t ts; - uint16_t seq; + int msg_len_octets = 32; + int protected_msg_len_octets; - int msg_len_octets = 32; - int protected_msg_len_octets_1; - int protected_msg_len_octets_2; + /* Create sender */ + memset(&sender_policy, 0, sizeof(sender_policy)); + srtp_crypto_policy_set_rtp_default(&sender_policy.rtp); + srtp_crypto_policy_set_rtcp_default(&sender_policy.rtcp); + sender_policy.ssrc.type = ssrc_specific; + sender_policy.ssrc.value = 0xcafebabe; + sender_policy.key = test_key; + sender_policy.window_size = 128; - /* Create sender */ - memset(&sender_policy, 0, sizeof(sender_policy)); - srtp_crypto_policy_set_rtp_default(&sender_policy.rtp); - srtp_crypto_policy_set_rtcp_default(&sender_policy.rtcp); - sender_policy.ssrc.type = ssrc_specific; - sender_policy.ssrc.value = 0xcafebabe; - sender_policy.key = test_key; - sender_policy.window_size = 128; + status = srtp_create(&sender_session, &sender_policy); + if (status) { + return status; + } - status = srtp_create(&sender_session, &sender_policy); - if (status) { - return status; - } + /* Set the ROC before encrypting the first packet */ + status = srtp_set_stream_roc(sender_session, sender_policy.ssrc.value, + roc_to_set); + if (status != srtp_err_status_ok) { + return status; + } - /* Create and protect packets */ - seq = 0; - ts = 0; - for (i = 0; i < packets; i++) { - srtp_hdr_t *tmp_pkt; - int tmp_len; + /* Create the packet to decrypt */ + ts = 0; + pkt = srtp_create_test_packet_extended(msg_len_octets, + sender_policy.ssrc.value, seq, ts, + &protected_msg_len_octets); + status = srtp_protect(sender_session, pkt, &protected_msg_len_octets); + if (status) { + return status; + } - tmp_pkt = srtp_create_test_packet_extended(msg_len_octets, sender_policy.ssrc.value, seq, ts); - tmp_len = msg_len_octets; - status = srtp_protect(sender_session, tmp_pkt, &tmp_len); - free(tmp_pkt); + /* Create the receiver */ + memset(&receiver_policy, 0, sizeof(receiver_policy)); + srtp_crypto_policy_set_rtp_default(&receiver_policy.rtp); + srtp_crypto_policy_set_rtcp_default(&receiver_policy.rtcp); + receiver_policy.ssrc.type = ssrc_specific; + receiver_policy.ssrc.value = sender_policy.ssrc.value; + receiver_policy.key = test_key; + receiver_policy.window_size = 128; + + status = srtp_create(&receiver_session, &receiver_policy); if (status) { - return status; + return status; + } + + /* Make a copy of the sent protected packet */ + recv_pkt = malloc(protected_msg_len_octets); + if (recv_pkt == NULL) { + return srtp_err_status_fail; + } + memcpy(recv_pkt, pkt, protected_msg_len_octets); + + /* Set the ROC to the wanted value */ + status = srtp_set_stream_roc(receiver_session, receiver_policy.ssrc.value, + roc_to_set); + if (status) { + return status; + } + + status = + srtp_unprotect(receiver_session, recv_pkt, &protected_msg_len_octets); + if (status) { + return status; } - seq++; - ts++; - } - /* Create the first packet to decrypt and test for ROC change */ - pkt_1 = srtp_create_test_packet_extended(msg_len_octets, sender_policy.ssrc.value, seq, ts); - protected_msg_len_octets_1 = msg_len_octets; - status = srtp_protect(sender_session, pkt_1, &protected_msg_len_octets_1); - if (status) { - return status; - } - - /* Create the second packet to decrypt and test for ROC change */ - seq++; - ts++; - pkt_2 = srtp_create_test_packet_extended(msg_len_octets, sender_policy.ssrc.value, seq, ts); - protected_msg_len_octets_2 = msg_len_octets; - status = srtp_protect(sender_session, pkt_2, &protected_msg_len_octets_2); - if (status) { - return status; - } - - /* Create the receiver */ - memset(&receiver_policy, 0, sizeof(receiver_policy)); - srtp_crypto_policy_set_rtp_default(&receiver_policy.rtp); - srtp_crypto_policy_set_rtcp_default(&receiver_policy.rtcp); - receiver_policy.ssrc.type = ssrc_specific; - receiver_policy.ssrc.value = sender_policy.ssrc.value; - receiver_policy.key = test_key; - receiver_policy.window_size = 128; - - status = srtp_create(&receiver_session, &receiver_policy); - if (status) { - return status; - } - - /* Make a copy of the first sent protected packet */ - recv_pkt_1 = malloc(protected_msg_len_octets_1); - if (recv_pkt_1 == NULL) { - return srtp_err_status_fail; - } - memcpy(recv_pkt_1, pkt_1, protected_msg_len_octets_1); - - /* Make a copy of the second sent protected packet */ - recv_pkt_2 = malloc(protected_msg_len_octets_2); - if (recv_pkt_2 == NULL) { - return srtp_err_status_fail; - } - memcpy(recv_pkt_2, pkt_2, protected_msg_len_octets_2); - - /* Set the ROC to the wanted value */ - status = srtp_set_stream_roc(receiver_session, receiver_policy.ssrc.value, roc_to_set); - if (status) { - return status; - } - - /* Unprotect the first packet */ - status = srtp_unprotect(receiver_session, recv_pkt_1, &protected_msg_len_octets_1); - if (status) { - return status; - } - - /* Unprotect the second packet */ - status = srtp_unprotect(receiver_session, recv_pkt_2, &protected_msg_len_octets_2); - if (status) { - return status; - } - - /* Cleanup */ - status = srtp_dealloc(sender_session); - if (status) { - return status; - } - - status = srtp_dealloc(receiver_session); - if (status) { - return status; - } - - free(pkt_1); - free(recv_pkt_1); - free(pkt_2); - free(recv_pkt_2); - - return srtp_err_status_ok; -} - -static srtp_err_status_t -test_set_sender_roc(uint16_t seq, uint32_t roc_to_set) -{ - srtp_err_status_t status; - - srtp_policy_t sender_policy; - srtp_t sender_session; - - srtp_policy_t receiver_policy; - srtp_t receiver_session; - - srtp_hdr_t *pkt; - unsigned char *recv_pkt; - - uint32_t ts; - - int msg_len_octets = 32; - int protected_msg_len_octets; - - /* Create sender */ - memset(&sender_policy, 0, sizeof(sender_policy)); - srtp_crypto_policy_set_rtp_default(&sender_policy.rtp); - srtp_crypto_policy_set_rtcp_default(&sender_policy.rtcp); - sender_policy.ssrc.type = ssrc_specific; - sender_policy.ssrc.value = 0xcafebabe; - sender_policy.key = test_key; - sender_policy.window_size = 128; - - status = srtp_create(&sender_session, &sender_policy); - if (status) { - return status; - } - - /* Set the ROC before encrypting the first packet */ - status = srtp_set_stream_roc(sender_session, sender_policy.ssrc.value, roc_to_set); - if (status != srtp_err_status_ok) { - return status; - } - - /* Create the packet to decrypt */ - ts = 0; - pkt = srtp_create_test_packet_extended(msg_len_octets, sender_policy.ssrc.value, seq, ts); - protected_msg_len_octets = msg_len_octets; - status = srtp_protect(sender_session, pkt, &protected_msg_len_octets); - if (status) { - return status; - } - - /* Create the receiver */ - memset(&receiver_policy, 0, sizeof(receiver_policy)); - srtp_crypto_policy_set_rtp_default(&receiver_policy.rtp); - srtp_crypto_policy_set_rtcp_default(&receiver_policy.rtcp); - receiver_policy.ssrc.type = ssrc_specific; - receiver_policy.ssrc.value = sender_policy.ssrc.value; - receiver_policy.key = test_key; - receiver_policy.window_size = 128; - - status = srtp_create(&receiver_session, &receiver_policy); - if (status) { - return status; - } - - /* Make a copy of the sent protected packet */ - recv_pkt = malloc(protected_msg_len_octets); - if (recv_pkt == NULL) { - return srtp_err_status_fail; - } - memcpy(recv_pkt, pkt, protected_msg_len_octets); - - /* Set the ROC to the wanted value */ - status = srtp_set_stream_roc(receiver_session, receiver_policy.ssrc.value, roc_to_set); - if (status) { - return status; - } - - status = srtp_unprotect(receiver_session, recv_pkt, &protected_msg_len_octets); - if (status) { - return status; - } - - /* Cleanup */ - status = srtp_dealloc(sender_session); - if (status) { - return status; - } - - status = srtp_dealloc(receiver_session); - if (status) { - return status; - } - - free(pkt); - free(recv_pkt); - - return srtp_err_status_ok; -} - -srtp_err_status_t -srtp_test_set_receiver_roc() { - int packets; - uint32_t roc; - srtp_err_status_t status; - - /* First test does not rollover */ - packets = 1; - roc = 0; - - status = test_set_receiver_roc(packets - 1, roc); - if (status) { - return status; - } - - status = test_set_receiver_roc(packets, roc); - if (status) { - return status; - } - - status = test_set_receiver_roc(packets + 1, roc); - if (status) { - return status; - } - - status = test_set_receiver_roc(packets + 60000, roc); - if (status) { - return status; - } - - /* Second test should rollover */ - packets = 65535; - roc = 0; - - status = test_set_receiver_roc(packets - 1, roc); - if (status) { - return status; - } - - status = test_set_receiver_roc(packets, roc); - if (status) { - return status; - } - - /* Now the rollover counter should be 1 */ - roc = 1; - status = test_set_receiver_roc(packets + 1, roc); - if (status) { - return status; - } - - status = test_set_receiver_roc(packets + 60000, roc); - if (status) { - return status; - } - - return srtp_err_status_ok; -} - -srtp_err_status_t -srtp_test_set_sender_roc() { - uint32_t roc; - uint16_t seq; - srtp_err_status_t status; - - seq = 43210; - roc = 0; - status = test_set_sender_roc(seq, roc); - if (status) { - return status; - } - - roc = 65535; - status = test_set_sender_roc(seq, roc); - if (status) { - return status; - } - - roc = 0xffff; - status = test_set_sender_roc(seq, roc); - if (status) { - return status; - } - - roc = 0xffff00; - status = test_set_sender_roc(seq, roc); - if (status) { - return status; - } - - roc = 0xfffffff0; - status = test_set_sender_roc(seq, roc); - if (status) { - return status; - } + /* Cleanup */ + status = srtp_dealloc(sender_session); + if (status) { + return status; + } + + status = srtp_dealloc(receiver_session); + if (status) { + return status; + } - return srtp_err_status_ok; + free(pkt); + free(recv_pkt); + + return srtp_err_status_ok; +} + +srtp_err_status_t srtp_test_set_receiver_roc() +{ + int packets; + uint32_t roc; + srtp_err_status_t status; + + /* First test does not rollover */ + packets = 1; + roc = 0; + + status = test_set_receiver_roc(packets - 1, roc); + if (status) { + return status; + } + + status = test_set_receiver_roc(packets, roc); + if (status) { + return status; + } + + status = test_set_receiver_roc(packets + 1, roc); + if (status) { + return status; + } + + status = test_set_receiver_roc(packets + 60000, roc); + if (status) { + return status; + } + + /* Second test should rollover */ + packets = 65535; + roc = 0; + + status = test_set_receiver_roc(packets - 1, roc); + if (status) { + return status; + } + + status = test_set_receiver_roc(packets, roc); + if (status) { + return status; + } + + /* Now the rollover counter should be 1 */ + roc = 1; + status = test_set_receiver_roc(packets + 1, roc); + if (status) { + return status; + } + + status = test_set_receiver_roc(packets + 60000, roc); + if (status) { + return status; + } + + return srtp_err_status_ok; +} + +srtp_err_status_t srtp_test_set_sender_roc() +{ + uint32_t roc; + uint16_t seq; + srtp_err_status_t status; + + seq = 43210; + roc = 0; + status = test_set_sender_roc(seq, roc); + if (status) { + return status; + } + + roc = 65535; + status = test_set_sender_roc(seq, roc); + if (status) { + return status; + } + + roc = 0xffff; + status = test_set_sender_roc(seq, roc); + if (status) { + return status; + } + + roc = 0xffff00; + status = test_set_sender_roc(seq, roc); + if (status) { + return status; + } + + roc = 0xfffffff0; + status = test_set_sender_roc(seq, roc); + if (status) { + return status; + } + + return srtp_err_status_ok; } /* * srtp policy definitions - these definitions are used above */ +// clang-format off unsigned char test_key[46] = { 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, @@ -3431,241 +3409,253 @@ unsigned char test_mki_id_2[TEST_MKI_ID_SIZE] = { 0xf3, 0xa1, 0x46, 0x71 }; +// clang-format on const srtp_policy_t default_policy = { - { ssrc_any_outbound, 0 }, /* SSRC */ - { /* SRTP policy */ - SRTP_AES_ICM_128, /* cipher type */ + { ssrc_any_outbound, 0 }, /* SSRC */ + { + /* SRTP policy */ + SRTP_AES_ICM_128, /* cipher type */ SRTP_AES_ICM_128_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_HMAC_SHA1, /* authentication func type */ - 16, /* auth key length in octets */ - 10, /* auth tag length in octets */ - sec_serv_conf_and_auth /* security services flag */ + SRTP_HMAC_SHA1, /* authentication func type */ + 16, /* auth key length in octets */ + 10, /* auth tag length in octets */ + sec_serv_conf_and_auth /* security services flag */ }, - { /* SRTCP policy */ - SRTP_AES_ICM_128, /* cipher type */ + { + /* SRTCP policy */ + SRTP_AES_ICM_128, /* cipher type */ SRTP_AES_ICM_128_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_HMAC_SHA1, /* authentication func type */ - 16, /* auth key length in octets */ - 10, /* auth tag length in octets */ - sec_serv_conf_and_auth /* security services flag */ + SRTP_HMAC_SHA1, /* authentication func type */ + 16, /* auth key length in octets */ + 10, /* auth tag length in octets */ + sec_serv_conf_and_auth /* security services flag */ }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - NULL, /* indicates that EKT is not in use */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + NULL, /* indicates that EKT is not in use */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; const srtp_policy_t aes_only_policy = { { ssrc_any_outbound, 0 }, /* SSRC */ { - SRTP_AES_ICM_128, /* cipher type */ + SRTP_AES_ICM_128, /* cipher type */ SRTP_AES_ICM_128_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_NULL_AUTH, /* authentication func type */ - 0, /* auth key length in octets */ - 0, /* auth tag length in octets */ - sec_serv_conf /* security services flag */ + SRTP_NULL_AUTH, /* authentication func type */ + 0, /* auth key length in octets */ + 0, /* auth tag length in octets */ + sec_serv_conf /* security services flag */ }, { - SRTP_AES_ICM_128, /* cipher type */ + SRTP_AES_ICM_128, /* cipher type */ SRTP_AES_ICM_128_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_NULL_AUTH, /* authentication func type */ - 0, /* auth key length in octets */ - 0, /* auth tag length in octets */ - sec_serv_conf /* security services flag */ + SRTP_NULL_AUTH, /* authentication func type */ + 0, /* auth key length in octets */ + 0, /* auth tag length in octets */ + sec_serv_conf /* security services flag */ }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - NULL, /* indicates that EKT is not in use */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + NULL, /* indicates that EKT is not in use */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; const srtp_policy_t hmac_only_policy = { - { ssrc_any_outbound, 0 }, /* SSRC */ + { ssrc_any_outbound, 0 }, /* SSRC */ { - SRTP_NULL_CIPHER, /* cipher type */ - 0, /* cipher key length in octets */ - SRTP_HMAC_SHA1, /* authentication func type */ - 20, /* auth key length in octets */ - 4, /* auth tag length in octets */ - sec_serv_auth /* security services flag */ + SRTP_NULL_CIPHER, /* cipher type */ + 0, /* cipher key length in octets */ + SRTP_HMAC_SHA1, /* authentication func type */ + 20, /* auth key length in octets */ + 4, /* auth tag length in octets */ + sec_serv_auth /* security services flag */ }, { - SRTP_NULL_CIPHER, /* cipher type */ - 0, /* cipher key length in octets */ - SRTP_HMAC_SHA1, /* authentication func type */ - 20, /* auth key length in octets */ - 4, /* auth tag length in octets */ - sec_serv_auth /* security services flag */ + SRTP_NULL_CIPHER, /* cipher type */ + 0, /* cipher key length in octets */ + SRTP_HMAC_SHA1, /* authentication func type */ + 20, /* auth key length in octets */ + 4, /* auth tag length in octets */ + sec_serv_auth /* security services flag */ }, NULL, (srtp_master_key_t **)test_keys, - 2, /* Number of Master keys associated with the policy */ - NULL, /* indicates that EKT is not in use */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* Number of Master keys associated with the policy */ + NULL, /* indicates that EKT is not in use */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; #ifdef OPENSSL const srtp_policy_t aes128_gcm_8_policy = { - { ssrc_any_outbound, 0 }, /* SSRC */ - { /* SRTP policy */ - SRTP_AES_GCM_128, /* cipher type */ + { ssrc_any_outbound, 0 }, /* SSRC */ + { + /* SRTP policy */ + SRTP_AES_GCM_128, /* cipher type */ SRTP_AES_GCM_128_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_NULL_AUTH, /* authentication func type */ + SRTP_NULL_AUTH, /* authentication func type */ 0, /* auth key length in octets */ 8, /* auth tag length in octets */ sec_serv_conf_and_auth /* security services flag */ }, - { /* SRTCP policy */ - SRTP_AES_GCM_128, /* cipher type */ + { + /* SRTCP policy */ + SRTP_AES_GCM_128, /* cipher type */ SRTP_AES_GCM_128_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_NULL_AUTH, /* authentication func type */ + SRTP_NULL_AUTH, /* authentication func type */ 0, /* auth key length in octets */ 8, /* auth tag length in octets */ sec_serv_conf_and_auth /* security services flag */ }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - NULL, /* indicates that EKT is not in use */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + NULL, /* indicates that EKT is not in use */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; const srtp_policy_t aes128_gcm_8_cauth_policy = { - { ssrc_any_outbound, 0 }, /* SSRC */ - { /* SRTP policy */ - SRTP_AES_GCM_128, /* cipher type */ + { ssrc_any_outbound, 0 }, /* SSRC */ + { + /* SRTP policy */ + SRTP_AES_GCM_128, /* cipher type */ SRTP_AES_GCM_128_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_NULL_AUTH, /* authentication func type */ + SRTP_NULL_AUTH, /* authentication func type */ 0, /* auth key length in octets */ 8, /* auth tag length in octets */ sec_serv_conf_and_auth /* security services flag */ }, - { /* SRTCP policy */ - SRTP_AES_GCM_128, /* cipher type */ + { + /* SRTCP policy */ + SRTP_AES_GCM_128, /* cipher type */ SRTP_AES_GCM_128_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_NULL_AUTH, /* authentication func type */ + SRTP_NULL_AUTH, /* authentication func type */ 0, /* auth key length in octets */ 8, /* auth tag length in octets */ sec_serv_auth /* security services flag */ }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - NULL, /* indicates that EKT is not in use */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + NULL, /* indicates that EKT is not in use */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; const srtp_policy_t aes256_gcm_8_policy = { - { ssrc_any_outbound, 0 }, /* SSRC */ - { /* SRTP policy */ - SRTP_AES_GCM_256, /* cipher type */ + { ssrc_any_outbound, 0 }, /* SSRC */ + { + /* SRTP policy */ + SRTP_AES_GCM_256, /* cipher type */ SRTP_AES_GCM_256_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_NULL_AUTH, /* authentication func type */ + SRTP_NULL_AUTH, /* authentication func type */ 0, /* auth key length in octets */ 8, /* auth tag length in octets */ sec_serv_conf_and_auth /* security services flag */ }, - { /* SRTCP policy */ - SRTP_AES_GCM_256, /* cipher type */ + { + /* SRTCP policy */ + SRTP_AES_GCM_256, /* cipher type */ SRTP_AES_GCM_256_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_NULL_AUTH, /* authentication func type */ + SRTP_NULL_AUTH, /* authentication func type */ 0, /* auth key length in octets */ 8, /* auth tag length in octets */ sec_serv_conf_and_auth /* security services flag */ }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - NULL, /* indicates that EKT is not in use */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + NULL, /* indicates that EKT is not in use */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; const srtp_policy_t aes256_gcm_8_cauth_policy = { - { ssrc_any_outbound, 0 }, /* SSRC */ - { /* SRTP policy */ - SRTP_AES_GCM_256, /* cipher type */ + { ssrc_any_outbound, 0 }, /* SSRC */ + { + /* SRTP policy */ + SRTP_AES_GCM_256, /* cipher type */ SRTP_AES_GCM_256_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_NULL_AUTH, /* authentication func type */ + SRTP_NULL_AUTH, /* authentication func type */ 0, /* auth key length in octets */ 8, /* auth tag length in octets */ sec_serv_conf_and_auth /* security services flag */ }, - { /* SRTCP policy */ - SRTP_AES_GCM_256, /* cipher type */ + { + /* SRTCP policy */ + SRTP_AES_GCM_256, /* cipher type */ SRTP_AES_GCM_256_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_NULL_AUTH, /* authentication func type */ + SRTP_NULL_AUTH, /* authentication func type */ 0, /* auth key length in octets */ 8, /* auth tag length in octets */ sec_serv_auth /* security services flag */ }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - NULL, /* indicates that EKT is not in use */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + NULL, /* indicates that EKT is not in use */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; #endif const srtp_policy_t null_policy = { - { ssrc_any_outbound, 0 }, /* SSRC */ + { ssrc_any_outbound, 0 }, /* SSRC */ { - SRTP_NULL_CIPHER, /* cipher type */ - 0, /* cipher key length in octets */ - SRTP_NULL_AUTH, /* authentication func type */ - 0, /* auth key length in octets */ - 0, /* auth tag length in octets */ - sec_serv_none /* security services flag */ + SRTP_NULL_CIPHER, /* cipher type */ + 0, /* cipher key length in octets */ + SRTP_NULL_AUTH, /* authentication func type */ + 0, /* auth key length in octets */ + 0, /* auth tag length in octets */ + sec_serv_none /* security services flag */ }, { - SRTP_NULL_CIPHER, /* cipher type */ - 0, /* cipher key length in octets */ - SRTP_NULL_AUTH, /* authentication func type */ - 0, /* auth key length in octets */ - 0, /* auth tag length in octets */ - sec_serv_none /* security services flag */ + SRTP_NULL_CIPHER, /* cipher type */ + 0, /* cipher key length in octets */ + SRTP_NULL_AUTH, /* authentication func type */ + 0, /* auth key length in octets */ + 0, /* auth tag length in octets */ + sec_serv_none /* security services flag */ }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - NULL, /* indicates that EKT is not in use */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + NULL, /* indicates that EKT is not in use */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; +// clang-format off unsigned char test_256_key[46] = { 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76, 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29, @@ -3701,80 +3691,86 @@ &master_key_1, &master_key_2 }; +// clang-format on const srtp_policy_t aes_256_hmac_policy = { - { ssrc_any_outbound, 0 }, /* SSRC */ - { /* SRTP policy */ + { ssrc_any_outbound, 0 }, /* SSRC */ + { + /* SRTP policy */ SRTP_AES_ICM_256, /* cipher type */ SRTP_AES_ICM_256_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_HMAC_SHA1, /* authentication func type */ - 20, /* auth key length in octets */ - 10, /* auth tag length in octets */ - sec_serv_conf_and_auth /* security services flag */ + SRTP_HMAC_SHA1, /* authentication func type */ + 20, /* auth key length in octets */ + 10, /* auth tag length in octets */ + sec_serv_conf_and_auth /* security services flag */ }, - { /* SRTCP policy */ + { + /* SRTCP policy */ SRTP_AES_ICM_256, /* cipher type */ SRTP_AES_ICM_256_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_HMAC_SHA1, /* authentication func type */ - 20, /* auth key length in octets */ - 10, /* auth tag length in octets */ - sec_serv_conf_and_auth /* security services flag */ + SRTP_HMAC_SHA1, /* authentication func type */ + 20, /* auth key length in octets */ + 10, /* auth tag length in octets */ + sec_serv_conf_and_auth /* security services flag */ }, NULL, (srtp_master_key_t **)test_256_keys, - 2, /* indicates the number of Master keys */ - NULL, /* indicates that EKT is not in use */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + NULL, /* indicates that EKT is not in use */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; +// clang-format off uint8_t ekt_test_key[16] = { 0x77, 0x26, 0x9d, 0xac, 0x16, 0xa3, 0x28, 0xca, 0x8e, 0xc9, 0x68, 0x4b, 0xcc, 0xc4, 0xd2, 0x1b }; +// clang-format on #include "ekt.h" +// clang-format off srtp_ekt_policy_ctx_t ekt_test_policy = { 0xa5a5, /* SPI */ SRTP_EKT_CIPHER_AES_128_ECB, ekt_test_key, NULL }; +// clang-format on const srtp_policy_t hmac_only_with_ekt_policy = { - { ssrc_any_outbound, 0 }, /* SSRC */ + { ssrc_any_outbound, 0 }, /* SSRC */ { - SRTP_NULL_CIPHER, /* cipher type */ - 0, /* cipher key length in octets */ - SRTP_HMAC_SHA1, /* authentication func type */ - 20, /* auth key length in octets */ - 4, /* auth tag length in octets */ - sec_serv_auth /* security services flag */ + SRTP_NULL_CIPHER, /* cipher type */ + 0, /* cipher key length in octets */ + SRTP_HMAC_SHA1, /* authentication func type */ + 20, /* auth key length in octets */ + 4, /* auth tag length in octets */ + sec_serv_auth /* security services flag */ }, { - SRTP_NULL_CIPHER, /* cipher type */ - 0, /* cipher key length in octets */ - SRTP_HMAC_SHA1, /* authentication func type */ - 20, /* auth key length in octets */ - 4, /* auth tag length in octets */ - sec_serv_auth /* security services flag */ + SRTP_NULL_CIPHER, /* cipher type */ + 0, /* cipher key length in octets */ + SRTP_HMAC_SHA1, /* authentication func type */ + 20, /* auth key length in octets */ + 4, /* auth tag length in octets */ + sec_serv_auth /* security services flag */ }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - &ekt_test_policy, /* indicates that EKT is not in use */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + &ekt_test_policy, /* indicates that EKT is not in use */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; - /* * an array of pointers to the policies listed above * @@ -3785,8 +3781,8 @@ * add to this list, you should do it at the end. */ -const srtp_policy_t * -policy_array[] = { +// clang-format off +const srtp_policy_t *policy_array[] = { &hmac_only_policy, &aes_only_policy, &default_policy, @@ -3801,32 +3797,35 @@ &hmac_only_with_ekt_policy, NULL }; +// clang-format on const srtp_policy_t wildcard_policy = { - { ssrc_any_outbound, 0 }, /* SSRC */ - { /* SRTP policy */ - SRTP_AES_ICM_128, /* cipher type */ + { ssrc_any_outbound, 0 }, /* SSRC */ + { + /* SRTP policy */ + SRTP_AES_ICM_128, /* cipher type */ SRTP_AES_ICM_128_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_HMAC_SHA1, /* authentication func type */ - 16, /* auth key length in octets */ - 10, /* auth tag length in octets */ - sec_serv_conf_and_auth /* security services flag */ + SRTP_HMAC_SHA1, /* authentication func type */ + 16, /* auth key length in octets */ + 10, /* auth tag length in octets */ + sec_serv_conf_and_auth /* security services flag */ }, - { /* SRTCP policy */ - SRTP_AES_ICM_128, /* cipher type */ + { + /* SRTCP policy */ + SRTP_AES_ICM_128, /* cipher type */ SRTP_AES_ICM_128_KEY_LEN_WSALT, /* cipher key length in octets */ - SRTP_HMAC_SHA1, /* authentication func type */ - 16, /* auth key length in octets */ - 10, /* auth tag length in octets */ - sec_serv_conf_and_auth /* security services flag */ + SRTP_HMAC_SHA1, /* authentication func type */ + 16, /* auth key length in octets */ + 10, /* auth tag length in octets */ + sec_serv_conf_and_auth /* security services flag */ }, test_key, NULL, 0, NULL, - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; diff -Nru libsrtp2-2.1.0/test/test_srtp.c libsrtp2-2.2.0/test/test_srtp.c --- libsrtp2-2.1.0/test/test_srtp.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/test_srtp.c 2018-05-15 19:33:24.000000000 +0000 @@ -72,13 +72,13 @@ * item is the test function. */ -TEST_LIST = {{"srtp_calc_aead_iv_srtcp_all_zero_input_yield_zero_output()", - srtp_calc_aead_iv_srtcp_all_zero_input_yield_zero_output}, - {"srtp_calc_aead_iv_srtcp_seq_num_over_0x7FFFFFFF_bad_param()", - srtp_calc_aead_iv_srtcp_seq_num_over_0x7FFFFFFF_bad_param}, - {"srtp_calc_aead_iv_srtcp_distinct_iv_per_sequence_number()", - srtp_calc_aead_iv_srtcp_distinct_iv_per_sequence_number}, - {NULL} /* End of tests */}; +TEST_LIST = { { "srtp_calc_aead_iv_srtcp_all_zero_input_yield_zero_output()", + srtp_calc_aead_iv_srtcp_all_zero_input_yield_zero_output }, + { "srtp_calc_aead_iv_srtcp_seq_num_over_0x7FFFFFFF_bad_param()", + srtp_calc_aead_iv_srtcp_seq_num_over_0x7FFFFFFF_bad_param }, + { "srtp_calc_aead_iv_srtcp_distinct_iv_per_sequence_number()", + srtp_calc_aead_iv_srtcp_distinct_iv_per_sequence_number }, + { NULL } /* End of tests */ }; /* * Implementation. @@ -146,9 +146,9 @@ */ void srtp_calc_aead_iv_srtcp_distinct_iv_per_sequence_number() { +#define SAMPLE_COUNT (3) // Preconditions // Test each significant bit high in each full byte. - #define SAMPLE_COUNT (3) srtp_session_keys_t session_keys; srtcp_hdr_t header; v128_t output_iv[SAMPLE_COUNT]; @@ -173,13 +173,13 @@ size_t i = 0; for (i = 0; i < SAMPLE_COUNT; i++) { TEST_CHECK(srtp_calc_aead_iv_srtcp(&session_keys, &output_iv[i], - sequence_num[i], &header) - == srtp_err_status_ok); + sequence_num[i], + &header) == srtp_err_status_ok); } // Then all IVs are as expected for (i = 0; i < SAMPLE_COUNT; i++) { TEST_CHECK(memcmp(&final_iv[i], &output_iv[i], sizeof(v128_t)) == 0); } - #undef SAMPLE_COUNT +#undef SAMPLE_COUNT } diff -Nru libsrtp2-2.1.0/test/util.c libsrtp2-2.2.0/test/util.c --- libsrtp2-2.1.0/test/util.c 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/util.c 2018-05-15 19:33:24.000000000 +0000 @@ -49,38 +49,61 @@ char bit_string[MAX_PRINT_STRING_LEN]; -static inline int hex_char_to_nibble (uint8_t c) +static inline int hex_char_to_nibble(uint8_t c) { switch (c) { - case ('0'): return 0x0; - case ('1'): return 0x1; - case ('2'): return 0x2; - case ('3'): return 0x3; - case ('4'): return 0x4; - case ('5'): return 0x5; - case ('6'): return 0x6; - case ('7'): return 0x7; - case ('8'): return 0x8; - case ('9'): return 0x9; - case ('a'): return 0xa; - case ('A'): return 0xa; - case ('b'): return 0xb; - case ('B'): return 0xb; - case ('c'): return 0xc; - case ('C'): return 0xc; - case ('d'): return 0xd; - case ('D'): return 0xd; - case ('e'): return 0xe; - case ('E'): return 0xe; - case ('f'): return 0xf; - case ('F'): return 0xf; - default: return -1; /* this flags an error */ + case ('0'): + return 0x0; + case ('1'): + return 0x1; + case ('2'): + return 0x2; + case ('3'): + return 0x3; + case ('4'): + return 0x4; + case ('5'): + return 0x5; + case ('6'): + return 0x6; + case ('7'): + return 0x7; + case ('8'): + return 0x8; + case ('9'): + return 0x9; + case ('a'): + return 0xa; + case ('A'): + return 0xa; + case ('b'): + return 0xb; + case ('B'): + return 0xb; + case ('c'): + return 0xc; + case ('C'): + return 0xc; + case ('d'): + return 0xd; + case ('D'): + return 0xd; + case ('e'): + return 0xe; + case ('E'): + return 0xe; + case ('f'): + return 0xf; + case ('F'): + return 0xf; + default: + return -1; /* this flags an error */ } /* NOTREACHED */ return -1; /* this keeps compilers from complaining */ } -uint8_t nibble_to_hex_char (uint8_t nibble) +uint8_t nibble_to_hex_char(uint8_t nibble) { char buf[16] = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' }; @@ -92,7 +115,7 @@ * hex_string_to_octet_string converts a hexadecimal string * of length 2 * len to a raw octet string of length len */ -int hex_string_to_octet_string (char *raw, char *hex, int len) +int hex_string_to_octet_string(char *raw, char *hex, int len) { uint8_t x; int tmp; @@ -118,9 +141,9 @@ return hex_len; } -char * octet_string_hex_string (const void *s, int length) +char *octet_string_hex_string(const void *s, int length) { - const uint8_t *str = (const uint8_t*)s; + const uint8_t *str = (const uint8_t *)s; int i; /* double length, since one octet takes two hex characters */ @@ -132,7 +155,7 @@ } for (i = 0; i < length; i += 2) { - bit_string[i] = nibble_to_hex_char(*str >> 4); + bit_string[i] = nibble_to_hex_char(*str >> 4); bit_string[i + 1] = nibble_to_hex_char(*str++ & 0xF); } bit_string[i] = 0; /* null terminate string */ @@ -142,9 +165,9 @@ static const char b64chars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ" "abcdefghijklmnopqrstuvwxyz0123456789+/"; -static int base64_block_to_octet_triple (char *out, char *in) +static int base64_block_to_octet_triple(char *out, char *in) { - unsigned char sextets[4] = {0}; + unsigned char sextets[4] = { 0 }; int j = 0; int i; @@ -152,7 +175,9 @@ char *p = strchr(b64chars, in[i]); if (p != NULL) { sextets[i] = p - b64chars; - } else{ j++; } + } else { + j++; + } } out[0] = (sextets[0] << 2) | (sextets[1] >> 4); @@ -165,7 +190,7 @@ return j; } -int base64_string_to_octet_string (char *out, int *pad, char *in, int len) +int base64_string_to_octet_string(char *out, int *pad, char *in, int len) { int k = 0; int i = 0; diff -Nru libsrtp2-2.1.0/test/util.h libsrtp2-2.2.0/test/util.h --- libsrtp2-2.1.0/test/util.h 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/test/util.h 2018-05-15 19:33:24.000000000 +0000 @@ -47,7 +47,7 @@ #define MAX_PRINT_STRING_LEN 1024 int hex_string_to_octet_string(char *raw, char *hex, int len); -char * octet_string_hex_string(const void *s, int length); +char *octet_string_hex_string(const void *s, int length); int base64_string_to_octet_string(char *raw, int *pad, char *base64, int len); #endif diff -Nru libsrtp2-2.1.0/.travis.yml libsrtp2-2.2.0/.travis.yml --- libsrtp2-2.1.0/.travis.yml 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/.travis.yml 2018-05-15 19:33:24.000000000 +0000 @@ -1,23 +1,131 @@ +dist: trusty sudo: false language: c -cache: ccache -osx_image: xcode8.2 -compiler: - - clang - - gcc -os: - - linux - - osx + env: - - CONFIGURE_FLAGS= - - CONFIGURE_FLAGS=--enable-openssl + global: + - secure: "QD09MuUxftXRXtz7ZrB7S0NV/3O9yVhjvIlCSbXN8B87rNSDC8wxMThKMT7iZewnqGk53m+Up19PiMw5ERlHose5tm2cmY1FO/l+c9oAyWZaAL+4XNXryq6zI5F5FX5I61NbfqV3xcnfLTI2QIJF6WqDojNxhPjTbNzQGxIDuqw=" + matrix: - exclude: + include: + + # default linux build with gcc + - os: linux + env: + - TEST="linux gcc" + addons: + apt: + sources: + - ubuntu-toolchain-r-test + packages: + - gcc-6 + script: + - CC=gcc-6 EXTRA_CFLAGS=-Werror ./configure + - make + - make runtest + + # linux build with openssl and gcc + - os: linux + env: + - TEST="linux gcc (openssl)" + addons: + apt: + sources: + - ubuntu-toolchain-r-test + packages: + - gcc-6 + script: + - CC=gcc-6 EXTRA_CFLAGS=-Werror ./configure --enable-openssl + - make + - make runtest + + # linux build with openssl and clang + - os: linux + env: + - TEST="linux clang (openssl)" + addons: + apt: + packages: + - clang + script: + - CC=clang EXTRA_CFLAGS=-Werror ./configure --enable-openssl + - make + - make runtest + + # default osx build with xcode (clang) - os: osx - env: CONFIGURE_FLAGS=--enable-openssl -before_script: - - if [ $TRAVIS_OS_NAME == osx ]; then brew install ccache; fi -script: - - ./configure $CONFIGURE_FLAGS - - make - - make runtest + env: + - TEST="osx XCode 8.2" + osx_image: xcode8.2 + script: + - EXTRA_CFLAGS=-Werror ./configure + - make + - make runtest + + # code format check + - os: linux + env: + - TEST="clang-format" + addons: + apt: + packages: + - clang-format-3.9 + script: + - CLANG_FORMAT=clang-format-3.9 ./format.sh -d + + # valgrind + - os: linux + env: + - TEST="valgrind (openssl)" + addons: + apt: + sources: + - ubuntu-toolchain-r-test + packages: + - gcc-6 + - valgrind + script: + - CC=gcc-6 ./configure --enable-openssl + - make + - make runtest-valgrind + + # big-endian + - os: linux + sudo: true + env: + - TEST="big-endian" + services: + - docker + addons: + apt: + packages: + - qemu-user-static + - qemu-system-mips + before_install: + - sudo docker run --volume $(pwd):/src --workdir /src --name mipsX --tty --detach ubuntu:16.04 tail + - sudo docker exec --tty mipsX apt-get update + - sudo docker exec --tty mipsX apt-get install build-essential -y + - sudo docker exec --tty mipsX apt-get install gcc-mips-linux-gnu -y + script: + - sudo docker exec --tty mipsX bash -c 'EXTRA_CFLAGS=-static CC=mips-linux-gnu-gcc ./configure --host=mips-linux-gnu' + - sudo docker exec --tty mipsX make + - sudo docker kill mipsX + - file test/srtp_driver + - make runtest + + # coverity scan + - os: linux + env: + - TEST="Coverity Scan" + addons: + coverity_scan: + project: + name: "cisco-libSRTP" + description: "Build submitted via Travis CI" + version: 2 + notification_email: pabuhler@cisco.com + build_command_prepend: "./configure" + build_command: "make" + branch_pattern: master + script: + - echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca- diff -Nru libsrtp2-2.1.0/VERSION libsrtp2-2.2.0/VERSION --- libsrtp2-2.1.0/VERSION 2017-06-14 19:44:00.000000000 +0000 +++ libsrtp2-2.2.0/VERSION 1970-01-01 00:00:00.000000000 +0000 @@ -1 +0,0 @@ -2.1.0-pre