external/srs
1
0
Fork 0
mirror of https://github.com/ossrs/srs.git synced 2025-03-09 15:49:59 +00:00
Code Issues Releases Wiki Activity

Upgrade libsrtp from 2.0.0 to 2.3.0, with source code. 4.0.79

Browse source
This commit is contained in:
winlin 2021-03-02 14:29:06 +08:00
parent 3749d4d833
commit 8089fc004c
111 changed files with 45307 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

187
trunk/3rdparty/libsrtp-2-fit/crypto/hash/auth.c vendored Normal file
View file

@ -0,0 +1,187 @@
/*
* auth.c
*
* some bookkeeping functions for authentication functions
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "auth.h"
#include "err.h" /* for srtp_debug */
#include "datatypes.h" /* for octet_string */
/* the debug module for authentiation */
srtp_debug_module_t srtp_mod_auth = {
0, /* debugging is off by default */
"auth func" /* printable name for module */
};
int srtp_auth_get_key_length(const srtp_auth_t *a)
{
return a->key_len;
}
int srtp_auth_get_tag_length(const srtp_auth_t *a)
{
return a->out_len;
}
int srtp_auth_get_prefix_length(const srtp_auth_t *a)
{
return a->prefix_len;
}
/*
* srtp_auth_type_test() tests an auth function of type ct against
* test cases provided in a list test_data of values of key, data, and tag
* that is known to be good
*/
/* should be big enough for most occasions */
#define SELF_TEST_TAG_BUF_OCTETS 32
srtp_err_status_t srtp_auth_type_test(const srtp_auth_type_t *at,
const srtp_auth_test_case_t *test_data)
{
const srtp_auth_test_case_t *test_case = test_data;
srtp_auth_t *a;
srtp_err_status_t status;
uint8_t tag[SELF_TEST_TAG_BUF_OCTETS];
int i, case_num = 0;
debug_print(srtp_mod_auth, "running self-test for auth function %s",
at->description);
/*
* check to make sure that we have at least one test case, and
* return an error if we don't - we need to be paranoid here
*/
if (test_case == NULL) {
return srtp_err_status_cant_check;
}
/* loop over all test cases */
while (test_case != NULL) {
/* check test case parameters */
if (test_case->tag_length_octets > SELF_TEST_TAG_BUF_OCTETS) {
return srtp_err_status_bad_param;
}
/* allocate auth */
status = srtp_auth_type_alloc(at, &a, test_case->key_length_octets,
test_case->tag_length_octets);
if (status) {
return status;
}
/* initialize auth */
status = srtp_auth_init(a, test_case->key);
if (status) {
srtp_auth_dealloc(a);
return status;
}
/* zeroize tag then compute */
octet_string_set_to_zero(tag, test_case->tag_length_octets);
status = srtp_auth_compute(a, test_case->data,
test_case->data_length_octets, tag);
if (status) {
srtp_auth_dealloc(a);
return status;
}
debug_print(srtp_mod_auth, "key: %s",
srtp_octet_string_hex_string(test_case->key,
test_case->key_length_octets));
debug_print(srtp_mod_auth, "data: %s",
srtp_octet_string_hex_string(
test_case->data, test_case->data_length_octets));
debug_print(
srtp_mod_auth, "tag computed: %s",
srtp_octet_string_hex_string(tag, test_case->tag_length_octets));
debug_print(srtp_mod_auth, "tag expected: %s",
srtp_octet_string_hex_string(test_case->tag,
test_case->tag_length_octets));
/* check the result */
status = srtp_err_status_ok;
for (i = 0; i < test_case->tag_length_octets; i++) {
if (tag[i] != test_case->tag[i]) {
status = srtp_err_status_algo_fail;
debug_print(srtp_mod_auth, "test case %d failed", case_num);
debug_print(srtp_mod_auth, " (mismatch at octet %d)", i);
}
}
if (status) {
srtp_auth_dealloc(a);
return srtp_err_status_algo_fail;
}
/* deallocate the auth function */
status = srtp_auth_dealloc(a);
if (status) {
return status;
}
/*
* the auth function passed the test case, so move on to the next test
* case in the list; if NULL, we'll quit and return an OK
*/
test_case = test_case->next_test_case;
++case_num;
}
return srtp_err_status_ok;
}
/*
* srtp_auth_type_self_test(at) performs srtp_auth_type_test on at's internal
* list of test data.
*/
srtp_err_status_t srtp_auth_type_self_test(const srtp_auth_type_t *at)
{
return srtp_auth_type_test(at, at->test_data);
}

283
trunk/3rdparty/libsrtp-2-fit/crypto/hash/hmac.c vendored Normal file
View file

@ -0,0 +1,283 @@
/*
* hmac.c
*
* implementation of hmac srtp_auth_type_t
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "hmac.h"
#include "alloc.h"
#include "cipher_types.h"
/* the debug module for authentiation */
srtp_debug_module_t srtp_mod_hmac = {
0, /* debugging is off by default */
"hmac sha-1" /* printable name for module */
};
static srtp_err_status_t srtp_hmac_alloc(srtp_auth_t **a,
int key_len,
int out_len)
{
extern const srtp_auth_type_t srtp_hmac;
uint8_t *pointer;
debug_print(srtp_mod_hmac, "allocating auth func with key length %d",
key_len);
debug_print(srtp_mod_hmac, " tag length %d",
out_len);
/*
* check key length - note that we don't support keys larger
* than 20 bytes yet
*/
if (key_len > 20) {
return srtp_err_status_bad_param;
}
/* check output length - should be less than 20 bytes */
if (out_len > 20) {
return srtp_err_status_bad_param;
}
/* allocate memory for auth and srtp_hmac_ctx_t structures */
pointer = (uint8_t *)srtp_crypto_alloc(sizeof(srtp_hmac_ctx_t) +
sizeof(srtp_auth_t));
if (pointer == NULL) {
return srtp_err_status_alloc_fail;
}
/* set pointers */
*a = (srtp_auth_t *)pointer;
(*a)->type = &srtp_hmac;
(*a)->state = pointer + sizeof(srtp_auth_t);
(*a)->out_len = out_len;
(*a)->key_len = key_len;
(*a)->prefix_len = 0;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_dealloc(srtp_auth_t *a)
{
/* zeroize entire state*/
octet_string_set_to_zero(a, sizeof(srtp_hmac_ctx_t) + sizeof(srtp_auth_t));
/* free memory */
srtp_crypto_free(a);
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_init(void *statev,
const uint8_t *key,
int key_len)
{
srtp_hmac_ctx_t *state = (srtp_hmac_ctx_t *)statev;
int i;
uint8_t ipad[64];
/*
* check key length - note that we don't support keys larger
* than 20 bytes yet
*/
if (key_len > 20) {
return srtp_err_status_bad_param;
}
/*
* set values of ipad and opad by exoring the key into the
* appropriate constant values
*/
for (i = 0; i < key_len; i++) {
ipad[i] = key[i] ^ 0x36;
state->opad[i] = key[i] ^ 0x5c;
}
/* set the rest of ipad, opad to constant values */
for (; i < 64; i++) {
ipad[i] = 0x36;
((uint8_t *)state->opad)[i] = 0x5c;
}
debug_print(srtp_mod_hmac, "ipad: %s",
srtp_octet_string_hex_string(ipad, 64));
/* initialize sha1 context */
srtp_sha1_init(&state->init_ctx);
/* hash ipad ^ key */
srtp_sha1_update(&state->init_ctx, ipad, 64);
memcpy(&state->ctx, &state->init_ctx, sizeof(srtp_sha1_ctx_t));
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_start(void *statev)
{
srtp_hmac_ctx_t *state = (srtp_hmac_ctx_t *)statev;
memcpy(&state->ctx, &state->init_ctx, sizeof(srtp_sha1_ctx_t));
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_update(void *statev,
const uint8_t *message,
int msg_octets)
{
srtp_hmac_ctx_t *state = (srtp_hmac_ctx_t *)statev;
debug_print(srtp_mod_hmac, "input: %s",
srtp_octet_string_hex_string(message, msg_octets));
/* hash message into sha1 context */
srtp_sha1_update(&state->ctx, message, msg_octets);
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_compute(void *statev,
const uint8_t *message,
int msg_octets,
int tag_len,
uint8_t *result)
{
srtp_hmac_ctx_t *state = (srtp_hmac_ctx_t *)statev;
uint32_t hash_value[5];
uint32_t H[5];
int i;
/* check tag length, return error if we can't provide the value expected */
if (tag_len > 20) {
return srtp_err_status_bad_param;
}
/* hash message, copy output into H */
srtp_hmac_update(state, message, msg_octets);
srtp_sha1_final(&state->ctx, H);
/*
* note that we don't need to debug_print() the input, since the
* function hmac_update() already did that for us
*/
debug_print(srtp_mod_hmac, "intermediate state: %s",
srtp_octet_string_hex_string((uint8_t *)H, 20));
/* re-initialize hash context */
srtp_sha1_init(&state->ctx);
/* hash opad ^ key */
srtp_sha1_update(&state->ctx, (uint8_t *)state->opad, 64);
/* hash the result of the inner hash */
srtp_sha1_update(&state->ctx, (uint8_t *)H, 20);
/* the result is returned in the array hash_value[] */
srtp_sha1_final(&state->ctx, hash_value);
/* copy hash_value to *result */
for (i = 0; i < tag_len; i++) {
result[i] = ((uint8_t *)hash_value)[i];
}
debug_print(srtp_mod_hmac, "output: %s",
srtp_octet_string_hex_string((uint8_t *)hash_value, tag_len));
return srtp_err_status_ok;
}
/* begin test case 0 */
/* clang-format off */
static const uint8_t srtp_hmac_test_case_0_key[20] = {
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_hmac_test_case_0_data[8] = {
0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 /* "Hi There" */
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_hmac_test_case_0_tag[20] = {
0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64,
0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e,
0xf1, 0x46, 0xbe, 0x00
};
/* clang-format on */
static const srtp_auth_test_case_t srtp_hmac_test_case_0 = {
20, /* octets in key */
srtp_hmac_test_case_0_key, /* key */
8, /* octets in data */
srtp_hmac_test_case_0_data, /* data */
20, /* octets in tag */
srtp_hmac_test_case_0_tag, /* tag */
NULL /* pointer to next testcase */
};
/* end test case 0 */
static const char srtp_hmac_description[] =
"hmac sha-1 authentication function";
/*
* srtp_auth_type_t hmac is the hmac metaobject
*/
const srtp_auth_type_t srtp_hmac = {
srtp_hmac_alloc, /* */
srtp_hmac_dealloc, /* */
srtp_hmac_init, /* */
srtp_hmac_compute, /* */
srtp_hmac_update, /* */
srtp_hmac_start, /* */
srtp_hmac_description, /* */
&srtp_hmac_test_case_0, /* */
SRTP_HMAC_SHA1 /* */
};

273
trunk/3rdparty/libsrtp-2-fit/crypto/hash/hmac_ossl.c vendored Normal file
View file

@ -0,0 +1,273 @@
/*
* hmac_ossl.c
*
* Implementation of hmac srtp_auth_type_t that leverages OpenSSL
*
* John A. Foley
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2013-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "auth.h"
#include "alloc.h"
#include "err.h" /* for srtp_debug */
#include <openssl/evp.h>
#include <openssl/hmac.h>
#define SHA1_DIGEST_SIZE 20
/* the debug module for authentiation */
srtp_debug_module_t srtp_mod_hmac = {
0, /* debugging is off by default */
"hmac sha-1 openssl" /* printable name for module */
};
static srtp_err_status_t srtp_hmac_alloc(srtp_auth_t **a,
int key_len,
int out_len)
{
extern const srtp_auth_type_t srtp_hmac;
debug_print(srtp_mod_hmac, "allocating auth func with key length %d",
key_len);
debug_print(srtp_mod_hmac, " tag length %d",
out_len);
/* check output length - should be less than 20 bytes */
if (out_len > SHA1_DIGEST_SIZE) {
return srtp_err_status_bad_param;
}
/* OpenSSL 1.1.0 made HMAC_CTX an opaque structure, which must be allocated
using HMAC_CTX_new. But this function doesn't exist in OpenSSL 1.0.x. */
#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER
{
/* allocate memory for auth and HMAC_CTX structures */
uint8_t *pointer;
HMAC_CTX *new_hmac_ctx;
pointer = (uint8_t *)srtp_crypto_alloc(sizeof(HMAC_CTX) +
sizeof(srtp_auth_t));
if (pointer == NULL) {
return srtp_err_status_alloc_fail;
}
*a = (srtp_auth_t *)pointer;
(*a)->state = pointer + sizeof(srtp_auth_t);
new_hmac_ctx = (HMAC_CTX *)((*a)->state);
HMAC_CTX_init(new_hmac_ctx);
}
#else
*a = (srtp_auth_t *)srtp_crypto_alloc(sizeof(srtp_auth_t));
if (*a == NULL) {
return srtp_err_status_alloc_fail;
}
(*a)->state = HMAC_CTX_new();
if ((*a)->state == NULL) {
srtp_crypto_free(*a);
*a = NULL;
return srtp_err_status_alloc_fail;
}
#endif
/* set pointers */
(*a)->type = &srtp_hmac;
(*a)->out_len = out_len;
(*a)->key_len = key_len;
(*a)->prefix_len = 0;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_dealloc(srtp_auth_t *a)
{
HMAC_CTX *hmac_ctx;
hmac_ctx = (HMAC_CTX *)a->state;
#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER
HMAC_CTX_cleanup(hmac_ctx);
/* zeroize entire state*/
octet_string_set_to_zero(a, sizeof(HMAC_CTX) + sizeof(srtp_auth_t));
#else
HMAC_CTX_free(hmac_ctx);
/* zeroize entire state*/
octet_string_set_to_zero(a, sizeof(srtp_auth_t));
#endif
/* free memory */
srtp_crypto_free(a);
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_start(void *statev)
{
HMAC_CTX *state = (HMAC_CTX *)statev;
if (HMAC_Init_ex(state, NULL, 0, NULL, NULL) == 0)
return srtp_err_status_auth_fail;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_init(void *statev,
const uint8_t *key,
int key_len)
{
HMAC_CTX *state = (HMAC_CTX *)statev;
if (HMAC_Init_ex(state, key, key_len, EVP_sha1(), NULL) == 0)
return srtp_err_status_auth_fail;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_update(void *statev,
const uint8_t *message,
int msg_octets)
{
HMAC_CTX *state = (HMAC_CTX *)statev;
debug_print(srtp_mod_hmac, "input: %s",
srtp_octet_string_hex_string(message, msg_octets));
if (HMAC_Update(state, message, msg_octets) == 0)
return srtp_err_status_auth_fail;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_compute(void *statev,
const uint8_t *message,
int msg_octets,
int tag_len,
uint8_t *result)
{
HMAC_CTX *state = (HMAC_CTX *)statev;
uint8_t hash_value[SHA1_DIGEST_SIZE];
int i;
unsigned int len;
/* check tag length, return error if we can't provide the value expected */
if (tag_len > SHA1_DIGEST_SIZE) {
return srtp_err_status_bad_param;
}
/* hash message, copy output into H */
if (HMAC_Update(state, message, msg_octets) == 0)
return srtp_err_status_auth_fail;
if (HMAC_Final(state, hash_value, &len) == 0)
return srtp_err_status_auth_fail;
if (len < tag_len)
return srtp_err_status_auth_fail;
/* copy hash_value to *result */
for (i = 0; i < tag_len; i++) {
result[i] = hash_value[i];
}
debug_print(srtp_mod_hmac, "output: %s",
srtp_octet_string_hex_string(hash_value, tag_len));
return srtp_err_status_ok;
}
/* begin test case 0 */
/* clang-format off */
static const uint8_t srtp_hmac_test_case_0_key[SHA1_DIGEST_SIZE] = {
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_hmac_test_case_0_data[8] = {
0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 /* "Hi There" */
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_hmac_test_case_0_tag[SHA1_DIGEST_SIZE] = {
0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64,
0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e,
0xf1, 0x46, 0xbe, 0x00
};
/* clang-format on */
static const srtp_auth_test_case_t srtp_hmac_test_case_0 = {
sizeof(srtp_hmac_test_case_0_key), /* octets in key */
srtp_hmac_test_case_0_key, /* key */
sizeof(srtp_hmac_test_case_0_data), /* octets in data */
srtp_hmac_test_case_0_data, /* data */
sizeof(srtp_hmac_test_case_0_tag), /* octets in tag */
srtp_hmac_test_case_0_tag, /* tag */
NULL /* pointer to next testcase */
};
/* end test case 0 */
static const char srtp_hmac_description[] =
"hmac sha-1 authentication function";
/*
* srtp_auth_type_t hmac is the hmac metaobject
*/
const srtp_auth_type_t srtp_hmac = {
srtp_hmac_alloc, /* */
srtp_hmac_dealloc, /* */
srtp_hmac_init, /* */
srtp_hmac_compute, /* */
srtp_hmac_update, /* */
srtp_hmac_start, /* */
srtp_hmac_description, /* */
&srtp_hmac_test_case_0, /* */
SRTP_HMAC_SHA1 /* */
};

168
trunk/3rdparty/libsrtp-2-fit/crypto/hash/null_auth.c vendored Normal file
View file

@ -0,0 +1,168 @@
/*
* null_auth.c
*
* implements the do-nothing auth algorithm
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "null_auth.h"
#include "err.h" /* for srtp_debug */
#include "alloc.h"
#include "cipher_types.h"
static srtp_err_status_t srtp_null_auth_alloc(srtp_auth_t **a,
int key_len,
int out_len)
{
extern const srtp_auth_type_t srtp_null_auth;
uint8_t *pointer;
debug_print(srtp_mod_auth, "allocating auth func with key length %d",
key_len);
debug_print(srtp_mod_auth, " tag length %d",
out_len);
/* allocate memory for auth and srtp_null_auth_ctx_t structures */
pointer = (uint8_t *)srtp_crypto_alloc(sizeof(srtp_null_auth_ctx_t) +
sizeof(srtp_auth_t));
if (pointer == NULL) {
return srtp_err_status_alloc_fail;
}
/* set pointers */
*a = (srtp_auth_t *)pointer;
(*a)->type = &srtp_null_auth;
(*a)->state = pointer + sizeof(srtp_auth_t);
(*a)->out_len = out_len;
(*a)->prefix_len = out_len;
(*a)->key_len = key_len;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_auth_dealloc(srtp_auth_t *a)
{
extern const srtp_auth_type_t srtp_null_auth;
/* zeroize entire state*/
octet_string_set_to_zero(a, sizeof(srtp_null_auth_ctx_t) +
sizeof(srtp_auth_t));
/* free memory */
srtp_crypto_free(a);
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_auth_init(void *statev,
const uint8_t *key,
int key_len)
{
/* srtp_null_auth_ctx_t *state = (srtp_null_auth_ctx_t *)statev; */
/* accept any length of key, and do nothing */
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_auth_compute(void *statev,
const uint8_t *message,
int msg_octets,
int tag_len,
uint8_t *result)
{
/* srtp_null_auth_ctx_t *state = (srtp_null_auth_ctx_t *)statev; */
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_auth_update(void *statev,
const uint8_t *message,
int msg_octets)
{
/* srtp_null_auth_ctx_t *state = (srtp_null_auth_ctx_t *)statev; */
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_auth_start(void *statev)
{
/* srtp_null_auth_ctx_t *state = (srtp_null_auth_ctx_t *)statev; */
return srtp_err_status_ok;
}
/*
* srtp_auth_type_t - defines description, test case, and null_auth
* metaobject
*/
/* begin test case 0 */
static const srtp_auth_test_case_t srtp_null_auth_test_case_0 = {
0, /* octets in key */
NULL, /* key */
0, /* octets in data */
NULL, /* data */
0, /* octets in tag */
NULL, /* tag */
NULL /* pointer to next testcase */
};
/* end test case 0 */
static const char srtp_null_auth_description[] = "null authentication function";
const srtp_auth_type_t srtp_null_auth = {
srtp_null_auth_alloc, /* */
srtp_null_auth_dealloc, /* */
srtp_null_auth_init, /* */
srtp_null_auth_compute, /* */
srtp_null_auth_update, /* */
srtp_null_auth_start, /* */
srtp_null_auth_description, /* */
&srtp_null_auth_test_case_0, /* */
SRTP_NULL_AUTH /* */
};

472
trunk/3rdparty/libsrtp-2-fit/crypto/hash/sha1.c vendored Normal file
View file

@ -0,0 +1,472 @@
/*
* sha1.c
*
* an implementation of the Secure Hash Algorithm v.1 (SHA-1),
* specified in FIPS 180-1
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "sha1.h"
srtp_debug_module_t srtp_mod_sha1 = {
0, /* debugging is off by default */
"sha-1" /* printable module name */
};
/* SN == Rotate left N bits */
#define S1(X) ((X << 1) | (X >> 31))
#define S5(X) ((X << 5) | (X >> 27))
#define S30(X) ((X << 30) | (X >> 2))
#define f0(B, C, D) ((B & C) | (~B & D))
#define f1(B, C, D) (B ^ C ^ D)
#define f2(B, C, D) ((B & C) | (B & D) | (C & D))
#define f3(B, C, D) (B ^ C ^ D)
/*
* nota bene: the variable K0 appears in the curses library, so we
* give longer names to these variables to avoid spurious warnings
* on systems that uses curses
*/
uint32_t SHA_K0 = 0x5A827999; /* Kt for 0 <= t <= 19 */
uint32_t SHA_K1 = 0x6ED9EBA1; /* Kt for 20 <= t <= 39 */
uint32_t SHA_K2 = 0x8F1BBCDC; /* Kt for 40 <= t <= 59 */
uint32_t SHA_K3 = 0xCA62C1D6; /* Kt for 60 <= t <= 79 */
void srtp_sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5])
{
srtp_sha1_ctx_t ctx;
srtp_sha1_init(&ctx);
srtp_sha1_update(&ctx, msg, octets_in_msg);
srtp_sha1_final(&ctx, hash_value);
}
/*
* srtp_sha1_core(M, H) computes the core compression function, where M is
* the next part of the message (in network byte order) and H is the
* intermediate state { H0, H1, ...} (in host byte order)
*
* this function does not do any of the padding required in the
* complete SHA1 function
*
* this function is used in the SEAL 3.0 key setup routines
* (crypto/cipher/seal.c)
*/
void srtp_sha1_core(const uint32_t M[16], uint32_t hash_value[5])
{
uint32_t H0;
uint32_t H1;
uint32_t H2;
uint32_t H3;
uint32_t H4;
uint32_t W[80];
uint32_t A, B, C, D, E, TEMP;
int t;
/* copy hash_value into H0, H1, H2, H3, H4 */
H0 = hash_value[0];
H1 = hash_value[1];
H2 = hash_value[2];
H3 = hash_value[3];
H4 = hash_value[4];
/* copy/xor message into array */
W[0] = be32_to_cpu(M[0]);
W[1] = be32_to_cpu(M[1]);
W[2] = be32_to_cpu(M[2]);
W[3] = be32_to_cpu(M[3]);
W[4] = be32_to_cpu(M[4]);
W[5] = be32_to_cpu(M[5]);
W[6] = be32_to_cpu(M[6]);
W[7] = be32_to_cpu(M[7]);
W[8] = be32_to_cpu(M[8]);
W[9] = be32_to_cpu(M[9]);
W[10] = be32_to_cpu(M[10]);
W[11] = be32_to_cpu(M[11]);
W[12] = be32_to_cpu(M[12]);
W[13] = be32_to_cpu(M[13]);
W[14] = be32_to_cpu(M[14]);
W[15] = be32_to_cpu(M[15]);
TEMP = W[13] ^ W[8] ^ W[2] ^ W[0];
W[16] = S1(TEMP);
TEMP = W[14] ^ W[9] ^ W[3] ^ W[1];
W[17] = S1(TEMP);
TEMP = W[15] ^ W[10] ^ W[4] ^ W[2];
W[18] = S1(TEMP);
TEMP = W[16] ^ W[11] ^ W[5] ^ W[3];
W[19] = S1(TEMP);
TEMP = W[17] ^ W[12] ^ W[6] ^ W[4];
W[20] = S1(TEMP);
TEMP = W[18] ^ W[13] ^ W[7] ^ W[5];
W[21] = S1(TEMP);
TEMP = W[19] ^ W[14] ^ W[8] ^ W[6];
W[22] = S1(TEMP);
TEMP = W[20] ^ W[15] ^ W[9] ^ W[7];
W[23] = S1(TEMP);
TEMP = W[21] ^ W[16] ^ W[10] ^ W[8];
W[24] = S1(TEMP);
TEMP = W[22] ^ W[17] ^ W[11] ^ W[9];
W[25] = S1(TEMP);
TEMP = W[23] ^ W[18] ^ W[12] ^ W[10];
W[26] = S1(TEMP);
TEMP = W[24] ^ W[19] ^ W[13] ^ W[11];
W[27] = S1(TEMP);
TEMP = W[25] ^ W[20] ^ W[14] ^ W[12];
W[28] = S1(TEMP);
TEMP = W[26] ^ W[21] ^ W[15] ^ W[13];
W[29] = S1(TEMP);
TEMP = W[27] ^ W[22] ^ W[16] ^ W[14];
W[30] = S1(TEMP);
TEMP = W[28] ^ W[23] ^ W[17] ^ W[15];
W[31] = S1(TEMP);
/* process the remainder of the array */
for (t = 32; t < 80; t++) {
TEMP = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16];
W[t] = S1(TEMP);
}
A = H0;
B = H1;
C = H2;
D = H3;
E = H4;
for (t = 0; t < 20; t++) {
TEMP = S5(A) + f0(B, C, D) + E + W[t] + SHA_K0;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 40; t++) {
TEMP = S5(A) + f1(B, C, D) + E + W[t] + SHA_K1;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 60; t++) {
TEMP = S5(A) + f2(B, C, D) + E + W[t] + SHA_K2;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 80; t++) {
TEMP = S5(A) + f3(B, C, D) + E + W[t] + SHA_K3;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
hash_value[0] = H0 + A;
hash_value[1] = H1 + B;
hash_value[2] = H2 + C;
hash_value[3] = H3 + D;
hash_value[4] = H4 + E;
return;
}
void srtp_sha1_init(srtp_sha1_ctx_t *ctx)
{
/* initialize state vector */
ctx->H[0] = 0x67452301;
ctx->H[1] = 0xefcdab89;
ctx->H[2] = 0x98badcfe;
ctx->H[3] = 0x10325476;
ctx->H[4] = 0xc3d2e1f0;
/* indicate that message buffer is empty */
ctx->octets_in_buffer = 0;
/* reset message bit-count to zero */
ctx->num_bits_in_msg = 0;
}
void srtp_sha1_update(srtp_sha1_ctx_t *ctx,
const uint8_t *msg,
int octets_in_msg)
{
int i;
uint8_t *buf = (uint8_t *)ctx->M;
/* update message bit-count */
ctx->num_bits_in_msg += octets_in_msg * 8;
/* loop over 16-word blocks of M */
while (octets_in_msg > 0) {
if (octets_in_msg + ctx->octets_in_buffer >= 64) {
/*
* copy words of M into msg buffer until that buffer is full,
* converting them into host byte order as needed
*/
octets_in_msg -= (64 - ctx->octets_in_buffer);
for (i = ctx->octets_in_buffer; i < 64; i++) {
buf[i] = *msg++;
}
ctx->octets_in_buffer = 0;
/* process a whole block */
debug_print0(srtp_mod_sha1, "(update) running srtp_sha1_core()");
srtp_sha1_core(ctx->M, ctx->H);
} else {
debug_print0(srtp_mod_sha1,
"(update) not running srtp_sha1_core()");
for (i = ctx->octets_in_buffer;
i < (ctx->octets_in_buffer + octets_in_msg); i++) {
buf[i] = *msg++;
}
ctx->octets_in_buffer += octets_in_msg;
octets_in_msg = 0;
}
}
}
/*
* srtp_sha1_final(ctx, output) computes the result for ctx and copies it
* into the twenty octets located at *output
*/
void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t *output)
{
uint32_t A, B, C, D, E, TEMP;
uint32_t W[80];
int i, t;
/*
* process the remaining octets_in_buffer, padding and terminating as
* necessary
*/
{
int tail = ctx->octets_in_buffer % 4;
/* copy/xor message into array */
for (i = 0; i < (ctx->octets_in_buffer + 3) / 4; i++) {
W[i] = be32_to_cpu(ctx->M[i]);
}
/* set the high bit of the octet immediately following the message */
switch (tail) {
case (3):
W[i - 1] = (be32_to_cpu(ctx->M[i - 1]) & 0xffffff00) | 0x80;
W[i] = 0x0;
break;
case (2):
W[i - 1] = (be32_to_cpu(ctx->M[i - 1]) & 0xffff0000) | 0x8000;
W[i] = 0x0;
break;
case (1):
W[i - 1] = (be32_to_cpu(ctx->M[i - 1]) & 0xff000000) | 0x800000;
W[i] = 0x0;
break;
case (0):
W[i] = 0x80000000;
break;
}
/* zeroize remaining words */
for (i++; i < 15; i++) {
W[i] = 0x0;
}
/*
* if there is room at the end of the word array, then set the
* last word to the bit-length of the message; otherwise, set that
* word to zero and then we need to do one more run of the
* compression algo.
*/
if (ctx->octets_in_buffer < 56) {
W[15] = ctx->num_bits_in_msg;
} else if (ctx->octets_in_buffer < 60) {
W[15] = 0x0;
}
/* process the word array */
for (t = 16; t < 80; t++) {
TEMP = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16];
W[t] = S1(TEMP);
}
A = ctx->H[0];
B = ctx->H[1];
C = ctx->H[2];
D = ctx->H[3];
E = ctx->H[4];
for (t = 0; t < 20; t++) {
TEMP = S5(A) + f0(B, C, D) + E + W[t] + SHA_K0;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 40; t++) {
TEMP = S5(A) + f1(B, C, D) + E + W[t] + SHA_K1;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 60; t++) {
TEMP = S5(A) + f2(B, C, D) + E + W[t] + SHA_K2;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 80; t++) {
TEMP = S5(A) + f3(B, C, D) + E + W[t] + SHA_K3;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
ctx->H[0] += A;
ctx->H[1] += B;
ctx->H[2] += C;
ctx->H[3] += D;
ctx->H[4] += E;
}
debug_print0(srtp_mod_sha1, "(final) running srtp_sha1_core()");
if (ctx->octets_in_buffer >= 56) {
debug_print0(srtp_mod_sha1, "(final) running srtp_sha1_core() again");
/* we need to do one final run of the compression algo */
/*
* set initial part of word array to zeros, and set the
* final part to the number of bits in the message
*/
for (i = 0; i < 15; i++) {
W[i] = 0x0;
}
W[15] = ctx->num_bits_in_msg;
/* process the word array */
for (t = 16; t < 80; t++) {
TEMP = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16];
W[t] = S1(TEMP);
}
A = ctx->H[0];
B = ctx->H[1];
C = ctx->H[2];
D = ctx->H[3];
E = ctx->H[4];
for (t = 0; t < 20; t++) {
TEMP = S5(A) + f0(B, C, D) + E + W[t] + SHA_K0;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 40; t++) {
TEMP = S5(A) + f1(B, C, D) + E + W[t] + SHA_K1;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 60; t++) {
TEMP = S5(A) + f2(B, C, D) + E + W[t] + SHA_K2;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 80; t++) {
TEMP = S5(A) + f3(B, C, D) + E + W[t] + SHA_K3;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
ctx->H[0] += A;
ctx->H[1] += B;
ctx->H[2] += C;
ctx->H[3] += D;
ctx->H[4] += E;
}
/* copy result into output buffer */
output[0] = be32_to_cpu(ctx->H[0]);
output[1] = be32_to_cpu(ctx->H[1]);
output[2] = be32_to_cpu(ctx->H[2]);
output[3] = be32_to_cpu(ctx->H[3]);
output[4] = be32_to_cpu(ctx->H[4]);
/* indicate that message buffer in context is empty */
ctx->octets_in_buffer = 0;
return;
}