sync changes from srtp upstream
This commit is contained in:
parent
ebe4238a7e
commit
a99f06dfc6
|
@ -29,7 +29,7 @@ The configure script accepts the following options:
|
||||||
--enable-openssl use OpenSSL crypto primitives
|
--enable-openssl use OpenSSL crypto primitives
|
||||||
--gdoi use GDOI key management (disabled at present)
|
--gdoi use GDOI key management (disabled at present)
|
||||||
|
|
||||||
By default, debbuging is enabled and stdout is used for debugging.
|
By default, debugging is enabled and stdout is used for debugging.
|
||||||
You can use the above configure options to have the debugging output
|
You can use the above configure options to have the debugging output
|
||||||
sent to syslog or the system console. Alternatively, you can define
|
sent to syslog or the system console. Alternatively, you can define
|
||||||
ERR_REPORTING_FILE in include/conf.h to be any other file that can be
|
ERR_REPORTING_FILE in include/conf.h to be any other file that can be
|
||||||
|
@ -87,15 +87,30 @@ or rtpw -l
|
||||||
which the dictionary will be sent, respectively.
|
which the dictionary will be sent, respectively.
|
||||||
|
|
||||||
options:
|
options:
|
||||||
-a use message authentication
|
|
||||||
-e <key size> use encryption (use 128, 192, or 256 for key size)
|
-s (s)rtp sender - causes app to send words
|
||||||
-g Use AES-GCM mode (must be used with -e)
|
|
||||||
-k <key> sets the srtp master key
|
-r (s)rtp receive - causes app to receive words
|
||||||
-s act as rtp sender
|
|
||||||
-r act as rtp receiver
|
-k <key> use srtp master key <key>, where the
|
||||||
-l list debug modules
|
key is a hexadecimal value (without the
|
||||||
-d <debug> turn on debugging for module <debug>
|
leading "0x")
|
||||||
-i specify input/output file
|
|
||||||
|
-e <keysize> encrypt/decrypt (for data confidentiality)
|
||||||
|
(requires use of -k option as well)
|
||||||
|
(use 128, 192, or 256 for keysize)
|
||||||
|
|
||||||
|
-g use AES-GCM mode (must be used with -e)
|
||||||
|
|
||||||
|
-a message authentication
|
||||||
|
(requires use of -k option as well)
|
||||||
|
|
||||||
|
-l list debug modules
|
||||||
|
|
||||||
|
-d <debug> turn on debugging for module <debug>
|
||||||
|
-i specify input/output file
|
||||||
|
(instead of using dictionary file)
|
||||||
|
|
||||||
|
|
||||||
In order to get random 30-byte values for use as key/salt pairs , you
|
In order to get random 30-byte values for use as key/salt pairs , you
|
||||||
can use the following bash function to format the output of
|
can use the following bash function to format the output of
|
||||||
|
|
|
@ -40,15 +40,14 @@ endif
|
||||||
dummy : all runtest
|
dummy : all runtest
|
||||||
|
|
||||||
# test applications
|
# test applications
|
||||||
|
|
||||||
ifneq (1, $(USE_OPENSSL))
|
ifneq (1, $(USE_OPENSSL))
|
||||||
AES_CALC = test/aes_calc$(EXE)
|
AES_CALC = test/aes_calc$(EXE)
|
||||||
endif
|
endif
|
||||||
|
|
||||||
testapp = #test/cipher_driver$(EXE) test/datatypes_driver$(EXE) \
|
testapp = test/cipher_driver$(EXE) test/datatypes_driver$(EXE) \
|
||||||
#test/stat_driver$(EXE) test/sha1_driver$(EXE) \
|
test/stat_driver$(EXE) test/sha1_driver$(EXE) \
|
||||||
#test/kernel_driver$(EXE) $(AES_CALC) test/rand_gen$(EXE) \
|
test/kernel_driver$(EXE) $(AES_CALC) test/rand_gen$(EXE) \
|
||||||
#test/env$(EXE)
|
test/env$(EXE)
|
||||||
|
|
||||||
# data values used to test the aes_calc application for AES-128
|
# data values used to test the aes_calc application for AES-128
|
||||||
k128=000102030405060708090a0b0c0d0e0f
|
k128=000102030405060708090a0b0c0d0e0f
|
||||||
|
|
|
@ -395,7 +395,7 @@ aes_icm_encrypt_ismacryp(aes_icm_ctx_t *c,
|
||||||
for (i=0; i < (bytes_to_encr/sizeof(v128_t)); i++) {
|
for (i=0; i < (bytes_to_encr/sizeof(v128_t)); i++) {
|
||||||
|
|
||||||
/* fill buffer with new keystream */
|
/* fill buffer with new keystream */
|
||||||
aes_icm_advance_ismacryp(c, (uint8_t)forIsmacryp);
|
aes_icm_advance_ismacryp(c, forIsmacryp);
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* add keystream into the data buffer (this would be a lot faster
|
* add keystream into the data buffer (this would be a lot faster
|
||||||
|
@ -443,7 +443,7 @@ aes_icm_encrypt_ismacryp(aes_icm_ctx_t *c,
|
||||||
if ((bytes_to_encr & 0xf) != 0) {
|
if ((bytes_to_encr & 0xf) != 0) {
|
||||||
|
|
||||||
/* fill buffer with new keystream */
|
/* fill buffer with new keystream */
|
||||||
aes_icm_advance_ismacryp(c, (uint8_t)forIsmacryp);
|
aes_icm_advance_ismacryp(c, forIsmacryp);
|
||||||
|
|
||||||
for (i=0; i < (bytes_to_encr & 0xf); i++)
|
for (i=0; i < (bytes_to_encr & 0xf); i++)
|
||||||
*buf++ ^= c->keystream_buffer.v8[i];
|
*buf++ ^= c->keystream_buffer.v8[i];
|
||||||
|
@ -476,6 +476,10 @@ aes_icm_output(aes_icm_ctx_t *c, uint8_t *buffer, int num_octets_to_output) {
|
||||||
return aes_icm_encrypt(c, buffer, &len);
|
return aes_icm_encrypt(c, buffer, &len);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
uint16_t
|
||||||
|
aes_icm_bytes_encrypted(aes_icm_ctx_t *c) {
|
||||||
|
return htons(c->counter.v16[7]);
|
||||||
|
}
|
||||||
|
|
||||||
char
|
char
|
||||||
aes_icm_description[] = "aes integer counter mode";
|
aes_icm_description[] = "aes integer counter mode";
|
||||||
|
|
|
@ -48,7 +48,6 @@
|
||||||
#include "null_cipher.h"
|
#include "null_cipher.h"
|
||||||
#include "alloc.h"
|
#include "alloc.h"
|
||||||
|
|
||||||
|
|
||||||
/* the null_cipher uses the cipher debug module */
|
/* the null_cipher uses the cipher debug module */
|
||||||
|
|
||||||
extern debug_module_t mod_cipher;
|
extern debug_module_t mod_cipher;
|
||||||
|
|
|
@ -48,7 +48,6 @@
|
||||||
#include "null_auth.h"
|
#include "null_auth.h"
|
||||||
#include "alloc.h"
|
#include "alloc.h"
|
||||||
|
|
||||||
|
|
||||||
/* null_auth uses the auth debug module */
|
/* null_auth uses the auth debug module */
|
||||||
|
|
||||||
extern debug_module_t mod_auth;
|
extern debug_module_t mod_auth;
|
||||||
|
|
|
@ -53,5 +53,8 @@ aes_icm_alloc_ismacryp(cipher_t **c,
|
||||||
int key_len,
|
int key_len,
|
||||||
int forIsmacryp);
|
int forIsmacryp);
|
||||||
|
|
||||||
|
uint16_t
|
||||||
|
aes_icm_bytes_encrypted(aes_icm_ctx_t *c);
|
||||||
|
|
||||||
#endif /* AES_ICM_H */
|
#endif /* AES_ICM_H */
|
||||||
|
|
||||||
|
|
|
@ -47,6 +47,7 @@
|
||||||
|
|
||||||
#include "ut_sim.h"
|
#include "ut_sim.h"
|
||||||
|
|
||||||
|
|
||||||
int
|
int
|
||||||
ut_compar(const void *a, const void *b) {
|
ut_compar(const void *a, const void *b) {
|
||||||
return rand() > (RAND_MAX/2) ? -1 : 1;
|
return rand() > (RAND_MAX/2) ? -1 : 1;
|
||||||
|
|
|
@ -83,10 +83,8 @@ ctr_prng_get_octet_string(void *dest, uint32_t len) {
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* if we need to re-initialize the prng, do so now
|
* if we need to re-initialize the prng, do so now
|
||||||
*
|
|
||||||
* avoid 32-bit overflows by subtracting instead of adding
|
|
||||||
*/
|
*/
|
||||||
if (ctr_prng.octet_count > MAX_PRNG_OUT_LEN - len) {
|
if ((aes_icm_bytes_encrypted(&ctr_prng.state) + len) > 0xffff) {
|
||||||
status = ctr_prng_init(ctr_prng.rand);
|
status = ctr_prng_init(ctr_prng.rand);
|
||||||
if (status)
|
if (status)
|
||||||
return status;
|
return status;
|
||||||
|
|
|
@ -36,7 +36,7 @@ main (int argc, char *argv[]) {
|
||||||
uint8_t key[AES_MAX_KEY_LEN];
|
uint8_t key[AES_MAX_KEY_LEN];
|
||||||
aes_expanded_key_t exp_key;
|
aes_expanded_key_t exp_key;
|
||||||
int key_len, len;
|
int key_len, len;
|
||||||
int verbose;
|
int verbose = 0;
|
||||||
err_status_t status;
|
err_status_t status;
|
||||||
|
|
||||||
if (argc == 3) {
|
if (argc == 3) {
|
||||||
|
|
|
@ -0,0 +1,76 @@
|
||||||
|
/*
|
||||||
|
* Soak test the RNG for exhaustion failures
|
||||||
|
*/
|
||||||
|
#include <stdio.h> /* for printf() */
|
||||||
|
#include <unistd.h> /* for getopt() */
|
||||||
|
#include "crypto_kernel.h"
|
||||||
|
|
||||||
|
#define BUF_LEN (MAX_PRINT_STRING_LEN/2)
|
||||||
|
|
||||||
|
int main(int argc, char *argv[])
|
||||||
|
{
|
||||||
|
int q;
|
||||||
|
extern char *optarg;
|
||||||
|
int num_octets = 0;
|
||||||
|
err_status_t status;
|
||||||
|
uint32_t iterations = 0;
|
||||||
|
int print_values = 0;
|
||||||
|
|
||||||
|
if (argc == 1) {
|
||||||
|
exit(255);
|
||||||
|
}
|
||||||
|
|
||||||
|
status = crypto_kernel_init();
|
||||||
|
if (status) {
|
||||||
|
printf("error: crypto_kernel init failed\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
while (1) {
|
||||||
|
q = getopt(argc, argv, "pvn:");
|
||||||
|
if (q == -1) {
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
switch (q) {
|
||||||
|
case 'p':
|
||||||
|
print_values = 1;
|
||||||
|
break;
|
||||||
|
case 'n':
|
||||||
|
num_octets = atoi(optarg);
|
||||||
|
if (num_octets < 0 || num_octets > BUF_LEN) {
|
||||||
|
exit(255);
|
||||||
|
}
|
||||||
|
break;
|
||||||
|
case 'v':
|
||||||
|
num_octets = 30;
|
||||||
|
print_values = 0;
|
||||||
|
break;
|
||||||
|
default:
|
||||||
|
exit(255);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
if (num_octets > 0) {
|
||||||
|
while (iterations < 300000) {
|
||||||
|
uint8_t buffer[BUF_LEN];
|
||||||
|
|
||||||
|
status = crypto_get_random(buffer, num_octets);
|
||||||
|
if (status) {
|
||||||
|
printf("iteration %d error: failure in random source\n", iterations);
|
||||||
|
exit(255);
|
||||||
|
} else if (print_values) {
|
||||||
|
printf("%s\n", octet_string_hex_string(buffer, num_octets));
|
||||||
|
}
|
||||||
|
iterations++;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
status = crypto_kernel_shutdown();
|
||||||
|
if (status) {
|
||||||
|
printf("error: crypto_kernel shutdown failed\n");
|
||||||
|
exit(1);
|
||||||
|
}
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
Binary file not shown.
|
@ -47,7 +47,6 @@
|
||||||
#include "srtp_priv.h"
|
#include "srtp_priv.h"
|
||||||
#include "ekt.h"
|
#include "ekt.h"
|
||||||
|
|
||||||
|
|
||||||
extern debug_module_t mod_srtp;
|
extern debug_module_t mod_srtp;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
|
|
@ -376,7 +376,7 @@ srtp_kdf_init(srtp_kdf_t *kdf, cipher_type_id_t cipher_id, const uint8_t *key, i
|
||||||
|
|
||||||
err_status_t
|
err_status_t
|
||||||
srtp_kdf_generate(srtp_kdf_t *kdf, srtp_prf_label label,
|
srtp_kdf_generate(srtp_kdf_t *kdf, srtp_prf_label label,
|
||||||
uint8_t *key, unsigned length) {
|
uint8_t *key, unsigned int length) {
|
||||||
|
|
||||||
v128_t nonce;
|
v128_t nonce;
|
||||||
err_status_t status;
|
err_status_t status;
|
||||||
|
@ -841,11 +841,11 @@ static void srtp_calc_aead_iv(srtp_stream_ctx_t *stream, v128_t *iv,
|
||||||
*/
|
*/
|
||||||
static err_status_t
|
static err_status_t
|
||||||
srtp_protect_aead (srtp_ctx_t *ctx, srtp_stream_ctx_t *stream,
|
srtp_protect_aead (srtp_ctx_t *ctx, srtp_stream_ctx_t *stream,
|
||||||
void *rtp_hdr, int *pkt_octet_len)
|
void *rtp_hdr, unsigned int *pkt_octet_len)
|
||||||
{
|
{
|
||||||
srtp_hdr_t *hdr = (srtp_hdr_t*)rtp_hdr;
|
srtp_hdr_t *hdr = (srtp_hdr_t*)rtp_hdr;
|
||||||
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
||||||
unsigned enc_octet_len = 0; /* number of octets in encrypted portion */
|
unsigned int enc_octet_len = 0; /* number of octets in encrypted portion */
|
||||||
xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */
|
xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */
|
||||||
int delta; /* delta of local pkt idx and that in hdr */
|
int delta; /* delta of local pkt idx and that in hdr */
|
||||||
err_status_t status;
|
err_status_t status;
|
||||||
|
@ -886,10 +886,10 @@ srtp_protect_aead (srtp_ctx_t *ctx, srtp_stream_ctx_t *stream,
|
||||||
srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t*)enc_start;
|
srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t*)enc_start;
|
||||||
enc_start += (ntohs(xtn_hdr->length) + 1);
|
enc_start += (ntohs(xtn_hdr->length) + 1);
|
||||||
}
|
}
|
||||||
if (!(enc_start < (uint32_t*)hdr + *pkt_octet_len))
|
if (!((uint8_t*)enc_start < (uint8_t*)hdr + *pkt_octet_len))
|
||||||
return err_status_parse_err;
|
return err_status_parse_err;
|
||||||
enc_octet_len = (unsigned int)(*pkt_octet_len -
|
enc_octet_len = (unsigned int)(*pkt_octet_len -
|
||||||
((enc_start - (uint32_t*)hdr) << 2));
|
((uint8_t*)enc_start - (uint8_t*)hdr));
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* estimate the packet index using the start of the replay window
|
* estimate the packet index using the start of the replay window
|
||||||
|
@ -972,11 +972,11 @@ srtp_protect_aead (srtp_ctx_t *ctx, srtp_stream_ctx_t *stream,
|
||||||
*/
|
*/
|
||||||
static err_status_t
|
static err_status_t
|
||||||
srtp_unprotect_aead (srtp_ctx_t *ctx, srtp_stream_ctx_t *stream, int delta,
|
srtp_unprotect_aead (srtp_ctx_t *ctx, srtp_stream_ctx_t *stream, int delta,
|
||||||
xtd_seq_num_t est, void *srtp_hdr, int *pkt_octet_len)
|
xtd_seq_num_t est, void *srtp_hdr, unsigned int *pkt_octet_len)
|
||||||
{
|
{
|
||||||
srtp_hdr_t *hdr = (srtp_hdr_t*)srtp_hdr;
|
srtp_hdr_t *hdr = (srtp_hdr_t*)srtp_hdr;
|
||||||
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
||||||
unsigned enc_octet_len = 0; /* number of octets in encrypted portion */
|
unsigned int enc_octet_len = 0; /* number of octets in encrypted portion */
|
||||||
v128_t iv;
|
v128_t iv;
|
||||||
err_status_t status;
|
err_status_t status;
|
||||||
int tag_len;
|
int tag_len;
|
||||||
|
@ -1013,13 +1013,13 @@ srtp_unprotect_aead (srtp_ctx_t *ctx, srtp_stream_ctx_t *stream, int delta,
|
||||||
srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t*)enc_start;
|
srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t*)enc_start;
|
||||||
enc_start += (ntohs(xtn_hdr->length) + 1);
|
enc_start += (ntohs(xtn_hdr->length) + 1);
|
||||||
}
|
}
|
||||||
if (!(enc_start < (uint32_t*)hdr + *pkt_octet_len))
|
if (!((uint8_t*)enc_start < (uint8_t*)hdr + *pkt_octet_len))
|
||||||
return err_status_parse_err;
|
return err_status_parse_err;
|
||||||
/*
|
/*
|
||||||
* We pass the tag down to the cipher when doing GCM mode
|
* We pass the tag down to the cipher when doing GCM mode
|
||||||
*/
|
*/
|
||||||
enc_octet_len = (unsigned int) *pkt_octet_len -
|
enc_octet_len = (unsigned int)(*pkt_octet_len -
|
||||||
((enc_start - (uint32_t *)hdr) << 2);
|
((uint8_t*)enc_start - (uint8_t*)hdr));
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Sanity check the encrypted payload length against
|
* Sanity check the encrypted payload length against
|
||||||
|
@ -1131,7 +1131,7 @@ srtp_unprotect_aead (srtp_ctx_t *ctx, srtp_stream_ctx_t *stream, int delta,
|
||||||
srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr;
|
srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr;
|
||||||
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
||||||
uint32_t *auth_start; /* pointer to start of auth. portion */
|
uint32_t *auth_start; /* pointer to start of auth. portion */
|
||||||
unsigned enc_octet_len = 0; /* number of octets in encrypted portion */
|
unsigned int enc_octet_len = 0; /* number of octets in encrypted portion */
|
||||||
xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */
|
xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */
|
||||||
int delta; /* delta of local pkt idx and that in hdr */
|
int delta; /* delta of local pkt idx and that in hdr */
|
||||||
uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
|
uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
|
||||||
|
@ -1201,7 +1201,7 @@ srtp_unprotect_aead (srtp_ctx_t *ctx, srtp_stream_ctx_t *stream, int delta,
|
||||||
*/
|
*/
|
||||||
if (stream->rtp_cipher->algorithm == AES_128_GCM ||
|
if (stream->rtp_cipher->algorithm == AES_128_GCM ||
|
||||||
stream->rtp_cipher->algorithm == AES_256_GCM) {
|
stream->rtp_cipher->algorithm == AES_256_GCM) {
|
||||||
return srtp_protect_aead(ctx, stream, rtp_hdr, pkt_octet_len);
|
return srtp_protect_aead(ctx, stream, rtp_hdr, (unsigned int*)pkt_octet_len);
|
||||||
}
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -1238,11 +1238,11 @@ srtp_unprotect_aead (srtp_ctx_t *ctx, srtp_stream_ctx_t *stream, int delta,
|
||||||
if (hdr->x == 1) {
|
if (hdr->x == 1) {
|
||||||
srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
|
srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
|
||||||
enc_start += (ntohs(xtn_hdr->length) + 1);
|
enc_start += (ntohs(xtn_hdr->length) + 1);
|
||||||
if (!(enc_start < (uint32_t*)hdr + *pkt_octet_len))
|
if (!((uint8_t*)enc_start < (uint8_t*)hdr + *pkt_octet_len))
|
||||||
return err_status_parse_err;
|
return err_status_parse_err;
|
||||||
}
|
}
|
||||||
enc_octet_len = (unsigned int)(*pkt_octet_len
|
enc_octet_len = (unsigned int)(*pkt_octet_len -
|
||||||
- ((enc_start - (uint32_t *)hdr) << 2));
|
((uint8_t*)enc_start - (uint8_t*)hdr));
|
||||||
} else {
|
} else {
|
||||||
enc_start = NULL;
|
enc_start = NULL;
|
||||||
}
|
}
|
||||||
|
@ -1386,7 +1386,7 @@ srtp_unprotect(srtp_ctx_t *ctx, void *srtp_hdr, int *pkt_octet_len) {
|
||||||
srtp_hdr_t *hdr = (srtp_hdr_t *)srtp_hdr;
|
srtp_hdr_t *hdr = (srtp_hdr_t *)srtp_hdr;
|
||||||
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
||||||
uint32_t *auth_start; /* pointer to start of auth. portion */
|
uint32_t *auth_start; /* pointer to start of auth. portion */
|
||||||
unsigned enc_octet_len = 0;/* number of octets in encrypted portion */
|
unsigned int enc_octet_len = 0;/* number of octets in encrypted portion */
|
||||||
uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
|
uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
|
||||||
xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */
|
xtd_seq_num_t est; /* estimated xtd_seq_num_t of *hdr */
|
||||||
int delta; /* delta of local pkt idx and that in hdr */
|
int delta; /* delta of local pkt idx and that in hdr */
|
||||||
|
@ -1460,7 +1460,7 @@ srtp_unprotect(srtp_ctx_t *ctx, void *srtp_hdr, int *pkt_octet_len) {
|
||||||
*/
|
*/
|
||||||
if (stream->rtp_cipher->algorithm == AES_128_GCM ||
|
if (stream->rtp_cipher->algorithm == AES_128_GCM ||
|
||||||
stream->rtp_cipher->algorithm == AES_256_GCM) {
|
stream->rtp_cipher->algorithm == AES_256_GCM) {
|
||||||
return srtp_unprotect_aead(ctx, stream, delta, est, srtp_hdr, pkt_octet_len);
|
return srtp_unprotect_aead(ctx, stream, delta, est, srtp_hdr, (unsigned int*)pkt_octet_len);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* get tag length from stream */
|
/* get tag length from stream */
|
||||||
|
@ -1521,10 +1521,10 @@ srtp_unprotect(srtp_ctx_t *ctx, void *srtp_hdr, int *pkt_octet_len) {
|
||||||
srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
|
srtp_hdr_xtnd_t *xtn_hdr = (srtp_hdr_xtnd_t *)enc_start;
|
||||||
enc_start += (ntohs(xtn_hdr->length) + 1);
|
enc_start += (ntohs(xtn_hdr->length) + 1);
|
||||||
}
|
}
|
||||||
if (!(enc_start < (uint32_t*)hdr + *pkt_octet_len))
|
if (!((uint8_t*)enc_start < (uint8_t*)hdr + *pkt_octet_len))
|
||||||
return err_status_parse_err;
|
return err_status_parse_err;
|
||||||
enc_octet_len = (uint32_t)(*pkt_octet_len - tag_len
|
enc_octet_len = (uint32_t)(*pkt_octet_len - tag_len -
|
||||||
- ((enc_start - (uint32_t *)hdr) << 2));
|
((uint8_t*)enc_start - (uint8_t*)hdr));
|
||||||
} else {
|
} else {
|
||||||
enc_start = NULL;
|
enc_start = NULL;
|
||||||
}
|
}
|
||||||
|
@ -2210,12 +2210,12 @@ static void srtp_calc_aead_iv_srtcp(srtp_stream_ctx_t *stream, v128_t *iv,
|
||||||
*/
|
*/
|
||||||
static err_status_t
|
static err_status_t
|
||||||
srtp_protect_rtcp_aead (srtp_t ctx, srtp_stream_ctx_t *stream,
|
srtp_protect_rtcp_aead (srtp_t ctx, srtp_stream_ctx_t *stream,
|
||||||
void *rtcp_hdr, int *pkt_octet_len)
|
void *rtcp_hdr, unsigned int *pkt_octet_len)
|
||||||
{
|
{
|
||||||
srtcp_hdr_t *hdr = (srtcp_hdr_t*)rtcp_hdr;
|
srtcp_hdr_t *hdr = (srtcp_hdr_t*)rtcp_hdr;
|
||||||
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
||||||
uint32_t *trailer; /* pointer to start of trailer */
|
uint32_t *trailer; /* pointer to start of trailer */
|
||||||
unsigned enc_octet_len = 0; /* number of octets in encrypted portion */
|
unsigned int enc_octet_len = 0; /* number of octets in encrypted portion */
|
||||||
uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
|
uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
|
||||||
err_status_t status;
|
err_status_t status;
|
||||||
int tag_len;
|
int tag_len;
|
||||||
|
@ -2333,7 +2333,7 @@ srtp_protect_rtcp_aead (srtp_t ctx, srtp_stream_ctx_t *stream,
|
||||||
* Even though we're not encrypting the payload, we need
|
* Even though we're not encrypting the payload, we need
|
||||||
* to run the cipher to get the auth tag.
|
* to run the cipher to get the auth tag.
|
||||||
*/
|
*/
|
||||||
unsigned nolen = 0;
|
unsigned int nolen = 0;
|
||||||
status = cipher_encrypt(stream->rtcp_cipher, NULL, &nolen);
|
status = cipher_encrypt(stream->rtcp_cipher, NULL, &nolen);
|
||||||
if (status) {
|
if (status) {
|
||||||
return err_status_cipher_fail;
|
return err_status_cipher_fail;
|
||||||
|
@ -2363,12 +2363,12 @@ srtp_protect_rtcp_aead (srtp_t ctx, srtp_stream_ctx_t *stream,
|
||||||
*/
|
*/
|
||||||
static err_status_t
|
static err_status_t
|
||||||
srtp_unprotect_rtcp_aead (srtp_t ctx, srtp_stream_ctx_t *stream,
|
srtp_unprotect_rtcp_aead (srtp_t ctx, srtp_stream_ctx_t *stream,
|
||||||
void *srtcp_hdr, int *pkt_octet_len)
|
void *srtcp_hdr, unsigned int *pkt_octet_len)
|
||||||
{
|
{
|
||||||
srtcp_hdr_t *hdr = (srtcp_hdr_t*)srtcp_hdr;
|
srtcp_hdr_t *hdr = (srtcp_hdr_t*)srtcp_hdr;
|
||||||
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
||||||
uint32_t *trailer; /* pointer to start of trailer */
|
uint32_t *trailer; /* pointer to start of trailer */
|
||||||
unsigned enc_octet_len = 0; /* number of octets in encrypted portion */
|
unsigned int enc_octet_len = 0; /* number of octets in encrypted portion */
|
||||||
uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
|
uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
|
||||||
err_status_t status;
|
err_status_t status;
|
||||||
int tag_len;
|
int tag_len;
|
||||||
|
@ -2543,7 +2543,7 @@ srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len) {
|
||||||
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
||||||
uint32_t *auth_start; /* pointer to start of auth. portion */
|
uint32_t *auth_start; /* pointer to start of auth. portion */
|
||||||
uint32_t *trailer; /* pointer to start of trailer */
|
uint32_t *trailer; /* pointer to start of trailer */
|
||||||
unsigned enc_octet_len = 0;/* number of octets in encrypted portion */
|
unsigned int enc_octet_len = 0;/* number of octets in encrypted portion */
|
||||||
uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
|
uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
|
||||||
err_status_t status;
|
err_status_t status;
|
||||||
int tag_len;
|
int tag_len;
|
||||||
|
@ -2607,7 +2607,7 @@ srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len) {
|
||||||
*/
|
*/
|
||||||
if (stream->rtp_cipher->algorithm == AES_128_GCM ||
|
if (stream->rtp_cipher->algorithm == AES_128_GCM ||
|
||||||
stream->rtp_cipher->algorithm == AES_256_GCM) {
|
stream->rtp_cipher->algorithm == AES_256_GCM) {
|
||||||
return srtp_protect_rtcp_aead(ctx, stream, rtcp_hdr, pkt_octet_len);
|
return srtp_protect_rtcp_aead(ctx, stream, rtcp_hdr, (unsigned int*)pkt_octet_len);
|
||||||
}
|
}
|
||||||
|
|
||||||
/* get tag length from stream context */
|
/* get tag length from stream context */
|
||||||
|
@ -2740,12 +2740,12 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) {
|
||||||
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
uint32_t *enc_start; /* pointer to start of encrypted portion */
|
||||||
uint32_t *auth_start; /* pointer to start of auth. portion */
|
uint32_t *auth_start; /* pointer to start of auth. portion */
|
||||||
uint32_t *trailer; /* pointer to start of trailer */
|
uint32_t *trailer; /* pointer to start of trailer */
|
||||||
unsigned enc_octet_len = 0;/* number of octets in encrypted portion */
|
unsigned int enc_octet_len = 0;/* number of octets in encrypted portion */
|
||||||
uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
|
uint8_t *auth_tag = NULL; /* location of auth_tag within packet */
|
||||||
uint8_t tmp_tag[SRTP_MAX_TAG_LEN];
|
uint8_t tmp_tag[SRTP_MAX_TAG_LEN];
|
||||||
uint8_t tag_copy[SRTP_MAX_TAG_LEN];
|
uint8_t tag_copy[SRTP_MAX_TAG_LEN];
|
||||||
err_status_t status;
|
err_status_t status;
|
||||||
unsigned auth_len;
|
unsigned int auth_len;
|
||||||
int tag_len;
|
int tag_len;
|
||||||
srtp_stream_ctx_t *stream;
|
srtp_stream_ctx_t *stream;
|
||||||
int prefix_len;
|
int prefix_len;
|
||||||
|
@ -2754,6 +2754,13 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) {
|
||||||
int sec_serv_confidentiality; /* whether confidentiality was requested */
|
int sec_serv_confidentiality; /* whether confidentiality was requested */
|
||||||
|
|
||||||
/* we assume the hdr is 32-bit aligned to start */
|
/* we assume the hdr is 32-bit aligned to start */
|
||||||
|
|
||||||
|
/* check that the length value is sane; we'll check again once we
|
||||||
|
know the tag length, but we at least want to know that it is
|
||||||
|
a positive value */
|
||||||
|
if (*pkt_octet_len < octets_in_rtcp_header + sizeof(srtcp_trailer_t))
|
||||||
|
return err_status_bad_param;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* look up ssrc in srtp_stream list, and process the packet with
|
* look up ssrc in srtp_stream list, and process the packet with
|
||||||
* the appropriate stream. if we haven't seen this stream before,
|
* the appropriate stream. if we haven't seen this stream before,
|
||||||
|
@ -2796,9 +2803,9 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) {
|
||||||
/* check the packet length - it must contain at least a full RTCP
|
/* check the packet length - it must contain at least a full RTCP
|
||||||
header, an auth tag (if applicable), and the SRTCP encrypted flag
|
header, an auth tag (if applicable), and the SRTCP encrypted flag
|
||||||
and 31-bit index value */
|
and 31-bit index value */
|
||||||
if (*pkt_octet_len < (octets_in_rtcp_header + tag_len +
|
if (*pkt_octet_len < (octets_in_rtcp_header + tag_len + sizeof(srtcp_trailer_t))) {
|
||||||
sizeof(srtcp_trailer_t)))
|
|
||||||
return err_status_bad_param;
|
return err_status_bad_param;
|
||||||
|
}
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Check if this is an AEAD stream (GCM mode). If so, then dispatch
|
* Check if this is an AEAD stream (GCM mode). If so, then dispatch
|
||||||
|
@ -2806,7 +2813,7 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len) {
|
||||||
*/
|
*/
|
||||||
if (stream->rtp_cipher->algorithm == AES_128_GCM ||
|
if (stream->rtp_cipher->algorithm == AES_128_GCM ||
|
||||||
stream->rtp_cipher->algorithm == AES_256_GCM) {
|
stream->rtp_cipher->algorithm == AES_256_GCM) {
|
||||||
return srtp_unprotect_rtcp_aead(ctx, stream, srtcp_hdr, pkt_octet_len);
|
return srtp_unprotect_rtcp_aead(ctx, stream, srtcp_hdr, (unsigned int*)pkt_octet_len);
|
||||||
}
|
}
|
||||||
|
|
||||||
sec_serv_confidentiality = stream->rtcp_services == sec_serv_conf ||
|
sec_serv_confidentiality = stream->rtcp_services == sec_serv_conf ||
|
||||||
|
|
Loading…
Reference in New Issue