Upgrade libsrt to v1.5.3. v5.0.183 (#3808)

2025-03-09 15:49:59 +00:00 · 2023-09-21 22:31:38 +08:00 · 2023-09-21 22:31:38 +08:00 · 632d457194
commit 632d457194
parent 389a62ee3a
154 changed files with 39813 additions and 17038 deletions
--- a/trunk/3rdparty/srt-1-fit/haicrypt/hcrypt_ctx_tx.c
+++ b/trunk/3rdparty/srt-1-fit/haicrypt/hcrypt_ctx_tx.c
@ -14,18 +14,18 @@ written by
   Haivision Systems Inc.

   2011-06-23 (jdube)
-        HaiCrypt initial implementation.
+		HaiCrypt initial implementation.
   2014-03-11 (jdube)
-        Adaptation for SRT.
+		Adaptation for SRT.
 *****************************************************************************/

 #include <string.h>		/* memcpy */
 #ifdef _WIN32
-    #include <winsock2.h>
-    #include <ws2tcpip.h>
-    #include <win/wintime.h>
+	#include <winsock2.h>
+	#include <ws2tcpip.h>
+	#include <win/wintime.h>
 #else
-    #include <sys/time.h>
+	#include <sys/time.h>
 #endif
 #include "hcrypt.h"

@ -33,7 +33,7 @@ int hcryptCtx_Tx_Init(hcrypt_Session *crypto, hcrypt_Ctx *ctx, const HaiCrypt_Cf
 {
 	ctx->cfg.key_len = cfg->key_len;

-	ctx->mode = HCRYPT_CTX_MODE_AESCTR;
+	ctx->mode = (cfg->flags & HAICRYPT_CFG_F_GCM) ? HCRYPT_CTX_MODE_AESGCM : HCRYPT_CTX_MODE_AESCTR;
 	ctx->status = HCRYPT_CTX_S_INIT;

 	ctx->msg_info = crypto->msg_info;
@ -52,14 +52,14 @@ int hcryptCtx_Tx_Rekey(hcrypt_Session *crypto, hcrypt_Ctx *ctx)

 	/* Generate Salt */
 	ctx->salt_len = HAICRYPT_SALT_SZ;
-	if (0 > (iret = crypto->cryspr->prng(ctx->salt, ctx->salt_len))) {
+	if (0 > (iret = crypto->cryspr->prng(ctx->salt, (int)ctx->salt_len))) {
 		HCRYPT_LOG(LOG_ERR, "PRNG(salt[%zd]) failed\n", ctx->salt_len);
 		return(iret);
 	}

 	/* Generate SEK */
 	ctx->sek_len = ctx->cfg.key_len;
-	if (0 > (iret = crypto->cryspr->prng(ctx->sek, ctx->sek_len))) {
+	if (0 > (iret = crypto->cryspr->prng(ctx->sek, (int)ctx->sek_len))) {
 		HCRYPT_LOG(LOG_ERR, "PRNG(sek[%zd] failed\n", ctx->sek_len);
 		return(iret);
 	}
@ -74,9 +74,10 @@ int hcryptCtx_Tx_Rekey(hcrypt_Session *crypto, hcrypt_Ctx *ctx)
 	HCRYPT_PRINTKEY(ctx->sek, ctx->sek_len, "sek");

 	/* Regenerate KEK if Password-based (uses newly generated salt and sek_len) */
-	if ((0 < ctx->cfg.pwd_len)
-	&&	(0 > (iret = hcryptCtx_GenSecret(crypto, ctx)))) {
-		return(iret);
+	if (0 < ctx->cfg.pwd_len) {
+		iret = hcryptCtx_GenSecret(crypto, ctx);
+		if (iret < 0)
+			return(iret);
 	}

 	/* Assemble the new Keying Material message */
@ -106,22 +107,22 @@ int hcryptCtx_Tx_CloneKey(hcrypt_Session *crypto, hcrypt_Ctx *ctx, const hcrypt_

 	ASSERT(HCRYPT_CTX_S_SARDY <= ctx->status);

-    const hcrypt_Ctx* ctxSrc = cryptoSrc->ctx;
-    if (!ctxSrc)
-    {
-        /* Probbly the context is not yet completely initialized, so
-         * use blindly the first context from the pair
-         */
-        ctxSrc = &cryptoSrc->ctx_pair[0];
-    }
+	const hcrypt_Ctx* ctxSrc = cryptoSrc->ctx;
+	if (!ctxSrc)
+	{
+		/* Probbly the context is not yet completely initialized, so
+		 * use blindly the first context from the pair
+		 */
+		ctxSrc = &cryptoSrc->ctx_pair[0];
+	}

-    /* Copy SALT (instead of generating) */
-    ctx->salt_len = ctxSrc->salt_len;
-    memcpy(ctx->salt, ctxSrc->salt, ctx->salt_len);
+	/* Copy SALT (instead of generating) */
+	ctx->salt_len = ctxSrc->salt_len;
+	memcpy(ctx->salt, ctxSrc->salt, ctx->salt_len);

-    /* Copy SEK */
-    ctx->sek_len = ctxSrc->sek_len;
-    memcpy(ctx->sek, ctxSrc->sek, ctx->sek_len);
+	/* Copy SEK */
+	ctx->sek_len = ctxSrc->sek_len;
+	memcpy(ctx->sek, ctxSrc->sek, ctx->sek_len);

 	/* Set SEK in cryspr */
 	if (crypto->cryspr->ms_setkey(crypto->cryspr_cb, ctx, ctx->sek, ctx->sek_len)) {
@ -133,11 +134,12 @@ int hcryptCtx_Tx_CloneKey(hcrypt_Session *crypto, hcrypt_Ctx *ctx, const hcrypt_
 	HCRYPT_PRINTKEY(ctx->sek, ctx->sek_len, "sek");

 	/* Regenerate KEK if Password-based (uses newly generated salt and sek_len) */
-    /* (note for CloneKey imp: it's expected that the same passphrase-salt pair
-       shall generate the same KEK. GenSecret also prints the KEK */
-	if ((0 < ctx->cfg.pwd_len)
-    &&	(0 > (iret = hcryptCtx_GenSecret(crypto, ctx)))) {
-		return(iret);
+	/* (note for CloneKey imp: it's expected that the same passphrase-salt pair
+	   shall generate the same KEK. GenSecret also prints the KEK */
+	if (0 < ctx->cfg.pwd_len) {
+		iret = hcryptCtx_GenSecret(crypto, ctx);
+		if (iret < 0)
+			return(iret);
 	}

 	/* Assemble the new Keying Material message */
@ -193,7 +195,7 @@ int hcryptCtx_Tx_Refresh(hcrypt_Session *crypto)

 	HCRYPT_LOG(LOG_DEBUG, "refresh/generate SEK. salt_len=%d sek_len=%d\n", (int)new_ctx->salt_len, (int)new_ctx->sek_len);

-	if (0 > crypto->cryspr->prng(new_ctx->sek, new_ctx->sek_len)) {
+	if (0 > crypto->cryspr->prng(new_ctx->sek, (int)new_ctx->sek_len)) {
 		HCRYPT_LOG(LOG_ERR, "PRNG(sek[%zd] failed\n", new_ctx->sek_len);
 		return(-1);
 	}
@ -297,9 +299,9 @@ int hcryptCtx_Tx_AsmKM(hcrypt_Session *crypto, hcrypt_Ctx *ctx, unsigned char *a
 		2 == sek_cnt ? HCRYPT_MSG_F_xSEK : (ctx->flags & HCRYPT_MSG_F_xSEK));

 	/* crypto->KMmsg_cache[4..7]: KEKI=0 */
-	km_msg[HCRYPT_MSG_KM_OFS_CIPHER] = HCRYPT_CIPHER_AES_CTR;
-	km_msg[HCRYPT_MSG_KM_OFS_AUTH] = HCRYPT_AUTH_NONE;
-	km_msg[HCRYPT_MSG_KM_OFS_SE] = crypto->se;
+	km_msg[HCRYPT_MSG_KM_OFS_CIPHER] = (ctx->mode == HCRYPT_CTX_MODE_AESGCM) ? HCRYPT_CIPHER_AES_GCM : HCRYPT_CIPHER_AES_CTR;
+	km_msg[HCRYPT_MSG_KM_OFS_AUTH] = (ctx->mode == HCRYPT_CTX_MODE_AESGCM) ? HCRYPT_AUTH_AES_GCM : HCRYPT_AUTH_NONE;
+	km_msg[HCRYPT_MSG_KM_OFS_SE] = (char) crypto->se;
 	hcryptMsg_KM_SetSaltLen(km_msg, ctx->salt_len);
 	hcryptMsg_KM_SetSekLen(km_msg, ctx->sek_len);

@ -320,7 +322,7 @@ int hcryptCtx_Tx_AsmKM(hcrypt_Session *crypto, hcrypt_Ctx *ctx, unsigned char *a
 	}
 	if (0 > crypto->cryspr->km_wrap(crypto->cryspr_cb,
 		&km_msg[HCRYPT_MSG_KM_OFS_SALT + ctx->salt_len],
-		seks, sek_cnt * ctx->sek_len)) {
+		seks, (unsigned int)(sek_cnt * ctx->sek_len))) {

 		HCRYPT_LOG(LOG_ERR, "%s", "wrap key failed\n");
 		return(-1);
@ -336,8 +338,8 @@ int hcryptCtx_Tx_ManageKM(hcrypt_Session *crypto)
 	ASSERT(NULL != ctx);

 	HCRYPT_LOG(LOG_DEBUG, "KM[%d] KEY STATUS: pkt_cnt=%u against ref.rate=%u and pre.announce=%u\n",
-                          (ctx->alt->flags & HCRYPT_CTX_F_xSEK)/2,
-                          ctx->pkt_cnt, crypto->km.refresh_rate, crypto->km.pre_announce);
+						  (ctx->alt->flags & HCRYPT_CTX_F_xSEK)/2,
+						  ctx->pkt_cnt, crypto->km.refresh_rate, crypto->km.pre_announce);

 	if ((ctx->pkt_cnt > crypto->km.refresh_rate)
 	||  (ctx->pkt_cnt == 0)) {	//rolled over
@ -358,7 +360,7 @@ int hcryptCtx_Tx_ManageKM(hcrypt_Session *crypto)
 		 * prepare next SEK for announcement
 		 */
 		hcryptCtx_Tx_Refresh(crypto);
-
+		
 		HCRYPT_LOG(LOG_INFO, "KM[%d] Pre-announced\n",
 			(ctx->alt->flags & HCRYPT_CTX_F_xSEK)/2);