external/srs
1
0
Fork 0
mirror of https://github.com/ossrs/srs.git synced 2025-03-09 15:49:59 +00:00
Code Issues Releases Wiki Activity

Upgrade libsrtp from 2.0.0 to 2.3.0, with source code. 4.0.79

Browse source
This commit is contained in:
winlin 2021-03-02 14:29:06 +08:00
parent 3749d4d833
commit 8089fc004c
111 changed files with 45307 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

1
README.md
View file

@ -156,6 +156,7 @@ For previous versions, please read:
## V4 changes ## V4 changes
* v4.0, 2021-03-02, Upgrade libsrtp from 2.0.0 to 2.3.0, with source code. 4.0.79
* v4.0, 2021-03-01, Upgrade openssl from 1.1.0e to 1.1.1b, with source code. 4.0.78 * v4.0, 2021-03-01, Upgrade openssl from 1.1.0e to 1.1.1b, with source code. 4.0.78
* v4.0, 2021-03-01, Enable Object Cache and Zero Copy Nack by default. 4.0.77 * v4.0, 2021-03-01, Enable Object Cache and Zero Copy Nack by default. 4.0.77
* v4.0, 2021-02-28, RTC: Support high performance [Zero Copy NACK](https://github.com/ossrs/srs/commit/36ea67359e55c94ab044cee4b6a4ec901a83a287#commitcomment-47654868). 4.0.76 * v4.0, 2021-02-28, RTC: Support high performance [Zero Copy NACK](https://github.com/ossrs/srs/commit/36ea67359e55c94ab044cee4b6a4ec901a83a287#commitcomment-47654868). 4.0.76

6
trunk/3rdparty/README.md vendored
View file

@ -13,6 +13,9 @@ openssl-OpenSSL_1_0_2u.tar.gz
CherryPy-3.2.4.zip CherryPy-3.2.4.zip
* sample api server for srs. * sample api server for srs.
libsrtp-2.3.0.tar.gz
* For WebRTC.
ffmpeg-3.2.4.tar.gz ffmpeg-3.2.4.tar.gz
yasm-1.2.0.tar.gz yasm-1.2.0.tar.gz
lame-3.99.5.tar.gz lame-3.99.5.tar.gz
@ -73,4 +76,5 @@ links:
* speex: * speex:
http://www.speex.org/downloads/ http://www.speex.org/downloads/
http://downloads.xiph.org/releases/speex/speex-1.2rc1.tar.gz http://downloads.xiph.org/releases/speex/speex-1.2rc1.tar.gz
* srtp:
https://github.com/cisco/libsrtp/releases/tag/v2.3.0

79
trunk/3rdparty/libsrtp-2-fit/.clang-format vendored Normal file
View file

@ -0,0 +1,79 @@
AccessModifierOffset: -4
AlignAfterOpenBracket: Align
AlignConsecutiveAssignments: false
AlignConsecutiveDeclarations: false
AlignEscapedNewlinesLeft: false
AlignOperands: true
AlignTrailingComments: true
AllowAllParametersOfDeclarationOnNextLine: false
AllowShortBlocksOnASingleLine: false
AllowShortCaseLabelsOnASingleLine: false
AllowShortFunctionsOnASingleLine: Inline
AllowShortIfStatementsOnASingleLine: false
AllowShortLoopsOnASingleLine: false
AlwaysBreakAfterDefinitionReturnType: None
AlwaysBreakBeforeMultilineStrings: false
AlwaysBreakTemplateDeclarations: false
BinPackArguments: true
BinPackParameters: false
BraceWrapping:
AfterControlStatement: false
AfterEnum: false
AfterFunction: true
AfterStruct: false
AfterUnion: false
BeforeCatch: false
BeforeElse: false
IndentBraces: false
BreakBeforeBinaryOperators: None
BreakBeforeBraces: Custom
BreakBeforeTernaryOperators: true
ColumnLimit: 80
CommentPragmas: '^ IWYU pragma:'
ContinuationIndentWidth: 4
DerivePointerAlignment: false
DisableFormat: false
ExperimentalAutoDetectBinPacking: false
IndentCaseLabels: false
IndentWidth: 4
IndentWrappedFunctionNames: false
KeepEmptyLinesAtTheStartOfBlocks: false
MaxEmptyLinesToKeep: 1
PenaltyBreakBeforeFirstCallParameter: 16
PenaltyBreakComment: 300
PenaltyBreakFirstLessLess: 120
PenaltyBreakString: 1000
PenaltyExcessCharacter: 1000
PenaltyReturnTypeOnItsOwnLine: 9000
Cpp11BracedListStyle: false
PointerAlignment: Right
ReflowComments: true
SortIncludes: false
SpaceAfterCStyleCast: false
SpaceBeforeAssignmentOperators: true
SpaceBeforeParens: ControlStatements
SpaceInEmptyParentheses: false
SpacesBeforeTrailingComments: 1
SpacesInAngles: false
SpacesInContainerLiterals: true
SpacesInCStyleCastParentheses: false
SpacesInParentheses: false
SpacesInSquareBrackets: false
TabWidth: 4
UseTab: Never

49
trunk/3rdparty/libsrtp-2-fit/.gitignore vendored Normal file
View file

@ -0,0 +1,49 @@
# Misc crap
*~
old
old?
*.pc
# Object files
*.o
# Libraries
*.lib
*.a
# Shared objects (inc. Windows DLLs)
*.dll
*.so
*.so.*
*.dylib
# Executables
*.exe
*.out
*.app
# srtp things
build
Debug
Makefile
Root
autom4te.cache
config.log
config.status
crypto/include/config.h
crypto/test/aes_calc
crypto/test/cipher_driver
crypto/test/datatypes_driver
crypto/test/env
crypto/test/kernel_driver
crypto/test/sha1_driver
crypto/test/stat_driver
tables/aes_tables
test/dtls_srtp_driver
test/rdbx_driver
test/replay_driver
test/roc_driver
test/rtp_decoder
test/rtpw
test/srtp_driver
test/test_srtp

259
trunk/3rdparty/libsrtp-2-fit/.travis.yml vendored Normal file
View file

@ -0,0 +1,259 @@
dist: xenial
sudo: false
language: c
env:
global:
- secure: "QD09MuUxftXRXtz7ZrB7S0NV/3O9yVhjvIlCSbXN8B87rNSDC8wxMThKMT7iZewnqGk53m+Up19PiMw5ERlHose5tm2cmY1FO/l+c9oAyWZaAL+4XNXryq6zI5F5FX5I61NbfqV3xcnfLTI2QIJF6WqDojNxhPjTbNzQGxIDuqw="
matrix:
include:
# linux build
- os: linux
env:
- TEST="linux (gcc / valgrind)"
addons:
apt:
sources:
- ubuntu-toolchain-r-test
packages:
- gcc-6
- valgrind
script:
- CC=gcc-6 EXTRA_CFLAGS=-Werror ./configure
- make
- make runtest
- make runtest-valgrind
- make distclean
- mkdir build && cd build
- cmake ..
- make
- make test
# linux build with openssl
- os: linux
env:
- TEST="linux openssl (gcc / valgrind)"
addons:
apt:
sources:
- ubuntu-toolchain-r-test
packages:
- gcc-6
- valgrind
script:
- CC=gcc-6 EXTRA_CFLAGS=-Werror ./configure --enable-openssl
- make
- make runtest
- make runtest-valgrind
- make distclean
- mkdir build && cd build
- cmake -DENABLE_OPENSSL=ON ..
- make
- make test
- cd ..
- mkdir build_shared && cd build_shared
- cmake -DENABLE_OPENSSL=ON -DBUILD_SHARED_LIBS=ON ..
- make
- make test
# linux build with openssl and clang
- os: linux
env:
- TEST="linux openssl (clang)"
addons:
apt:
packages:
- clang
script:
- CC=clang EXTRA_CFLAGS=-Werror ./configure --enable-openssl
- make
- make runtest
# linux build with nss
- os: linux
env:
- TEST="linux nss (gcc / valgrind)"
addons:
apt:
sources:
- ubuntu-toolchain-r-test
packages:
- gcc-6
- valgrind
- libnss3-dev
script:
- CC=gcc-6 EXTRA_CFLAGS=-Werror ./configure --enable-nss
- make
- make runtest
- make runtest-valgrind
# default osx build
- os: osx
env:
- TEST="osx"
script:
- EXTRA_CFLAGS=-Werror ./configure
- make
- make runtest
- make distclean
- mkdir build && cd build
- cmake ..
- make
- make test
# osx build with openssl
- os: osx
osx_image: xcode11.2
env:
- TEST="osx openssl"
before_install:
- brew install openssl@1.1
script:
- PKG_CONFIG_PATH=$(brew --prefix openssl@1.1)/lib/pkgconfig EXTRA_CFLAGS=-Werror ./configure --enable-openssl
- make
- make runtest
- make distclean
- mkdir build && cd build
- cmake -DOPENSSL_ROOT_DIR=$(brew --prefix openssl@1.1) -DENABLE_OPENSSL=ON ..
- make
- make test
# osx build with nss
- os: osx
osx_image: xcode11.2
env:
- TEST="osx nss"
script:
- PKG_CONFIG_PATH=$(brew --prefix nss)/lib/pkgconfig EXTRA_CFLAGS=-Werror ./configure --enable-nss
- make
- make runtest
# code format check
- os: linux
env:
- TEST="clang-format"
addons:
apt:
packages:
- clang-format-3.9
script:
- CLANG_FORMAT=clang-format-3.9 ./format.sh -d
# big-endian
- os: linux
sudo: true
env:
- TEST="big-endian"
services:
- docker
addons:
apt:
packages:
- qemu-user-static
- qemu-system-mips
before_install:
- sudo docker run --volume $(pwd):/src --workdir /src --name mipsX --tty --detach ubuntu:16.04 tail
- sudo docker exec --tty mipsX apt-get update
- sudo docker exec --tty mipsX apt-get install build-essential -y
- sudo docker exec --tty mipsX apt-get install gcc-mips-linux-gnu -y
script:
- sudo docker exec --tty mipsX bash -c 'EXTRA_CFLAGS=-static CC=mips-linux-gnu-gcc ./configure --host=mips-linux-gnu'
- sudo docker exec --tty mipsX make
- sudo docker kill mipsX
- file test/srtp_driver
- make runtest
# linux build of fuzzer
- os: linux
env:
- TEST="fuzzer (build only)"
addons:
apt:
packages:
- clang
script:
- CC=clang CXX=clang++ CXXFLAGS="-fsanitize=fuzzer-no-link,address,undefined -g -O3" CFLAGS="-fsanitize=fuzzer-no-link,address,undefined -g -O3" LDFLAGS="-fsanitize=fuzzer-no-link,address,undefined" ./configure
- LIBFUZZER="-fsanitize=fuzzer" make srtp-fuzzer
# coverity scan
- os: linux
env:
- TEST="Coverity Scan"
addons:
coverity_scan:
project:
name: "cisco-libSRTP"
description: "Build submitted via Travis CI"
version: 2
notification_email: pabuhler@cisco.com
build_command_prepend: "./configure"
build_command: "make"
branch_pattern: master
script:
- echo -n | openssl s_client -connect scan.coverity.com:443 | sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' | sudo tee -a /etc/ssl/certs/ca-
# windows build
- os: windows
env:
- TEST="windows"
script:
- export PATH="c:\Program Files (x86)\Microsoft Visual Studio\2017\BuildTools\MSBuild\15.0\Bin":$PATH
- mkdir build && cd build
- cmake -G "Visual Studio 15 2017" ..
- msbuild.exe libsrtp2.sln -p:Configuration=Release
- msbuild.exe RUN_TESTS.vcxproj -p:Configuration=Release
- cd ..
- mkdir build_shared && cd build_shared
- cmake -G "Visual Studio 15 2017" -DBUILD_SHARED_LIBS=ON ..
- msbuild.exe libsrtp2.sln -p:Configuration=Release
- msbuild.exe RUN_TESTS.vcxproj -p:Configuration=Release
# android build
- os: linux
env:
- TEST="android"
script:
- wget -q https://dl.google.com/android/repository/android-ndk-r20b-linux-x86_64.zip
- unzip -qq android-ndk-r20b-linux-x86_64.zip
- ANDROID_NDK=`pwd`/android-ndk-r20b
- mkdir build_android
- cd build_android
- cmake -DCMAKE_TOOLCHAIN_FILE=$ANDROID_NDK/build/cmake/android.toolchain.cmake -DANDROID_ABI=arm64-v8a ..
- make
- cd ..
- TOOLCHAIN=$ANDROID_NDK/toolchains/llvm/prebuilt/linux-x86_64
AR=$TOOLCHAIN/bin/aarch64-linux-android-ar
AS=$TOOLCHAIN/bin/aarch64-linux-android-as
CC=$TOOLCHAIN/bin/aarch64-linux-android21-clang
CXX=$TOOLCHAIN/bin/aarch64-linux-android21-clang++
LD=$TOOLCHAIN/bin/aarch64-linux-android-ld
RANLIB=$TOOLCHAIN/bin/aarch64-linux-android-ranlib
STRIP=$TOOLCHAIN/bin/aarch64-linux-android-strip
./configure --host aarch64-linux-android
- make
# ios build with openssl
- os: osx
osx_image: xcode11.2
env:
- TEST="ios"
script:
- wget -q https://raw.githubusercontent.com/leetal/ios-cmake/master/ios.toolchain.cmake
- mkdir build && cd build
- cmake -DCMAKE_TOOLCHAIN_FILE=../ios.toolchain.cmake -DPLATFORM=OS64 ..
- make
- cd ..
- CFLAGS="-arch arm64 --sysroot=$(xcrun --sdk iphoneos --show-sdk-path) -miphoneos-version-min=8.0 -fembed-bitcode"
LDFLAGS="-arch arm64 --sysroot=$(xcrun --sdk iphoneos --show-sdk-path) -miphoneos-version-min=8.0 -fembed-bitcode"
AR="$(xcrun --find --sdk iphoneos ar)"
AS="$(xcrun --find --sdk iphoneos as)"
CC="$(xcrun --find --sdk iphoneos clang)"
CXX="$(xcrun --find --sdk iphoneos clang++)"
LD="$(xcrun --find --sdk iphoneos ld)"
RANLIB="$(xcrun --find --sdk iphoneos ranlib)"
STRIP="$(xcrun --find --sdk iphoneos strip)"
./configure --host arm-apple-darwin
- make
- make shared_library

35
trunk/3rdparty/libsrtp-2-fit/LICENSE vendored Normal file
View file

@ -0,0 +1,35 @@
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/

331
trunk/3rdparty/libsrtp-2-fit/Makefile.in vendored Normal file
View file

@ -0,0 +1,331 @@
# Makefile for secure rtp
#
# David A. McGrew
# Cisco Systems, Inc.
# targets:
#
# runtest runs test applications
# runtest-valgrind runs test applications with valgrind
# test builds test applications
# libsrtp2.a static library implementing srtp
# libsrtp2.so shared library implementing srtp
# clean removes objects, libs, and executables
# distribution cleans and builds a .tgz
# tags builds etags file from all .c and .h files
DYNAMIC_PATH_VAR = @DYNAMIC_PATH_VAR@
CRYPTO_LIBDIR = @CRYPTO_LIBDIR@
USE_EXTERNAL_CRYPTO = @USE_EXTERNAL_CRYPTO@
HAVE_PCAP = @HAVE_PCAP@
# Specify how tests should find shared libraries on macOS and Linux
#
# macOS purges DYLD_LIBRARY_PATH when spawning subprocesses, so it's
# not possible to pass this in from the outside; we have to specify
# it for any subprocesses we call. No support for dynamic linked
# tests on Windows.
ifneq ($(strip $(CRYPTO_LIBDIR)),)
ifneq ($(OS),Windows_NT)
UNAME_S = $(shell uname -s)
ifeq ($(UNAME_S),Linux)
FIND_LIBRARIES = LD_LIBRARY_PATH=$(CRYPTO_LIBDIR)
endif
ifeq ($(UNAME_S),Darwin)
FIND_LIBRARIES = DYLD_LIBRARY_PATH=$(CRYPTO_LIBDIR)
endif
CRYPTO_LIBDIR_FORWARD = CRYPTO_LIBDIR=$(CRYPTO_LIBDIR)
endif
endif
.PHONY: all shared_library test
all: test
runtest: test
@echo "running libsrtp2 test applications..."
$(FIND_LIBRARIES) crypto/test/cipher_driver$(EXE) -v >/dev/null
$(FIND_LIBRARIES) crypto/test/kernel_driver$(EXE) -v >/dev/null
$(FIND_LIBRARIES) test/test_srtp$(EXE) >/dev/null
$(FIND_LIBRARIES) test/rdbx_driver$(EXE) -v >/dev/null
$(FIND_LIBRARIES) test/srtp_driver$(EXE) -v >/dev/null
$(FIND_LIBRARIES) test/roc_driver$(EXE) -v >/dev/null
$(FIND_LIBRARIES) test/replay_driver$(EXE) -v >/dev/null
$(FIND_LIBRARIES) test/dtls_srtp_driver$(EXE) >/dev/null
cd test; $(CRYPTO_LIBDIR_FORWARD) $(abspath $(srcdir))/test/rtpw_test.sh -w $(abspath $(srcdir))/test/words.txt >/dev/null
ifeq (1, $(USE_EXTERNAL_CRYPTO))
cd test; $(CRYPTO_LIBDIR_FORWARD) $(abspath $(srcdir))/test/rtpw_test_gcm.sh -w $(abspath $(srcdir))/test/words.txt >/dev/null
endif
@echo "libsrtp2 test applications passed."
$(MAKE) -C crypto runtest
runtest-valgrind: test
@echo "running libsrtp2 test applications... (valgrind)"
valgrind --error-exitcode=1 --leak-check=full test/test_srtp$(EXE) -v >/dev/null
valgrind --error-exitcode=1 --leak-check=full test/srtp_driver$(EXE) -v >/dev/null
@echo "libsrtp2 test applications passed. (valgrind)"
# makefile variables
CC = @CC@
CXX = @CXX@
INCDIR = -Icrypto/include -I$(srcdir)/include -I$(srcdir)/crypto/include
DEFS = @DEFS@
CPPFLAGS= @CPPFLAGS@
CFLAGS = @CFLAGS@
CXXFLAGS= @CXXFLAGS@
srtp-fuzzer: CFLAGS += -g
srtp-fuzzer: CXXFLAGS += -g
LIBS = @LIBS@
LDFLAGS = -L. @LDFLAGS@
COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS)
SRTPLIB = -lsrtp2
PCAP_LIB = @PCAP_LIB@
AR = @AR@
RANLIB = @RANLIB@
INSTALL = @INSTALL@
# EXE defines the suffix on executables - it's .exe for Windows, and
# null on linux, bsd, and OS X and other OSes.
EXE = @EXE@
HMAC_OBJS = @HMAC_OBJS@
AES_ICM_OBJS = @AES_ICM_OBJS@
srcdir = @srcdir@
top_srcdir = @top_srcdir@
top_builddir = @top_builddir@
VPATH = @srcdir@
prefix = @prefix@
exec_prefix = @exec_prefix@
includedir = @includedir@
libdir = @libdir@
bindir = @bindir@
pkgconfigdir = $(libdir)/pkgconfig
pkgconfig_DATA = libsrtp2.pc
SHAREDLIBVERSION = 1
ifneq (,$(or $(findstring linux,@host@), $(findstring gnu,@host@)))
SHAREDLIB_DIR = $(libdir)
SHAREDLIB_LDFLAGS = -shared -Wl,-soname,$@
SHAREDLIBSUFFIXNOVER = so
SHAREDLIBSUFFIX = $(SHAREDLIBSUFFIXNOVER).$(SHAREDLIBVERSION)
else ifneq (,$(or $(findstring cygwin,@host@), $(findstring mingw,@host@)))
SHAREDLIB_DIR = $(bindir)
SHAREDLIB_LDFLAGS = -shared -Wl,--out-implib,libsrtp2.dll.a
SHAREDLIBVERSION =
SHAREDLIBSUFFIXNOVER = dll
SHAREDLIBSUFFIX = $(SHAREDLIBSUFFIXNOVER)
else ifeq (darwin,$(findstring darwin,@host@))
SHAREDLIB_DIR = $(libdir)
SHAREDLIB_LDFLAGS = -dynamiclib -twolevel_namespace \
-fno-common -headerpad_max_install_names -install_name $(libdir)/$@
SHAREDLIBSUFFIXNOVER = dylib
SHAREDLIBSUFFIX = $(SHAREDLIBVERSION).$(SHAREDLIBSUFFIXNOVER)
endif
# implicit rules for object files and test apps
%.o: %.c
$(COMPILE) -c $< -o $@
%$(EXE): %.c
$(COMPILE) $(LDFLAGS) $< -o $@ $(SRTPLIB) $(LIBS)
ciphers = crypto/cipher/cipher.o crypto/cipher/null_cipher.o \
$(AES_ICM_OBJS)
hashes = crypto/hash/null_auth.o crypto/hash/auth.o \
$(HMAC_OBJS)
replay = crypto/replay/rdb.o crypto/replay/rdbx.o \
crypto/replay/ut_sim.o
math = crypto/math/datatypes.o crypto/math/stat.o
ust = crypto/ust/ust.o
err = crypto/kernel/err.o
kernel = crypto/kernel/crypto_kernel.o crypto/kernel/alloc.o \
crypto/kernel/key.o $(err) # $(ust)
cryptobj = $(ciphers) $(hashes) $(math) $(kernel) $(replay)
# libsrtp2.a (implements srtp processing)
srtpobj = srtp/srtp.o srtp/ekt.o
libsrtp2.a: $(srtpobj) $(cryptobj) $(gdoi)
$(AR) cr libsrtp2.a $^
$(RANLIB) libsrtp2.a
libsrtp2.$(SHAREDLIBSUFFIX): $(srtpobj) $(cryptobj) $(gdoi)
$(CC) -shared -o $@ $(SHAREDLIB_LDFLAGS) \
$^ $(LDFLAGS) $(LIBS)
if [ -n "$(SHAREDLIBVERSION)" ]; then \
ln -sfn $@ libsrtp2.$(SHAREDLIBSUFFIXNOVER); \
fi
shared_library: libsrtp2.$(SHAREDLIBSUFFIX)
libsrtp2.so: $(srtpobj) $(cryptobj)
$(CC) -shared -Wl,-soname,libsrtp2.so \
-o libsrtp2.so $^ $(LDFLAGS)
# test applications
ifneq (1, $(USE_EXTERNAL_CRYPTO))
AES_CALC = crypto/test/aes_calc$(EXE)
endif
crypto_testapp = $(AES_CALC) crypto/test/cipher_driver$(EXE) \
crypto/test/datatypes_driver$(EXE) crypto/test/kernel_driver$(EXE) \
crypto/test/sha1_driver$(EXE) crypto/test/stat_driver$(EXE) \
crypto/test/env$(EXE)
testapp = $(crypto_testapp) test/srtp_driver$(EXE) test/replay_driver$(EXE) \
test/roc_driver$(EXE) test/rdbx_driver$(EXE) test/rtpw$(EXE) \
test/dtls_srtp_driver$(EXE) test/test_srtp$(EXE)
ifeq (1, $(HAVE_PCAP))
testapp += test/rtp_decoder$(EXE)
endif
$(testapp): libsrtp2.a
test/rtpw$(EXE): test/rtpw.c test/rtp.c test/util.c test/getopt_s.c \
crypto/math/datatypes.c
$(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
ifeq (1, $(HAVE_PCAP))
test/rtp_decoder$(EXE): test/rtp_decoder.c test/rtp.c test/util.c test/getopt_s.c \
crypto/math/datatypes.c
$(COMPILE) $(LDFLAGS) -o $@ $^ $(PCAP_LIB) $(LIBS) $(SRTPLIB)
endif
crypto/test/aes_calc$(EXE): crypto/test/aes_calc.c test/util.c
$(COMPILE) -I$(srcdir)/test $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
test/test_srtp$(EXE): test/test_srtp.c
$(COMPILE) -I$(srcdir)/test $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
crypto/test/datatypes_driver$(EXE): crypto/test/datatypes_driver.c test/util.c
$(COMPILE) -I$(srcdir)/test $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
crypto/test/sha1_driver$(EXE): crypto/test/sha1_driver.c test/util.c
$(COMPILE) -I$(srcdir)/test $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
test/srtp_driver$(EXE): test/srtp_driver.c test/util.c test/getopt_s.c
$(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
test/rdbx_driver$(EXE): test/rdbx_driver.c test/getopt_s.c
$(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
test/dtls_srtp_driver$(EXE): test/dtls_srtp_driver.c test/getopt_s.c test/util.c
$(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
crypto/test/cipher_driver$(EXE): crypto/test/cipher_driver.c test/getopt_s.c
$(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
crypto/test/kernel_driver$(EXE): crypto/test/kernel_driver.c test/getopt_s.c
$(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
crypto/test/env$(EXE): crypto/test/env.c test/getopt_s.c
$(COMPILE) $(LDFLAGS) -o $@ $^ $(LIBS) $(SRTPLIB)
test: $(testapp)
@echo "Build done. Please run '$(MAKE) runtest' to run self tests."
memtest: test/srtp_driver
@test/srtp_driver -v -d "alloc" > tmp
@grep freed tmp | wc -l > freed
@grep allocated tmp | wc -l > allocated
@echo "checking for memory leaks (only works with --enable-stdout)"
cmp -s allocated freed
@echo "passed (same number of alloc() and dealloc() calls found)"
@rm freed allocated tmp
# the target 'plot' runs the timing test (test/srtp_driver -t) then
# uses gnuplot to produce plots of the results - see the script file
# 'timing'
plot: test/srtp_driver
test/srtp_driver -t > timing.dat
# bookkeeping: tags, clean, and distribution
tags:
etags */*.[ch] */*/*.[ch]
# documentation - the target libsrtp2doc builds html documentation
libsrtp2doc:
$(MAKE) -C doc
# fuzzer
srtp-fuzzer: libsrtp2.a
$(MAKE) -C fuzzer
.PHONY: clean superclean distclean install
install:
$(INSTALL) -d $(DESTDIR)$(includedir)/srtp2
$(INSTALL) -d $(DESTDIR)$(libdir)
cp $(srcdir)/include/srtp.h $(DESTDIR)$(includedir)/srtp2
cp $(srcdir)/crypto/include/cipher.h $(DESTDIR)$(includedir)/srtp2
cp $(srcdir)/crypto/include/auth.h $(DESTDIR)$(includedir)/srtp2
cp $(srcdir)/crypto/include/crypto_types.h $(DESTDIR)$(includedir)/srtp2
if [ -f libsrtp2.a ]; then cp libsrtp2.a $(DESTDIR)$(libdir)/; fi
if [ -f libsrtp2.dll.a ]; then cp libsrtp2.dll.a $(DESTDIR)$(libdir)/; fi
if [ -f libsrtp2.$(SHAREDLIBSUFFIX) ]; then \
$(INSTALL) -d $(DESTDIR)$(SHAREDLIB_DIR); \
cp libsrtp2.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/; \
cp libsrtp2.$(SHAREDLIBSUFFIXNOVER) $(DESTDIR)$(SHAREDLIB_DIR)/; \
if [ -n "$(SHAREDLIBVERSION)" ]; then \
ln -sfn libsrtp2.$(SHAREDLIBSUFFIX) $(DESTDIR)$(SHAREDLIB_DIR)/libsrtp2.$(SHAREDLIBSUFFIXNOVER); \
fi; \
fi
$(INSTALL) -d $(DESTDIR)$(pkgconfigdir)
cp $(top_builddir)/$(pkgconfig_DATA) $(DESTDIR)$(pkgconfigdir)/
uninstall:
rm -f $(DESTDIR)$(includedir)/srtp2/*.h
rm -f $(DESTDIR)$(libdir)/libsrtp2.*
-rmdir $(DESTDIR)$(includedir)/srtp2
rm -f $(DESTDIR)$(pkgconfigdir)/$(pkgconfig_DATA)
clean:
rm -rf $(cryptobj) $(srtpobj) TAGS \
libsrtp2.a libsrtp2.so libsrtp2.dll.a core *.core test/core
for a in * */* */*/*; do \
if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
done;
for a in $(testapp); do rm -rf $$a$(EXE); done
rm -rf *.pict *.jpg *.dat
rm -rf freed allocated tmp
$(MAKE) -C doc clean
$(MAKE) -C fuzzer clean
superclean: clean
rm -rf crypto/include/config.h config.log config.cache config.status \
Makefile crypto/Makefile doc/Makefile \
.gdb_history test/.gdb_history .DS_Store
rm -rf autom4te.cache
distclean: superclean
distname = libsrtp-$(shell cat VERSION)
distribution: runtest superclean
if ! [ -f VERSION ]; then exit 1; fi
if [ -f ../$(distname).tgz ]; then \
mv ../$(distname).tgz ../$(distname).tgz.bak; \
fi
cd ..; tar cvzf $(distname).tgz libsrtp
# EOF

1456
trunk/3rdparty/libsrtp-2-fit/config.guess vendored Executable file
View file

File diff suppressed because it is too large Load diff

162
trunk/3rdparty/libsrtp-2-fit/config.h_win32vc7 vendored Normal file
View file

@ -0,0 +1,162 @@
/* Hacked config.h for Windows XP 32-bit & VC7 */
#ifdef (_MSC_VER >= 1400)
# define HAVE_RAND_S 1
#endif
/* Define if building for a CISC machine (e.g. Intel). */
#define CPU_CISC 1
/* Define if building for a RISC machine (assume slow byte access). */
#undef CPU_RISC
/* Path to random device */
#undef DEV_URANDOM
/* Define to enabled debug logging for all mudules. */
#undef ENABLE_DEBUG_LOGGING
/* Logging statments will be writen to this file. */
#undef ERR_REPORTING_FILE
/* Define to redirect logging to stdout. */
#undef ERR_REPORTING_STDOUT
/* Define to 1 if you have the <arpa/inet.h> header file. */
#undef HAVE_ARPA_INET_H
/* Define to 1 if you have the <byteswap.h> header file. */
#undef HAVE_BYTESWAP_H
/* Define to 1 if you have the `inet_aton' function. */
#define HAVE_INET_ATON 1
/* Define to 1 if the system has the type `int16_t'. */
#undef HAVE_INT16_T
/* Define to 1 if the system has the type `int32_t'. */
#undef HAVE_INT32_T
/* Define to 1 if the system has the type `int8_t'. */
#undef HAVE_INT8_T
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
/* Define to 1 if you have the `socket' library (-lsocket). */
#undef HAVE_LIBSOCKET
/* Define to 1 if you have the <machine/types.h> header file. */
#undef HAVE_MACHINE_TYPES_H
/* Define to 1 if you have the <memory.h> header file. */
#define HAVE_MEMORY_H 1
/* Define to 1 if you have the <netinet/in.h> header file. */
#undef HAVE_NETINET_IN_H
/* Define to 1 if you have the `socket' function. */
#define HAVE_SOCKET 1
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRINGS_H 1
/* Define to 1 if you have the <string.h> header file. */
#define HAVE_STRING_H 1
/* Define to 1 if you have the <sys/int_types.h> header file. */
#undef HAVE_SYS_INT_TYPES_H
/* Define to 1 if you have the <sys/socket.h> header file. */
#undef HAVE_SYS_SOCKET_H
/* Define to 1 if you have the <sys/stat.h> header file. */
#undef HAVE_SYS_STAT_H
/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
/* Define to 1 if you have the <sys/uio.h> header file. */
#undef HAVE_SYS_UIO_H
/* Define to 1 if the system has the type `uint16_t'. */
#undef HAVE_UINT16_T
/* Define to 1 if the system has the type `uint32_t'. */
#undef HAVE_UINT32_T
/* Define to 1 if the system has the type `uint64_t'. */
#undef HAVE_UINT64_T
/* Define to 1 if the system has the type `uint8_t'. */
#undef HAVE_UINT8_T
/* Define to 1 if you have the <unistd.h> header file. */
#define HAVE_UNISTD_H 1
/* Define to 1 if you have the `usleep' function. */
#define HAVE_USLEEP 1
/* Define to 1 if you have the <windows.h> header file. */
#define HAVE_WINDOWS_H 1
/* Define to 1 if you have the <winsock2.h> header file. */
#define HAVE_WINSOCK2_H 1
/* Define to use X86 inlined assembly code */
#undef HAVE_X86
/* Define to the address where bug reports for this package should be sent. */
#undef PACKAGE_BUGREPORT
/* Define to the full name of this package. */
#undef PACKAGE_NAME
/* Define to the full name and version of this package. */
#undef PACKAGE_STRING
/* Define to the one symbol short name of this package. */
#undef PACKAGE_TARNAME
/* Define to the version of this package. */
#undef PACKAGE_VERSION
/* The size of a `unsigned long', as computed by sizeof. */
#define SIZEOF_UNSIGNED_LONG 4
/* The size of a `unsigned long long', as computed by sizeof. */
#define SIZEOF_UNSIGNED_LONG_LONG 8
/* Define to use GDOI. */
#undef SRTP_GDOI
/* Define to compile for kernel contexts. */
#undef SRTP_KERNEL
/* Define to compile for Linux kernel context. */
#undef SRTP_KERNEL_LINUX
/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS
/* Define to 1 if your processor stores words with the most significant byte
first (like Motorola and SPARC, unlike Intel and VAX). */
#undef WORDS_BIGENDIAN
/* Define to empty if `const' does not conform to ANSI C. */
//#undef const
/* Define to `__inline__' or `__inline' if that's what the C compiler
calls it, or to nothing if 'inline' is not supported under any name. */
//#ifndef __cplusplus
//#undef inline
//#endif
#define inline __inline
/* Define to `unsigned' if <sys/types.h> does not define. */
//#undef size_t

182
trunk/3rdparty/libsrtp-2-fit/config.hw vendored Normal file
View file

@ -0,0 +1,182 @@
/* crypto/include/config.h. Generated by configure. */
/* config_in.h. Generated from configure.in by autoheader. */
#if (_MSC_VER >= 1400)
# define HAVE_RAND_S 1
# define _CRT_RAND_S
#endif
/* Define if building for a CISC machine (e.g. Intel). */
#define CPU_CISC 1
/* Define if building for a RISC machine (assume slow byte access). */
/* #undef CPU_RISC */
/* Define to enabled debug logging for all mudules. */
#undef ENABLE_DEBUG_LOGGING
/* Logging statments will be writen to this file. */
/* #undef ERR_REPORTING_FILE */
/* Define to redirect logging to stdout. */
#undef ERR_REPORTING_STDOUT
/* Define to 1 if you have the <arpa/inet.h> header file. */
/* #undef HAVE_ARPA_INET_H */
/* Define to 1 if you have the <byteswap.h> header file. */
/* #undef HAVE_BYTESWAP_H */
/* Define to 1 if you have the `inet_aton' function. */
/* #undef HAVE_INET_ATON */
/* Define to 1 if the system has the type `int16_t'. */
#define HAVE_INT16_T 1
/* Define to 1 if the system has the type `int32_t'. */
#define HAVE_INT32_T 1
/* Define to 1 if the system has the type `int8_t'. */
#define HAVE_INT8_T 1
/* Define to 1 if you have the <inttypes.h> header file. */
/* #undef HAVE_INTTYPES_H */
/* Define to 1 if you have the `socket' library (-lsocket). */
/* #undef HAVE_LIBSOCKET */
/* Define to 1 if you have the <machine/types.h> header file. */
/* #undef HAVE_MACHINE_TYPES_H */
/* Define to 1 if you have the <memory.h> header file. */
#define HAVE_MEMORY_H 1
/* Define to 1 if you have the <netinet/in.h> header file. */
/* #undef HAVE_NETINET_IN_H */
/* Define to 1 if you have the `socket' function. */
/* #undef HAVE_SOCKET */
/* Define to 1 if you have the <stdint.h> header file. */
/* #undef HAVE_STDINT_H */
/* Define to 1 if you have the <stdlib.h> header file. */
#define HAVE_STDLIB_H 1
/* Define to 1 if you have the <strings.h> header file. */
#define HAVE_STRINGS_H 1
/* Define to 1 if you have the <string.h> header file. */
#define HAVE_STRING_H 1
/* Define to 1 if you have the <sys/int_types.h> header file. */
/* #undef HAVE_SYS_INT_TYPES_H */
/* Define to 1 if you have the <sys/socket.h> header file. */
/* #undef HAVE_SYS_SOCKET_H */
/* Define to 1 if you have the <sys/stat.h> header file. */
#define HAVE_SYS_STAT_H 1
/* Define to 1 if you have the <sys/types.h> header file. */
#define HAVE_SYS_TYPES_H 1
/* Define to 1 if you have the <sys/uio.h> header file. */
/* #undef HAVE_SYS_UIO_H */
/* Define to 1 if the system has the type `uint16_t'. */
#define HAVE_UINT16_T 1
/* Define to 1 if the system has the type `uint32_t'. */
#define HAVE_UINT32_T 1
/* Define to 1 if the system has the type `uint64_t'. */
#define HAVE_UINT64_T 1
/* Define to 1 if the system has the type `uint8_t'. */
#define HAVE_UINT8_T 1
/* Define to 1 if you have the <unistd.h> header file. */
/* #undef HAVE_UNISTD_H */
/* Define to 1 if you have the `usleep' function. */
/* #undef HAVE_USLEEP */
/* Define to 1 if you have the <windows.h> header file. */
#define HAVE_WINDOWS_H 1
/* Define to 1 if you have the <winsock2.h> header file. */
#define HAVE_WINSOCK2_H 1
/* Define to use X86 inlined assembly code */
/* #undef HAVE_X86 */
/* Define to the address where bug reports for this package should be sent. */
#define PACKAGE_BUGREPORT ""
/* Define to the full name of this package. */
#define PACKAGE_NAME ""
/* Define to the full name and version of this package. */
#define PACKAGE_STRING ""
/* Define to the one symbol short name of this package. */
#define PACKAGE_TARNAME ""
/* Define to the version of this package. */
#define PACKAGE_VERSION ""
/* The size of a `unsigned long', as computed by sizeof. */
#define SIZEOF_UNSIGNED_LONG 4
/* The size of a `unsigned long long', as computed by sizeof. */
#define SIZEOF_UNSIGNED_LONG_LONG 8
/* Define to use GDOI. */
/* #undef SRTP_GDOI */
/* Define to compile for kernel contexts. */
/* #undef SRTP_KERNEL */
/* Define to compile for Linux kernel context. */
/* #undef SRTP_KERNEL_LINUX */
/* Define to 1 if you have the ANSI C header files. */
#define STDC_HEADERS 1
/* Define to 1 if your processor stores words with the most significant byte
first (like Motorola and SPARC, unlike Intel and VAX). */
/* #undef WORDS_BIGENDIAN */
/* Define to empty if `const' does not conform to ANSI C. */
/* #undef const */
/* Define 'inline' to nothing, since the MSVC compiler doesn't support it. */
#define inline
/* Define to `unsigned' if <sys/types.h> does not define. */
/* #undef size_t */
#if (_MSC_VER >= 1400) // VC8+
#ifndef _CRT_SECURE_NO_DEPRECATE
#define _CRT_SECURE_NO_DEPRECATE
#endif
#ifndef _CRT_NONSTDC_NO_DEPRECATE
#define _CRT_NONSTDC_NO_DEPRECATE
#endif
#endif // VC8+
#ifndef uint32_t
typedef unsigned __int8 uint8_t;
typedef unsigned __int16 uint16_t;
typedef unsigned __int32 uint32_t;
typedef unsigned __int64 uint64_t;
typedef __int8 int8_t;
typedef __int16 int16_t;
typedef __int32 int32_t;
typedef __int64 int64_t;
#endif
#ifdef _MSC_VER
#pragma warning(disable:4311)
#endif

1815
trunk/3rdparty/libsrtp-2-fit/config.sub vendored Executable file
View file

File diff suppressed because it is too large Load diff

196
trunk/3rdparty/libsrtp-2-fit/config_in.h vendored Normal file
View file

@ -0,0 +1,196 @@
/* config_in.h. Generated from configure.ac by autoheader. */
/* Define if building universal (internal helper macro) */
#undef AC_APPLE_UNIVERSAL_BUILD
/* Define if building for a CISC machine (e.g. Intel). */
#undef CPU_CISC
/* Define if building for a RISC machine (assume slow byte access). */
#undef CPU_RISC
/* Define to enabled debug logging for all mudules. */
#undef ENABLE_DEBUG_LOGGING
/* Logging statments will be writen to this file. */
#undef ERR_REPORTING_FILE
/* Define to redirect logging to stdout. */
#undef ERR_REPORTING_STDOUT
/* Define this to use AES-GCM. */
#undef GCM
/* Define to 1 if you have the <arpa/inet.h> header file. */
#undef HAVE_ARPA_INET_H
/* Define to 1 if you have the <byteswap.h> header file. */
#undef HAVE_BYTESWAP_H
/* Define to 1 if you have the `inet_aton' function. */
#undef HAVE_INET_ATON
/* Define to 1 if the system has the type `int16_t'. */
#undef HAVE_INT16_T
/* Define to 1 if the system has the type `int32_t'. */
#undef HAVE_INT32_T
/* Define to 1 if the system has the type `int8_t'. */
#undef HAVE_INT8_T
/* Define to 1 if you have the <inttypes.h> header file. */
#undef HAVE_INTTYPES_H
/* Define to 1 if you have the `dl' library (-ldl). */
#undef HAVE_LIBDL
/* Define to 1 if you have the `nspr4' library (-lnspr4). */
#undef HAVE_LIBNSPR4
/* Define to 1 if you have the `nss3' library (-lnss3). */
#undef HAVE_LIBNSS3
/* Define to 1 if you have the `socket' library (-lsocket). */
#undef HAVE_LIBSOCKET
/* Define to 1 if you have the `z' library (-lz). */
#undef HAVE_LIBZ
/* Define to 1 if you have the <machine/types.h> header file. */
#undef HAVE_MACHINE_TYPES_H
/* Define to 1 if you have the <memory.h> header file. */
#undef HAVE_MEMORY_H
/* Define to 1 if you have the <netinet/in.h> header file. */
#undef HAVE_NETINET_IN_H
/* Define to 1 if you have the <nss.h> header file. */
#undef HAVE_NSS_H
/* Define to 1 if you have the `winpcap' library (-lwpcap) */
#undef HAVE_PCAP
/* Define to 1 if you have the `sigaction' function. */
#undef HAVE_SIGACTION
/* Define to 1 if you have the `socket' function. */
#undef HAVE_SOCKET
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
/* Define to 1 if you have the <strings.h> header file. */
#undef HAVE_STRINGS_H
/* Define to 1 if you have the <string.h> header file. */
#undef HAVE_STRING_H
/* Define to 1 if you have the <sys/int_types.h> header file. */
#undef HAVE_SYS_INT_TYPES_H
/* Define to 1 if you have the <sys/socket.h> header file. */
#undef HAVE_SYS_SOCKET_H
/* Define to 1 if you have the <sys/stat.h> header file. */
#undef HAVE_SYS_STAT_H
/* Define to 1 if you have the <sys/types.h> header file. */
#undef HAVE_SYS_TYPES_H
/* Define to 1 if you have the <sys/uio.h> header file. */
#undef HAVE_SYS_UIO_H
/* Define to 1 if the system has the type `uint16_t'. */
#undef HAVE_UINT16_T
/* Define to 1 if the system has the type `uint32_t'. */
#undef HAVE_UINT32_T
/* Define to 1 if the system has the type `uint64_t'. */
#undef HAVE_UINT64_T
/* Define to 1 if the system has the type `uint8_t'. */
#undef HAVE_UINT8_T
/* Define to 1 if you have the <unistd.h> header file. */
#undef HAVE_UNISTD_H
/* Define to 1 if you have the `usleep' function. */
#undef HAVE_USLEEP
/* Define to 1 if you have the <windows.h> header file. */
#undef HAVE_WINDOWS_H
/* Define to 1 if you have the <winsock2.h> header file. */
#undef HAVE_WINSOCK2_H
/* Define to use X86 inlined assembly code */
#undef HAVE_X86
/* Define this to use NSS crypto. */
#undef NSS
/* Define this to use OpenSSL crypto. */
#undef OPENSSL
/* Define this if OPENSSL_cleanse is broken. */
#undef OPENSSL_CLEANSE_BROKEN
/* Define this to use OpenSSL KDF for SRTP. */
#undef OPENSSL_KDF
/* Define to the address where bug reports for this package should be sent. */
#undef PACKAGE_BUGREPORT
/* Define to the full name of this package. */
#undef PACKAGE_NAME
/* Define to the full name and version of this package. */
#undef PACKAGE_STRING
/* Define to the one symbol short name of this package. */
#undef PACKAGE_TARNAME
/* Define to the home page for this package. */
#undef PACKAGE_URL
/* Define to the version of this package. */
#undef PACKAGE_VERSION
/* The size of `unsigned long', as computed by sizeof. */
#undef SIZEOF_UNSIGNED_LONG
/* The size of `unsigned long long', as computed by sizeof. */
#undef SIZEOF_UNSIGNED_LONG_LONG
/* Define to 1 if you have the ANSI C header files. */
#undef STDC_HEADERS
/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
significant byte first (like Motorola and SPARC, unlike Intel). */
#if defined AC_APPLE_UNIVERSAL_BUILD
# if defined __BIG_ENDIAN__
# define WORDS_BIGENDIAN 1
# endif
#else
# ifndef WORDS_BIGENDIAN
# undef WORDS_BIGENDIAN
# endif
#endif
/* Define to empty if `const' does not conform to ANSI C. */
#undef const
/* Define to `__inline__' or `__inline' if that's what the C compiler
calls it, or to nothing if 'inline' is not supported under any name. */
#ifndef __cplusplus
#undef inline
#endif
/* Define to `unsigned int' if <sys/types.h> does not define. */
#undef size_t

115
trunk/3rdparty/libsrtp-2-fit/config_in_cmake.h vendored Normal file
View file

@ -0,0 +1,115 @@
/* clang-format off */
/* Define to the full name and version of this package. */
#cmakedefine PACKAGE_VERSION "@PACKAGE_VERSION@"
/* Define to the version of this package. */
#cmakedefine PACKAGE_STRING "@PACKAGE_STRING@"
/* Define to enabled debug logging for all mudules. */
#cmakedefine ENABLE_DEBUG_LOGGING 1
/* Logging statments will be writen to this file. */
#cmakedefine ERR_REPORTING_FILE "@ERR_REPORTING_FILE@"
/* Define to redirect logging to stdout. */
#cmakedefine ERR_REPORTING_STDOUT 1
/* Define this to use OpenSSL crypto. */
#cmakedefine OPENSSL 1
/* Define this to use AES-GCM. */
#cmakedefine GCM 1
/* Define if building for a CISC machine (e.g. Intel). */
#define CPU_CISC 1
/* Define if building for a RISC machine (assume slow byte access). */
/* #undef CPU_RISC */
/* Define to use X86 inlined assembly code */
#cmakedefine HAVE_X86 1
/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most
significant byte first (like Motorola and SPARC, unlike Intel). */
#cmakedefine WORDS_BIGENDIAN 1
/* Define to 1 if you have the <arpa/inet.h> header file. */
#cmakedefine HAVE_ARPA_INET_H 1
/* Define to 1 if you have the <byteswap.h> header file. */
#cmakedefine HAVE_BYTESWAP_H 1
/* Define to 1 if you have the <inttypes.h> header file. */
#cmakedefine HAVE_INTTYPES_H 1
/* Define to 1 if you have the <machine/types.h> header file. */
#cmakedefine HAVE_MACHINE_TYPES_H 1
/* Define to 1 if you have the <netinet/in.h> header file. */
#cmakedefine HAVE_NETINET_IN_H 1
/* Define to 1 if you have the <stdint.h> header file. */
#cmakedefine HAVE_STDINT_H 1
/* Define to 1 if you have the <stdlib.h> header file. */
#cmakedefine HAVE_STDLIB_H 1
/* Define to 1 if you have the <sys/int_types.h> header file. */
#cmakedefine HAVE_SYS_INT_TYPES_H 1
/* Define to 1 if you have the <sys/socket.h> header file. */
#cmakedefine HAVE_SYS_SOCKET_H 1
/* Define to 1 if you have the <sys/types.h> header file. */
#cmakedefine HAVE_SYS_TYPES_H 1
/* Define to 1 if you have the <unistd.h> header file. */
#cmakedefine HAVE_UNISTD_H 1
/* Define to 1 if you have the <windows.h> header file. */
#cmakedefine HAVE_WINDOWS_H 1
/* Define to 1 if you have the <winsock2.h> header file. */
#cmakedefine HAVE_WINSOCK2_H 1
/* Define to 1 if you have the `inet_aton' function. */
#cmakedefine HAVE_INET_ATON 1
/* Define to 1 if you have the `sigaction' function. */
#cmakedefine HAVE_SIGACTION 1
/* Define to 1 if you have the `usleep' function. */
#cmakedefine HAVE_USLEEP 1
/* Define to 1 if the system has the type `uint8_t'. */
#cmakedefine HAVE_UINT8_T 1
/* Define to 1 if the system has the type `uint16_t'. */
#cmakedefine HAVE_UINT16_T 1
/* Define to 1 if the system has the type `uint32_t'. */
#cmakedefine HAVE_UINT32_T 1
/* Define to 1 if the system has the type `uint64_t'. */
#cmakedefine HAVE_UINT64_T 1
/* Define to 1 if the system has the type `int32_t'. */
#cmakedefine HAVE_INT32_T 1
/* The size of `unsigned long', as computed by sizeof. */
@SIZEOF_UNSIGNED_LONG_CODE@
/* The size of `unsigned long long', as computed by sizeof. */
@SIZEOF_UNSIGNED_LONG_LONG_CODE@
/* Define inline to what is supported by compiler */
#cmakedefine HAVE_INLINE 1
#cmakedefine HAVE___INLINE 1
#ifndef HAVE_INLINE
#ifdef HAVE___INLINE
#define inline __inline
#else
#define inline
#endif
#endif

7782
trunk/3rdparty/libsrtp-2-fit/configure vendored Executable file
View file

File diff suppressed because it is too large Load diff

429
trunk/3rdparty/libsrtp-2-fit/configure.ac vendored Normal file
View file

@ -0,0 +1,429 @@
dnl Process this file with autoconf to produce a configure script.
AC_INIT([libsrtp2], [2.3.0], [https://github.com/cisco/libsrtp/issues])
dnl Must come before AC_PROG_CC
EMPTY_CFLAGS="no"
if test "x$CFLAGS" = "x"; then
dnl Default value for CFLAGS if not specified.
EMPTY_CFLAGS="yes"
fi
dnl Checks for programs.
AC_PROG_CC
AC_PROG_CPP
AC_PROG_CXX
AC_ARG_VAR(
[EXTRA_CFLAGS],
[C compiler flags appended to the regular C compiler flags instead of overriding them])
AM_PROG_AR
AC_PROG_RANLIB
AC_PROG_INSTALL
AC_PROG_SED
dnl Check the byte order
AC_C_BIGENDIAN
AC_CANONICAL_HOST
dnl check host_cpu type, set defines appropriately
case $host_cpu in
i*86 | x86_64 )
AC_DEFINE([CPU_CISC], [1], [Define if building for a CISC machine (e.g. Intel).])
AC_DEFINE([HAVE_X86], [1], [Define to use X86 inlined assembly code])
;;
* )
AC_DEFINE([CPU_RISC], [1], [Define if building for a RISC machine (assume slow byte access).])
;;
esac
dnl Check if we are on a Windows platform.
case $host_os in
*cygwin*|*mingw* )
EXE=.exe
;;
* )
EXE=""
;;
esac
AC_SUBST([EXE]) # define executable suffix; this is needed for `make clean'
dnl Checks for supported compiler flags.
supported_cflags=""
if test "$EMPTY_CFLAGS" = "no"; then
supported_cflags="$CFLAGS"
fi
dnl For accurate detection, we need warnings as errors.
dnl I.e. Clang will issue a warning about unsupported flags.
dnl For the compilation to fail, those warnings needs to be upgraded to errors.
dnl This will be removed again once the tests are complete (see below).
WERROR=""
for w in -Werror -errwarn; do
if test "x$WERROR" = "x"; then
AC_MSG_CHECKING([whether ${CC-c} accepts $w])
save_cflags="$CFLAGS"
AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$w"], [CFLAGS="$CFLAGS $w"])
AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])],
[WERROR="$w"
AC_MSG_RESULT([yes])],
[CFLAGS="$save_cflags"
AC_MSG_RESULT([no])])
fi
done
dnl Note that -fPIC is not explicitly added to LDFLAGS.
dnl Since the compiler is used as the link driver, CFLAGS will be part of the
dnl link line as well and the linker will get the flag from there.
dnl Adding it to LDFLAGS explicitly would duplicate the flag on the link line,
dnl but otherwise do no harm.
AC_MSG_CHECKING([whether ${CC-c} accepts -fPIC])
save_cflags="$CFLAGS"
AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="-fPIC"], [CFLAGS="$CFLAGS -fPIC"])
AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])],
[AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="-fPIC"], [supported_cflags="$supported_cflags -fPIC"])
AC_MSG_RESULT([yes])],
[CFLAGS="$save_cflags"
AC_MSG_RESULT([no])])
if test "$EMPTY_CFLAGS" = "yes"; then
for f in -Wall -pedantic -Wstrict-prototypes; do
AC_MSG_CHECKING([whether ${CC-c} accepts $f])
save_cflags="$CFLAGS"
AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$f"], [CFLAGS="$CFLAGS $f"])
AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])],
[AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="$f"], [supported_cflags="$supported_cflags $f"])
AC_MSG_RESULT([yes])],
[CFLAGS="$save_cflags"
AC_MSG_RESULT([no])])
done
OOPT=""
for f in -O4 -O3; do
if test "x$OOPT" = "x"; then
AC_MSG_CHECKING([whether ${CC-c} accepts $f])
save_cflags="$CFLAGS"
AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$f"], [CFLAGS="$CFLAGS $f"])
AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])],
[AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="$f"], [supported_cflags="$supported_cflags $f"])
OOPT="$f"
AC_MSG_RESULT([yes])],
[CFLAGS="$save_cflags"
AC_MSG_RESULT([no])])
fi
done
for f in -fexpensive-optimizations -funroll-loops; do
AC_MSG_CHECKING([whether ${CC-c} accepts $f])
save_cflags="$CFLAGS"
AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$f"], [CFLAGS="$CFLAGS $f"])
AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])],
[AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="$f"], [supported_cflags="$supported_cflags $f"])
AC_MSG_RESULT([yes])],
[CFLAGS="$save_cflags"
AC_MSG_RESULT([no])])
done
fi
dnl When turning off warnigns, we're expecting unrecognized command line option errors if they're not
dnl supported. However, the -Wno-<warning> form isn't consulted unless a warning is triggered.
dnl At least that's the case for GCC. So to check which warnings we can turn off, we need to check
dnl if they can be turned on, thereby forcing GCC to take the argument into account right away.
for f in -Wno-language-extension-token; do
AC_MSG_CHECKING([whether ${CC-c} accepts $f])
save_cflags="$CFLAGS"
testf=$(echo "$f" | $SED 's|-Wno-\(.*\)|-W\1|g')
AS_IF([test "x$CFLAGS" = "x"], [CFLAGS="$testf"], [CFLAGS="$CFLAGS $testf"])
AC_COMPILE_IFELSE([AC_LANG_SOURCE([int main(void) { return 0; }])],
[AS_IF([test "x$supported_cflags" = "x"], [supported_cflags="$f"], [supported_cflags="$supported_cflags $f"])
AC_MSG_RESULT([yes])],
[CFLAGS="$save_cflags"
AC_MSG_RESULT([no])])
done
dnl Remowing -Werror again
CFLAGS="$supported_cflags"
dnl Checks for header files.
AC_HEADER_STDC
AC_CHECK_HEADERS(
[unistd.h byteswap.h stdint.h sys/uio.h inttypes.h sys/types.h machine/types.h sys/int_types.h],
[], [], [AC_INCLUDES_DEFAULT])
dnl socket() and friends
AC_CHECK_HEADERS([sys/socket.h netinet/in.h arpa/inet.h], [], [], [AC_INCLUDES_DEFAULT])
AC_CHECK_HEADERS(
[windows.h],
[AC_CHECK_HEADERS([winsock2.h], [], [], [AC_INCLUDES_DEFAULT])],
[], [AC_INCLUDES_DEFAULT])
AC_CHECK_TYPES([int8_t, uint8_t, int16_t, uint16_t, int32_t, uint32_t, uint64_t])
AC_CHECK_SIZEOF([unsigned long])
AC_CHECK_SIZEOF([unsigned long long])
dnl Checks for typedefs, structures, and compiler characteristics.
AC_C_CONST
AC_C_INLINE
AC_TYPE_SIZE_T
dnl Checks for library functions.
AC_CHECK_FUNCS([socket inet_aton usleep sigaction])
dnl Find socket function if not found yet.
if test "x$ac_cv_func_socket" = "xno"; then
AC_CHECK_LIB([socket], [socket])
AC_MSG_CHECKING([for socket in -lwsock32])
SAVELIBS="$LIBS"
LIBS="$LIBS -lwsock32"
AC_LINK_IFELSE(
[AC_LANG_SOURCE([
#include <winsock2.h>
int main(void)
{
int fd = socket(0, 0, 0);
if (fd < 0)
return -1;
else
return 0;
}
])],
[ac_cv_func_socket=yes
AC_MSG_RESULT([yes])],
[LIBS="$SAVELIBS"
AC_MSG_RESULT([no])])
fi
AC_MSG_CHECKING([whether to enable debug logging in all modules])
AC_ARG_ENABLE([debug-logging],
[AS_HELP_STRING([--enable-debug-logging], [Enable debug logging in all modules])],
[], enable_debug_logging=no)
if test "$enable_debug_logging" = "yes"; then
AC_DEFINE([ENABLE_DEBUG_LOGGING], [1], [Define to enabled debug logging for all mudules.])
fi
AC_MSG_RESULT([$enable_debug_logging])
PKG_PROG_PKG_CONFIG
AS_IF([test "x$PKG_CONFIG" != "x"], [PKG_CONFIG="$PKG_CONFIG --static"])
AC_MSG_CHECKING([whether to leverage OpenSSL crypto])
AC_ARG_ENABLE([openssl],
[AS_HELP_STRING([--enable-openssl], [compile in OpenSSL crypto engine])],
[], [enable_openssl=no])
AC_MSG_RESULT([$enable_openssl])
AC_MSG_CHECKING([whether to leverage NSS crypto])
AC_ARG_ENABLE([nss],
[AS_HELP_STRING([--enable-nss], [compile in NSS crypto engine])],
[], [enable_nss=no])
AC_MSG_RESULT([$enable_nss])
if test "$enable_openssl" = "yes"; then
AC_MSG_CHECKING([for user specified OpenSSL directory])
AC_ARG_WITH([openssl-dir],
[AS_HELP_STRING([--with-openssl-dir], [Location of OpenSSL installation])],
[if test "x$PKG_CONFIG" != "x" && test -f $with_openssl_dir/lib/pkgconfig/libcrypto.pc; then
if test "x$PKG_CONFIG_PATH" = "x"; then
export PKG_CONFIG_PATH="$with_openssl_dir/lib/pkgconfig"
else
export PKG_CONFIG_PATH="$with_openssl_dir/lib/pkgconfig:$PKG_CONFIG_PATH"
fi
AC_MSG_RESULT([$with_openssl_dir])
elif test -d $with_openssl_dir/lib; then
CFLAGS="$CFLAGS -I$with_openssl_dir/include"
if test "x$LDFLAGS" = "x"; then
LDFLAGS="-L$with_openssl_dir/lib"
else
LDFLAGS="$LDFLAGS -L$with_openssl_dir/lib"
fi
AC_MSG_RESULT([$with_openssl_dir])
else
AC_MSG_RESULT([invalid])
AC_MSG_FAILURE([Invalid OpenSSL location: $with_openssl_dir])
fi],
[AC_MSG_RESULT([no])])
if test "x$PKG_CONFIG" != "x"; then
PKG_CHECK_MODULES([crypto], [libcrypto >= 1.0.1],
[CFLAGS="$CFLAGS $crypto_CFLAGS"
LIBS="$crypto_LIBS $LIBS"])
else
AC_CHECK_LIB([dl], [dlopen], [], [AC_MSG_WARN([can't find libdl])])
AC_CHECK_LIB([z], [inflate], [], [AC_MSG_WARN([can't find libz])])
fi
AC_SEARCH_LIBS([EVP_EncryptInit], [crypto],
[], [AC_MSG_FAILURE([can't find openssl >= 1.0.1 crypto lib])])
AC_SEARCH_LIBS([EVP_aes_128_ctr], [crypto],
[], [AC_MSG_FAILURE([can't find openssl >= 1.0.1 crypto lib])])
AC_SEARCH_LIBS([EVP_aes_128_gcm], [crypto],
[], [AC_MSG_FAILURE([can't find openssl >= 1.0.1 crypto lib])])
AC_DEFINE([GCM], [1], [Define this to use AES-GCM.])
AC_DEFINE([OPENSSL], [1], [Define this to use OpenSSL crypto.])
AES_ICM_OBJS="crypto/cipher/aes_icm_ossl.o crypto/cipher/aes_gcm_ossl.o"
HMAC_OBJS=crypto/hash/hmac_ossl.o
AC_SUBST([USE_EXTERNAL_CRYPTO], [1])
AC_MSG_CHECKING([if OPENSSL_cleanse is broken])
AC_RUN_IFELSE([AC_LANG_PROGRAM([
#include <stdio.h>
#include <openssl/crypto.h>
], [
#define BUFFER_SIZE (16)
char buffer[[BUFFER_SIZE]];
int i;
for (i = 0; i < BUFFER_SIZE; i++) {
buffer[[i]] = i & 0xff;
}
OPENSSL_cleanse(buffer, BUFFER_SIZE);
for (i = 0; i < BUFFER_SIZE; i++) {
if (buffer[[i]]) {
printf("Buffer contents not zero at position %d (is %d)\n", i,
buffer[[i]]);
return 1;
}
}
])], [openssl_cleanse_broken=no], [
openssl_cleanse_broken=yes
AC_DEFINE([OPENSSL_CLEANSE_BROKEN], [1], [Define this if OPENSSL_cleanse is broken.])
])
AC_MSG_RESULT([$openssl_cleanse_broken])
AC_MSG_CHECKING([whether to leverage OpenSSL KDF algorithm])
AC_ARG_ENABLE([openssl-kdf],
[AS_HELP_STRING([--enable-openssl-kdf], [Use OpenSSL KDF algorithm])],
[], [enable_openssl_kdf=no])
AC_MSG_RESULT([$enable_openssl_kdf])
if test "$enable_openssl_kdf" = "yes"; then
AC_SEARCH_LIBS([kdf_srtp], [crypto],
[], [AC_MSG_FAILURE([can't find openssl KDF lib])])
AC_DEFINE([OPENSSL_KDF], [1], [Define this to use OpenSSL KDF for SRTP.])
fi
elif test "$enable_nss" = "yes"; then
AC_MSG_CHECKING([for user specified NSS directory])
AC_ARG_WITH([nss-dir],
[AS_HELP_STRING([--with-nss-dir], [Location of NSS installation])],
[if test "x$PKG_CONFIG" != "x" && test -f $with_nss_dir/lib/pkgconfig/nss.pc; then
if test "x$PKG_CONFIG_PATH" = "x"; then
export PKG_CONFIG_PATH="$with_nss_dir/lib/pkgconfig"
else
export PKG_CONFIG_PATH="$with_nss_dir/lib/pkgconfig:$PKG_CONFIG_PATH"
fi
AC_MSG_RESULT([$with_nss_dir])
elif test -d $with_nss_dir/lib; then
CFLAGS="$CFLAGS -I$with_nss_dir/include"
CFLAGS="$CFLAGS -I$with_nss_dir/../public/nss"
if test "x$LDFLAGS" = "x"; then
LDFLAGS="-L$with_nss_dir/lib"
else
LDFLAGS="$LDFLAGS -L$with_nss_dir/lib"
fi
nss_skip_pkg_config=yes
AC_MSG_RESULT([$with_nss_dir])
else
AC_MSG_RESULT([invalid])
AC_MSG_FAILURE([Invalid NSS location: $with_nss_dir])
fi
AC_SUBST([CRYPTO_LIBDIR], [$with_nss_dir/lib])],
[AC_MSG_RESULT([no])])
if test "x$PKG_CONFIG" != "x" && test "$nss_skip_pkg_config" != "yes"; then
PKG_CHECK_MODULES([nss], [nss],
[CFLAGS="$CFLAGS $nss_CFLAGS"
LIBS="$nss_LIBS $LIBS"])
else
AC_CHECK_HEADERS(
[nss.h],
[], [AC_MSG_FAILURE([can't find useable NSS headers])],
[AC_INCLUDES_DEFAULT])
AC_CHECK_LIB(
[nspr4], [PR_GetError],
[], [AC_MSG_WARN([can't find libnspr4])])
AC_CHECK_LIB(
[nss3], [NSS_NoDB_Init],
[], [AC_MSG_FAILURE([can't find useable libnss3])])
fi
AC_DEFINE([GCM], [1], [Define this to use AES-GCM.])
AC_DEFINE([NSS], [1], [Define this to use NSS crypto.])
AES_ICM_OBJS="crypto/cipher/aes_icm_nss.o crypto/cipher/aes_gcm_nss.o"
# TODO(RLB): Use NSS for HMAC
HMAC_OBJS="crypto/hash/hmac.o crypto/hash/sha1.o"
# TODO(RLB): Use NSS for KDF
AC_SUBST([USE_EXTERNAL_CRYPTO], [1])
else
AES_ICM_OBJS="crypto/cipher/aes_icm.o crypto/cipher/aes.o"
HMAC_OBJS="crypto/hash/hmac.o crypto/hash/sha1.o"
fi
AC_SUBST([AES_ICM_OBJS])
AC_SUBST([HMAC_OBJS])
dnl Checking for PCAP
PCAP_LIB=""
AC_ARG_ENABLE([pcap], AS_HELP_STRING([--disable-pcap], [Build without `pcap' library (-lpcap)]))
AS_IF([test "x$enable_pcap" != "xno"], [
AC_CHECK_LIB([pcap], [pcap_create],
[PCAP_LIB="-lpcap"
AC_DEFINE([HAVE_PCAP], [1], [Define to 1 if you have the `pcap' library (-lpcap)])
AC_SUBST([HAVE_PCAP], [1])])
AC_CHECK_LIB([wpcap], [pcap_create],
[PCAP_LIB="-lwpcap"
AC_DEFINE([HAVE_PCAP], [1], [Define to 1 if you have the `winpcap' library (-lwpcap)])
AC_SUBST([HAVE_PCAP], [1])])
])
AC_SUBST([PCAP_LIB])
AC_MSG_CHECKING([whether to redirect logging to stdout])
AC_ARG_ENABLE([log-stdout],
[AS_HELP_STRING([--enable-log-stdout], [redirecting logging to stdout])],
[], [enable_log_stdout=no])
if test "$enable_log_stdout" = "yes"; then
AC_DEFINE([ERR_REPORTING_STDOUT], [1], [Define to redirect logging to stdout.])
fi
AC_MSG_RESULT([$enable_log_stdout])
AC_MSG_CHECKING([wheather to use a file for logging])
AC_ARG_WITH([log-file],
[AS_HELP_STRING([--with-log-file], [Use file for logging])],
[AS_CASE([x$with_log_file],
[x], [valid_with_log_file="no"],
[xyes], [valid_with_log_file="no"],
[valid_with_error_file="yes"])
AS_IF([test "$valid_with_log_file" = "no"],
[AC_MSG_RESULT([invalid])
AC_MSG_FAILURE([Invalid value for --with-log-file: "$with_log_file"])],
[AC_DEFINE_UNQUOTED([ERR_REPORTING_FILE], ["$with_log_file"], [Logging statments will be writen to this file.])
AC_MSG_RESULT([using log file: "$with_log_file"])])],
[AC_MSG_RESULT([no])])
AS_IF(
[test "$enable_log_stdout" = "yes" && test "x$with_log_file" != "x"],
[AC_MSG_FAILURE([Can only use one of --enable-log-stdout and --with-log-file; they are mutually exclusive])])
dnl Appending EXTRA_CFLAGS, if given
AC_MSG_CHECKING([for extra C compiler flags])
AS_IF([test "x$EXTRA_CFLAGS" != "x"],
[AS_IF([test "x$CFLAGS" = "x"],
[CFLAGS="$EXTRA_CFLAGS"], [CFLAGS="$CFLAGS $EXTRA_CFLAGS"])
AC_MSG_RESULT([$EXTRA_CFLAGS])],
[AC_MSG_RESULT(no)])
AC_CONFIG_HEADER([crypto/include/config.h:config_in.h])
AC_CONFIG_FILES([Makefile crypto/Makefile doc/Makefile fuzzer/Makefile libsrtp2.pc])
AC_OUTPUT
# This is needed when building outside the source dir.
AS_MKDIR_P([crypto/cipher])
AS_MKDIR_P([crypto/hash])
AS_MKDIR_P([crypto/kernel])
AS_MKDIR_P([crypto/math])
AS_MKDIR_P([crypto/replay])
AS_MKDIR_P([crypto/test])
AS_MKDIR_P([doc])
AS_MKDIR_P([srtp])
AS_MKDIR_P([test])

119
trunk/3rdparty/libsrtp-2-fit/crypto/Makefile.in vendored Normal file
View file

@ -0,0 +1,119 @@
# Makefile for crypto test suite
#
# David A. McGrew
# Cisco Systems, Inc.
srcdir = @srcdir@
top_srcdir = @top_srcdir@
top_builddir = @top_builddir@
VPATH = @srcdir@
CC = @CC@
INCDIR = -Iinclude -I$(srcdir)/include -I$(top_srcdir)/include
DEFS = @DEFS@
CPPFLAGS= @CPPFLAGS@
CFLAGS = @CFLAGS@
LIBS = @LIBS@
LDFLAGS = @LDFLAGS@ -L. -L..
COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS)
CRYPTOLIB = -lsrtp2
CRYPTO_LIBDIR = @CRYPTO_LIBDIR@
RANLIB = @RANLIB@
# Specify how tests should find shared libraries on macOS and Linux
#
# macOS purges DYLD_LIBRARY_PATH when spawning subprocesses, so it's
# not possible to pass this in from the outside; we have to specify
# it for any subprocesses we call. No support for dynamic linked
# tests on Windows.
ifneq ($(strip $(CRYPTO_LIBDIR)),)
ifneq ($(OS),Windows_NT)
UNAME_S = $(shell uname -s)
ifeq ($(UNAME_S),Linux)
FIND_LIBRARIES = LD_LIBRARY_PATH=$(CRYPTO_LIBDIR)
endif
ifeq ($(UNAME_S),Darwin)
FIND_LIBRARIES = DYLD_LIBRARY_PATH=$(CRYPTO_LIBDIR)
endif
endif
endif
# EXE defines the suffix on executables - it's .exe for cygwin, and
# null on linux, bsd, and OS X and other OSes. we define this so that
# `make clean` will work on the cygwin platform
EXE = @EXE@
# Random source.
USE_EXTERNAL_CRYPTO = @USE_EXTERNAL_CRYPTO@
ifdef ARCH
DEFS += -D$(ARCH)=1
endif
ifdef sysname
DEFS += -D$(sysname)=1
endif
.PHONY: dummy all runtest clean superclean
dummy : all runtest
# test applications
ifneq (1, $(USE_EXTERNAL_CRYPTO))
AES_CALC = test/aes_calc$(EXE)
endif
testapp = test/cipher_driver$(EXE) test/datatypes_driver$(EXE) \
test/stat_driver$(EXE) test/sha1_driver$(EXE) \
test/kernel_driver$(EXE) $(AES_CALC) \
test/env$(EXE)
# data values used to test the aes_calc application for AES-128
k128=000102030405060708090a0b0c0d0e0f
p128=00112233445566778899aabbccddeeff
c128=69c4e0d86a7b0430d8cdb78070b4c55a
# data values used to test the aes_calc application for AES-256
k256=000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f
p256=00112233445566778899aabbccddeeff
c256=8ea2b7ca516745bfeafc49904b496089
runtest: $(testapp)
$(FIND_LIBRARIES) test/env$(EXE) # print out information on the build environment
@echo "running crypto test applications..."
ifneq (1, $(USE_EXTERNAL_CRYPTO))
$(FIND_LIBRARIES) test `test/aes_calc $(k128) $(p128)` = $(c128)
$(FIND_LIBRARIES) test `test/aes_calc $(k256) $(p256)` = $(c256)
endif
$(FIND_LIBRARIES) test/cipher_driver$(EXE) -v >/dev/null
$(FIND_LIBRARIES) test/datatypes_driver$(EXE) -v >/dev/null
$(FIND_LIBRARIES) test/stat_driver$(EXE) >/dev/null
$(FIND_LIBRARIES) test/sha1_driver$(EXE) -v >/dev/null
$(FIND_LIBRARIES) test/kernel_driver$(EXE) -v >/dev/null
@echo "crypto test applications passed."
# the rule for making object files and test apps
%.o: %.c
$(COMPILE) -c $< -o $@
%$(EXE): %.c $(srcdir)/../test/getopt_s.c
$(COMPILE) $(LDFLAGS) $< $(srcdir)/../test/getopt_s.c -o $@ $(CRYPTOLIB) $(LIBS)
all: $(testapp)
# housekeeping functions
clean:
rm -f $(testapp) *.o */*.o
for a in * .* */*; do if [ -f "$$a~" ] ; then rm $$a~; fi; done;
rm -f `find . -name "*.[ch]~*~"`
rm -rf latex
superclean: clean
rm -f *core TAGS ktrace.out
# EOF

2189
trunk/3rdparty/libsrtp-2-fit/crypto/cipher/aes.c vendored Normal file
View file

File diff suppressed because it is too large Load diff

609
trunk/3rdparty/libsrtp-2-fit/crypto/cipher/aes_gcm_nss.c vendored Normal file
View file

@ -0,0 +1,609 @@
/*
* aes_gcm_nss.c
*
* AES Galois Counter Mode
*
* Richard L. Barnes
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2013-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "aes_gcm.h"
#include "alloc.h"
#include "err.h" /* for srtp_debug */
#include "crypto_types.h"
#include "cipher_types.h"
#include <secerr.h>
#include <nspr.h>
srtp_debug_module_t srtp_mod_aes_gcm = {
0, /* debugging is off by default */
"aes gcm nss" /* printable module name */
};
/*
* For now we only support 8 and 16 octet tags. The spec allows for
* optional 12 byte tag, which may be supported in the future.
*/
#define GCM_IV_LEN 12
#define GCM_AUTH_TAG_LEN 16
#define GCM_AUTH_TAG_LEN_8 8
/*
* This function allocates a new instance of this crypto engine.
* The key_len parameter should be one of 28 or 44 for
* AES-128-GCM or AES-256-GCM respectively. Note that the
* key length includes the 14 byte salt value that is used when
* initializing the KDF.
*/
static srtp_err_status_t srtp_aes_gcm_nss_alloc(srtp_cipher_t **c,
int key_len,
int tlen)
{
srtp_aes_gcm_ctx_t *gcm;
NSSInitContext *nss;
debug_print(srtp_mod_aes_gcm, "allocating cipher with key length %d",
key_len);
debug_print(srtp_mod_aes_gcm, "allocating cipher with tag length %d", tlen);
/*
* Verify the key_len is valid for one of: AES-128/256
*/
if (key_len != SRTP_AES_GCM_128_KEY_LEN_WSALT &&
key_len != SRTP_AES_GCM_256_KEY_LEN_WSALT) {
return (srtp_err_status_bad_param);
}
if (tlen != GCM_AUTH_TAG_LEN && tlen != GCM_AUTH_TAG_LEN_8) {
return (srtp_err_status_bad_param);
}
/* Initialize NSS equiv of NSS_NoDB_Init(NULL) */
nss = NSS_InitContext("", "", "", "", NULL,
NSS_INIT_READONLY | NSS_INIT_NOCERTDB |
NSS_INIT_NOMODDB | NSS_INIT_FORCEOPEN |
NSS_INIT_OPTIMIZESPACE);
if (!nss) {
return (srtp_err_status_cipher_fail);
}
/* allocate memory a cipher of type aes_gcm */
*c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t));
if (*c == NULL) {
NSS_ShutdownContext(nss);
return (srtp_err_status_alloc_fail);
}
gcm = (srtp_aes_gcm_ctx_t *)srtp_crypto_alloc(sizeof(srtp_aes_gcm_ctx_t));
if (gcm == NULL) {
NSS_ShutdownContext(nss);
srtp_crypto_free(*c);
*c = NULL;
return (srtp_err_status_alloc_fail);
}
gcm->nss = nss;
/* set pointers */
(*c)->state = gcm;
/* setup cipher attributes */
switch (key_len) {
case SRTP_AES_GCM_128_KEY_LEN_WSALT:
(*c)->type = &srtp_aes_gcm_128;
(*c)->algorithm = SRTP_AES_GCM_128;
gcm->key_size = SRTP_AES_128_KEY_LEN;
gcm->tag_size = tlen;
gcm->params.ulTagBits = 8 * tlen;
break;
case SRTP_AES_GCM_256_KEY_LEN_WSALT:
(*c)->type = &srtp_aes_gcm_256;
(*c)->algorithm = SRTP_AES_GCM_256;
gcm->key_size = SRTP_AES_256_KEY_LEN;
gcm->tag_size = tlen;
gcm->params.ulTagBits = 8 * tlen;
break;
default:
/* this should never hit, but to be sure... */
return (srtp_err_status_bad_param);
}
/* set key size and tag size*/
(*c)->key_len = key_len;
return (srtp_err_status_ok);
}
/*
* This function deallocates a GCM session
*/
static srtp_err_status_t srtp_aes_gcm_nss_dealloc(srtp_cipher_t *c)
{
srtp_aes_gcm_ctx_t *ctx;
ctx = (srtp_aes_gcm_ctx_t *)c->state;
if (ctx) {
/* release NSS resources */
if (ctx->key) {
PK11_FreeSymKey(ctx->key);
}
if (ctx->nss) {
NSS_ShutdownContext(ctx->nss);
ctx->nss = NULL;
}
/* zeroize the key material */
octet_string_set_to_zero(ctx, sizeof(srtp_aes_gcm_ctx_t));
srtp_crypto_free(ctx);
}
/* free memory */
srtp_crypto_free(c);
return (srtp_err_status_ok);
}
/*
* aes_gcm_nss_context_init(...) initializes the aes_gcm_context
* using the value in key[].
*
* the key is the secret key
*/
static srtp_err_status_t srtp_aes_gcm_nss_context_init(void *cv,
const uint8_t *key)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
c->dir = srtp_direction_any;
debug_print(srtp_mod_aes_gcm, "key: %s",
srtp_octet_string_hex_string(key, c->key_size));
if (c->key) {
PK11_FreeSymKey(c->key);
c->key = NULL;
}
PK11SlotInfo *slot = PK11_GetBestSlot(CKM_AES_GCM, NULL);
if (!slot) {
return (srtp_err_status_cipher_fail);
}
SECItem key_item = { siBuffer, (unsigned char *)key, c->key_size };
c->key = PK11_ImportSymKey(slot, CKM_AES_GCM, PK11_OriginUnwrap,
CKA_ENCRYPT, &key_item, NULL);
PK11_FreeSlot(slot);
if (!c->key) {
return (srtp_err_status_cipher_fail);
}
return (srtp_err_status_ok);
}
/*
* aes_gcm_nss_set_iv(c, iv) sets the counter value to the exor of iv with
* the offset
*/
static srtp_err_status_t srtp_aes_gcm_nss_set_iv(
void *cv,
uint8_t *iv,
srtp_cipher_direction_t direction)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
if (direction != srtp_direction_encrypt &&
direction != srtp_direction_decrypt) {
return (srtp_err_status_bad_param);
}
c->dir = direction;
debug_print(srtp_mod_aes_gcm, "setting iv: %s",
srtp_octet_string_hex_string(iv, GCM_IV_LEN));
memcpy(c->iv, iv, GCM_IV_LEN);
return (srtp_err_status_ok);
}
/*
* This function processes the AAD
*
* Parameters:
* c Crypto context
* aad Additional data to process for AEAD cipher suites
* aad_len length of aad buffer
*/
static srtp_err_status_t srtp_aes_gcm_nss_set_aad(void *cv,
const uint8_t *aad,
uint32_t aad_len)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
debug_print(srtp_mod_aes_gcm, "setting AAD: %s",
srtp_octet_string_hex_string(aad, aad_len));
if (aad_len + c->aad_size > MAX_AD_SIZE) {
return srtp_err_status_bad_param;
}
memcpy(c->aad + c->aad_size, aad, aad_len);
c->aad_size += aad_len;
return (srtp_err_status_ok);
}
static srtp_err_status_t srtp_aes_gcm_nss_do_crypto(void *cv,
int encrypt,
unsigned char *buf,
unsigned int *enc_len)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
c->params.pIv = c->iv;
c->params.ulIvLen = GCM_IV_LEN;
c->params.pAAD = c->aad;
c->params.ulAADLen = c->aad_size;
// Reset AAD
c->aad_size = 0;
int rv;
SECItem param = { siBuffer, (unsigned char *)&c->params,
sizeof(CK_GCM_PARAMS) };
if (encrypt) {
rv = PK11_Encrypt(c->key, CKM_AES_GCM, &param, buf, enc_len,
*enc_len + 16, buf, *enc_len);
} else {
rv = PK11_Decrypt(c->key, CKM_AES_GCM, &param, buf, enc_len, *enc_len,
buf, *enc_len);
}
srtp_err_status_t status = (srtp_err_status_ok);
if (rv != SECSuccess) {
status = (srtp_err_status_cipher_fail);
}
return status;
}
/*
* This function encrypts a buffer using AES GCM mode
*
* XXX(rlb@ipv.sx): We're required to break off and cache the tag
* here, because the get_tag() method is separate and the tests expect
* encrypt() not to change the size of the plaintext. It might be
* good to update the calling API so that this is cleaner.
*
* Parameters:
* c Crypto context
* buf data to encrypt
* enc_len length of encrypt buffer
*/
static srtp_err_status_t srtp_aes_gcm_nss_encrypt(void *cv,
unsigned char *buf,
unsigned int *enc_len)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
// When we get a non-NULL buffer, we know that the caller is
// prepared to also take the tag. When we get a NULL buffer,
// even though there's no data, we need to give NSS a buffer
// where it can write the tag. We can't just use c->tag because
// memcpy has undefined behavior on overlapping ranges.
unsigned char tagbuf[16];
unsigned char *non_null_buf = buf;
if (!non_null_buf && (*enc_len == 0)) {
non_null_buf = tagbuf;
} else if (!non_null_buf) {
return srtp_err_status_bad_param;
}
srtp_err_status_t status =
srtp_aes_gcm_nss_do_crypto(cv, 1, non_null_buf, enc_len);
if (status != srtp_err_status_ok) {
return status;
}
memcpy(c->tag, non_null_buf + (*enc_len - c->tag_size), c->tag_size);
*enc_len -= c->tag_size;
return srtp_err_status_ok;
}
/*
* This function calculates and returns the GCM tag for a given context.
* This should be called after encrypting the data. The *len value
* is increased by the tag size. The caller must ensure that *buf has
* enough room to accept the appended tag.
*
* Parameters:
* c Crypto context
* buf data to encrypt
* len length of encrypt buffer
*/
static srtp_err_status_t srtp_aes_gcm_nss_get_tag(void *cv,
uint8_t *buf,
uint32_t *len)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
*len = c->tag_size;
memcpy(buf, c->tag, c->tag_size);
return (srtp_err_status_ok);
}
/*
* This function decrypts a buffer using AES GCM mode
*
* Parameters:
* c Crypto context
* buf data to encrypt
* enc_len length of encrypt buffer
*/
static srtp_err_status_t srtp_aes_gcm_nss_decrypt(void *cv,
unsigned char *buf,
unsigned int *enc_len)
{
srtp_err_status_t status = srtp_aes_gcm_nss_do_crypto(cv, 0, buf, enc_len);
if (status != srtp_err_status_ok) {
int err = PR_GetError();
if (err == SEC_ERROR_BAD_DATA) {
status = srtp_err_status_auth_fail;
}
}
return status;
}
/*
* Name of this crypto engine
*/
static const char srtp_aes_gcm_128_nss_description[] = "AES-128 GCM using NSS";
static const char srtp_aes_gcm_256_nss_description[] = "AES-256 GCM using NSS";
/*
* KAT values for AES self-test. These
* values we're derived from independent test code
* using OpenSSL.
*/
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_0_key[SRTP_AES_GCM_128_KEY_LEN_WSALT] = {
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x09, 0x0a, 0x0b, 0x0c,
};
/* clang-format on */
/* clang-format off */
static uint8_t srtp_aes_gcm_test_case_0_iv[12] = {
0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
0xde, 0xca, 0xf8, 0x88
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_0_plaintext[60] = {
0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
0xba, 0x63, 0x7b, 0x39
};
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_0_aad[20] = {
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_0_ciphertext[76] = {
0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
0x3d, 0x58, 0xe0, 0x91,
/* the last 16 bytes are the tag */
0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47,
};
/* clang-format on */
static const srtp_cipher_test_case_t srtp_aes_gcm_test_case_0a = {
SRTP_AES_GCM_128_KEY_LEN_WSALT, /* octets in key */
srtp_aes_gcm_test_case_0_key, /* key */
srtp_aes_gcm_test_case_0_iv, /* packet index */
60, /* octets in plaintext */
srtp_aes_gcm_test_case_0_plaintext, /* plaintext */
68, /* octets in ciphertext */
srtp_aes_gcm_test_case_0_ciphertext, /* ciphertext + tag */
20, /* octets in AAD */
srtp_aes_gcm_test_case_0_aad, /* AAD */
GCM_AUTH_TAG_LEN_8, /* */
NULL /* pointer to next testcase */
};
static const srtp_cipher_test_case_t srtp_aes_gcm_test_case_0 = {
SRTP_AES_GCM_128_KEY_LEN_WSALT, /* octets in key */
srtp_aes_gcm_test_case_0_key, /* key */
srtp_aes_gcm_test_case_0_iv, /* packet index */
60, /* octets in plaintext */
srtp_aes_gcm_test_case_0_plaintext, /* plaintext */
76, /* octets in ciphertext */
srtp_aes_gcm_test_case_0_ciphertext, /* ciphertext + tag */
20, /* octets in AAD */
srtp_aes_gcm_test_case_0_aad, /* AAD */
GCM_AUTH_TAG_LEN, /* */
&srtp_aes_gcm_test_case_0a /* pointer to next testcase */
};
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_1_key[SRTP_AES_GCM_256_KEY_LEN_WSALT] = {
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0xa5, 0x59, 0x09, 0xc5, 0x54, 0x66, 0x93, 0x1c,
0xaf, 0xf5, 0x26, 0x9a, 0x21, 0xd5, 0x14, 0xb2,
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x09, 0x0a, 0x0b, 0x0c,
};
/* clang-format on */
/* clang-format off */
static uint8_t srtp_aes_gcm_test_case_1_iv[12] = {
0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
0xde, 0xca, 0xf8, 0x88
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_1_plaintext[60] = {
0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
0xba, 0x63, 0x7b, 0x39
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_1_aad[20] = {
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_1_ciphertext[76] = {
0x0b, 0x11, 0xcf, 0xaf, 0x68, 0x4d, 0xae, 0x46,
0xc7, 0x90, 0xb8, 0x8e, 0xb7, 0x6a, 0x76, 0x2a,
0x94, 0x82, 0xca, 0xab, 0x3e, 0x39, 0xd7, 0x86,
0x1b, 0xc7, 0x93, 0xed, 0x75, 0x7f, 0x23, 0x5a,
0xda, 0xfd, 0xd3, 0xe2, 0x0e, 0x80, 0x87, 0xa9,
0x6d, 0xd7, 0xe2, 0x6a, 0x7d, 0x5f, 0xb4, 0x80,
0xef, 0xef, 0xc5, 0x29, 0x12, 0xd1, 0xaa, 0x10,
0x09, 0xc9, 0x86, 0xc1,
/* the last 16 bytes are the tag */
0x45, 0xbc, 0x03, 0xe6, 0xe1, 0xac, 0x0a, 0x9f,
0x81, 0xcb, 0x8e, 0x5b, 0x46, 0x65, 0x63, 0x1d,
};
/* clang-format on */
static const srtp_cipher_test_case_t srtp_aes_gcm_test_case_1a = {
SRTP_AES_GCM_256_KEY_LEN_WSALT, /* octets in key */
srtp_aes_gcm_test_case_1_key, /* key */
srtp_aes_gcm_test_case_1_iv, /* packet index */
60, /* octets in plaintext */
srtp_aes_gcm_test_case_1_plaintext, /* plaintext */
68, /* octets in ciphertext */
srtp_aes_gcm_test_case_1_ciphertext, /* ciphertext + tag */
20, /* octets in AAD */
srtp_aes_gcm_test_case_1_aad, /* AAD */
GCM_AUTH_TAG_LEN_8, /* */
NULL /* pointer to next testcase */
};
static const srtp_cipher_test_case_t srtp_aes_gcm_test_case_1 = {
SRTP_AES_GCM_256_KEY_LEN_WSALT, /* octets in key */
srtp_aes_gcm_test_case_1_key, /* key */
srtp_aes_gcm_test_case_1_iv, /* packet index */
60, /* octets in plaintext */
srtp_aes_gcm_test_case_1_plaintext, /* plaintext */
76, /* octets in ciphertext */
srtp_aes_gcm_test_case_1_ciphertext, /* ciphertext + tag */
20, /* octets in AAD */
srtp_aes_gcm_test_case_1_aad, /* AAD */
GCM_AUTH_TAG_LEN, /* */
&srtp_aes_gcm_test_case_1a /* pointer to next testcase */
};
/*
* This is the vector function table for this crypto engine.
*/
/* clang-format off */
const srtp_cipher_type_t srtp_aes_gcm_128 = {
srtp_aes_gcm_nss_alloc,
srtp_aes_gcm_nss_dealloc,
srtp_aes_gcm_nss_context_init,
srtp_aes_gcm_nss_set_aad,
srtp_aes_gcm_nss_encrypt,
srtp_aes_gcm_nss_decrypt,
srtp_aes_gcm_nss_set_iv,
srtp_aes_gcm_nss_get_tag,
srtp_aes_gcm_128_nss_description,
&srtp_aes_gcm_test_case_0,
SRTP_AES_GCM_128
};
/* clang-format on */
/*
* This is the vector function table for this crypto engine.
*/
/* clang-format off */
const srtp_cipher_type_t srtp_aes_gcm_256 = {
srtp_aes_gcm_nss_alloc,
srtp_aes_gcm_nss_dealloc,
srtp_aes_gcm_nss_context_init,
srtp_aes_gcm_nss_set_aad,
srtp_aes_gcm_nss_encrypt,
srtp_aes_gcm_nss_decrypt,
srtp_aes_gcm_nss_set_iv,
srtp_aes_gcm_nss_get_tag,
srtp_aes_gcm_256_nss_description,
&srtp_aes_gcm_test_case_1,
SRTP_AES_GCM_256
};
/* clang-format on */

583
trunk/3rdparty/libsrtp-2-fit/crypto/cipher/aes_gcm_ossl.c vendored Normal file
View file

@ -0,0 +1,583 @@
/*
* aes_gcm_ossl.c
*
* AES Galois Counter Mode
*
* John A. Foley
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2013-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <openssl/evp.h>
#include "aes_gcm.h"
#include "alloc.h"
#include "err.h" /* for srtp_debug */
#include "crypto_types.h"
#include "cipher_types.h"
srtp_debug_module_t srtp_mod_aes_gcm = {
0, /* debugging is off by default */
"aes gcm" /* printable module name */
};
/*
* For now we only support 8 and 16 octet tags. The spec allows for
* optional 12 byte tag, which may be supported in the future.
*/
#define GCM_AUTH_TAG_LEN 16
#define GCM_AUTH_TAG_LEN_8 8
/*
* This function allocates a new instance of this crypto engine.
* The key_len parameter should be one of 28 or 44 for
* AES-128-GCM or AES-256-GCM respectively. Note that the
* key length includes the 14 byte salt value that is used when
* initializing the KDF.
*/
static srtp_err_status_t srtp_aes_gcm_openssl_alloc(srtp_cipher_t **c,
int key_len,
int tlen)
{
srtp_aes_gcm_ctx_t *gcm;
debug_print(srtp_mod_aes_gcm, "allocating cipher with key length %d",
key_len);
debug_print(srtp_mod_aes_gcm, "allocating cipher with tag length %d", tlen);
/*
* Verify the key_len is valid for one of: AES-128/256
*/
if (key_len != SRTP_AES_GCM_128_KEY_LEN_WSALT &&
key_len != SRTP_AES_GCM_256_KEY_LEN_WSALT) {
return (srtp_err_status_bad_param);
}
if (tlen != GCM_AUTH_TAG_LEN && tlen != GCM_AUTH_TAG_LEN_8) {
return (srtp_err_status_bad_param);
}
/* allocate memory a cipher of type aes_gcm */
*c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t));
if (*c == NULL) {
return (srtp_err_status_alloc_fail);
}
gcm = (srtp_aes_gcm_ctx_t *)srtp_crypto_alloc(sizeof(srtp_aes_gcm_ctx_t));
if (gcm == NULL) {
srtp_crypto_free(*c);
*c = NULL;
return (srtp_err_status_alloc_fail);
}
gcm->ctx = EVP_CIPHER_CTX_new();
if (gcm->ctx == NULL) {
srtp_crypto_free(gcm);
srtp_crypto_free(*c);
*c = NULL;
return srtp_err_status_alloc_fail;
}
/* set pointers */
(*c)->state = gcm;
/* setup cipher attributes */
switch (key_len) {
case SRTP_AES_GCM_128_KEY_LEN_WSALT:
(*c)->type = &srtp_aes_gcm_128;
(*c)->algorithm = SRTP_AES_GCM_128;
gcm->key_size = SRTP_AES_128_KEY_LEN;
gcm->tag_len = tlen;
break;
case SRTP_AES_GCM_256_KEY_LEN_WSALT:
(*c)->type = &srtp_aes_gcm_256;
(*c)->algorithm = SRTP_AES_GCM_256;
gcm->key_size = SRTP_AES_256_KEY_LEN;
gcm->tag_len = tlen;
break;
}
/* set key size */
(*c)->key_len = key_len;
return (srtp_err_status_ok);
}
/*
* This function deallocates a GCM session
*/
static srtp_err_status_t srtp_aes_gcm_openssl_dealloc(srtp_cipher_t *c)
{
srtp_aes_gcm_ctx_t *ctx;
ctx = (srtp_aes_gcm_ctx_t *)c->state;
if (ctx) {
EVP_CIPHER_CTX_free(ctx->ctx);
/* zeroize the key material */
octet_string_set_to_zero(ctx, sizeof(srtp_aes_gcm_ctx_t));
srtp_crypto_free(ctx);
}
/* free memory */
srtp_crypto_free(c);
return (srtp_err_status_ok);
}
/*
* aes_gcm_openssl_context_init(...) initializes the aes_gcm_context
* using the value in key[].
*
* the key is the secret key
*/
static srtp_err_status_t srtp_aes_gcm_openssl_context_init(void *cv,
const uint8_t *key)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
const EVP_CIPHER *evp;
c->dir = srtp_direction_any;
debug_print(srtp_mod_aes_gcm, "key: %s",
srtp_octet_string_hex_string(key, c->key_size));
switch (c->key_size) {
case SRTP_AES_256_KEY_LEN:
evp = EVP_aes_256_gcm();
break;
case SRTP_AES_128_KEY_LEN:
evp = EVP_aes_128_gcm();
break;
default:
return (srtp_err_status_bad_param);
break;
}
EVP_CIPHER_CTX_cleanup(c->ctx);
if (!EVP_CipherInit_ex(c->ctx, evp, NULL, key, NULL, 0)) {
return (srtp_err_status_init_fail);
}
return (srtp_err_status_ok);
}
/*
* aes_gcm_openssl_set_iv(c, iv) sets the counter value to the exor of iv with
* the offset
*/
static srtp_err_status_t srtp_aes_gcm_openssl_set_iv(
void *cv,
uint8_t *iv,
srtp_cipher_direction_t direction)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
if (direction != srtp_direction_encrypt &&
direction != srtp_direction_decrypt) {
return (srtp_err_status_bad_param);
}
c->dir = direction;
debug_print(srtp_mod_aes_gcm, "setting iv: %s",
srtp_octet_string_hex_string(iv, 12));
if (!EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_IVLEN, 12, 0)) {
return (srtp_err_status_init_fail);
}
if (!EVP_CipherInit_ex(c->ctx, NULL, NULL, NULL, iv,
(c->dir == srtp_direction_encrypt ? 1 : 0))) {
return (srtp_err_status_init_fail);
}
return (srtp_err_status_ok);
}
/*
* This function processes the AAD
*
* Parameters:
* c Crypto context
* aad Additional data to process for AEAD cipher suites
* aad_len length of aad buffer
*/
static srtp_err_status_t srtp_aes_gcm_openssl_set_aad(void *cv,
const uint8_t *aad,
uint32_t aad_len)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
int rv;
debug_print(srtp_mod_aes_gcm, "setting AAD: %s",
srtp_octet_string_hex_string(aad, aad_len));
/*
* Set dummy tag, OpenSSL requires the Tag to be set before
* processing AAD
*/
/*
* OpenSSL never write to address pointed by the last parameter of
* EVP_CIPHER_CTX_ctrl while EVP_CTRL_GCM_SET_TAG (in reality,
* OpenSSL copy its content to the context), so we can make
* aad read-only in this function and all its wrappers.
*/
unsigned char dummy_tag[GCM_AUTH_TAG_LEN];
memset(dummy_tag, 0x0, GCM_AUTH_TAG_LEN);
EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len, &dummy_tag);
rv = EVP_Cipher(c->ctx, NULL, aad, aad_len);
if (rv != aad_len) {
return (srtp_err_status_algo_fail);
} else {
return (srtp_err_status_ok);
}
}
/*
* This function encrypts a buffer using AES GCM mode
*
* Parameters:
* c Crypto context
* buf data to encrypt
* enc_len length of encrypt buffer
*/
static srtp_err_status_t srtp_aes_gcm_openssl_encrypt(void *cv,
unsigned char *buf,
unsigned int *enc_len)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
if (c->dir != srtp_direction_encrypt && c->dir != srtp_direction_decrypt) {
return (srtp_err_status_bad_param);
}
/*
* Encrypt the data
*/
EVP_Cipher(c->ctx, buf, buf, *enc_len);
return (srtp_err_status_ok);
}
/*
* This function calculates and returns the GCM tag for a given context.
* This should be called after encrypting the data. The *len value
* is increased by the tag size. The caller must ensure that *buf has
* enough room to accept the appended tag.
*
* Parameters:
* c Crypto context
* buf data to encrypt
* len length of encrypt buffer
*/
static srtp_err_status_t srtp_aes_gcm_openssl_get_tag(void *cv,
uint8_t *buf,
uint32_t *len)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
/*
* Calculate the tag
*/
EVP_Cipher(c->ctx, NULL, NULL, 0);
/*
* Retreive the tag
*/
EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_GET_TAG, c->tag_len, buf);
/*
* Increase encryption length by desired tag size
*/
*len = c->tag_len;
return (srtp_err_status_ok);
}
/*
* This function decrypts a buffer using AES GCM mode
*
* Parameters:
* c Crypto context
* buf data to encrypt
* enc_len length of encrypt buffer
*/
static srtp_err_status_t srtp_aes_gcm_openssl_decrypt(void *cv,
unsigned char *buf,
unsigned int *enc_len)
{
srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
if (c->dir != srtp_direction_encrypt && c->dir != srtp_direction_decrypt) {
return (srtp_err_status_bad_param);
}
/*
* Set the tag before decrypting
*/
EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len,
buf + (*enc_len - c->tag_len));
EVP_Cipher(c->ctx, buf, buf, *enc_len - c->tag_len);
/*
* Check the tag
*/
if (EVP_Cipher(c->ctx, NULL, NULL, 0)) {
return (srtp_err_status_auth_fail);
}
/*
* Reduce the buffer size by the tag length since the tag
* is not part of the original payload
*/
*enc_len -= c->tag_len;
return (srtp_err_status_ok);
}
/*
* Name of this crypto engine
*/
static const char srtp_aes_gcm_128_openssl_description[] =
"AES-128 GCM using openssl";
static const char srtp_aes_gcm_256_openssl_description[] =
"AES-256 GCM using openssl";
/*
* KAT values for AES self-test. These
* values we're derived from independent test code
* using OpenSSL.
*/
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_0_key[SRTP_AES_GCM_128_KEY_LEN_WSALT] = {
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x09, 0x0a, 0x0b, 0x0c,
};
/* clang-format on */
/* clang-format off */
static uint8_t srtp_aes_gcm_test_case_0_iv[12] = {
0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
0xde, 0xca, 0xf8, 0x88
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_0_plaintext[60] = {
0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
0xba, 0x63, 0x7b, 0x39
};
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_0_aad[20] = {
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_0_ciphertext[76] = {
0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
0x35, 0xc1, 0x7e, 0x23, 0x29, 0xac, 0xa1, 0x2e,
0x21, 0xd5, 0x14, 0xb2, 0x54, 0x66, 0x93, 0x1c,
0x7d, 0x8f, 0x6a, 0x5a, 0xac, 0x84, 0xaa, 0x05,
0x1b, 0xa3, 0x0b, 0x39, 0x6a, 0x0a, 0xac, 0x97,
0x3d, 0x58, 0xe0, 0x91,
/* the last 16 bytes are the tag */
0x5b, 0xc9, 0x4f, 0xbc, 0x32, 0x21, 0xa5, 0xdb,
0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47,
};
/* clang-format on */
static const srtp_cipher_test_case_t srtp_aes_gcm_test_case_0a = {
SRTP_AES_GCM_128_KEY_LEN_WSALT, /* octets in key */
srtp_aes_gcm_test_case_0_key, /* key */
srtp_aes_gcm_test_case_0_iv, /* packet index */
60, /* octets in plaintext */
srtp_aes_gcm_test_case_0_plaintext, /* plaintext */
68, /* octets in ciphertext */
srtp_aes_gcm_test_case_0_ciphertext, /* ciphertext + tag */
20, /* octets in AAD */
srtp_aes_gcm_test_case_0_aad, /* AAD */
GCM_AUTH_TAG_LEN_8, /* */
NULL /* pointer to next testcase */
};
static const srtp_cipher_test_case_t srtp_aes_gcm_test_case_0 = {
SRTP_AES_GCM_128_KEY_LEN_WSALT, /* octets in key */
srtp_aes_gcm_test_case_0_key, /* key */
srtp_aes_gcm_test_case_0_iv, /* packet index */
60, /* octets in plaintext */
srtp_aes_gcm_test_case_0_plaintext, /* plaintext */
76, /* octets in ciphertext */
srtp_aes_gcm_test_case_0_ciphertext, /* ciphertext + tag */
20, /* octets in AAD */
srtp_aes_gcm_test_case_0_aad, /* AAD */
GCM_AUTH_TAG_LEN, /* */
&srtp_aes_gcm_test_case_0a /* pointer to next testcase */
};
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_1_key[SRTP_AES_GCM_256_KEY_LEN_WSALT] = {
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0xa5, 0x59, 0x09, 0xc5, 0x54, 0x66, 0x93, 0x1c,
0xaf, 0xf5, 0x26, 0x9a, 0x21, 0xd5, 0x14, 0xb2,
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x09, 0x0a, 0x0b, 0x0c,
};
/* clang-format on */
/* clang-format off */
static uint8_t srtp_aes_gcm_test_case_1_iv[12] = {
0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
0xde, 0xca, 0xf8, 0x88
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_1_plaintext[60] = {
0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
0xba, 0x63, 0x7b, 0x39
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_1_aad[20] = {
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_gcm_test_case_1_ciphertext[76] = {
0x0b, 0x11, 0xcf, 0xaf, 0x68, 0x4d, 0xae, 0x46,
0xc7, 0x90, 0xb8, 0x8e, 0xb7, 0x6a, 0x76, 0x2a,
0x94, 0x82, 0xca, 0xab, 0x3e, 0x39, 0xd7, 0x86,
0x1b, 0xc7, 0x93, 0xed, 0x75, 0x7f, 0x23, 0x5a,
0xda, 0xfd, 0xd3, 0xe2, 0x0e, 0x80, 0x87, 0xa9,
0x6d, 0xd7, 0xe2, 0x6a, 0x7d, 0x5f, 0xb4, 0x80,
0xef, 0xef, 0xc5, 0x29, 0x12, 0xd1, 0xaa, 0x10,
0x09, 0xc9, 0x86, 0xc1,
/* the last 16 bytes are the tag */
0x45, 0xbc, 0x03, 0xe6, 0xe1, 0xac, 0x0a, 0x9f,
0x81, 0xcb, 0x8e, 0x5b, 0x46, 0x65, 0x63, 0x1d,
};
/* clang-format on */
static const srtp_cipher_test_case_t srtp_aes_gcm_test_case_1a = {
SRTP_AES_GCM_256_KEY_LEN_WSALT, /* octets in key */
srtp_aes_gcm_test_case_1_key, /* key */
srtp_aes_gcm_test_case_1_iv, /* packet index */
60, /* octets in plaintext */
srtp_aes_gcm_test_case_1_plaintext, /* plaintext */
68, /* octets in ciphertext */
srtp_aes_gcm_test_case_1_ciphertext, /* ciphertext + tag */
20, /* octets in AAD */
srtp_aes_gcm_test_case_1_aad, /* AAD */
GCM_AUTH_TAG_LEN_8, /* */
NULL /* pointer to next testcase */
};
static const srtp_cipher_test_case_t srtp_aes_gcm_test_case_1 = {
SRTP_AES_GCM_256_KEY_LEN_WSALT, /* octets in key */
srtp_aes_gcm_test_case_1_key, /* key */
srtp_aes_gcm_test_case_1_iv, /* packet index */
60, /* octets in plaintext */
srtp_aes_gcm_test_case_1_plaintext, /* plaintext */
76, /* octets in ciphertext */
srtp_aes_gcm_test_case_1_ciphertext, /* ciphertext + tag */
20, /* octets in AAD */
srtp_aes_gcm_test_case_1_aad, /* AAD */
GCM_AUTH_TAG_LEN, /* */
&srtp_aes_gcm_test_case_1a /* pointer to next testcase */
};
/*
* This is the vector function table for this crypto engine.
*/
const srtp_cipher_type_t srtp_aes_gcm_128 = {
srtp_aes_gcm_openssl_alloc,
srtp_aes_gcm_openssl_dealloc,
srtp_aes_gcm_openssl_context_init,
srtp_aes_gcm_openssl_set_aad,
srtp_aes_gcm_openssl_encrypt,
srtp_aes_gcm_openssl_decrypt,
srtp_aes_gcm_openssl_set_iv,
srtp_aes_gcm_openssl_get_tag,
srtp_aes_gcm_128_openssl_description,
&srtp_aes_gcm_test_case_0,
SRTP_AES_GCM_128
};
/*
* This is the vector function table for this crypto engine.
*/
const srtp_cipher_type_t srtp_aes_gcm_256 = {
srtp_aes_gcm_openssl_alloc,
srtp_aes_gcm_openssl_dealloc,
srtp_aes_gcm_openssl_context_init,
srtp_aes_gcm_openssl_set_aad,
srtp_aes_gcm_openssl_encrypt,
srtp_aes_gcm_openssl_decrypt,
srtp_aes_gcm_openssl_set_iv,
srtp_aes_gcm_openssl_get_tag,
srtp_aes_gcm_256_openssl_description,
&srtp_aes_gcm_test_case_1,
SRTP_AES_GCM_256
};

530
trunk/3rdparty/libsrtp-2-fit/crypto/cipher/aes_icm.c vendored Normal file
View file

@ -0,0 +1,530 @@
/*
* aes_icm.c
*
* AES Integer Counter Mode
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#define ALIGN_32 0
#include "aes_icm.h"
#include "alloc.h"
#include "cipher_types.h"
srtp_debug_module_t srtp_mod_aes_icm = {
0, /* debugging is off by default */
"aes icm" /* printable module name */
};
/*
* integer counter mode works as follows:
*
* 16 bits
* <----->
* +------+------+------+------+------+------+------+------+
* | nonce | pakcet index | ctr |---+
* +------+------+------+------+------+------+------+------+ |
* |
* +------+------+------+------+------+------+------+------+ v
* | salt |000000|->(+)
* +------+------+------+------+------+------+------+------+ |
* |
* +---------+
* | encrypt |
* +---------+
* |
* +------+------+------+------+------+------+------+------+ |
* | keystream block |<--+
* +------+------+------+------+------+------+------+------+
*
* All fields are big-endian
*
* ctr is the block counter, which increments from zero for
* each packet (16 bits wide)
*
* packet index is distinct for each packet (48 bits wide)
*
* nonce can be distinct across many uses of the same key, or
* can be a fixed value per key, or can be per-packet randomness
* (64 bits)
*
*/
static srtp_err_status_t srtp_aes_icm_alloc(srtp_cipher_t **c,
int key_len,
int tlen)
{
srtp_aes_icm_ctx_t *icm;
debug_print(srtp_mod_aes_icm, "allocating cipher with key length %d",
key_len);
/*
* The check for key_len = 30/46 does not apply. Our usage
* of aes functions with key_len = values other than 30
* has not broken anything. Don't know what would be the
* effect of skipping this check for srtp in general.
*/
if (key_len != SRTP_AES_ICM_128_KEY_LEN_WSALT &&
key_len != SRTP_AES_ICM_256_KEY_LEN_WSALT) {
return srtp_err_status_bad_param;
}
/* allocate memory a cipher of type aes_icm */
*c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t));
if (*c == NULL) {
return srtp_err_status_alloc_fail;
}
icm = (srtp_aes_icm_ctx_t *)srtp_crypto_alloc(sizeof(srtp_aes_icm_ctx_t));
if (icm == NULL) {
srtp_crypto_free(*c);
*c = NULL;
return srtp_err_status_alloc_fail;
}
/* set pointers */
(*c)->state = icm;
switch (key_len) {
case SRTP_AES_ICM_256_KEY_LEN_WSALT:
(*c)->algorithm = SRTP_AES_ICM_256;
(*c)->type = &srtp_aes_icm_256;
break;
default:
(*c)->algorithm = SRTP_AES_ICM_128;
(*c)->type = &srtp_aes_icm_128;
break;
}
/* set key size */
icm->key_size = key_len;
(*c)->key_len = key_len;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_aes_icm_dealloc(srtp_cipher_t *c)
{
srtp_aes_icm_ctx_t *ctx;
if (c == NULL) {
return srtp_err_status_bad_param;
}
ctx = (srtp_aes_icm_ctx_t *)c->state;
if (ctx) {
/* zeroize the key material */
octet_string_set_to_zero(ctx, sizeof(srtp_aes_icm_ctx_t));
srtp_crypto_free(ctx);
}
/* free the cipher context */
srtp_crypto_free(c);
return srtp_err_status_ok;
}
/*
* aes_icm_context_init(...) initializes the aes_icm_context
* using the value in key[].
*
* the key is the secret key
*
* the salt is unpredictable (but not necessarily secret) data which
* randomizes the starting point in the keystream
*/
static srtp_err_status_t srtp_aes_icm_context_init(void *cv, const uint8_t *key)
{
srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv;
srtp_err_status_t status;
int base_key_len, copy_len;
if (c->key_size == SRTP_AES_ICM_128_KEY_LEN_WSALT ||
c->key_size == SRTP_AES_ICM_256_KEY_LEN_WSALT) {
base_key_len = c->key_size - SRTP_SALT_LEN;
} else {
return srtp_err_status_bad_param;
}
/*
* set counter and initial values to 'offset' value, being careful not to
* go past the end of the key buffer
*/
v128_set_to_zero(&c->counter);
v128_set_to_zero(&c->offset);
copy_len = c->key_size - base_key_len;
/* force last two octets of the offset to be left zero (for srtp
* compatibility) */
if (copy_len > SRTP_SALT_LEN) {
copy_len = SRTP_SALT_LEN;
}
memcpy(&c->counter, key + base_key_len, copy_len);
memcpy(&c->offset, key + base_key_len, copy_len);
debug_print(srtp_mod_aes_icm, "key: %s",
srtp_octet_string_hex_string(key, base_key_len));
debug_print(srtp_mod_aes_icm, "offset: %s", v128_hex_string(&c->offset));
/* expand key */
status =
srtp_aes_expand_encryption_key(key, base_key_len, &c->expanded_key);
if (status) {
v128_set_to_zero(&c->counter);
v128_set_to_zero(&c->offset);
return status;
}
/* indicate that the keystream_buffer is empty */
c->bytes_in_buffer = 0;
return srtp_err_status_ok;
}
/*
* aes_icm_set_iv(c, iv) sets the counter value to the exor of iv with
* the offset
*/
static srtp_err_status_t srtp_aes_icm_set_iv(void *cv,
uint8_t *iv,
srtp_cipher_direction_t direction)
{
srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv;
v128_t nonce;
/* set nonce (for alignment) */
v128_copy_octet_string(&nonce, iv);
debug_print(srtp_mod_aes_icm, "setting iv: %s", v128_hex_string(&nonce));
v128_xor(&c->counter, &c->offset, &nonce);
debug_print(srtp_mod_aes_icm, "set_counter: %s",
v128_hex_string(&c->counter));
/* indicate that the keystream_buffer is empty */
c->bytes_in_buffer = 0;
return srtp_err_status_ok;
}
/*
* aes_icm_advance(...) refills the keystream_buffer and
* advances the block index of the sicm_context forward by one
*
* this is an internal, hopefully inlined function
*/
static void srtp_aes_icm_advance(srtp_aes_icm_ctx_t *c)
{
/* fill buffer with new keystream */
v128_copy(&c->keystream_buffer, &c->counter);
srtp_aes_encrypt(&c->keystream_buffer, &c->expanded_key);
c->bytes_in_buffer = sizeof(v128_t);
debug_print(srtp_mod_aes_icm, "counter: %s",
v128_hex_string(&c->counter));
debug_print(srtp_mod_aes_icm, "ciphertext: %s",
v128_hex_string(&c->keystream_buffer));
/* clock counter forward */
if (!++(c->counter.v8[15])) {
++(c->counter.v8[14]);
}
}
/*
* icm_encrypt deals with the following cases:
*
* bytes_to_encr < bytes_in_buffer
* - add keystream into data
*
* bytes_to_encr > bytes_in_buffer
* - add keystream into data until keystream_buffer is depleted
* - loop over blocks, filling keystream_buffer and then
* adding keystream into data
* - fill buffer then add in remaining (< 16) bytes of keystream
*/
static srtp_err_status_t srtp_aes_icm_encrypt(void *cv,
unsigned char *buf,
unsigned int *enc_len)
{
srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv;
unsigned int bytes_to_encr = *enc_len;
unsigned int i;
uint32_t *b;
/* check that there's enough segment left*/
if ((bytes_to_encr + htons(c->counter.v16[7])) > 0xffff) {
return srtp_err_status_terminus;
}
debug_print(srtp_mod_aes_icm, "block index: %d", htons(c->counter.v16[7]));
if (bytes_to_encr <= (unsigned int)c->bytes_in_buffer) {
/* deal with odd case of small bytes_to_encr */
for (i = (sizeof(v128_t) - c->bytes_in_buffer);
i < (sizeof(v128_t) - c->bytes_in_buffer + bytes_to_encr); i++) {
*buf++ ^= c->keystream_buffer.v8[i];
}
c->bytes_in_buffer -= bytes_to_encr;
/* return now to avoid the main loop */
return srtp_err_status_ok;
} else {
/* encrypt bytes until the remaining data is 16-byte aligned */
for (i = (sizeof(v128_t) - c->bytes_in_buffer); i < sizeof(v128_t);
i++) {
*buf++ ^= c->keystream_buffer.v8[i];
}
bytes_to_encr -= c->bytes_in_buffer;
c->bytes_in_buffer = 0;
}
/* now loop over entire 16-byte blocks of keystream */
for (i = 0; i < (bytes_to_encr / sizeof(v128_t)); i++) {
/* fill buffer with new keystream */
srtp_aes_icm_advance(c);
/*
* add keystream into the data buffer (this would be a lot faster
* if we could assume 32-bit alignment!)
*/
#if ALIGN_32
b = (uint32_t *)buf;
*b++ ^= c->keystream_buffer.v32[0];
*b++ ^= c->keystream_buffer.v32[1];
*b++ ^= c->keystream_buffer.v32[2];
*b++ ^= c->keystream_buffer.v32[3];
buf = (uint8_t *)b;
#else
if ((((uintptr_t)buf) & 0x03) != 0) {
*buf++ ^= c->keystream_buffer.v8[0];
*buf++ ^= c->keystream_buffer.v8[1];
*buf++ ^= c->keystream_buffer.v8[2];
*buf++ ^= c->keystream_buffer.v8[3];
*buf++ ^= c->keystream_buffer.v8[4];
*buf++ ^= c->keystream_buffer.v8[5];
*buf++ ^= c->keystream_buffer.v8[6];
*buf++ ^= c->keystream_buffer.v8[7];
*buf++ ^= c->keystream_buffer.v8[8];
*buf++ ^= c->keystream_buffer.v8[9];
*buf++ ^= c->keystream_buffer.v8[10];
*buf++ ^= c->keystream_buffer.v8[11];
*buf++ ^= c->keystream_buffer.v8[12];
*buf++ ^= c->keystream_buffer.v8[13];
*buf++ ^= c->keystream_buffer.v8[14];
*buf++ ^= c->keystream_buffer.v8[15];
} else {
b = (uint32_t *)buf;
*b++ ^= c->keystream_buffer.v32[0];
*b++ ^= c->keystream_buffer.v32[1];
*b++ ^= c->keystream_buffer.v32[2];
*b++ ^= c->keystream_buffer.v32[3];
buf = (uint8_t *)b;
}
#endif /* #if ALIGN_32 */
}
/* if there is a tail end of the data, process it */
if ((bytes_to_encr & 0xf) != 0) {
/* fill buffer with new keystream */
srtp_aes_icm_advance(c);
for (i = 0; i < (bytes_to_encr & 0xf); i++) {
*buf++ ^= c->keystream_buffer.v8[i];
}
/* reset the keystream buffer size to right value */
c->bytes_in_buffer = sizeof(v128_t) - i;
} else {
/* no tail, so just reset the keystream buffer size to zero */
c->bytes_in_buffer = 0;
}
return srtp_err_status_ok;
}
static const char srtp_aes_icm_128_description[] =
"AES-128 integer counter mode";
static const char srtp_aes_icm_256_description[] =
"AES-256 integer counter mode";
/* clang-format off */
static const uint8_t srtp_aes_icm_128_test_case_0_key[SRTP_AES_ICM_128_KEY_LEN_WSALT] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
/* clang-format on */
/* clang-format off */
static uint8_t srtp_aes_icm_128_test_case_0_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_128_test_case_0_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_128_test_case_0_ciphertext[32] = {
0xe0, 0x3e, 0xad, 0x09, 0x35, 0xc9, 0x5e, 0x80,
0xe1, 0x66, 0xb1, 0x6d, 0xd9, 0x2b, 0x4e, 0xb4,
0xd2, 0x35, 0x13, 0x16, 0x2b, 0x02, 0xd0, 0xf7,
0x2a, 0x43, 0xa2, 0xfe, 0x4a, 0x5f, 0x97, 0xab
};
/* clang-format on */
static const srtp_cipher_test_case_t srtp_aes_icm_128_test_case_0 = {
SRTP_AES_ICM_128_KEY_LEN_WSALT, /* octets in key */
srtp_aes_icm_128_test_case_0_key, /* key */
srtp_aes_icm_128_test_case_0_nonce, /* packet index */
32, /* octets in plaintext */
srtp_aes_icm_128_test_case_0_plaintext, /* plaintext */
32, /* octets in ciphertext */
srtp_aes_icm_128_test_case_0_ciphertext, /* ciphertext */
0, /* */
NULL, /* */
0, /* */
NULL /* pointer to next testcase */
};
/* clang-format off */
static const uint8_t srtp_aes_icm_256_test_case_0_key[SRTP_AES_ICM_256_KEY_LEN_WSALT] = {
0x57, 0xf8, 0x2f, 0xe3, 0x61, 0x3f, 0xd1, 0x70,
0xa8, 0x5e, 0xc9, 0x3c, 0x40, 0xb1, 0xf0, 0x92,
0x2e, 0xc4, 0xcb, 0x0d, 0xc0, 0x25, 0xb5, 0x82,
0x72, 0x14, 0x7c, 0xc4, 0x38, 0x94, 0x4a, 0x98,
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
/* clang-format on */
/* clang-format off */
static uint8_t srtp_aes_icm_256_test_case_0_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_256_test_case_0_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_256_test_case_0_ciphertext[32] = {
0x92, 0xbd, 0xd2, 0x8a, 0x93, 0xc3, 0xf5, 0x25,
0x11, 0xc6, 0x77, 0xd0, 0x8b, 0x55, 0x15, 0xa4,
0x9d, 0xa7, 0x1b, 0x23, 0x78, 0xa8, 0x54, 0xf6,
0x70, 0x50, 0x75, 0x6d, 0xed, 0x16, 0x5b, 0xac
};
/* clang-format on */
static const srtp_cipher_test_case_t srtp_aes_icm_256_test_case_0 = {
SRTP_AES_ICM_256_KEY_LEN_WSALT, /* octets in key */
srtp_aes_icm_256_test_case_0_key, /* key */
srtp_aes_icm_256_test_case_0_nonce, /* packet index */
32, /* octets in plaintext */
srtp_aes_icm_256_test_case_0_plaintext, /* plaintext */
32, /* octets in ciphertext */
srtp_aes_icm_256_test_case_0_ciphertext, /* ciphertext */
0, /* */
NULL, /* */
0, /* */
NULL, /* pointer to next testcase */
};
/*
* note: the encrypt function is identical to the decrypt function
*/
const srtp_cipher_type_t srtp_aes_icm_128 = {
srtp_aes_icm_alloc, /* */
srtp_aes_icm_dealloc, /* */
srtp_aes_icm_context_init, /* */
0, /* set_aad */
srtp_aes_icm_encrypt, /* */
srtp_aes_icm_encrypt, /* */
srtp_aes_icm_set_iv, /* */
0, /* get_tag */
srtp_aes_icm_128_description, /* */
&srtp_aes_icm_128_test_case_0, /* */
SRTP_AES_ICM_128 /* */
};
const srtp_cipher_type_t srtp_aes_icm_256 = {
srtp_aes_icm_alloc, /* */
srtp_aes_icm_dealloc, /* */
srtp_aes_icm_context_init, /* */
0, /* set_aad */
srtp_aes_icm_encrypt, /* */
srtp_aes_icm_encrypt, /* */
srtp_aes_icm_set_iv, /* */
0, /* get_tag */
srtp_aes_icm_256_description, /* */
&srtp_aes_icm_256_test_case_0, /* */
SRTP_AES_ICM_256 /* */
};

562
trunk/3rdparty/libsrtp-2-fit/crypto/cipher/aes_icm_nss.c vendored Normal file
View file

@ -0,0 +1,562 @@
/*
* aes_icm_nss.c
*
* AES Integer Counter Mode
*
* Richard L. Barnes
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2013-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "aes_icm_ext.h"
#include "crypto_types.h"
#include "err.h" /* for srtp_debug */
#include "alloc.h"
#include "cipher_types.h"
srtp_debug_module_t srtp_mod_aes_icm = {
0, /* debugging is off by default */
"aes icm nss" /* printable module name */
};
/*
* integer counter mode works as follows:
*
* 16 bits
* <----->
* +------+------+------+------+------+------+------+------+
* | nonce | packet index | ctr |---+
* +------+------+------+------+------+------+------+------+ |
* |
* +------+------+------+------+------+------+------+------+ v
* | salt |000000|->(+)
* +------+------+------+------+------+------+------+------+ |
* |
* +---------+
* | encrypt |
* +---------+
* |
* +------+------+------+------+------+------+------+------+ |
* | keystream block |<--+
* +------+------+------+------+------+------+------+------+
*
* All fields are big-endian
*
* ctr is the block counter, which increments from zero for
* each packet (16 bits wide)
*
* packet index is distinct for each packet (48 bits wide)
*
* nonce can be distinct across many uses of the same key, or
* can be a fixed value per key, or can be per-packet randomness
* (64 bits)
*
*/
/*
* This function allocates a new instance of this crypto engine.
* The key_len parameter should be one of 30, 38, or 46 for
* AES-128, AES-192, and AES-256 respectively. Note, this key_len
* value is inflated, as it also accounts for the 112 bit salt
* value. The tlen argument is for the AEAD tag length, which
* isn't used in counter mode.
*/
static srtp_err_status_t srtp_aes_icm_nss_alloc(srtp_cipher_t **c,
int key_len,
int tlen)
{
srtp_aes_icm_ctx_t *icm;
NSSInitContext *nss;
debug_print(srtp_mod_aes_icm, "allocating cipher with key length %d",
key_len);
/*
* Verify the key_len is valid for one of: AES-128/192/256
*/
if (key_len != SRTP_AES_ICM_128_KEY_LEN_WSALT &&
key_len != SRTP_AES_ICM_192_KEY_LEN_WSALT &&
key_len != SRTP_AES_ICM_256_KEY_LEN_WSALT) {
return srtp_err_status_bad_param;
}
/* Initialize NSS equiv of NSS_NoDB_Init(NULL) */
nss = NSS_InitContext("", "", "", "", NULL,
NSS_INIT_READONLY | NSS_INIT_NOCERTDB |
NSS_INIT_NOMODDB | NSS_INIT_FORCEOPEN |
NSS_INIT_OPTIMIZESPACE);
if (!nss) {
return (srtp_err_status_cipher_fail);
}
/* allocate memory a cipher of type aes_icm */
*c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t));
if (*c == NULL) {
NSS_ShutdownContext(nss);
return srtp_err_status_alloc_fail;
}
icm = (srtp_aes_icm_ctx_t *)srtp_crypto_alloc(sizeof(srtp_aes_icm_ctx_t));
if (icm == NULL) {
NSS_ShutdownContext(nss);
srtp_crypto_free(*c);
*c = NULL;
return srtp_err_status_alloc_fail;
}
icm->key = NULL;
icm->ctx = NULL;
icm->nss = nss;
/* set pointers */
(*c)->state = icm;
/* setup cipher parameters */
switch (key_len) {
case SRTP_AES_ICM_128_KEY_LEN_WSALT:
(*c)->algorithm = SRTP_AES_ICM_128;
(*c)->type = &srtp_aes_icm_128;
icm->key_size = SRTP_AES_128_KEY_LEN;
break;
case SRTP_AES_ICM_192_KEY_LEN_WSALT:
(*c)->algorithm = SRTP_AES_ICM_192;
(*c)->type = &srtp_aes_icm_192;
icm->key_size = SRTP_AES_192_KEY_LEN;
break;
case SRTP_AES_ICM_256_KEY_LEN_WSALT:
(*c)->algorithm = SRTP_AES_ICM_256;
(*c)->type = &srtp_aes_icm_256;
icm->key_size = SRTP_AES_256_KEY_LEN;
break;
}
/* set key size */
(*c)->key_len = key_len;
return srtp_err_status_ok;
}
/*
* This function deallocates an instance of this engine
*/
static srtp_err_status_t srtp_aes_icm_nss_dealloc(srtp_cipher_t *c)
{
srtp_aes_icm_ctx_t *ctx;
ctx = (srtp_aes_icm_ctx_t *)c->state;
if (ctx) {
/* free any PK11 values that have been created */
if (ctx->key) {
PK11_FreeSymKey(ctx->key);
ctx->key = NULL;
}
if (ctx->ctx) {
PK11_DestroyContext(ctx->ctx, PR_TRUE);
ctx->ctx = NULL;
}
if (ctx->nss) {
NSS_ShutdownContext(ctx->nss);
ctx->nss = NULL;
}
/* zeroize everything */
octet_string_set_to_zero(ctx, sizeof(srtp_aes_icm_ctx_t));
srtp_crypto_free(ctx);
}
/* free memory */
srtp_crypto_free(c);
return (srtp_err_status_ok);
}
/*
* aes_icm_nss_context_init(...) initializes the aes_icm_context
* using the value in key[].
*
* the key is the secret key
*
* the salt is unpredictable (but not necessarily secret) data which
* randomizes the starting point in the keystream
*/
static srtp_err_status_t srtp_aes_icm_nss_context_init(void *cv,
const uint8_t *key)
{
srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv;
/*
* set counter and initial values to 'offset' value, being careful not to
* go past the end of the key buffer
*/
v128_set_to_zero(&c->counter);
v128_set_to_zero(&c->offset);
memcpy(&c->counter, key + c->key_size, SRTP_SALT_LEN);
memcpy(&c->offset, key + c->key_size, SRTP_SALT_LEN);
/* force last two octets of the offset to zero (for srtp compatibility) */
c->offset.v8[SRTP_SALT_LEN] = c->offset.v8[SRTP_SALT_LEN + 1] = 0;
c->counter.v8[SRTP_SALT_LEN] = c->counter.v8[SRTP_SALT_LEN + 1] = 0;
debug_print(srtp_mod_aes_icm, "key: %s",
srtp_octet_string_hex_string(key, c->key_size));
debug_print(srtp_mod_aes_icm, "offset: %s", v128_hex_string(&c->offset));
if (c->key) {
PK11_FreeSymKey(c->key);
c->key = NULL;
}
PK11SlotInfo *slot = PK11_GetBestSlot(CKM_AES_CTR, NULL);
if (!slot) {
return srtp_err_status_bad_param;
}
SECItem keyItem = { siBuffer, (unsigned char *)key, c->key_size };
c->key = PK11_ImportSymKey(slot, CKM_AES_CTR, PK11_OriginUnwrap,
CKA_ENCRYPT, &keyItem, NULL);
PK11_FreeSlot(slot);
if (!c->key) {
return srtp_err_status_cipher_fail;
}
return (srtp_err_status_ok);
}
/*
* aes_icm_set_iv(c, iv) sets the counter value to the exor of iv with
* the offset
*/
static srtp_err_status_t srtp_aes_icm_nss_set_iv(void *cv,
uint8_t *iv,
srtp_cipher_direction_t dir)
{
srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv;
v128_t nonce;
/* set nonce (for alignment) */
v128_copy_octet_string(&nonce, iv);
debug_print(srtp_mod_aes_icm, "setting iv: %s", v128_hex_string(&nonce));
v128_xor(&c->counter, &c->offset, &nonce);
debug_print(srtp_mod_aes_icm, "set_counter: %s",
v128_hex_string(&c->counter));
/* set up the PK11 context now that we have all the info */
CK_AES_CTR_PARAMS param;
param.ulCounterBits = 16;
memcpy(param.cb, &c->counter, 16);
if (!c->key) {
return srtp_err_status_bad_param;
}
if (c->ctx) {
PK11_DestroyContext(c->ctx, PR_TRUE);
}
SECItem paramItem = { siBuffer, (unsigned char *)&param,
sizeof(CK_AES_CTR_PARAMS) };
c->ctx = PK11_CreateContextBySymKey(CKM_AES_CTR, CKA_ENCRYPT, c->key,
&paramItem);
if (!c->ctx) {
return srtp_err_status_cipher_fail;
}
return srtp_err_status_ok;
}
/*
* This function encrypts a buffer using AES CTR mode
*
* Parameters:
* c Crypto context
* buf data to encrypt
* enc_len length of encrypt buffer
*/
static srtp_err_status_t srtp_aes_icm_nss_encrypt(void *cv,
unsigned char *buf,
unsigned int *enc_len)
{
srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv;
if (!c->ctx) {
return srtp_err_status_bad_param;
}
int rv =
PK11_CipherOp(c->ctx, buf, (int *)enc_len, *enc_len, buf, *enc_len);
srtp_err_status_t status = (srtp_err_status_ok);
if (rv != SECSuccess) {
status = (srtp_err_status_cipher_fail);
}
return status;
}
/*
* Name of this crypto engine
*/
static const char srtp_aes_icm_128_nss_description[] =
"AES-128 counter mode using NSS";
static const char srtp_aes_icm_192_nss_description[] =
"AES-192 counter mode using NSS";
static const char srtp_aes_icm_256_nss_description[] =
"AES-256 counter mode using NSS";
/*
* KAT values for AES self-test. These
* values came from the legacy libsrtp code.
*/
/* clang-format off */
static const uint8_t srtp_aes_icm_128_test_case_0_key[SRTP_AES_ICM_128_KEY_LEN_WSALT] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
/* clang-format on */
/* clang-format off */
static uint8_t srtp_aes_icm_128_test_case_0_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_128_test_case_0_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_128_test_case_0_ciphertext[32] = {
0xe0, 0x3e, 0xad, 0x09, 0x35, 0xc9, 0x5e, 0x80,
0xe1, 0x66, 0xb1, 0x6d, 0xd9, 0x2b, 0x4e, 0xb4,
0xd2, 0x35, 0x13, 0x16, 0x2b, 0x02, 0xd0, 0xf7,
0x2a, 0x43, 0xa2, 0xfe, 0x4a, 0x5f, 0x97, 0xab
};
/* clang-format on */
static const srtp_cipher_test_case_t srtp_aes_icm_128_test_case_0 = {
SRTP_AES_ICM_128_KEY_LEN_WSALT, /* octets in key */
srtp_aes_icm_128_test_case_0_key, /* key */
srtp_aes_icm_128_test_case_0_nonce, /* packet index */
32, /* octets in plaintext */
srtp_aes_icm_128_test_case_0_plaintext, /* plaintext */
32, /* octets in ciphertext */
srtp_aes_icm_128_test_case_0_ciphertext, /* ciphertext */
0, /* */
NULL, /* */
0, /* */
NULL /* pointer to next testcase */
};
/*
* KAT values for AES-192-CTR self-test. These
* values came from section 7 of RFC 6188.
*/
/* clang-format off */
static const uint8_t srtp_aes_icm_192_test_case_0_key[SRTP_AES_ICM_192_KEY_LEN_WSALT] = {
0xea, 0xb2, 0x34, 0x76, 0x4e, 0x51, 0x7b, 0x2d,
0x3d, 0x16, 0x0d, 0x58, 0x7d, 0x8c, 0x86, 0x21,
0x97, 0x40, 0xf6, 0x5f, 0x99, 0xb6, 0xbc, 0xf7,
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
/* clang-format on */
/* clang-format off */
static uint8_t srtp_aes_icm_192_test_case_0_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_192_test_case_0_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_192_test_case_0_ciphertext[32] = {
0x35, 0x09, 0x6c, 0xba, 0x46, 0x10, 0x02, 0x8d,
0xc1, 0xb5, 0x75, 0x03, 0x80, 0x4c, 0xe3, 0x7c,
0x5d, 0xe9, 0x86, 0x29, 0x1d, 0xcc, 0xe1, 0x61,
0xd5, 0x16, 0x5e, 0xc4, 0x56, 0x8f, 0x5c, 0x9a
};
/* clang-format on */
static const srtp_cipher_test_case_t srtp_aes_icm_192_test_case_0 = {
SRTP_AES_ICM_192_KEY_LEN_WSALT, /* octets in key */
srtp_aes_icm_192_test_case_0_key, /* key */
srtp_aes_icm_192_test_case_0_nonce, /* packet index */
32, /* octets in plaintext */
srtp_aes_icm_192_test_case_0_plaintext, /* plaintext */
32, /* octets in ciphertext */
srtp_aes_icm_192_test_case_0_ciphertext, /* ciphertext */
0, /* */
NULL, /* */
0, /* */
NULL /* pointer to next testcase */
};
/*
* KAT values for AES-256-CTR self-test. These
* values came from section 7 of RFC 6188.
*/
/* clang-format off */
static const uint8_t srtp_aes_icm_256_test_case_0_key[SRTP_AES_ICM_256_KEY_LEN_WSALT] = {
0x57, 0xf8, 0x2f, 0xe3, 0x61, 0x3f, 0xd1, 0x70,
0xa8, 0x5e, 0xc9, 0x3c, 0x40, 0xb1, 0xf0, 0x92,
0x2e, 0xc4, 0xcb, 0x0d, 0xc0, 0x25, 0xb5, 0x82,
0x72, 0x14, 0x7c, 0xc4, 0x38, 0x94, 0x4a, 0x98,
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
/* clang-format on */
/* clang-format off */
static uint8_t srtp_aes_icm_256_test_case_0_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_256_test_case_0_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_256_test_case_0_ciphertext[32] = {
0x92, 0xbd, 0xd2, 0x8a, 0x93, 0xc3, 0xf5, 0x25,
0x11, 0xc6, 0x77, 0xd0, 0x8b, 0x55, 0x15, 0xa4,
0x9d, 0xa7, 0x1b, 0x23, 0x78, 0xa8, 0x54, 0xf6,
0x70, 0x50, 0x75, 0x6d, 0xed, 0x16, 0x5b, 0xac
};
/* clang-format on */
static const srtp_cipher_test_case_t srtp_aes_icm_256_test_case_0 = {
SRTP_AES_ICM_256_KEY_LEN_WSALT, /* octets in key */
srtp_aes_icm_256_test_case_0_key, /* key */
srtp_aes_icm_256_test_case_0_nonce, /* packet index */
32, /* octets in plaintext */
srtp_aes_icm_256_test_case_0_plaintext, /* plaintext */
32, /* octets in ciphertext */
srtp_aes_icm_256_test_case_0_ciphertext, /* ciphertext */
0, /* */
NULL, /* */
0, /* */
NULL /* pointer to next testcase */
};
/*
* This is the function table for this crypto engine.
* note: the encrypt function is identical to the decrypt function
*/
const srtp_cipher_type_t srtp_aes_icm_128 = {
srtp_aes_icm_nss_alloc, /* */
srtp_aes_icm_nss_dealloc, /* */
srtp_aes_icm_nss_context_init, /* */
0, /* set_aad */
srtp_aes_icm_nss_encrypt, /* */
srtp_aes_icm_nss_encrypt, /* */
srtp_aes_icm_nss_set_iv, /* */
0, /* get_tag */
srtp_aes_icm_128_nss_description, /* */
&srtp_aes_icm_128_test_case_0, /* */
SRTP_AES_ICM_128 /* */
};
/*
* This is the function table for this crypto engine.
* note: the encrypt function is identical to the decrypt function
*/
const srtp_cipher_type_t srtp_aes_icm_192 = {
srtp_aes_icm_nss_alloc, /* */
srtp_aes_icm_nss_dealloc, /* */
srtp_aes_icm_nss_context_init, /* */
0, /* set_aad */
srtp_aes_icm_nss_encrypt, /* */
srtp_aes_icm_nss_encrypt, /* */
srtp_aes_icm_nss_set_iv, /* */
0, /* get_tag */
srtp_aes_icm_192_nss_description, /* */
&srtp_aes_icm_192_test_case_0, /* */
SRTP_AES_ICM_192 /* */
};
/*
* This is the function table for this crypto engine.
* note: the encrypt function is identical to the decrypt function
*/
const srtp_cipher_type_t srtp_aes_icm_256 = {
srtp_aes_icm_nss_alloc, /* */
srtp_aes_icm_nss_dealloc, /* */
srtp_aes_icm_nss_context_init, /* */
0, /* set_aad */
srtp_aes_icm_nss_encrypt, /* */
srtp_aes_icm_nss_encrypt, /* */
srtp_aes_icm_nss_set_iv, /* */
0, /* get_tag */
srtp_aes_icm_256_nss_description, /* */
&srtp_aes_icm_256_test_case_0, /* */
SRTP_AES_ICM_256 /* */
};

541
trunk/3rdparty/libsrtp-2-fit/crypto/cipher/aes_icm_ossl.c vendored Normal file
View file

@ -0,0 +1,541 @@
/*
* aes_icm_ossl.c
*
* AES Integer Counter Mode
*
* John A. Foley
* Cisco Systems, Inc.
*
* 2/24/2012: This module was modified to use CiscoSSL for AES counter
* mode. Eddy Lem contributed the code to allow this.
*
* 12/20/2012: Added support for AES-192 and AES-256.
*/
/*
*
* Copyright (c) 2013-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <openssl/evp.h>
#include "aes_icm_ext.h"
#include "crypto_types.h"
#include "err.h" /* for srtp_debug */
#include "alloc.h"
#include "cipher_types.h"
srtp_debug_module_t srtp_mod_aes_icm = {
0, /* debugging is off by default */
"aes icm ossl" /* printable module name */
};
/*
* integer counter mode works as follows:
*
* 16 bits
* <----->
* +------+------+------+------+------+------+------+------+
* | nonce | packet index | ctr |---+
* +------+------+------+------+------+------+------+------+ |
* |
* +------+------+------+------+------+------+------+------+ v
* | salt |000000|->(+)
* +------+------+------+------+------+------+------+------+ |
* |
* +---------+
* | encrypt |
* +---------+
* |
* +------+------+------+------+------+------+------+------+ |
* | keystream block |<--+
* +------+------+------+------+------+------+------+------+
*
* All fields are big-endian
*
* ctr is the block counter, which increments from zero for
* each packet (16 bits wide)
*
* packet index is distinct for each packet (48 bits wide)
*
* nonce can be distinct across many uses of the same key, or
* can be a fixed value per key, or can be per-packet randomness
* (64 bits)
*
*/
/*
* This function allocates a new instance of this crypto engine.
* The key_len parameter should be one of 30, 38, or 46 for
* AES-128, AES-192, and AES-256 respectively. Note, this key_len
* value is inflated, as it also accounts for the 112 bit salt
* value. The tlen argument is for the AEAD tag length, which
* isn't used in counter mode.
*/
static srtp_err_status_t srtp_aes_icm_openssl_alloc(srtp_cipher_t **c,
int key_len,
int tlen)
{
srtp_aes_icm_ctx_t *icm;
debug_print(srtp_mod_aes_icm, "allocating cipher with key length %d",
key_len);
/*
* Verify the key_len is valid for one of: AES-128/192/256
*/
if (key_len != SRTP_AES_ICM_128_KEY_LEN_WSALT &&
key_len != SRTP_AES_ICM_192_KEY_LEN_WSALT &&
key_len != SRTP_AES_ICM_256_KEY_LEN_WSALT) {
return srtp_err_status_bad_param;
}
/* allocate memory a cipher of type aes_icm */
*c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t));
if (*c == NULL) {
return srtp_err_status_alloc_fail;
}
icm = (srtp_aes_icm_ctx_t *)srtp_crypto_alloc(sizeof(srtp_aes_icm_ctx_t));
if (icm == NULL) {
srtp_crypto_free(*c);
*c = NULL;
return srtp_err_status_alloc_fail;
}
icm->ctx = EVP_CIPHER_CTX_new();
if (icm->ctx == NULL) {
srtp_crypto_free(icm);
srtp_crypto_free(*c);
*c = NULL;
return srtp_err_status_alloc_fail;
}
/* set pointers */
(*c)->state = icm;
/* setup cipher parameters */
switch (key_len) {
case SRTP_AES_ICM_128_KEY_LEN_WSALT:
(*c)->algorithm = SRTP_AES_ICM_128;
(*c)->type = &srtp_aes_icm_128;
icm->key_size = SRTP_AES_128_KEY_LEN;
break;
case SRTP_AES_ICM_192_KEY_LEN_WSALT:
(*c)->algorithm = SRTP_AES_ICM_192;
(*c)->type = &srtp_aes_icm_192;
icm->key_size = SRTP_AES_192_KEY_LEN;
break;
case SRTP_AES_ICM_256_KEY_LEN_WSALT:
(*c)->algorithm = SRTP_AES_ICM_256;
(*c)->type = &srtp_aes_icm_256;
icm->key_size = SRTP_AES_256_KEY_LEN;
break;
}
/* set key size */
(*c)->key_len = key_len;
return srtp_err_status_ok;
}
/*
* This function deallocates an instance of this engine
*/
static srtp_err_status_t srtp_aes_icm_openssl_dealloc(srtp_cipher_t *c)
{
srtp_aes_icm_ctx_t *ctx;
if (c == NULL) {
return srtp_err_status_bad_param;
}
/*
* Free the EVP context
*/
ctx = (srtp_aes_icm_ctx_t *)c->state;
if (ctx != NULL) {
EVP_CIPHER_CTX_free(ctx->ctx);
/* zeroize the key material */
octet_string_set_to_zero(ctx, sizeof(srtp_aes_icm_ctx_t));
srtp_crypto_free(ctx);
}
/* free memory */
srtp_crypto_free(c);
return srtp_err_status_ok;
}
/*
* aes_icm_openssl_context_init(...) initializes the aes_icm_context
* using the value in key[].
*
* the key is the secret key
*
* the salt is unpredictable (but not necessarily secret) data which
* randomizes the starting point in the keystream
*/
static srtp_err_status_t srtp_aes_icm_openssl_context_init(void *cv,
const uint8_t *key)
{
srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv;
const EVP_CIPHER *evp;
/*
* set counter and initial values to 'offset' value, being careful not to
* go past the end of the key buffer
*/
v128_set_to_zero(&c->counter);
v128_set_to_zero(&c->offset);
memcpy(&c->counter, key + c->key_size, SRTP_SALT_LEN);
memcpy(&c->offset, key + c->key_size, SRTP_SALT_LEN);
/* force last two octets of the offset to zero (for srtp compatibility) */
c->offset.v8[SRTP_SALT_LEN] = c->offset.v8[SRTP_SALT_LEN + 1] = 0;
c->counter.v8[SRTP_SALT_LEN] = c->counter.v8[SRTP_SALT_LEN + 1] = 0;
debug_print(srtp_mod_aes_icm, "key: %s",
srtp_octet_string_hex_string(key, c->key_size));
debug_print(srtp_mod_aes_icm, "offset: %s", v128_hex_string(&c->offset));
switch (c->key_size) {
case SRTP_AES_256_KEY_LEN:
evp = EVP_aes_256_ctr();
break;
case SRTP_AES_192_KEY_LEN:
evp = EVP_aes_192_ctr();
break;
case SRTP_AES_128_KEY_LEN:
evp = EVP_aes_128_ctr();
break;
default:
return srtp_err_status_bad_param;
break;
}
EVP_CIPHER_CTX_cleanup(c->ctx);
if (!EVP_EncryptInit_ex(c->ctx, evp, NULL, key, NULL)) {
return srtp_err_status_fail;
} else {
return srtp_err_status_ok;
}
return srtp_err_status_ok;
}
/*
* aes_icm_set_iv(c, iv) sets the counter value to the exor of iv with
* the offset
*/
static srtp_err_status_t srtp_aes_icm_openssl_set_iv(
void *cv,
uint8_t *iv,
srtp_cipher_direction_t dir)
{
srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv;
v128_t nonce;
/* set nonce (for alignment) */
v128_copy_octet_string(&nonce, iv);
debug_print(srtp_mod_aes_icm, "setting iv: %s", v128_hex_string(&nonce));
v128_xor(&c->counter, &c->offset, &nonce);
debug_print(srtp_mod_aes_icm, "set_counter: %s",
v128_hex_string(&c->counter));
if (!EVP_EncryptInit_ex(c->ctx, NULL, NULL, NULL, c->counter.v8)) {
return srtp_err_status_fail;
} else {
return srtp_err_status_ok;
}
}
/*
* This function encrypts a buffer using AES CTR mode
*
* Parameters:
* c Crypto context
* buf data to encrypt
* enc_len length of encrypt buffer
*/
static srtp_err_status_t srtp_aes_icm_openssl_encrypt(void *cv,
unsigned char *buf,
unsigned int *enc_len)
{
srtp_aes_icm_ctx_t *c = (srtp_aes_icm_ctx_t *)cv;
int len = 0;
debug_print(srtp_mod_aes_icm, "rs0: %s", v128_hex_string(&c->counter));
if (!EVP_EncryptUpdate(c->ctx, buf, &len, buf, *enc_len)) {
return srtp_err_status_cipher_fail;
}
*enc_len = len;
if (!EVP_EncryptFinal_ex(c->ctx, buf + len, &len)) {
return srtp_err_status_cipher_fail;
}
*enc_len += len;
return srtp_err_status_ok;
}
/*
* Name of this crypto engine
*/
static const char srtp_aes_icm_128_openssl_description[] =
"AES-128 counter mode using openssl";
static const char srtp_aes_icm_192_openssl_description[] =
"AES-192 counter mode using openssl";
static const char srtp_aes_icm_256_openssl_description[] =
"AES-256 counter mode using openssl";
/*
* KAT values for AES self-test. These
* values came from the legacy libsrtp code.
*/
/* clang-format off */
static const uint8_t srtp_aes_icm_128_test_case_0_key[SRTP_AES_ICM_128_KEY_LEN_WSALT] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
/* clang-format on */
/* clang-format off */
static uint8_t srtp_aes_icm_128_test_case_0_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_128_test_case_0_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_128_test_case_0_ciphertext[32] = {
0xe0, 0x3e, 0xad, 0x09, 0x35, 0xc9, 0x5e, 0x80,
0xe1, 0x66, 0xb1, 0x6d, 0xd9, 0x2b, 0x4e, 0xb4,
0xd2, 0x35, 0x13, 0x16, 0x2b, 0x02, 0xd0, 0xf7,
0x2a, 0x43, 0xa2, 0xfe, 0x4a, 0x5f, 0x97, 0xab
};
/* clang-format on */
static const srtp_cipher_test_case_t srtp_aes_icm_128_test_case_0 = {
SRTP_AES_ICM_128_KEY_LEN_WSALT, /* octets in key */
srtp_aes_icm_128_test_case_0_key, /* key */
srtp_aes_icm_128_test_case_0_nonce, /* packet index */
32, /* octets in plaintext */
srtp_aes_icm_128_test_case_0_plaintext, /* plaintext */
32, /* octets in ciphertext */
srtp_aes_icm_128_test_case_0_ciphertext, /* ciphertext */
0, /* */
NULL, /* */
0, /* */
NULL /* pointer to next testcase */
};
/*
* KAT values for AES-192-CTR self-test. These
* values came from section 7 of RFC 6188.
*/
/* clang-format off */
static const uint8_t srtp_aes_icm_192_test_case_0_key[SRTP_AES_ICM_192_KEY_LEN_WSALT] = {
0xea, 0xb2, 0x34, 0x76, 0x4e, 0x51, 0x7b, 0x2d,
0x3d, 0x16, 0x0d, 0x58, 0x7d, 0x8c, 0x86, 0x21,
0x97, 0x40, 0xf6, 0x5f, 0x99, 0xb6, 0xbc, 0xf7,
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
/* clang-format on */
/* clang-format off */
static uint8_t srtp_aes_icm_192_test_case_0_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_192_test_case_0_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_192_test_case_0_ciphertext[32] = {
0x35, 0x09, 0x6c, 0xba, 0x46, 0x10, 0x02, 0x8d,
0xc1, 0xb5, 0x75, 0x03, 0x80, 0x4c, 0xe3, 0x7c,
0x5d, 0xe9, 0x86, 0x29, 0x1d, 0xcc, 0xe1, 0x61,
0xd5, 0x16, 0x5e, 0xc4, 0x56, 0x8f, 0x5c, 0x9a
};
/* clang-format on */
static const srtp_cipher_test_case_t srtp_aes_icm_192_test_case_0 = {
SRTP_AES_ICM_192_KEY_LEN_WSALT, /* octets in key */
srtp_aes_icm_192_test_case_0_key, /* key */
srtp_aes_icm_192_test_case_0_nonce, /* packet index */
32, /* octets in plaintext */
srtp_aes_icm_192_test_case_0_plaintext, /* plaintext */
32, /* octets in ciphertext */
srtp_aes_icm_192_test_case_0_ciphertext, /* ciphertext */
0, /* */
NULL, /* */
0, /* */
NULL /* pointer to next testcase */
};
/*
* KAT values for AES-256-CTR self-test. These
* values came from section 7 of RFC 6188.
*/
/* clang-format off */
static const uint8_t srtp_aes_icm_256_test_case_0_key[SRTP_AES_ICM_256_KEY_LEN_WSALT] = {
0x57, 0xf8, 0x2f, 0xe3, 0x61, 0x3f, 0xd1, 0x70,
0xa8, 0x5e, 0xc9, 0x3c, 0x40, 0xb1, 0xf0, 0x92,
0x2e, 0xc4, 0xcb, 0x0d, 0xc0, 0x25, 0xb5, 0x82,
0x72, 0x14, 0x7c, 0xc4, 0x38, 0x94, 0x4a, 0x98,
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
/* clang-format on */
/* clang-format off */
static uint8_t srtp_aes_icm_256_test_case_0_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_256_test_case_0_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_aes_icm_256_test_case_0_ciphertext[32] = {
0x92, 0xbd, 0xd2, 0x8a, 0x93, 0xc3, 0xf5, 0x25,
0x11, 0xc6, 0x77, 0xd0, 0x8b, 0x55, 0x15, 0xa4,
0x9d, 0xa7, 0x1b, 0x23, 0x78, 0xa8, 0x54, 0xf6,
0x70, 0x50, 0x75, 0x6d, 0xed, 0x16, 0x5b, 0xac
};
/* clang-format on */
static const srtp_cipher_test_case_t srtp_aes_icm_256_test_case_0 = {
SRTP_AES_ICM_256_KEY_LEN_WSALT, /* octets in key */
srtp_aes_icm_256_test_case_0_key, /* key */
srtp_aes_icm_256_test_case_0_nonce, /* packet index */
32, /* octets in plaintext */
srtp_aes_icm_256_test_case_0_plaintext, /* plaintext */
32, /* octets in ciphertext */
srtp_aes_icm_256_test_case_0_ciphertext, /* ciphertext */
0, /* */
NULL, /* */
0, /* */
NULL /* pointer to next testcase */
};
/*
* This is the function table for this crypto engine.
* note: the encrypt function is identical to the decrypt function
*/
const srtp_cipher_type_t srtp_aes_icm_128 = {
srtp_aes_icm_openssl_alloc, /* */
srtp_aes_icm_openssl_dealloc, /* */
srtp_aes_icm_openssl_context_init, /* */
0, /* set_aad */
srtp_aes_icm_openssl_encrypt, /* */
srtp_aes_icm_openssl_encrypt, /* */
srtp_aes_icm_openssl_set_iv, /* */
0, /* get_tag */
srtp_aes_icm_128_openssl_description, /* */
&srtp_aes_icm_128_test_case_0, /* */
SRTP_AES_ICM_128 /* */
};
/*
* This is the function table for this crypto engine.
* note: the encrypt function is identical to the decrypt function
*/
const srtp_cipher_type_t srtp_aes_icm_192 = {
srtp_aes_icm_openssl_alloc, /* */
srtp_aes_icm_openssl_dealloc, /* */
srtp_aes_icm_openssl_context_init, /* */
0, /* set_aad */
srtp_aes_icm_openssl_encrypt, /* */
srtp_aes_icm_openssl_encrypt, /* */
srtp_aes_icm_openssl_set_iv, /* */
0, /* get_tag */
srtp_aes_icm_192_openssl_description, /* */
&srtp_aes_icm_192_test_case_0, /* */
SRTP_AES_ICM_192 /* */
};
/*
* This is the function table for this crypto engine.
* note: the encrypt function is identical to the decrypt function
*/
const srtp_cipher_type_t srtp_aes_icm_256 = {
srtp_aes_icm_openssl_alloc, /* */
srtp_aes_icm_openssl_dealloc, /* */
srtp_aes_icm_openssl_context_init, /* */
0, /* set_aad */
srtp_aes_icm_openssl_encrypt, /* */
srtp_aes_icm_openssl_encrypt, /* */
srtp_aes_icm_openssl_set_iv, /* */
0, /* get_tag */
srtp_aes_icm_256_openssl_description, /* */
&srtp_aes_icm_256_test_case_0, /* */
SRTP_AES_ICM_256 /* */
};

664
trunk/3rdparty/libsrtp-2-fit/crypto/cipher/cipher.c vendored Normal file
View file

@ -0,0 +1,664 @@
/*
* cipher.c
*
* cipher meta-functions
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "cipher.h"
#include "cipher_priv.h"
#include "crypto_types.h"
#include "err.h" /* for srtp_debug */
#include "alloc.h" /* for crypto_alloc(), crypto_free() */
srtp_debug_module_t srtp_mod_cipher = {
0, /* debugging is off by default */
"cipher" /* printable module name */
};
srtp_err_status_t srtp_cipher_type_alloc(const srtp_cipher_type_t *ct,
srtp_cipher_t **c,
int key_len,
int tlen)
{
if (!ct || !ct->alloc) {
return (srtp_err_status_bad_param);
}
return ((ct)->alloc((c), (key_len), (tlen)));
}
srtp_err_status_t srtp_cipher_dealloc(srtp_cipher_t *c)
{
if (!c || !c->type) {
return (srtp_err_status_bad_param);
}
return (((c)->type)->dealloc(c));
}
srtp_err_status_t srtp_cipher_init(srtp_cipher_t *c, const uint8_t *key)
{
if (!c || !c->type || !c->state) {
return (srtp_err_status_bad_param);
}
return (((c)->type)->init(((c)->state), (key)));
}
srtp_err_status_t srtp_cipher_set_iv(srtp_cipher_t *c,
uint8_t *iv,
int direction)
{
if (!c || !c->type || !c->state) {
return (srtp_err_status_bad_param);
}
return (((c)->type)->set_iv(((c)->state), iv, direction));
}
srtp_err_status_t srtp_cipher_output(srtp_cipher_t *c,
uint8_t *buffer,
uint32_t *num_octets_to_output)
{
/* zeroize the buffer */
octet_string_set_to_zero(buffer, *num_octets_to_output);
/* exor keystream into buffer */
return (((c)->type)->encrypt(((c)->state), buffer, num_octets_to_output));
}
srtp_err_status_t srtp_cipher_encrypt(srtp_cipher_t *c,
uint8_t *buffer,
uint32_t *num_octets_to_output)
{
if (!c || !c->type || !c->state) {
return (srtp_err_status_bad_param);
}
return (((c)->type)->encrypt(((c)->state), buffer, num_octets_to_output));
}
srtp_err_status_t srtp_cipher_decrypt(srtp_cipher_t *c,
uint8_t *buffer,
uint32_t *num_octets_to_output)
{
if (!c || !c->type || !c->state) {
return (srtp_err_status_bad_param);
}
return (((c)->type)->decrypt(((c)->state), buffer, num_octets_to_output));
}
srtp_err_status_t srtp_cipher_get_tag(srtp_cipher_t *c,
uint8_t *buffer,
uint32_t *tag_len)
{
if (!c || !c->type || !c->state) {
return (srtp_err_status_bad_param);
}
if (!((c)->type)->get_tag) {
return (srtp_err_status_no_such_op);
}
return (((c)->type)->get_tag(((c)->state), buffer, tag_len));
}
srtp_err_status_t srtp_cipher_set_aad(srtp_cipher_t *c,
const uint8_t *aad,
uint32_t aad_len)
{
if (!c || !c->type || !c->state) {
return (srtp_err_status_bad_param);
}
if (!((c)->type)->set_aad) {
return (srtp_err_status_no_such_op);
}
return (((c)->type)->set_aad(((c)->state), aad, aad_len));
}
/* some bookkeeping functions */
int srtp_cipher_get_key_length(const srtp_cipher_t *c)
{
return c->key_len;
}
/*
* A trivial platform independent random source.
* For use in test only.
*/
void srtp_cipher_rand_for_tests(void *dest, uint32_t len)
{
/* Generic C-library (rand()) version */
/* This is a random source of last resort */
uint8_t *dst = (uint8_t *)dest;
while (len) {
int val = rand();
/* rand() returns 0-32767 (ugh) */
/* Is this a good enough way to get random bytes?
It is if it passes FIPS-140... */
*dst++ = val & 0xff;
len--;
}
}
/*
* A trivial platform independent 32 bit random number.
* For use in test only.
*/
uint32_t srtp_cipher_rand_u32_for_tests(void)
{
uint32_t r;
srtp_cipher_rand_for_tests(&r, sizeof(r));
return r;
}
#define SELF_TEST_BUF_OCTETS 128
#define NUM_RAND_TESTS 128
#define MAX_KEY_LEN 64
/*
* srtp_cipher_type_test(ct, test_data) tests a cipher of type ct against
* test cases provided in a list test_data of values of key, salt, iv,
* plaintext, and ciphertext that is known to be good
*/
srtp_err_status_t srtp_cipher_type_test(
const srtp_cipher_type_t *ct,
const srtp_cipher_test_case_t *test_data)
{
const srtp_cipher_test_case_t *test_case = test_data;
srtp_cipher_t *c;
srtp_err_status_t status;
uint8_t buffer[SELF_TEST_BUF_OCTETS];
uint8_t buffer2[SELF_TEST_BUF_OCTETS];
uint32_t tag_len;
unsigned int len;
int i, j, case_num = 0;
unsigned k = 0;
debug_print(srtp_mod_cipher, "running self-test for cipher %s",
ct->description);
/*
* check to make sure that we have at least one test case, and
* return an error if we don't - we need to be paranoid here
*/
if (test_case == NULL) {
return srtp_err_status_cant_check;
}
/*
* loop over all test cases, perform known-answer tests of both the
* encryption and decryption functions
*/
while (test_case != NULL) {
/* allocate cipher */
status = srtp_cipher_type_alloc(ct, &c, test_case->key_length_octets,
test_case->tag_length_octets);
if (status) {
return status;
}
/*
* test the encrypt function
*/
debug_print0(srtp_mod_cipher, "testing encryption");
/* initialize cipher */
status = srtp_cipher_init(c, test_case->key);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
/* copy plaintext into test buffer */
if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
srtp_cipher_dealloc(c);
return srtp_err_status_bad_param;
}
for (k = 0; k < test_case->plaintext_length_octets; k++) {
buffer[k] = test_case->plaintext[k];
}
debug_print(srtp_mod_cipher, "plaintext: %s",
srtp_octet_string_hex_string(
buffer, test_case->plaintext_length_octets));
/* set the initialization vector */
status = srtp_cipher_set_iv(c, (uint8_t *)test_case->idx,
srtp_direction_encrypt);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
if (c->algorithm == SRTP_AES_GCM_128 ||
c->algorithm == SRTP_AES_GCM_256) {
debug_print(srtp_mod_cipher, "IV: %s",
srtp_octet_string_hex_string(test_case->idx, 12));
/*
* Set the AAD
*/
status = srtp_cipher_set_aad(c, test_case->aad,
test_case->aad_length_octets);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
debug_print(srtp_mod_cipher, "AAD: %s",
srtp_octet_string_hex_string(
test_case->aad, test_case->aad_length_octets));
}
/* encrypt */
len = test_case->plaintext_length_octets;
status = srtp_cipher_encrypt(c, buffer, &len);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
if (c->algorithm == SRTP_AES_GCM_128 ||
c->algorithm == SRTP_AES_GCM_256) {
/*
* Get the GCM tag
*/
status = srtp_cipher_get_tag(c, buffer + len, &tag_len);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
len += tag_len;
}
debug_print(srtp_mod_cipher, "ciphertext: %s",
srtp_octet_string_hex_string(
buffer, test_case->ciphertext_length_octets));
/* compare the resulting ciphertext with that in the test case */
if (len != test_case->ciphertext_length_octets) {
srtp_cipher_dealloc(c);
return srtp_err_status_algo_fail;
}
status = srtp_err_status_ok;
for (k = 0; k < test_case->ciphertext_length_octets; k++) {
if (buffer[k] != test_case->ciphertext[k]) {
status = srtp_err_status_algo_fail;
debug_print(srtp_mod_cipher, "test case %d failed", case_num);
debug_print(srtp_mod_cipher, "(failure at byte %u)", k);
break;
}
}
if (status) {
debug_print(srtp_mod_cipher, "c computed: %s",
srtp_octet_string_hex_string(
buffer, 2 * test_case->plaintext_length_octets));
debug_print(srtp_mod_cipher, "c expected: %s",
srtp_octet_string_hex_string(
test_case->ciphertext,
2 * test_case->plaintext_length_octets));
srtp_cipher_dealloc(c);
return srtp_err_status_algo_fail;
}
/*
* test the decrypt function
*/
debug_print0(srtp_mod_cipher, "testing decryption");
/* re-initialize cipher for decryption */
status = srtp_cipher_init(c, test_case->key);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
/* copy ciphertext into test buffer */
if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
srtp_cipher_dealloc(c);
return srtp_err_status_bad_param;
}
for (k = 0; k < test_case->ciphertext_length_octets; k++) {
buffer[k] = test_case->ciphertext[k];
}
debug_print(srtp_mod_cipher, "ciphertext: %s",
srtp_octet_string_hex_string(
buffer, test_case->plaintext_length_octets));
/* set the initialization vector */
status = srtp_cipher_set_iv(c, (uint8_t *)test_case->idx,
srtp_direction_decrypt);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
if (c->algorithm == SRTP_AES_GCM_128 ||
c->algorithm == SRTP_AES_GCM_256) {
/*
* Set the AAD
*/
status = srtp_cipher_set_aad(c, test_case->aad,
test_case->aad_length_octets);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
debug_print(srtp_mod_cipher, "AAD: %s",
srtp_octet_string_hex_string(
test_case->aad, test_case->aad_length_octets));
}
/* decrypt */
len = test_case->ciphertext_length_octets;
status = srtp_cipher_decrypt(c, buffer, &len);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
debug_print(srtp_mod_cipher, "plaintext: %s",
srtp_octet_string_hex_string(
buffer, test_case->plaintext_length_octets));
/* compare the resulting plaintext with that in the test case */
if (len != test_case->plaintext_length_octets) {
srtp_cipher_dealloc(c);
return srtp_err_status_algo_fail;
}
status = srtp_err_status_ok;
for (k = 0; k < test_case->plaintext_length_octets; k++) {
if (buffer[k] != test_case->plaintext[k]) {
status = srtp_err_status_algo_fail;
debug_print(srtp_mod_cipher, "test case %d failed", case_num);
debug_print(srtp_mod_cipher, "(failure at byte %u)", k);
}
}
if (status) {
debug_print(srtp_mod_cipher, "p computed: %s",
srtp_octet_string_hex_string(
buffer, 2 * test_case->plaintext_length_octets));
debug_print(srtp_mod_cipher, "p expected: %s",
srtp_octet_string_hex_string(
test_case->plaintext,
2 * test_case->plaintext_length_octets));
srtp_cipher_dealloc(c);
return srtp_err_status_algo_fail;
}
/* deallocate the cipher */
status = srtp_cipher_dealloc(c);
if (status) {
return status;
}
/*
* the cipher passed the test case, so move on to the next test
* case in the list; if NULL, we'l proceed to the next test
*/
test_case = test_case->next_test_case;
++case_num;
}
/* now run some random invertibility tests */
/* allocate cipher, using paramaters from the first test case */
test_case = test_data;
status = srtp_cipher_type_alloc(ct, &c, test_case->key_length_octets,
test_case->tag_length_octets);
if (status) {
return status;
}
for (j = 0; j < NUM_RAND_TESTS; j++) {
unsigned int length;
unsigned int plaintext_len;
uint8_t key[MAX_KEY_LEN];
uint8_t iv[MAX_KEY_LEN];
/* choose a length at random (leaving room for IV and padding) */
length = srtp_cipher_rand_u32_for_tests() % (SELF_TEST_BUF_OCTETS - 64);
debug_print(srtp_mod_cipher, "random plaintext length %d\n", length);
srtp_cipher_rand_for_tests(buffer, length);
debug_print(srtp_mod_cipher, "plaintext: %s",
srtp_octet_string_hex_string(buffer, length));
/* copy plaintext into second buffer */
for (i = 0; (unsigned int)i < length; i++) {
buffer2[i] = buffer[i];
}
/* choose a key at random */
if (test_case->key_length_octets > MAX_KEY_LEN) {
srtp_cipher_dealloc(c);
return srtp_err_status_cant_check;
}
srtp_cipher_rand_for_tests(key, test_case->key_length_octets);
/* chose a random initialization vector */
srtp_cipher_rand_for_tests(iv, MAX_KEY_LEN);
/* initialize cipher */
status = srtp_cipher_init(c, key);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
/* set initialization vector */
status = srtp_cipher_set_iv(c, (uint8_t *)test_case->idx,
srtp_direction_encrypt);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
if (c->algorithm == SRTP_AES_GCM_128 ||
c->algorithm == SRTP_AES_GCM_256) {
/*
* Set the AAD
*/
status = srtp_cipher_set_aad(c, test_case->aad,
test_case->aad_length_octets);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
debug_print(srtp_mod_cipher, "AAD: %s",
srtp_octet_string_hex_string(
test_case->aad, test_case->aad_length_octets));
}
/* encrypt buffer with cipher */
plaintext_len = length;
status = srtp_cipher_encrypt(c, buffer, &length);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
if (c->algorithm == SRTP_AES_GCM_128 ||
c->algorithm == SRTP_AES_GCM_256) {
/*
* Get the GCM tag
*/
status = srtp_cipher_get_tag(c, buffer + length, &tag_len);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
length += tag_len;
}
debug_print(srtp_mod_cipher, "ciphertext: %s",
srtp_octet_string_hex_string(buffer, length));
/*
* re-initialize cipher for decryption, re-set the iv, then
* decrypt the ciphertext
*/
status = srtp_cipher_init(c, key);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
status = srtp_cipher_set_iv(c, (uint8_t *)test_case->idx,
srtp_direction_decrypt);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
if (c->algorithm == SRTP_AES_GCM_128 ||
c->algorithm == SRTP_AES_GCM_256) {
/*
* Set the AAD
*/
status = srtp_cipher_set_aad(c, test_case->aad,
test_case->aad_length_octets);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
debug_print(srtp_mod_cipher, "AAD: %s",
srtp_octet_string_hex_string(
test_case->aad, test_case->aad_length_octets));
}
status = srtp_cipher_decrypt(c, buffer, &length);
if (status) {
srtp_cipher_dealloc(c);
return status;
}
debug_print(srtp_mod_cipher, "plaintext[2]: %s",
srtp_octet_string_hex_string(buffer, length));
/* compare the resulting plaintext with the original one */
if (length != plaintext_len) {
srtp_cipher_dealloc(c);
return srtp_err_status_algo_fail;
}
status = srtp_err_status_ok;
for (k = 0; k < plaintext_len; k++) {
if (buffer[k] != buffer2[k]) {
status = srtp_err_status_algo_fail;
debug_print(srtp_mod_cipher, "random test case %d failed",
case_num);
debug_print(srtp_mod_cipher, "(failure at byte %u)", k);
}
}
if (status) {
srtp_cipher_dealloc(c);
return srtp_err_status_algo_fail;
}
}
status = srtp_cipher_dealloc(c);
if (status) {
return status;
}
return srtp_err_status_ok;
}
/*
* srtp_cipher_type_self_test(ct) performs srtp_cipher_type_test on ct's
* internal list of test data.
*/
srtp_err_status_t srtp_cipher_type_self_test(const srtp_cipher_type_t *ct)
{
return srtp_cipher_type_test(ct, ct->test_data);
}
/*
* cipher_bits_per_second(c, l, t) computes (an estimate of) the
* number of bits that a cipher implementation can encrypt in a second
*
* c is a cipher (which MUST be allocated and initialized already), l
* is the length in octets of the test data to be encrypted, and t is
* the number of trials
*
* if an error is encountered, the value 0 is returned
*/
uint64_t srtp_cipher_bits_per_second(srtp_cipher_t *c,
int octets_in_buffer,
int num_trials)
{
int i;
v128_t nonce;
clock_t timer;
unsigned char *enc_buf;
unsigned int len = octets_in_buffer;
enc_buf = (unsigned char *)srtp_crypto_alloc(octets_in_buffer);
if (enc_buf == NULL) {
return 0; /* indicate bad parameters by returning null */
}
/* time repeated trials */
v128_set_to_zero(&nonce);
timer = clock();
for (i = 0; i < num_trials; i++, nonce.v32[3] = i) {
if (srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt) !=
srtp_err_status_ok) {
srtp_crypto_free(enc_buf);
return 0;
}
if (srtp_cipher_encrypt(c, enc_buf, &len) != srtp_err_status_ok) {
srtp_crypto_free(enc_buf);
return 0;
}
}
timer = clock() - timer;
srtp_crypto_free(enc_buf);
if (timer == 0) {
/* Too fast! */
return 0;
}
return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
}

153
trunk/3rdparty/libsrtp-2-fit/crypto/cipher/null_cipher.c vendored Normal file
View file

@ -0,0 +1,153 @@
/*
* null_cipher.c
*
* A null cipher implementation. This cipher leaves the plaintext
* unchanged.
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "datatypes.h"
#include "null_cipher.h"
#include "err.h" /* for srtp_debug */
#include "alloc.h"
#include "cipher_types.h"
static srtp_err_status_t srtp_null_cipher_alloc(srtp_cipher_t **c,
int key_len,
int tlen)
{
extern const srtp_cipher_type_t srtp_null_cipher;
debug_print(srtp_mod_cipher, "allocating cipher with key length %d",
key_len);
/* allocate memory a cipher of type null_cipher */
*c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t));
if (*c == NULL) {
return srtp_err_status_alloc_fail;
}
/* set pointers */
(*c)->algorithm = SRTP_NULL_CIPHER;
(*c)->type = &srtp_null_cipher;
(*c)->state = (void *)0x1; /* The null cipher does not maintain state */
/* set key size */
(*c)->key_len = key_len;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_cipher_dealloc(srtp_cipher_t *c)
{
extern const srtp_cipher_type_t srtp_null_cipher;
/* zeroize entire state*/
octet_string_set_to_zero(c, sizeof(srtp_cipher_t));
/* free memory of type null_cipher */
srtp_crypto_free(c);
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_cipher_init(void *cv, const uint8_t *key)
{
/* srtp_null_cipher_ctx_t *c = (srtp_null_cipher_ctx_t *)cv; */
debug_print0(srtp_mod_cipher, "initializing null cipher");
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_cipher_set_iv(void *cv,
uint8_t *iv,
srtp_cipher_direction_t dir)
{
/* srtp_null_cipher_ctx_t *c = (srtp_null_cipher_ctx_t *)cv; */
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_cipher_encrypt(void *cv,
unsigned char *buf,
unsigned int *bytes_to_encr)
{
/* srtp_null_cipher_ctx_t *c = (srtp_null_cipher_ctx_t *)cv; */
return srtp_err_status_ok;
}
static const char srtp_null_cipher_description[] = "null cipher";
static const srtp_cipher_test_case_t srtp_null_cipher_test_0 = {
0, /* octets in key */
NULL, /* key */
0, /* packet index */
0, /* octets in plaintext */
NULL, /* plaintext */
0, /* octets in plaintext */
NULL, /* ciphertext */
0, /* */
NULL, /* */
0, /* */
NULL /* pointer to next testcase */
};
/*
* note: the decrypt function is idential to the encrypt function
*/
const srtp_cipher_type_t srtp_null_cipher = {
srtp_null_cipher_alloc, /* */
srtp_null_cipher_dealloc, /* */
srtp_null_cipher_init, /* */
0, /* set_aad */
srtp_null_cipher_encrypt, /* */
srtp_null_cipher_encrypt, /* */
srtp_null_cipher_set_iv, /* */
0, /* get_tag */
srtp_null_cipher_description, /* */
&srtp_null_cipher_test_0, /* */
SRTP_NULL_CIPHER /* */
};

187
trunk/3rdparty/libsrtp-2-fit/crypto/hash/auth.c vendored Normal file
View file

@ -0,0 +1,187 @@
/*
* auth.c
*
* some bookkeeping functions for authentication functions
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "auth.h"
#include "err.h" /* for srtp_debug */
#include "datatypes.h" /* for octet_string */
/* the debug module for authentiation */
srtp_debug_module_t srtp_mod_auth = {
0, /* debugging is off by default */
"auth func" /* printable name for module */
};
int srtp_auth_get_key_length(const srtp_auth_t *a)
{
return a->key_len;
}
int srtp_auth_get_tag_length(const srtp_auth_t *a)
{
return a->out_len;
}
int srtp_auth_get_prefix_length(const srtp_auth_t *a)
{
return a->prefix_len;
}
/*
* srtp_auth_type_test() tests an auth function of type ct against
* test cases provided in a list test_data of values of key, data, and tag
* that is known to be good
*/
/* should be big enough for most occasions */
#define SELF_TEST_TAG_BUF_OCTETS 32
srtp_err_status_t srtp_auth_type_test(const srtp_auth_type_t *at,
const srtp_auth_test_case_t *test_data)
{
const srtp_auth_test_case_t *test_case = test_data;
srtp_auth_t *a;
srtp_err_status_t status;
uint8_t tag[SELF_TEST_TAG_BUF_OCTETS];
int i, case_num = 0;
debug_print(srtp_mod_auth, "running self-test for auth function %s",
at->description);
/*
* check to make sure that we have at least one test case, and
* return an error if we don't - we need to be paranoid here
*/
if (test_case == NULL) {
return srtp_err_status_cant_check;
}
/* loop over all test cases */
while (test_case != NULL) {
/* check test case parameters */
if (test_case->tag_length_octets > SELF_TEST_TAG_BUF_OCTETS) {
return srtp_err_status_bad_param;
}
/* allocate auth */
status = srtp_auth_type_alloc(at, &a, test_case->key_length_octets,
test_case->tag_length_octets);
if (status) {
return status;
}
/* initialize auth */
status = srtp_auth_init(a, test_case->key);
if (status) {
srtp_auth_dealloc(a);
return status;
}
/* zeroize tag then compute */
octet_string_set_to_zero(tag, test_case->tag_length_octets);
status = srtp_auth_compute(a, test_case->data,
test_case->data_length_octets, tag);
if (status) {
srtp_auth_dealloc(a);
return status;
}
debug_print(srtp_mod_auth, "key: %s",
srtp_octet_string_hex_string(test_case->key,
test_case->key_length_octets));
debug_print(srtp_mod_auth, "data: %s",
srtp_octet_string_hex_string(
test_case->data, test_case->data_length_octets));
debug_print(
srtp_mod_auth, "tag computed: %s",
srtp_octet_string_hex_string(tag, test_case->tag_length_octets));
debug_print(srtp_mod_auth, "tag expected: %s",
srtp_octet_string_hex_string(test_case->tag,
test_case->tag_length_octets));
/* check the result */
status = srtp_err_status_ok;
for (i = 0; i < test_case->tag_length_octets; i++) {
if (tag[i] != test_case->tag[i]) {
status = srtp_err_status_algo_fail;
debug_print(srtp_mod_auth, "test case %d failed", case_num);
debug_print(srtp_mod_auth, " (mismatch at octet %d)", i);
}
}
if (status) {
srtp_auth_dealloc(a);
return srtp_err_status_algo_fail;
}
/* deallocate the auth function */
status = srtp_auth_dealloc(a);
if (status) {
return status;
}
/*
* the auth function passed the test case, so move on to the next test
* case in the list; if NULL, we'll quit and return an OK
*/
test_case = test_case->next_test_case;
++case_num;
}
return srtp_err_status_ok;
}
/*
* srtp_auth_type_self_test(at) performs srtp_auth_type_test on at's internal
* list of test data.
*/
srtp_err_status_t srtp_auth_type_self_test(const srtp_auth_type_t *at)
{
return srtp_auth_type_test(at, at->test_data);
}

283
trunk/3rdparty/libsrtp-2-fit/crypto/hash/hmac.c vendored Normal file
View file

@ -0,0 +1,283 @@
/*
* hmac.c
*
* implementation of hmac srtp_auth_type_t
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "hmac.h"
#include "alloc.h"
#include "cipher_types.h"
/* the debug module for authentiation */
srtp_debug_module_t srtp_mod_hmac = {
0, /* debugging is off by default */
"hmac sha-1" /* printable name for module */
};
static srtp_err_status_t srtp_hmac_alloc(srtp_auth_t **a,
int key_len,
int out_len)
{
extern const srtp_auth_type_t srtp_hmac;
uint8_t *pointer;
debug_print(srtp_mod_hmac, "allocating auth func with key length %d",
key_len);
debug_print(srtp_mod_hmac, " tag length %d",
out_len);
/*
* check key length - note that we don't support keys larger
* than 20 bytes yet
*/
if (key_len > 20) {
return srtp_err_status_bad_param;
}
/* check output length - should be less than 20 bytes */
if (out_len > 20) {
return srtp_err_status_bad_param;
}
/* allocate memory for auth and srtp_hmac_ctx_t structures */
pointer = (uint8_t *)srtp_crypto_alloc(sizeof(srtp_hmac_ctx_t) +
sizeof(srtp_auth_t));
if (pointer == NULL) {
return srtp_err_status_alloc_fail;
}
/* set pointers */
*a = (srtp_auth_t *)pointer;
(*a)->type = &srtp_hmac;
(*a)->state = pointer + sizeof(srtp_auth_t);
(*a)->out_len = out_len;
(*a)->key_len = key_len;
(*a)->prefix_len = 0;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_dealloc(srtp_auth_t *a)
{
/* zeroize entire state*/
octet_string_set_to_zero(a, sizeof(srtp_hmac_ctx_t) + sizeof(srtp_auth_t));
/* free memory */
srtp_crypto_free(a);
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_init(void *statev,
const uint8_t *key,
int key_len)
{
srtp_hmac_ctx_t *state = (srtp_hmac_ctx_t *)statev;
int i;
uint8_t ipad[64];
/*
* check key length - note that we don't support keys larger
* than 20 bytes yet
*/
if (key_len > 20) {
return srtp_err_status_bad_param;
}
/*
* set values of ipad and opad by exoring the key into the
* appropriate constant values
*/
for (i = 0; i < key_len; i++) {
ipad[i] = key[i] ^ 0x36;
state->opad[i] = key[i] ^ 0x5c;
}
/* set the rest of ipad, opad to constant values */
for (; i < 64; i++) {
ipad[i] = 0x36;
((uint8_t *)state->opad)[i] = 0x5c;
}
debug_print(srtp_mod_hmac, "ipad: %s",
srtp_octet_string_hex_string(ipad, 64));
/* initialize sha1 context */
srtp_sha1_init(&state->init_ctx);
/* hash ipad ^ key */
srtp_sha1_update(&state->init_ctx, ipad, 64);
memcpy(&state->ctx, &state->init_ctx, sizeof(srtp_sha1_ctx_t));
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_start(void *statev)
{
srtp_hmac_ctx_t *state = (srtp_hmac_ctx_t *)statev;
memcpy(&state->ctx, &state->init_ctx, sizeof(srtp_sha1_ctx_t));
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_update(void *statev,
const uint8_t *message,
int msg_octets)
{
srtp_hmac_ctx_t *state = (srtp_hmac_ctx_t *)statev;
debug_print(srtp_mod_hmac, "input: %s",
srtp_octet_string_hex_string(message, msg_octets));
/* hash message into sha1 context */
srtp_sha1_update(&state->ctx, message, msg_octets);
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_compute(void *statev,
const uint8_t *message,
int msg_octets,
int tag_len,
uint8_t *result)
{
srtp_hmac_ctx_t *state = (srtp_hmac_ctx_t *)statev;
uint32_t hash_value[5];
uint32_t H[5];
int i;
/* check tag length, return error if we can't provide the value expected */
if (tag_len > 20) {
return srtp_err_status_bad_param;
}
/* hash message, copy output into H */
srtp_hmac_update(state, message, msg_octets);
srtp_sha1_final(&state->ctx, H);
/*
* note that we don't need to debug_print() the input, since the
* function hmac_update() already did that for us
*/
debug_print(srtp_mod_hmac, "intermediate state: %s",
srtp_octet_string_hex_string((uint8_t *)H, 20));
/* re-initialize hash context */
srtp_sha1_init(&state->ctx);
/* hash opad ^ key */
srtp_sha1_update(&state->ctx, (uint8_t *)state->opad, 64);
/* hash the result of the inner hash */
srtp_sha1_update(&state->ctx, (uint8_t *)H, 20);
/* the result is returned in the array hash_value[] */
srtp_sha1_final(&state->ctx, hash_value);
/* copy hash_value to *result */
for (i = 0; i < tag_len; i++) {
result[i] = ((uint8_t *)hash_value)[i];
}
debug_print(srtp_mod_hmac, "output: %s",
srtp_octet_string_hex_string((uint8_t *)hash_value, tag_len));
return srtp_err_status_ok;
}
/* begin test case 0 */
/* clang-format off */
static const uint8_t srtp_hmac_test_case_0_key[20] = {
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_hmac_test_case_0_data[8] = {
0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 /* "Hi There" */
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_hmac_test_case_0_tag[20] = {
0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64,
0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e,
0xf1, 0x46, 0xbe, 0x00
};
/* clang-format on */
static const srtp_auth_test_case_t srtp_hmac_test_case_0 = {
20, /* octets in key */
srtp_hmac_test_case_0_key, /* key */
8, /* octets in data */
srtp_hmac_test_case_0_data, /* data */
20, /* octets in tag */
srtp_hmac_test_case_0_tag, /* tag */
NULL /* pointer to next testcase */
};
/* end test case 0 */
static const char srtp_hmac_description[] =
"hmac sha-1 authentication function";
/*
* srtp_auth_type_t hmac is the hmac metaobject
*/
const srtp_auth_type_t srtp_hmac = {
srtp_hmac_alloc, /* */
srtp_hmac_dealloc, /* */
srtp_hmac_init, /* */
srtp_hmac_compute, /* */
srtp_hmac_update, /* */
srtp_hmac_start, /* */
srtp_hmac_description, /* */
&srtp_hmac_test_case_0, /* */
SRTP_HMAC_SHA1 /* */
};

273
trunk/3rdparty/libsrtp-2-fit/crypto/hash/hmac_ossl.c vendored Normal file
View file

@ -0,0 +1,273 @@
/*
* hmac_ossl.c
*
* Implementation of hmac srtp_auth_type_t that leverages OpenSSL
*
* John A. Foley
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2013-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "auth.h"
#include "alloc.h"
#include "err.h" /* for srtp_debug */
#include <openssl/evp.h>
#include <openssl/hmac.h>
#define SHA1_DIGEST_SIZE 20
/* the debug module for authentiation */
srtp_debug_module_t srtp_mod_hmac = {
0, /* debugging is off by default */
"hmac sha-1 openssl" /* printable name for module */
};
static srtp_err_status_t srtp_hmac_alloc(srtp_auth_t **a,
int key_len,
int out_len)
{
extern const srtp_auth_type_t srtp_hmac;
debug_print(srtp_mod_hmac, "allocating auth func with key length %d",
key_len);
debug_print(srtp_mod_hmac, " tag length %d",
out_len);
/* check output length - should be less than 20 bytes */
if (out_len > SHA1_DIGEST_SIZE) {
return srtp_err_status_bad_param;
}
/* OpenSSL 1.1.0 made HMAC_CTX an opaque structure, which must be allocated
using HMAC_CTX_new. But this function doesn't exist in OpenSSL 1.0.x. */
#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER
{
/* allocate memory for auth and HMAC_CTX structures */
uint8_t *pointer;
HMAC_CTX *new_hmac_ctx;
pointer = (uint8_t *)srtp_crypto_alloc(sizeof(HMAC_CTX) +
sizeof(srtp_auth_t));
if (pointer == NULL) {
return srtp_err_status_alloc_fail;
}
*a = (srtp_auth_t *)pointer;
(*a)->state = pointer + sizeof(srtp_auth_t);
new_hmac_ctx = (HMAC_CTX *)((*a)->state);
HMAC_CTX_init(new_hmac_ctx);
}
#else
*a = (srtp_auth_t *)srtp_crypto_alloc(sizeof(srtp_auth_t));
if (*a == NULL) {
return srtp_err_status_alloc_fail;
}
(*a)->state = HMAC_CTX_new();
if ((*a)->state == NULL) {
srtp_crypto_free(*a);
*a = NULL;
return srtp_err_status_alloc_fail;
}
#endif
/* set pointers */
(*a)->type = &srtp_hmac;
(*a)->out_len = out_len;
(*a)->key_len = key_len;
(*a)->prefix_len = 0;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_dealloc(srtp_auth_t *a)
{
HMAC_CTX *hmac_ctx;
hmac_ctx = (HMAC_CTX *)a->state;
#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER
HMAC_CTX_cleanup(hmac_ctx);
/* zeroize entire state*/
octet_string_set_to_zero(a, sizeof(HMAC_CTX) + sizeof(srtp_auth_t));
#else
HMAC_CTX_free(hmac_ctx);
/* zeroize entire state*/
octet_string_set_to_zero(a, sizeof(srtp_auth_t));
#endif
/* free memory */
srtp_crypto_free(a);
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_start(void *statev)
{
HMAC_CTX *state = (HMAC_CTX *)statev;
if (HMAC_Init_ex(state, NULL, 0, NULL, NULL) == 0)
return srtp_err_status_auth_fail;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_init(void *statev,
const uint8_t *key,
int key_len)
{
HMAC_CTX *state = (HMAC_CTX *)statev;
if (HMAC_Init_ex(state, key, key_len, EVP_sha1(), NULL) == 0)
return srtp_err_status_auth_fail;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_update(void *statev,
const uint8_t *message,
int msg_octets)
{
HMAC_CTX *state = (HMAC_CTX *)statev;
debug_print(srtp_mod_hmac, "input: %s",
srtp_octet_string_hex_string(message, msg_octets));
if (HMAC_Update(state, message, msg_octets) == 0)
return srtp_err_status_auth_fail;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_hmac_compute(void *statev,
const uint8_t *message,
int msg_octets,
int tag_len,
uint8_t *result)
{
HMAC_CTX *state = (HMAC_CTX *)statev;
uint8_t hash_value[SHA1_DIGEST_SIZE];
int i;
unsigned int len;
/* check tag length, return error if we can't provide the value expected */
if (tag_len > SHA1_DIGEST_SIZE) {
return srtp_err_status_bad_param;
}
/* hash message, copy output into H */
if (HMAC_Update(state, message, msg_octets) == 0)
return srtp_err_status_auth_fail;
if (HMAC_Final(state, hash_value, &len) == 0)
return srtp_err_status_auth_fail;
if (len < tag_len)
return srtp_err_status_auth_fail;
/* copy hash_value to *result */
for (i = 0; i < tag_len; i++) {
result[i] = hash_value[i];
}
debug_print(srtp_mod_hmac, "output: %s",
srtp_octet_string_hex_string(hash_value, tag_len));
return srtp_err_status_ok;
}
/* begin test case 0 */
/* clang-format off */
static const uint8_t srtp_hmac_test_case_0_key[SHA1_DIGEST_SIZE] = {
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
0x0b, 0x0b, 0x0b, 0x0b
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_hmac_test_case_0_data[8] = {
0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 /* "Hi There" */
};
/* clang-format on */
/* clang-format off */
static const uint8_t srtp_hmac_test_case_0_tag[SHA1_DIGEST_SIZE] = {
0xb6, 0x17, 0x31, 0x86, 0x55, 0x05, 0x72, 0x64,
0xe2, 0x8b, 0xc0, 0xb6, 0xfb, 0x37, 0x8c, 0x8e,
0xf1, 0x46, 0xbe, 0x00
};
/* clang-format on */
static const srtp_auth_test_case_t srtp_hmac_test_case_0 = {
sizeof(srtp_hmac_test_case_0_key), /* octets in key */
srtp_hmac_test_case_0_key, /* key */
sizeof(srtp_hmac_test_case_0_data), /* octets in data */
srtp_hmac_test_case_0_data, /* data */
sizeof(srtp_hmac_test_case_0_tag), /* octets in tag */
srtp_hmac_test_case_0_tag, /* tag */
NULL /* pointer to next testcase */
};
/* end test case 0 */
static const char srtp_hmac_description[] =
"hmac sha-1 authentication function";
/*
* srtp_auth_type_t hmac is the hmac metaobject
*/
const srtp_auth_type_t srtp_hmac = {
srtp_hmac_alloc, /* */
srtp_hmac_dealloc, /* */
srtp_hmac_init, /* */
srtp_hmac_compute, /* */
srtp_hmac_update, /* */
srtp_hmac_start, /* */
srtp_hmac_description, /* */
&srtp_hmac_test_case_0, /* */
SRTP_HMAC_SHA1 /* */
};

168
trunk/3rdparty/libsrtp-2-fit/crypto/hash/null_auth.c vendored Normal file
View file

@ -0,0 +1,168 @@
/*
* null_auth.c
*
* implements the do-nothing auth algorithm
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "null_auth.h"
#include "err.h" /* for srtp_debug */
#include "alloc.h"
#include "cipher_types.h"
static srtp_err_status_t srtp_null_auth_alloc(srtp_auth_t **a,
int key_len,
int out_len)
{
extern const srtp_auth_type_t srtp_null_auth;
uint8_t *pointer;
debug_print(srtp_mod_auth, "allocating auth func with key length %d",
key_len);
debug_print(srtp_mod_auth, " tag length %d",
out_len);
/* allocate memory for auth and srtp_null_auth_ctx_t structures */
pointer = (uint8_t *)srtp_crypto_alloc(sizeof(srtp_null_auth_ctx_t) +
sizeof(srtp_auth_t));
if (pointer == NULL) {
return srtp_err_status_alloc_fail;
}
/* set pointers */
*a = (srtp_auth_t *)pointer;
(*a)->type = &srtp_null_auth;
(*a)->state = pointer + sizeof(srtp_auth_t);
(*a)->out_len = out_len;
(*a)->prefix_len = out_len;
(*a)->key_len = key_len;
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_auth_dealloc(srtp_auth_t *a)
{
extern const srtp_auth_type_t srtp_null_auth;
/* zeroize entire state*/
octet_string_set_to_zero(a, sizeof(srtp_null_auth_ctx_t) +
sizeof(srtp_auth_t));
/* free memory */
srtp_crypto_free(a);
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_auth_init(void *statev,
const uint8_t *key,
int key_len)
{
/* srtp_null_auth_ctx_t *state = (srtp_null_auth_ctx_t *)statev; */
/* accept any length of key, and do nothing */
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_auth_compute(void *statev,
const uint8_t *message,
int msg_octets,
int tag_len,
uint8_t *result)
{
/* srtp_null_auth_ctx_t *state = (srtp_null_auth_ctx_t *)statev; */
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_auth_update(void *statev,
const uint8_t *message,
int msg_octets)
{
/* srtp_null_auth_ctx_t *state = (srtp_null_auth_ctx_t *)statev; */
return srtp_err_status_ok;
}
static srtp_err_status_t srtp_null_auth_start(void *statev)
{
/* srtp_null_auth_ctx_t *state = (srtp_null_auth_ctx_t *)statev; */
return srtp_err_status_ok;
}
/*
* srtp_auth_type_t - defines description, test case, and null_auth
* metaobject
*/
/* begin test case 0 */
static const srtp_auth_test_case_t srtp_null_auth_test_case_0 = {
0, /* octets in key */
NULL, /* key */
0, /* octets in data */
NULL, /* data */
0, /* octets in tag */
NULL, /* tag */
NULL /* pointer to next testcase */
};
/* end test case 0 */
static const char srtp_null_auth_description[] = "null authentication function";
const srtp_auth_type_t srtp_null_auth = {
srtp_null_auth_alloc, /* */
srtp_null_auth_dealloc, /* */
srtp_null_auth_init, /* */
srtp_null_auth_compute, /* */
srtp_null_auth_update, /* */
srtp_null_auth_start, /* */
srtp_null_auth_description, /* */
&srtp_null_auth_test_case_0, /* */
SRTP_NULL_AUTH /* */
};

472
trunk/3rdparty/libsrtp-2-fit/crypto/hash/sha1.c vendored Normal file
View file

@ -0,0 +1,472 @@
/*
* sha1.c
*
* an implementation of the Secure Hash Algorithm v.1 (SHA-1),
* specified in FIPS 180-1
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "sha1.h"
srtp_debug_module_t srtp_mod_sha1 = {
0, /* debugging is off by default */
"sha-1" /* printable module name */
};
/* SN == Rotate left N bits */
#define S1(X) ((X << 1) | (X >> 31))
#define S5(X) ((X << 5) | (X >> 27))
#define S30(X) ((X << 30) | (X >> 2))
#define f0(B, C, D) ((B & C) | (~B & D))
#define f1(B, C, D) (B ^ C ^ D)
#define f2(B, C, D) ((B & C) | (B & D) | (C & D))
#define f3(B, C, D) (B ^ C ^ D)
/*
* nota bene: the variable K0 appears in the curses library, so we
* give longer names to these variables to avoid spurious warnings
* on systems that uses curses
*/
uint32_t SHA_K0 = 0x5A827999; /* Kt for 0 <= t <= 19 */
uint32_t SHA_K1 = 0x6ED9EBA1; /* Kt for 20 <= t <= 39 */
uint32_t SHA_K2 = 0x8F1BBCDC; /* Kt for 40 <= t <= 59 */
uint32_t SHA_K3 = 0xCA62C1D6; /* Kt for 60 <= t <= 79 */
void srtp_sha1(const uint8_t *msg, int octets_in_msg, uint32_t hash_value[5])
{
srtp_sha1_ctx_t ctx;
srtp_sha1_init(&ctx);
srtp_sha1_update(&ctx, msg, octets_in_msg);
srtp_sha1_final(&ctx, hash_value);
}
/*
* srtp_sha1_core(M, H) computes the core compression function, where M is
* the next part of the message (in network byte order) and H is the
* intermediate state { H0, H1, ...} (in host byte order)
*
* this function does not do any of the padding required in the
* complete SHA1 function
*
* this function is used in the SEAL 3.0 key setup routines
* (crypto/cipher/seal.c)
*/
void srtp_sha1_core(const uint32_t M[16], uint32_t hash_value[5])
{
uint32_t H0;
uint32_t H1;
uint32_t H2;
uint32_t H3;
uint32_t H4;
uint32_t W[80];
uint32_t A, B, C, D, E, TEMP;
int t;
/* copy hash_value into H0, H1, H2, H3, H4 */
H0 = hash_value[0];
H1 = hash_value[1];
H2 = hash_value[2];
H3 = hash_value[3];
H4 = hash_value[4];
/* copy/xor message into array */
W[0] = be32_to_cpu(M[0]);
W[1] = be32_to_cpu(M[1]);
W[2] = be32_to_cpu(M[2]);
W[3] = be32_to_cpu(M[3]);
W[4] = be32_to_cpu(M[4]);
W[5] = be32_to_cpu(M[5]);
W[6] = be32_to_cpu(M[6]);
W[7] = be32_to_cpu(M[7]);
W[8] = be32_to_cpu(M[8]);
W[9] = be32_to_cpu(M[9]);
W[10] = be32_to_cpu(M[10]);
W[11] = be32_to_cpu(M[11]);
W[12] = be32_to_cpu(M[12]);
W[13] = be32_to_cpu(M[13]);
W[14] = be32_to_cpu(M[14]);
W[15] = be32_to_cpu(M[15]);
TEMP = W[13] ^ W[8] ^ W[2] ^ W[0];
W[16] = S1(TEMP);
TEMP = W[14] ^ W[9] ^ W[3] ^ W[1];
W[17] = S1(TEMP);
TEMP = W[15] ^ W[10] ^ W[4] ^ W[2];
W[18] = S1(TEMP);
TEMP = W[16] ^ W[11] ^ W[5] ^ W[3];
W[19] = S1(TEMP);
TEMP = W[17] ^ W[12] ^ W[6] ^ W[4];
W[20] = S1(TEMP);
TEMP = W[18] ^ W[13] ^ W[7] ^ W[5];
W[21] = S1(TEMP);
TEMP = W[19] ^ W[14] ^ W[8] ^ W[6];
W[22] = S1(TEMP);
TEMP = W[20] ^ W[15] ^ W[9] ^ W[7];
W[23] = S1(TEMP);
TEMP = W[21] ^ W[16] ^ W[10] ^ W[8];
W[24] = S1(TEMP);
TEMP = W[22] ^ W[17] ^ W[11] ^ W[9];
W[25] = S1(TEMP);
TEMP = W[23] ^ W[18] ^ W[12] ^ W[10];
W[26] = S1(TEMP);
TEMP = W[24] ^ W[19] ^ W[13] ^ W[11];
W[27] = S1(TEMP);
TEMP = W[25] ^ W[20] ^ W[14] ^ W[12];
W[28] = S1(TEMP);
TEMP = W[26] ^ W[21] ^ W[15] ^ W[13];
W[29] = S1(TEMP);
TEMP = W[27] ^ W[22] ^ W[16] ^ W[14];
W[30] = S1(TEMP);
TEMP = W[28] ^ W[23] ^ W[17] ^ W[15];
W[31] = S1(TEMP);
/* process the remainder of the array */
for (t = 32; t < 80; t++) {
TEMP = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16];
W[t] = S1(TEMP);
}
A = H0;
B = H1;
C = H2;
D = H3;
E = H4;
for (t = 0; t < 20; t++) {
TEMP = S5(A) + f0(B, C, D) + E + W[t] + SHA_K0;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 40; t++) {
TEMP = S5(A) + f1(B, C, D) + E + W[t] + SHA_K1;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 60; t++) {
TEMP = S5(A) + f2(B, C, D) + E + W[t] + SHA_K2;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 80; t++) {
TEMP = S5(A) + f3(B, C, D) + E + W[t] + SHA_K3;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
hash_value[0] = H0 + A;
hash_value[1] = H1 + B;
hash_value[2] = H2 + C;
hash_value[3] = H3 + D;
hash_value[4] = H4 + E;
return;
}
void srtp_sha1_init(srtp_sha1_ctx_t *ctx)
{
/* initialize state vector */
ctx->H[0] = 0x67452301;
ctx->H[1] = 0xefcdab89;
ctx->H[2] = 0x98badcfe;
ctx->H[3] = 0x10325476;
ctx->H[4] = 0xc3d2e1f0;
/* indicate that message buffer is empty */
ctx->octets_in_buffer = 0;
/* reset message bit-count to zero */
ctx->num_bits_in_msg = 0;
}
void srtp_sha1_update(srtp_sha1_ctx_t *ctx,
const uint8_t *msg,
int octets_in_msg)
{
int i;
uint8_t *buf = (uint8_t *)ctx->M;
/* update message bit-count */
ctx->num_bits_in_msg += octets_in_msg * 8;
/* loop over 16-word blocks of M */
while (octets_in_msg > 0) {
if (octets_in_msg + ctx->octets_in_buffer >= 64) {
/*
* copy words of M into msg buffer until that buffer is full,
* converting them into host byte order as needed
*/
octets_in_msg -= (64 - ctx->octets_in_buffer);
for (i = ctx->octets_in_buffer; i < 64; i++) {
buf[i] = *msg++;
}
ctx->octets_in_buffer = 0;
/* process a whole block */
debug_print0(srtp_mod_sha1, "(update) running srtp_sha1_core()");
srtp_sha1_core(ctx->M, ctx->H);
} else {
debug_print0(srtp_mod_sha1,
"(update) not running srtp_sha1_core()");
for (i = ctx->octets_in_buffer;
i < (ctx->octets_in_buffer + octets_in_msg); i++) {
buf[i] = *msg++;
}
ctx->octets_in_buffer += octets_in_msg;
octets_in_msg = 0;
}
}
}
/*
* srtp_sha1_final(ctx, output) computes the result for ctx and copies it
* into the twenty octets located at *output
*/
void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t *output)
{
uint32_t A, B, C, D, E, TEMP;
uint32_t W[80];
int i, t;
/*
* process the remaining octets_in_buffer, padding and terminating as
* necessary
*/
{
int tail = ctx->octets_in_buffer % 4;
/* copy/xor message into array */
for (i = 0; i < (ctx->octets_in_buffer + 3) / 4; i++) {
W[i] = be32_to_cpu(ctx->M[i]);
}
/* set the high bit of the octet immediately following the message */
switch (tail) {
case (3):
W[i - 1] = (be32_to_cpu(ctx->M[i - 1]) & 0xffffff00) | 0x80;
W[i] = 0x0;
break;
case (2):
W[i - 1] = (be32_to_cpu(ctx->M[i - 1]) & 0xffff0000) | 0x8000;
W[i] = 0x0;
break;
case (1):
W[i - 1] = (be32_to_cpu(ctx->M[i - 1]) & 0xff000000) | 0x800000;
W[i] = 0x0;
break;
case (0):
W[i] = 0x80000000;
break;
}
/* zeroize remaining words */
for (i++; i < 15; i++) {
W[i] = 0x0;
}
/*
* if there is room at the end of the word array, then set the
* last word to the bit-length of the message; otherwise, set that
* word to zero and then we need to do one more run of the
* compression algo.
*/
if (ctx->octets_in_buffer < 56) {
W[15] = ctx->num_bits_in_msg;
} else if (ctx->octets_in_buffer < 60) {
W[15] = 0x0;
}
/* process the word array */
for (t = 16; t < 80; t++) {
TEMP = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16];
W[t] = S1(TEMP);
}
A = ctx->H[0];
B = ctx->H[1];
C = ctx->H[2];
D = ctx->H[3];
E = ctx->H[4];
for (t = 0; t < 20; t++) {
TEMP = S5(A) + f0(B, C, D) + E + W[t] + SHA_K0;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 40; t++) {
TEMP = S5(A) + f1(B, C, D) + E + W[t] + SHA_K1;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 60; t++) {
TEMP = S5(A) + f2(B, C, D) + E + W[t] + SHA_K2;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 80; t++) {
TEMP = S5(A) + f3(B, C, D) + E + W[t] + SHA_K3;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
ctx->H[0] += A;
ctx->H[1] += B;
ctx->H[2] += C;
ctx->H[3] += D;
ctx->H[4] += E;
}
debug_print0(srtp_mod_sha1, "(final) running srtp_sha1_core()");
if (ctx->octets_in_buffer >= 56) {
debug_print0(srtp_mod_sha1, "(final) running srtp_sha1_core() again");
/* we need to do one final run of the compression algo */
/*
* set initial part of word array to zeros, and set the
* final part to the number of bits in the message
*/
for (i = 0; i < 15; i++) {
W[i] = 0x0;
}
W[15] = ctx->num_bits_in_msg;
/* process the word array */
for (t = 16; t < 80; t++) {
TEMP = W[t - 3] ^ W[t - 8] ^ W[t - 14] ^ W[t - 16];
W[t] = S1(TEMP);
}
A = ctx->H[0];
B = ctx->H[1];
C = ctx->H[2];
D = ctx->H[3];
E = ctx->H[4];
for (t = 0; t < 20; t++) {
TEMP = S5(A) + f0(B, C, D) + E + W[t] + SHA_K0;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 40; t++) {
TEMP = S5(A) + f1(B, C, D) + E + W[t] + SHA_K1;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 60; t++) {
TEMP = S5(A) + f2(B, C, D) + E + W[t] + SHA_K2;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
for (; t < 80; t++) {
TEMP = S5(A) + f3(B, C, D) + E + W[t] + SHA_K3;
E = D;
D = C;
C = S30(B);
B = A;
A = TEMP;
}
ctx->H[0] += A;
ctx->H[1] += B;
ctx->H[2] += C;
ctx->H[3] += D;
ctx->H[4] += E;
}
/* copy result into output buffer */
output[0] = be32_to_cpu(ctx->H[0]);
output[1] = be32_to_cpu(ctx->H[1]);
output[2] = be32_to_cpu(ctx->H[2]);
output[3] = be32_to_cpu(ctx->H[3]);
output[4] = be32_to_cpu(ctx->H[4]);
/* indicate that message buffer in context is empty */
ctx->octets_in_buffer = 0;
return;
}

83
trunk/3rdparty/libsrtp-2-fit/crypto/include/aes.h vendored Normal file
View file

@ -0,0 +1,83 @@
/*
* aes.h
*
* header file for the AES block cipher
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef AES_H
#define AES_H
#include "datatypes.h"
#include "err.h"
#ifdef __cplusplus
extern "C" {
#endif
/* aes internals */
typedef struct {
v128_t round[15];
int num_rounds;
} srtp_aes_expanded_key_t;
srtp_err_status_t srtp_aes_expand_encryption_key(
const uint8_t *key,
int key_len,
srtp_aes_expanded_key_t *expanded_key);
srtp_err_status_t srtp_aes_expand_decryption_key(
const uint8_t *key,
int key_len,
srtp_aes_expanded_key_t *expanded_key);
void srtp_aes_encrypt(v128_t *plaintext,
const srtp_aes_expanded_key_t *exp_key);
void srtp_aes_decrypt(v128_t *plaintext,
const srtp_aes_expanded_key_t *exp_key);
#ifdef __cplusplus
}
#endif
#endif /* AES_H */

89
trunk/3rdparty/libsrtp-2-fit/crypto/include/aes_gcm.h vendored Normal file
View file

@ -0,0 +1,89 @@
/*
* aes_gcm.h
*
* Header for AES Galois Counter Mode.
*
* John A. Foley
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2013-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef AES_GCM_H
#define AES_GCM_H
#include "cipher.h"
#include "srtp.h"
#include "datatypes.h"
#ifdef OPENSSL
#include <openssl/evp.h>
#include <openssl/aes.h>
typedef struct {
int key_size;
int tag_len;
EVP_CIPHER_CTX *ctx;
srtp_cipher_direction_t dir;
} srtp_aes_gcm_ctx_t;
#endif /* OPENSSL */
#ifdef NSS
#include <nss.h>
#include <pk11pub.h>
#define MAX_AD_SIZE 2048
typedef struct {
int key_size;
int tag_size;
srtp_cipher_direction_t dir;
NSSInitContext *nss;
PK11SymKey *key;
uint8_t iv[12];
uint8_t aad[MAX_AD_SIZE];
int aad_size;
CK_GCM_PARAMS params;
uint8_t tag[16];
} srtp_aes_gcm_ctx_t;
#endif /* NSS */
#endif /* AES_GCM_H */

62
trunk/3rdparty/libsrtp-2-fit/crypto/include/aes_icm.h vendored Normal file
View file

@ -0,0 +1,62 @@
/*
* aes_icm.h
*
* Header for AES Integer Counter Mode.
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef AES_ICM_H
#define AES_ICM_H
#include "aes.h"
#include "cipher.h"
typedef struct {
v128_t counter; /* holds the counter value */
v128_t offset; /* initial offset value */
v128_t keystream_buffer; /* buffers bytes of keystream */
srtp_aes_expanded_key_t expanded_key; /* the cipher key */
int bytes_in_buffer; /* number of unused bytes in buffer */
int key_size; /* AES key size + 14 byte SALT */
} srtp_aes_icm_ctx_t;
#endif /* AES_ICM_H */

83
trunk/3rdparty/libsrtp-2-fit/crypto/include/aes_icm_ext.h vendored Normal file
View file

@ -0,0 +1,83 @@
/*
* aes_icm.h
*
* Header for AES Integer Counter Mode.
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef AES_ICM_H
#define AES_ICM_H
#include "cipher.h"
#include "datatypes.h"
#ifdef OPENSSL
#include <openssl/evp.h>
#include <openssl/aes.h>
typedef struct {
v128_t counter; /* holds the counter value */
v128_t offset; /* initial offset value */
int key_size;
EVP_CIPHER_CTX *ctx;
} srtp_aes_icm_ctx_t;
#endif /* OPENSSL */
#ifdef NSS
#include <nss.h>
#include <pk11pub.h>
typedef struct {
v128_t counter;
v128_t offset;
int key_size;
uint8_t iv[16];
NSSInitContext *nss;
PK11SymKey *key;
PK11Context *ctx;
} srtp_aes_icm_ctx_t;
#endif /* NSS */
#endif /* AES_ICM_H */

76
trunk/3rdparty/libsrtp-2-fit/crypto/include/alloc.h vendored Normal file
View file

@ -0,0 +1,76 @@
/*
* alloc.h
*
* interface to memory allocation and deallocation, with optional debugging
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef CRYPTO_ALLOC_H
#define CRYPTO_ALLOC_H
#include "datatypes.h"
#ifdef __cplusplus
extern "C" {
#endif
/*
* srtp_crypto_alloc
*
* Allocates a block of memory of given size. The memory will be
* initialized to zero's. Free the memory with a call to srtp_crypto_free.
*
* returns pointer to memory on success or else NULL
*/
void *srtp_crypto_alloc(size_t size);
/*
* srtp_crypto_free
*
* Frees the block of memory ptr previously allocated with
* srtp_crypto_alloc
*/
void srtp_crypto_free(void *ptr);
#ifdef __cplusplus
}
#endif
#endif /* CRYPTO_ALLOC_H */

173
trunk/3rdparty/libsrtp-2-fit/crypto/include/auth.h vendored Normal file
View file

@ -0,0 +1,173 @@
/*
* auth.h
*
* common interface to authentication functions
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef SRTP_AUTH_H
#define SRTP_AUTH_H
#include "srtp.h"
#include "crypto_types.h" /* for values of auth_type_id_t */
#ifdef __cplusplus
extern "C" {
#endif
typedef const struct srtp_auth_type_t *srtp_auth_type_pointer;
typedef struct srtp_auth_t *srtp_auth_pointer_t;
typedef srtp_err_status_t (*srtp_auth_alloc_func)(srtp_auth_pointer_t *ap,
int key_len,
int out_len);
typedef srtp_err_status_t (*srtp_auth_init_func)(void *state,
const uint8_t *key,
int key_len);
typedef srtp_err_status_t (*srtp_auth_dealloc_func)(srtp_auth_pointer_t ap);
typedef srtp_err_status_t (*srtp_auth_compute_func)(void *state,
const uint8_t *buffer,
int octets_to_auth,
int tag_len,
uint8_t *tag);
typedef srtp_err_status_t (*srtp_auth_update_func)(void *state,
const uint8_t *buffer,
int octets_to_auth);
typedef srtp_err_status_t (*srtp_auth_start_func)(void *state);
/* some syntactic sugar on these function types */
#define srtp_auth_type_alloc(at, a, klen, outlen) \
((at)->alloc((a), (klen), (outlen)))
#define srtp_auth_init(a, key) \
(((a)->type)->init((a)->state, (key), ((a)->key_len)))
#define srtp_auth_compute(a, buf, len, res) \
(((a)->type)->compute((a)->state, (buf), (len), (a)->out_len, (res)))
#define srtp_auth_update(a, buf, len) \
(((a)->type)->update((a)->state, (buf), (len)))
#define srtp_auth_start(a) (((a)->type)->start((a)->state))
#define srtp_auth_dealloc(c) (((c)->type)->dealloc(c))
/* functions to get information about a particular auth_t */
int srtp_auth_get_key_length(const struct srtp_auth_t *a);
int srtp_auth_get_tag_length(const struct srtp_auth_t *a);
int srtp_auth_get_prefix_length(const struct srtp_auth_t *a);
/*
* srtp_auth_test_case_t is a (list of) key/message/tag values that are
* known to be correct for a particular cipher. this data can be used
* to test an implementation in an on-the-fly self test of the
* correctness of the implementation. (see the srtp_auth_type_self_test()
* function below)
*/
typedef struct srtp_auth_test_case_t {
int key_length_octets; /* octets in key */
const uint8_t *key; /* key */
int data_length_octets; /* octets in data */
const uint8_t *data; /* data */
int tag_length_octets; /* octets in tag */
const uint8_t *tag; /* tag */
const struct srtp_auth_test_case_t
*next_test_case; /* pointer to next testcase */
} srtp_auth_test_case_t;
/* srtp_auth_type_t */
typedef struct srtp_auth_type_t {
srtp_auth_alloc_func alloc;
srtp_auth_dealloc_func dealloc;
srtp_auth_init_func init;
srtp_auth_compute_func compute;
srtp_auth_update_func update;
srtp_auth_start_func start;
const char *description;
const srtp_auth_test_case_t *test_data;
srtp_auth_type_id_t id;
} srtp_auth_type_t;
typedef struct srtp_auth_t {
const srtp_auth_type_t *type;
void *state;
int out_len; /* length of output tag in octets */
int key_len; /* length of key in octets */
int prefix_len; /* length of keystream prefix */
} srtp_auth_t;
/*
* srtp_auth_type_self_test() tests an auth_type against test cases
* provided in an array of values of key/message/tag that is known to
* be good
*/
srtp_err_status_t srtp_auth_type_self_test(const srtp_auth_type_t *at);
/*
* srtp_auth_type_test() tests an auth_type against external test cases
* provided in an array of values of key/message/tag that is known to
* be good
*/
srtp_err_status_t srtp_auth_type_test(const srtp_auth_type_t *at,
const srtp_auth_test_case_t *test_data);
/*
* srtp_replace_auth_type(ct, id)
*
* replaces srtp's kernel's auth type implementation for the auth_type id
* with a new one passed in externally. The new auth type must pass all the
* existing auth_type's self tests as well as its own.
*/
srtp_err_status_t srtp_replace_auth_type(const srtp_auth_type_t *ct,
srtp_auth_type_id_t id);
#ifdef __cplusplus
}
#endif
#endif /* SRTP_AUTH_H */

248
trunk/3rdparty/libsrtp-2-fit/crypto/include/cipher.h vendored Normal file
View file

@ -0,0 +1,248 @@
/*
* cipher.h
*
* common interface to ciphers
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef SRTP_CIPHER_H
#define SRTP_CIPHER_H
#include "srtp.h"
#include "crypto_types.h" /* for values of cipher_type_id_t */
#ifdef __cplusplus
extern "C" {
#endif
/*
* srtp_cipher_direction_t defines a particular cipher operation.
*
* A srtp_cipher_direction_t is an enum that describes a particular cipher
* operation, i.e. encryption or decryption. For some ciphers, this
* distinction does not matter, but for others, it is essential.
*/
typedef enum {
srtp_direction_encrypt, /**< encryption (convert plaintext to ciphertext) */
srtp_direction_decrypt, /**< decryption (convert ciphertext to plaintext) */
srtp_direction_any /**< encryption or decryption */
} srtp_cipher_direction_t;
/*
* the srtp_cipher_pointer_t definition is needed
* as srtp_cipher_t is not yet defined
*/
typedef struct srtp_cipher_t *srtp_cipher_pointer_t;
/*
* a srtp_cipher_alloc_func_t allocates (but does not initialize) a
* srtp_cipher_t
*/
typedef srtp_err_status_t (*srtp_cipher_alloc_func_t)(srtp_cipher_pointer_t *cp,
int key_len,
int tag_len);
/*
* a srtp_cipher_init_func_t [re-]initializes a cipher_t with a given key
*/
typedef srtp_err_status_t (*srtp_cipher_init_func_t)(void *state,
const uint8_t *key);
/* a srtp_cipher_dealloc_func_t de-allocates a cipher_t */
typedef srtp_err_status_t (*srtp_cipher_dealloc_func_t)(
srtp_cipher_pointer_t cp);
/*
* a srtp_cipher_set_aad_func_t processes the AAD data for AEAD ciphers
*/
typedef srtp_err_status_t (*srtp_cipher_set_aad_func_t)(void *state,
const uint8_t *aad,
uint32_t aad_len);
/* a srtp_cipher_encrypt_func_t encrypts data in-place */
typedef srtp_err_status_t (*srtp_cipher_encrypt_func_t)(
void *state,
uint8_t *buffer,
unsigned int *octets_to_encrypt);
/* a srtp_cipher_decrypt_func_t decrypts data in-place */
typedef srtp_err_status_t (*srtp_cipher_decrypt_func_t)(
void *state,
uint8_t *buffer,
unsigned int *octets_to_decrypt);
/*
* a srtp_cipher_set_iv_func_t function sets the current initialization vector
*/
typedef srtp_err_status_t (*srtp_cipher_set_iv_func_t)(
void *state,
uint8_t *iv,
srtp_cipher_direction_t direction);
/*
* a cipher_get_tag_func_t function is used to get the authentication
* tag that was calculated by an AEAD cipher.
*/
typedef srtp_err_status_t (*srtp_cipher_get_tag_func_t)(void *state,
uint8_t *tag,
uint32_t *len);
/*
* srtp_cipher_test_case_t is a (list of) key, salt, plaintext, ciphertext,
* and aad values that are known to be correct for a
* particular cipher. this data can be used to test an implementation
* in an on-the-fly self test of the correctness of the implementation.
* (see the srtp_cipher_type_self_test() function below)
*/
typedef struct srtp_cipher_test_case_t {
int key_length_octets; /* octets in key */
const uint8_t *key; /* key */
uint8_t *idx; /* packet index */
unsigned int plaintext_length_octets; /* octets in plaintext */
const uint8_t *plaintext; /* plaintext */
unsigned int ciphertext_length_octets; /* octets in plaintext */
const uint8_t *ciphertext; /* ciphertext */
int aad_length_octets; /* octets in AAD */
const uint8_t *aad; /* AAD */
int tag_length_octets; /* Length of AEAD tag */
const struct srtp_cipher_test_case_t
*next_test_case; /* pointer to next testcase */
} srtp_cipher_test_case_t;
/* srtp_cipher_type_t defines the 'metadata' for a particular cipher type */
typedef struct srtp_cipher_type_t {
srtp_cipher_alloc_func_t alloc;
srtp_cipher_dealloc_func_t dealloc;
srtp_cipher_init_func_t init;
srtp_cipher_set_aad_func_t set_aad;
srtp_cipher_encrypt_func_t encrypt;
srtp_cipher_encrypt_func_t decrypt;
srtp_cipher_set_iv_func_t set_iv;
srtp_cipher_get_tag_func_t get_tag;
const char *description;
const srtp_cipher_test_case_t *test_data;
srtp_cipher_type_id_t id;
} srtp_cipher_type_t;
/*
* srtp_cipher_t defines an instantiation of a particular cipher, with fixed
* key length, key and salt values
*/
typedef struct srtp_cipher_t {
const srtp_cipher_type_t *type;
void *state;
int key_len;
int algorithm;
} srtp_cipher_t;
/* some bookkeeping functions */
int srtp_cipher_get_key_length(const srtp_cipher_t *c);
/*
* srtp_cipher_type_self_test() tests a cipher against test cases provided in
* an array of values of key/srtp_xtd_seq_num_t/plaintext/ciphertext
* that is known to be good
*/
srtp_err_status_t srtp_cipher_type_self_test(const srtp_cipher_type_t *ct);
/*
* srtp_cipher_type_test() tests a cipher against external test cases provided
* in
* an array of values of key/srtp_xtd_seq_num_t/plaintext/ciphertext
* that is known to be good
*/
srtp_err_status_t srtp_cipher_type_test(
const srtp_cipher_type_t *ct,
const srtp_cipher_test_case_t *test_data);
/*
* srtp_cipher_bits_per_second(c, l, t) computes (an estimate of) the
* number of bits that a cipher implementation can encrypt in a second
*
* c is a cipher (which MUST be allocated and initialized already), l
* is the length in octets of the test data to be encrypted, and t is
* the number of trials
*
* if an error is encountered, then the value 0 is returned
*/
uint64_t srtp_cipher_bits_per_second(srtp_cipher_t *c,
int octets_in_buffer,
int num_trials);
srtp_err_status_t srtp_cipher_type_alloc(const srtp_cipher_type_t *ct,
srtp_cipher_t **c,
int key_len,
int tlen);
srtp_err_status_t srtp_cipher_dealloc(srtp_cipher_t *c);
srtp_err_status_t srtp_cipher_init(srtp_cipher_t *c, const uint8_t *key);
srtp_err_status_t srtp_cipher_set_iv(srtp_cipher_t *c,
uint8_t *iv,
int direction);
srtp_err_status_t srtp_cipher_output(srtp_cipher_t *c,
uint8_t *buffer,
uint32_t *num_octets_to_output);
srtp_err_status_t srtp_cipher_encrypt(srtp_cipher_t *c,
uint8_t *buffer,
uint32_t *num_octets_to_output);
srtp_err_status_t srtp_cipher_decrypt(srtp_cipher_t *c,
uint8_t *buffer,
uint32_t *num_octets_to_output);
srtp_err_status_t srtp_cipher_get_tag(srtp_cipher_t *c,
uint8_t *buffer,
uint32_t *tag_len);
srtp_err_status_t srtp_cipher_set_aad(srtp_cipher_t *c,
const uint8_t *aad,
uint32_t aad_len);
/*
* srtp_replace_cipher_type(ct, id)
*
* replaces srtp's existing cipher implementation for the cipher_type id
* with a new one passed in externally. The new cipher must pass all the
* existing cipher_type's self tests as well as its own.
*/
srtp_err_status_t srtp_replace_cipher_type(const srtp_cipher_type_t *ct,
srtp_cipher_type_id_t id);
#ifdef __cplusplus
}
#endif
#endif /* SRTP_CIPHER_H */

62
trunk/3rdparty/libsrtp-2-fit/crypto/include/cipher_priv.h vendored Normal file
View file

@ -0,0 +1,62 @@
/*
*
* Copyright(c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef SRTP_CIHPER_PRIV_H
#define SRTP_CIHPER_PRIV_H
#include "cipher.h"
#ifdef __cplusplus
extern "C" {
#endif
/*
* A trivial platform independent random source.
* For use in test only.
*/
void srtp_cipher_rand_for_tests(void *dest, uint32_t len);
/*
* A trivial platform independent 32 bit random number.
* For use in test only.
*/
uint32_t srtp_cipher_rand_u32_for_tests(void);
#ifdef __cplusplus
}
#endif
#endif /* SRTP_CIPHER_PRIV_H */

84
trunk/3rdparty/libsrtp-2-fit/crypto/include/cipher_types.h vendored Normal file
View file

@ -0,0 +1,84 @@
/*
*
* Copyright(c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef CIHPER_TYPES_H
#define CIHPER_TYPES_H
#include "cipher.h"
#include "auth.h"
/*
* cipher types that can be included in the kernel
*/
extern const srtp_cipher_type_t srtp_null_cipher;
extern const srtp_cipher_type_t srtp_aes_icm_128;
extern const srtp_cipher_type_t srtp_aes_icm_256;
#ifdef GCM
extern const srtp_cipher_type_t srtp_aes_icm_192;
extern const srtp_cipher_type_t srtp_aes_gcm_128;
extern const srtp_cipher_type_t srtp_aes_gcm_256;
#endif
/*
* auth func types that can be included in the kernel
*/
extern const srtp_auth_type_t srtp_null_auth;
extern const srtp_auth_type_t srtp_hmac;
/*
* other generic debug modules that can be included in the kernel
*/
extern srtp_debug_module_t srtp_mod_auth;
extern srtp_debug_module_t srtp_mod_cipher;
extern srtp_debug_module_t srtp_mod_stat;
extern srtp_debug_module_t srtp_mod_alloc;
/* debug modules for cipher types */
extern srtp_debug_module_t srtp_mod_aes_icm;
#ifdef OPENSSL
extern srtp_debug_module_t srtp_mod_aes_gcm;
#endif
#ifdef NSS
extern srtp_debug_module_t srtp_mod_aes_gcm;
#endif
/* debug modules for auth types */
extern srtp_debug_module_t srtp_mod_hmac;
#endif

215
trunk/3rdparty/libsrtp-2-fit/crypto/include/crypto_kernel.h vendored Normal file
View file

@ -0,0 +1,215 @@
/*
* crypto_kernel.h
*
* header for the cryptographic kernel
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef CRYPTO_KERNEL
#define CRYPTO_KERNEL
#include "cipher.h"
#include "auth.h"
#include "err.h"
#include "crypto_types.h"
#include "key.h"
#ifdef __cplusplus
extern "C" {
#endif
/*
* crypto_kernel_state_t defines the possible states:
*
* insecure - not yet initialized
* secure - initialized and passed self-tests
*/
typedef enum {
srtp_crypto_kernel_state_insecure,
srtp_crypto_kernel_state_secure
} srtp_crypto_kernel_state_t;
/*
* linked list of cipher types
*/
typedef struct srtp_kernel_cipher_type {
srtp_cipher_type_id_t id;
const srtp_cipher_type_t *cipher_type;
struct srtp_kernel_cipher_type *next;
} srtp_kernel_cipher_type_t;
/*
* linked list of auth types
*/
typedef struct srtp_kernel_auth_type {
srtp_auth_type_id_t id;
const srtp_auth_type_t *auth_type;
struct srtp_kernel_auth_type *next;
} srtp_kernel_auth_type_t;
/*
* linked list of debug modules
*/
typedef struct srtp_kernel_debug_module {
srtp_debug_module_t *mod;
struct srtp_kernel_debug_module *next;
} srtp_kernel_debug_module_t;
/*
* crypto_kernel_t is the data structure for the crypto kernel
*
* note that there is *exactly one* instance of this data type,
* a global variable defined in crypto_kernel.c
*/
typedef struct {
srtp_crypto_kernel_state_t state; /* current state of kernel */
srtp_kernel_cipher_type_t *cipher_type_list; /* list of all cipher types */
srtp_kernel_auth_type_t *auth_type_list; /* list of all auth func types */
srtp_kernel_debug_module_t
*debug_module_list; /* list of all debug modules */
} srtp_crypto_kernel_t;
/*
* srtp_crypto_kernel_t external api
*/
/*
* The function srtp_crypto_kernel_init() initialized the crypto kernel and
* runs the self-test operations on the random number generators and
* crypto algorithms. Possible return values are:
*
* srtp_err_status_ok initialization successful
* <other> init failure
*
* If any value other than srtp_err_status_ok is returned, the
* crypto_kernel MUST NOT be used.
*/
srtp_err_status_t srtp_crypto_kernel_init(void);
/*
* The function srtp_crypto_kernel_shutdown() de-initializes the
* crypto_kernel, zeroizes keys and other cryptographic material, and
* deallocates any dynamically allocated memory. Possible return
* values are:
*
* srtp_err_status_ok shutdown successful
* <other> shutdown failure
*
*/
srtp_err_status_t srtp_crypto_kernel_shutdown(void);
/*
* The function srtp_crypto_kernel_stats() checks the the crypto_kernel,
* running tests on the ciphers, auth funcs, and rng, and prints out a
* status report. Possible return values are:
*
* srtp_err_status_ok all tests were passed
* <other> a test failed
*
*/
srtp_err_status_t srtp_crypto_kernel_status(void);
/*
* srtp_crypto_kernel_list_debug_modules() outputs a list of debugging modules
*
*/
srtp_err_status_t srtp_crypto_kernel_list_debug_modules(void);
/*
* srtp_crypto_kernel_load_cipher_type()
*
*/
srtp_err_status_t srtp_crypto_kernel_load_cipher_type(
const srtp_cipher_type_t *ct,
srtp_cipher_type_id_t id);
srtp_err_status_t srtp_crypto_kernel_load_auth_type(const srtp_auth_type_t *ct,
srtp_auth_type_id_t id);
srtp_err_status_t srtp_crypto_kernel_load_debug_module(
srtp_debug_module_t *new_dm);
/*
* srtp_crypto_kernel_alloc_cipher(id, cp, key_len);
*
* allocates a cipher of type id at location *cp, with key length
* key_len octets. Return values are:
*
* srtp_err_status_ok no problems
* srtp_err_status_alloc_fail an allocation failure occured
* srtp_err_status_fail couldn't find cipher with identifier 'id'
*/
srtp_err_status_t srtp_crypto_kernel_alloc_cipher(srtp_cipher_type_id_t id,
srtp_cipher_pointer_t *cp,
int key_len,
int tag_len);
/*
* srtp_crypto_kernel_alloc_auth(id, ap, key_len, tag_len);
*
* allocates an auth function of type id at location *ap, with key
* length key_len octets and output tag length of tag_len. Return
* values are:
*
* srtp_err_status_ok no problems
* srtp_err_status_alloc_fail an allocation failure occured
* srtp_err_status_fail couldn't find auth with identifier 'id'
*/
srtp_err_status_t srtp_crypto_kernel_alloc_auth(srtp_auth_type_id_t id,
srtp_auth_pointer_t *ap,
int key_len,
int tag_len);
/*
* srtp_crypto_kernel_set_debug_module(mod_name, v)
*
* sets dynamic debugging to the value v (0 for off, 1 for on) for the
* debug module with the name mod_name
*
* returns srtp_err_status_ok on success, srtp_err_status_fail otherwise
*/
srtp_err_status_t srtp_crypto_kernel_set_debug_module(const char *mod_name,
int v);
#ifdef __cplusplus
}
#endif
#endif /* CRYPTO_KERNEL */

116
trunk/3rdparty/libsrtp-2-fit/crypto/include/crypto_types.h vendored Normal file
View file

@ -0,0 +1,116 @@
/*
* crypto_types.h
*
* constants for cipher types and auth func types
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef SRTP_CRYPTO_TYPES_H
#define SRTP_CRYPTO_TYPES_H
/*
* The null cipher performs no encryption.
*
* The SRTP_NULL_CIPHER leaves its inputs unaltered, during both the
* encryption and decryption operations. This cipher can be chosen
* to indicate that no encryption is to be performed.
*/
#define SRTP_NULL_CIPHER 0
/*
* AES-128 Integer Counter Mode (AES ICM)
*
* AES-128 ICM is the variant of counter mode that is used by
* Secure RTP. This cipher uses a 16-octet key concatenated with a
* 14-octet offset (or salt) value.
*/
#define SRTP_AES_ICM_128 1
/*
* AES-192 Integer Counter Mode (AES ICM)
*
* AES-128 ICM is the variant of counter mode that is used by
* Secure RTP. This cipher uses a 24-octet key concatenated with a
* 14-octet offset (or salt) value.
*/
#define SRTP_AES_ICM_192 4
/*
* AES-256 Integer Counter Mode (AES ICM)
*
* AES-128 ICM is the variant of counter mode that is used by
* Secure RTP. This cipher uses a 32-octet key concatenated with a
* 14-octet offset (or salt) value.
*/
#define SRTP_AES_ICM_256 5
/*
* AES-128_GCM Galois Counter Mode (AES GCM)
*
* AES-128 GCM is the variant of galois counter mode that is used by
* Secure RTP. This cipher uses a 16-octet key.
*/
#define SRTP_AES_GCM_128 6
/*
* AES-256_GCM Galois Counter Mode (AES GCM)
*
* AES-256 GCM is the variant of galois counter mode that is used by
* Secure RTP. This cipher uses a 32-octet key.
*/
#define SRTP_AES_GCM_256 7
/*
* The null authentication function performs no authentication.
*
* The NULL_AUTH function does nothing, and can be selected to indicate
* that authentication should not be performed.
*/
#define SRTP_NULL_AUTH 0
/*
* HMAC-SHA1
*
* SRTP_HMAC_SHA1 implements the Hash-based MAC using the NIST Secure
* Hash Algorithm version 1 (SHA1).
*/
#define SRTP_HMAC_SHA1 3
#endif /* SRTP_CRYPTO_TYPES_H */

378
trunk/3rdparty/libsrtp-2-fit/crypto/include/datatypes.h vendored Normal file
View file

@ -0,0 +1,378 @@
/*
* datatypes.h
*
* data types for bit vectors and finite fields
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef DATATYPES_H
#define DATATYPES_H
#include "integers.h" /* definitions of uint32_t, et cetera */
#include "alloc.h"
#include <stdarg.h>
#include <stdio.h>
#include <string.h>
#include <time.h>
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#elif defined HAVE_WINSOCK2_H
#include <winsock2.h>
#else
#error "Platform not recognized"
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* if DATATYPES_USE_MACROS is defined, then little functions are macros */
#define DATATYPES_USE_MACROS
typedef union {
uint8_t v8[2];
uint16_t value;
} v16_t;
typedef union {
uint8_t v8[4];
uint16_t v16[2];
uint32_t value;
} v32_t;
typedef union {
uint8_t v8[8];
uint16_t v16[4];
uint32_t v32[2];
uint64_t value;
} v64_t;
typedef union {
uint8_t v8[16];
uint16_t v16[8];
uint32_t v32[4];
uint64_t v64[2];
} v128_t;
typedef union {
uint8_t v8[32];
uint16_t v16[16];
uint32_t v32[8];
uint64_t v64[4];
} v256_t;
/* some useful and simple math functions */
#define pow_2(X) ((unsigned int)1 << (X)) /* 2^X */
#define pow_minus_one(X) ((X) ? -1 : 1) /* (-1)^X */
/*
* octet_get_weight(x) returns the hamming weight (number of bits equal to
* one) in the octet x
*/
int octet_get_weight(uint8_t octet);
#define MAX_PRINT_STRING_LEN 1024
char *srtp_octet_string_hex_string(const void *str, int length);
char *v128_bit_string(v128_t *x);
char *v128_hex_string(v128_t *x);
void v128_copy_octet_string(v128_t *x, const uint8_t s[16]);
void v128_left_shift(v128_t *x, int shift_index);
void v128_right_shift(v128_t *x, int shift_index);
/*
* the following macros define the data manipulation functions
*
* If DATATYPES_USE_MACROS is defined, then these macros are used
* directly (and function call overhead is avoided). Otherwise,
* the macros are used through the functions defined in datatypes.c
* (and the compiler provides better warnings).
*/
#define _v128_set_to_zero(x) \
((x)->v32[0] = 0, (x)->v32[1] = 0, (x)->v32[2] = 0, (x)->v32[3] = 0)
#define _v128_copy(x, y) \
((x)->v32[0] = (y)->v32[0], (x)->v32[1] = (y)->v32[1], \
(x)->v32[2] = (y)->v32[2], (x)->v32[3] = (y)->v32[3])
#define _v128_xor(z, x, y) \
((z)->v32[0] = (x)->v32[0] ^ (y)->v32[0], \
(z)->v32[1] = (x)->v32[1] ^ (y)->v32[1], \
(z)->v32[2] = (x)->v32[2] ^ (y)->v32[2], \
(z)->v32[3] = (x)->v32[3] ^ (y)->v32[3])
#define _v128_and(z, x, y) \
((z)->v32[0] = (x)->v32[0] & (y)->v32[0], \
(z)->v32[1] = (x)->v32[1] & (y)->v32[1], \
(z)->v32[2] = (x)->v32[2] & (y)->v32[2], \
(z)->v32[3] = (x)->v32[3] & (y)->v32[3])
#define _v128_or(z, x, y) \
((z)->v32[0] = (x)->v32[0] | (y)->v32[0], \
(z)->v32[1] = (x)->v32[1] | (y)->v32[1], \
(z)->v32[2] = (x)->v32[2] | (y)->v32[2], \
(z)->v32[3] = (x)->v32[3] | (y)->v32[3])
#define _v128_complement(x) \
((x)->v32[0] = ~(x)->v32[0], (x)->v32[1] = ~(x)->v32[1], \
(x)->v32[2] = ~(x)->v32[2], (x)->v32[3] = ~(x)->v32[3])
/* ok for NO_64BIT_MATH if it can compare uint64_t's (even as structures) */
#define _v128_is_eq(x, y) \
(((x)->v64[0] == (y)->v64[0]) && ((x)->v64[1] == (y)->v64[1]))
#ifdef NO_64BIT_MATH
#define _v128_xor_eq(z, x) \
((z)->v32[0] ^= (x)->v32[0], (z)->v32[1] ^= (x)->v32[1], \
(z)->v32[2] ^= (x)->v32[2], (z)->v32[3] ^= (x)->v32[3])
#else
#define _v128_xor_eq(z, x) \
((z)->v64[0] ^= (x)->v64[0], (z)->v64[1] ^= (x)->v64[1])
#endif
/* NOTE! This assumes an odd ordering! */
/* This will not be compatible directly with math on some processors */
/* bit 0 is first 32-bit word, low order bit. in little-endian, that's
the first byte of the first 32-bit word. In big-endian, that's
the 3rd byte of the first 32-bit word */
/* The get/set bit code is used by the replay code ONLY, and it doesn't
really care which bit is which. AES does care which bit is which, but
doesn't use the 128-bit get/set or 128-bit shifts */
#define _v128_get_bit(x, bit) (((((x)->v32[(bit) >> 5]) >> ((bit)&31)) & 1))
#define _v128_set_bit(x, bit) \
((((x)->v32[(bit) >> 5]) |= ((uint32_t)1 << ((bit)&31))))
#define _v128_clear_bit(x, bit) \
((((x)->v32[(bit) >> 5]) &= ~((uint32_t)1 << ((bit)&31))))
#define _v128_set_bit_to(x, bit, value) \
((value) ? _v128_set_bit(x, bit) : _v128_clear_bit(x, bit))
#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
#define v128_set_to_zero(z) _v128_set_to_zero(z)
#define v128_copy(z, x) _v128_copy(z, x)
#define v128_xor(z, x, y) _v128_xor(z, x, y)
#define v128_and(z, x, y) _v128_and(z, x, y)
#define v128_or(z, x, y) _v128_or(z, x, y)
#define v128_complement(x) _v128_complement(x)
#define v128_is_eq(x, y) _v128_is_eq(x, y)
#define v128_xor_eq(x, y) _v128_xor_eq(x, y)
#define v128_get_bit(x, i) _v128_get_bit(x, i)
#define v128_set_bit(x, i) _v128_set_bit(x, i)
#define v128_clear_bit(x, i) _v128_clear_bit(x, i)
#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y)
#else
void v128_set_to_zero(v128_t *x);
int v128_is_eq(const v128_t *x, const v128_t *y);
void v128_copy(v128_t *x, const v128_t *y);
void v128_xor(v128_t *z, v128_t *x, v128_t *y);
void v128_and(v128_t *z, v128_t *x, v128_t *y);
void v128_or(v128_t *z, v128_t *x, v128_t *y);
void v128_complement(v128_t *x);
int v128_get_bit(const v128_t *x, int i);
void v128_set_bit(v128_t *x, int i);
void v128_clear_bit(v128_t *x, int i);
void v128_set_bit_to(v128_t *x, int i, int y);
#endif /* DATATYPES_USE_MACROS */
/*
* srtp_octet_string_is_eq(a, b, len) returns 1 if the length len strings
* a and b are not equal. It returns 0 otherwise. The running time of the
* comparison depends only on len, making this safe to use for (e.g.)
* verifying authentication tags.
*/
int srtp_octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
/*
* A portable way to zero out memory as recommended by
* https://cryptocoding.net/index.php/Coding_rules#Clean_memory_of_secret_data
* This is used to zero memory when OPENSSL_cleanse() is not available.
*/
void srtp_cleanse(void *s, size_t len);
/*
* Functions as a wrapper that delegates to either srtp_cleanse() or
* OPENSSL_cleanse() if available to zero memory.
*/
void octet_string_set_to_zero(void *s, size_t len);
#if defined(HAVE_CONFIG_H)
/*
* Convert big endian integers to CPU byte order.
*/
#ifdef WORDS_BIGENDIAN
/* Nothing to do. */
#define be32_to_cpu(x) (x)
#define be64_to_cpu(x) (x)
#elif defined(HAVE_BYTESWAP_H)
/* We have (hopefully) optimized versions in byteswap.h */
#include <byteswap.h>
#define be32_to_cpu(x) bswap_32((x))
#define be64_to_cpu(x) bswap_64((x))
#else /* WORDS_BIGENDIAN */
#if defined(__GNUC__) && defined(HAVE_X86)
/* Fall back. */
static inline uint32_t be32_to_cpu(uint32_t v)
{
/* optimized for x86. */
asm("bswap %0" : "=r"(v) : "0"(v));
return v;
}
#else /* HAVE_X86 */
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#elif defined HAVE_WINSOCK2_H
#include <winsock2.h>
#endif /* HAVE_NETINET_IN_H */
#define be32_to_cpu(x) ntohl((x))
#endif /* HAVE_X86 */
static inline uint64_t be64_to_cpu(uint64_t v)
{
#ifdef NO_64BIT_MATH
/* use the make64 functions to do 64-bit math */
v = make64(htonl(low32(v)), htonl(high32(v)));
#else /* NO_64BIT_MATH */
/* use the native 64-bit math */
v = (uint64_t)((be32_to_cpu((uint32_t)(v >> 32))) |
(((uint64_t)be32_to_cpu((uint32_t)v)) << 32));
#endif /* NO_64BIT_MATH */
return v;
}
#endif /* WORDS_BIGENDIAN */
#endif /* HAVE_CONFIG_H */
/*
* functions manipulating bitvector_t
*
* A bitvector_t consists of an array of words and an integer
* representing the number of significant bits stored in the array.
* The bits are packed as follows: the least significant bit is that
* of word[0], while the most significant bit is the nth most
* significant bit of word[m], where length = bits_per_word * m + n.
*
*/
#define bits_per_word 32
#define bytes_per_word 4
typedef struct {
uint32_t length;
uint32_t *word;
} bitvector_t;
#define _bitvector_get_bit(v, bit_index) \
(((((v)->word[((bit_index) >> 5)]) >> ((bit_index)&31)) & 1))
#define _bitvector_set_bit(v, bit_index) \
((((v)->word[((bit_index) >> 5)] |= ((uint32_t)1 << ((bit_index)&31)))))
#define _bitvector_clear_bit(v, bit_index) \
((((v)->word[((bit_index) >> 5)] &= ~((uint32_t)1 << ((bit_index)&31)))))
#define _bitvector_get_length(v) (((v)->length))
#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
#define bitvector_get_bit(v, bit_index) _bitvector_get_bit(v, bit_index)
#define bitvector_set_bit(v, bit_index) _bitvector_set_bit(v, bit_index)
#define bitvector_clear_bit(v, bit_index) _bitvector_clear_bit(v, bit_index)
#define bitvector_get_length(v) _bitvector_get_length(v)
#else
int bitvector_get_bit(const bitvector_t *v, int bit_index);
void bitvector_set_bit(bitvector_t *v, int bit_index);
void bitvector_clear_bit(bitvector_t *v, int bit_index);
unsigned long bitvector_get_length(const bitvector_t *v);
#endif
int bitvector_alloc(bitvector_t *v, unsigned long length);
void bitvector_dealloc(bitvector_t *v);
void bitvector_set_to_zero(bitvector_t *x);
void bitvector_left_shift(bitvector_t *x, int index);
char *bitvector_bit_string(bitvector_t *x, char *buf, int len);
#ifdef __cplusplus
}
#endif
#endif /* DATATYPES_H */

139
trunk/3rdparty/libsrtp-2-fit/crypto/include/err.h vendored Normal file
View file

@ -0,0 +1,139 @@
/*
* err.h
*
* error status codes
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef ERR_H
#define ERR_H
#include <stdio.h>
#include <stdarg.h>
#include "srtp.h"
#ifdef __cplusplus
extern "C" {
#endif
/**
* @defgroup Error Error Codes
*
* Error status codes are represented by the enumeration srtp_err_status_t.
*
* @{
*/
/**
* @}
*/
typedef enum {
srtp_err_level_error,
srtp_err_level_warning,
srtp_err_level_info,
srtp_err_level_debug
} srtp_err_reporting_level_t;
/*
* err_reporting_init prepares the error system. If
* ERR_REPORTING_STDOUT is defined, it will log to stdout.
*
*/
srtp_err_status_t srtp_err_reporting_init(void);
typedef void(srtp_err_report_handler_func_t)(srtp_err_reporting_level_t level,
const char *msg);
srtp_err_status_t srtp_install_err_report_handler(
srtp_err_report_handler_func_t func);
/*
* srtp_err_report reports a 'printf' formatted error
* string, followed by a an arg list. The level argument
* is one of srtp_err_reporting_level_t.
*
* Errors will be reported to stdout, if ERR_REPORTING_STDOUT
* is defined.
*
*/
void srtp_err_report(srtp_err_reporting_level_t level, const char *format, ...);
/*
* debug_module_t defines a debug module
*/
typedef struct {
int on; /* 1 if debugging is on, 0 if it is off */
const char *name; /* printable name for debug module */
} srtp_debug_module_t;
#ifdef ENABLE_DEBUG_LOGGING
#define debug_print0(mod, format) \
srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name)
#define debug_print(mod, format, arg) \
srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name, arg)
#define debug_print2(mod, format, arg1, arg2) \
srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name, \
arg1, arg2)
#else
#define debug_print0(mod, format) \
if (mod.on) \
srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name)
#define debug_print(mod, format, arg) \
if (mod.on) \
srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name, arg)
#define debug_print2(mod, format, arg1, arg2) \
if (mod.on) \
srtp_err_report(srtp_err_level_debug, ("%s: " format "\n"), mod.name, \
arg1, arg2)
#endif
#ifdef __cplusplus
}
#endif
#endif /* ERR_H */

58
trunk/3rdparty/libsrtp-2-fit/crypto/include/hmac.h vendored Normal file
View file

@ -0,0 +1,58 @@
/*
* hmac.h
*
* interface to hmac srtp_auth_type_t
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef HMAC_H
#define HMAC_H
#include "auth.h"
#include "sha1.h"
typedef struct {
uint8_t opad[64];
srtp_sha1_ctx_t ctx;
srtp_sha1_ctx_t init_ctx;
} srtp_hmac_ctx_t;
#endif /* HMAC_H */

146
trunk/3rdparty/libsrtp-2-fit/crypto/include/integers.h vendored Normal file
View file

@ -0,0 +1,146 @@
/*
* integers.h
*
* defines integer types (or refers to their definitions)
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef INTEGERS_H
#define INTEGERS_H
/* use standard integer definitions, if they're available */
#ifdef HAVE_STDLIB_H
#include <stdlib.h>
#endif
#ifdef HAVE_STDINT_H
#include <stdint.h>
#endif
#ifdef HAVE_INTTYPES_H
#include <inttypes.h>
#endif
#ifdef HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#ifdef HAVE_SYS_INT_TYPES_H
#include <sys/int_types.h> /* this exists on Sun OS */
#endif
#ifdef HAVE_MACHINE_TYPES_H
#include <machine/types.h>
#endif
#ifdef __cplusplus
extern "C" {
#endif
/* Can we do 64 bit integers? */
#if !defined(HAVE_UINT64_T)
#if SIZEOF_UNSIGNED_LONG == 8
typedef unsigned long uint64_t;
#elif SIZEOF_UNSIGNED_LONG_LONG == 8
typedef unsigned long long uint64_t;
#else
#define NO_64BIT_MATH 1
#endif
#endif
/* Reasonable defaults for 32 bit machines - you may need to
* edit these definitions for your own machine. */
#ifndef HAVE_UINT8_T
typedef unsigned char uint8_t;
#endif
#ifndef HAVE_UINT16_T
typedef unsigned short int uint16_t;
#endif
#ifndef HAVE_UINT32_T
typedef unsigned int uint32_t;
#endif
#ifndef HAVE_INT32_T
typedef int int32_t;
#endif
#if defined(NO_64BIT_MATH) && defined(HAVE_CONFIG_H)
typedef double uint64_t;
/* assert that sizeof(double) == 8 */
extern uint64_t make64(uint32_t high, uint32_t low);
extern uint32_t high32(uint64_t value);
extern uint32_t low32(uint64_t value);
#endif
/* These macros are to load and store 32-bit values from un-aligned
addresses. This is required for processors that do not allow unaligned
loads. */
#ifdef ALIGNMENT_32BIT_REQUIRED
/* Note that if it's in a variable, you can memcpy it */
#ifdef WORDS_BIGENDIAN
#define PUT_32(addr, value) \
{ \
((unsigned char *)(addr))[0] = (value >> 24); \
((unsigned char *)(addr))[1] = (value >> 16) & 0xff; \
((unsigned char *)(addr))[2] = (value >> 8) & 0xff; \
((unsigned char *)(addr))[3] = (value)&0xff; \
}
#define GET_32(addr) \
((((unsigned char *)(addr))[0] << 24) | \
(((unsigned char *)(addr))[1] << 16) | \
(((unsigned char *)(addr))[2] << 8) | (((unsigned char *)(addr))[3]))
#else
#define PUT_32(addr, value) \
{ \
((unsigned char *)(addr))[3] = (value >> 24); \
((unsigned char *)(addr))[2] = (value >> 16) & 0xff; \
((unsigned char *)(addr))[1] = (value >> 8) & 0xff; \
((unsigned char *)(addr))[0] = (value)&0xff; \
}
#define GET_32(addr) \
((((unsigned char *)(addr))[3] << 24) | \
(((unsigned char *)(addr))[2] << 16) | \
(((unsigned char *)(addr))[1] << 8) | (((unsigned char *)(addr))[0]))
#endif // WORDS_BIGENDIAN
#else
#define PUT_32(addr, value) *(((uint32_t *) (addr)) = (value)
#define GET_32(addr) (*(((uint32_t *) (addr)))
#endif
#ifdef __cplusplus
}
#endif
#endif /* INTEGERS_H */

88
trunk/3rdparty/libsrtp-2-fit/crypto/include/key.h vendored Normal file
View file

@ -0,0 +1,88 @@
/*
* key.h
*
* key usage limits enforcement
*
* David A. Mcgrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef KEY_H
#define KEY_H
#include "rdbx.h" /* for srtp_xtd_seq_num_t */
#include "err.h"
#ifdef __cplusplus
extern "C" {
#endif
typedef struct srtp_key_limit_ctx_t *srtp_key_limit_t;
typedef enum {
srtp_key_event_normal,
srtp_key_event_soft_limit,
srtp_key_event_hard_limit
} srtp_key_event_t;
srtp_err_status_t srtp_key_limit_set(srtp_key_limit_t key,
const srtp_xtd_seq_num_t s);
srtp_err_status_t srtp_key_limit_clone(srtp_key_limit_t original,
srtp_key_limit_t *new_key);
srtp_err_status_t srtp_key_limit_check(const srtp_key_limit_t key);
srtp_key_event_t srtp_key_limit_update(srtp_key_limit_t key);
typedef enum {
srtp_key_state_normal,
srtp_key_state_past_soft_limit,
srtp_key_state_expired
} srtp_key_state_t;
typedef struct srtp_key_limit_ctx_t {
srtp_xtd_seq_num_t num_left;
srtp_key_state_t state;
} srtp_key_limit_ctx_t;
#ifdef __cplusplus
}
#endif
#endif /* KEY_H */

73
trunk/3rdparty/libsrtp-2-fit/crypto/include/null_auth.h vendored Normal file
View file

@ -0,0 +1,73 @@
/*
* null-auth.h
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef NULL_AUTH_H
#define NULL_AUTH_H
#include "auth.h"
#ifdef __cplusplus
extern "C" {
#endif
typedef struct {
char foo;
} srtp_null_auth_ctx_t;
#if 0
srtp_err_status_t srtp_null_auth_alloc(srtp_auth_t **a, int key_len, int out_len);
srtp_err_status_t srtp_null_auth_dealloc(srtp_auth_t *a);
srtp_err_status_t srtp_null_auth_init(srtp_null_auth_ctx_t *state, const uint8_t *key, int key_len);
srtp_err_status_t srtp_null_auth_compute(srtp_null_auth_ctx_t *state, uint8_t *message, int msg_octets, int tag_len, uint8_t *result);
#endif
#ifdef __cplusplus
}
#endif
#endif /* NULL_AUTH_H */

57
trunk/3rdparty/libsrtp-2-fit/crypto/include/null_cipher.h vendored Normal file
View file

@ -0,0 +1,57 @@
/*
* null-cipher.h
*
* header file for the null cipher
*
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef NULL_CIPHER_H
#define NULL_CIPHER_H
#include "datatypes.h"
#include "cipher.h"
typedef struct {
char foo; /* empty, for now */
} srtp_null_cipher_ctx_t;
#endif /* NULL_CIPHER_H */

125
trunk/3rdparty/libsrtp-2-fit/crypto/include/rdb.h vendored Normal file
View file

@ -0,0 +1,125 @@
/*
* replay-database.h
*
* interface for a replay database for packet security
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef REPLAY_DB_H
#define REPLAY_DB_H
#include "integers.h" /* for uint32_t */
#include "datatypes.h" /* for v128_t */
#include "err.h" /* for srtp_err_status_t */
#ifdef __cplusplus
extern "C" {
#endif
/*
* if the ith least significant bit is one, then the packet index
* window_end-i is in the database
*/
typedef struct {
uint32_t window_start; /* packet index of the first bit in bitmask */
v128_t bitmask;
} srtp_rdb_t;
#define rdb_bits_in_bitmask (8 * sizeof(v128_t))
/*
* srtp_rdb_init
*
* initalizes rdb
*
* returns srtp_err_status_ok on success, srtp_err_status_t_fail otherwise
*/
srtp_err_status_t srtp_rdb_init(srtp_rdb_t *rdb);
/*
* srtp_rdb_check
*
* checks to see if index appears in rdb
*
* returns srtp_err_status_fail if the index already appears in rdb,
* returns srtp_err_status_ok otherwise
*/
srtp_err_status_t srtp_rdb_check(const srtp_rdb_t *rdb, uint32_t rdb_index);
/*
* srtp_rdb_add_index
*
* adds index to srtp_rdb_t (and does *not* check if index appears in db)
*
* returns srtp_err_status_ok on success, srtp_err_status_fail otherwise
*
*/
srtp_err_status_t srtp_rdb_add_index(srtp_rdb_t *rdb, uint32_t rdb_index);
/*
* the functions srtp_rdb_increment() and srtp_rdb_get_value() are for use by
* senders, not receivers - DO NOT use these functions on the same
* srtp_rdb_t upon which srtp_rdb_add_index is used!
*/
/*
* srtp_rdb_increment(db) increments the sequence number in db, if it is
* not too high
*
* return values:
*
* srtp_err_status_ok no problem
* srtp_err_status_key_expired sequence number too high
*
*/
srtp_err_status_t srtp_rdb_increment(srtp_rdb_t *rdb);
/*
* srtp_rdb_get_value(db) returns the current sequence number of db
*/
uint32_t srtp_rdb_get_value(const srtp_rdb_t *rdb);
#ifdef __cplusplus
}
#endif
#endif /* REPLAY_DB_H */

209
trunk/3rdparty/libsrtp-2-fit/crypto/include/rdbx.h vendored Normal file
View file

@ -0,0 +1,209 @@
/*
* rdbx.h
*
* replay database with extended packet indices, using a rollover counter
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef RDBX_H
#define RDBX_H
#include "datatypes.h"
#include "err.h"
#ifdef __cplusplus
extern "C" {
#endif
/* #define ROC_TEST */
#ifndef ROC_TEST
typedef uint16_t srtp_sequence_number_t; /* 16 bit sequence number */
typedef uint32_t srtp_rollover_counter_t; /* 32 bit rollover counter */
#else /* use small seq_num and roc datatypes for testing purposes */
typedef unsigned char srtp_sequence_number_t; /* 8 bit sequence number */
typedef uint16_t srtp_rollover_counter_t; /* 16 bit rollover counter */
#endif
#define seq_num_median (1 << (8 * sizeof(srtp_sequence_number_t) - 1))
#define seq_num_max (1 << (8 * sizeof(srtp_sequence_number_t)))
/*
* An rtp_xtd_seq_num_t is a 64-bit unsigned integer used as an 'extended'
* sequence number.
*/
typedef uint64_t srtp_xtd_seq_num_t;
/*
* An srtp_rdbx_t is a replay database with extended range; it uses an
* xtd_seq_num_t and a bitmask of recently received indices.
*/
typedef struct {
srtp_xtd_seq_num_t index;
bitvector_t bitmask;
} srtp_rdbx_t;
/*
* srtp_rdbx_init(rdbx_ptr, ws)
*
* initializes the rdbx pointed to by its argument with the window size ws,
* setting the rollover counter and sequence number to zero
*/
srtp_err_status_t srtp_rdbx_init(srtp_rdbx_t *rdbx, unsigned long ws);
/*
* srtp_rdbx_dealloc(rdbx_ptr)
*
* frees memory associated with the rdbx
*/
srtp_err_status_t srtp_rdbx_dealloc(srtp_rdbx_t *rdbx);
/*
* srtp_rdbx_estimate_index(rdbx, guess, s)
*
* given an rdbx and a sequence number s (from a newly arrived packet),
* sets the contents of *guess to contain the best guess of the packet
* index to which s corresponds, and returns the difference between
* *guess and the locally stored synch info
*/
int32_t srtp_rdbx_estimate_index(const srtp_rdbx_t *rdbx,
srtp_xtd_seq_num_t *guess,
srtp_sequence_number_t s);
/*
* srtp_rdbx_check(rdbx, delta);
*
* srtp_rdbx_check(&r, delta) checks to see if the xtd_seq_num_t
* which is at rdbx->window_start + delta is in the rdb
*
*/
srtp_err_status_t srtp_rdbx_check(const srtp_rdbx_t *rdbx, int difference);
/*
* srtp_replay_add_index(rdbx, delta)
*
* adds the srtp_xtd_seq_num_t at rdbx->window_start + delta to replay_db
* (and does *not* check if that xtd_seq_num_t appears in db)
*
* this function should be called *only* after replay_check has
* indicated that the index does not appear in the rdbx, and a mutex
* should protect the rdbx between these calls if necessary.
*/
srtp_err_status_t srtp_rdbx_add_index(srtp_rdbx_t *rdbx, int delta);
/*
* srtp_rdbx_set_roc(rdbx, roc) initalizes the srtp_rdbx_t at the location rdbx
* to have the rollover counter value roc. If that value is less than
* the current rollover counter value, then the function returns
* srtp_err_status_replay_old; otherwise, srtp_err_status_ok is returned.
*
*/
srtp_err_status_t srtp_rdbx_set_roc(srtp_rdbx_t *rdbx, uint32_t roc);
/*
* srtp_rdbx_get_packet_index(rdbx) returns the value of the rollover counter
* for
* the srtp_rdbx_t pointed to by rdbx
*
*/
srtp_xtd_seq_num_t srtp_rdbx_get_packet_index(const srtp_rdbx_t *rdbx);
/*
* srtp_xtd_seq_num_t functions - these are *internal* functions of rdbx, and
* shouldn't be used to manipulate rdbx internal values. use the rdbx
* api instead!
*/
/*
* srtp_rdbx_get_ws(rdbx_ptr)
*
* gets the window size which was used to initialize the rdbx
*/
unsigned long srtp_rdbx_get_window_size(const srtp_rdbx_t *rdbx);
/* index_init(&pi) initializes a packet index pi (sets it to zero) */
void srtp_index_init(srtp_xtd_seq_num_t *pi);
/* index_advance(&pi, s) advances a xtd_seq_num_t forward by s */
void srtp_index_advance(srtp_xtd_seq_num_t *pi, srtp_sequence_number_t s);
/*
* srtp_index_guess(local, guess, s)
*
* given a srtp_xtd_seq_num_t local (which represents the highest
* known-to-be-good index) and a sequence number s (from a newly
* arrived packet), sets the contents of *guess to contain the best
* guess of the packet index to which s corresponds, and returns the
* difference between *guess and *local
*/
int32_t srtp_index_guess(const srtp_xtd_seq_num_t *local,
srtp_xtd_seq_num_t *guess,
srtp_sequence_number_t s);
/*
* srtp_rdbx_get_roc(rdbx)
*
* Get the current rollover counter
*
*/
uint32_t srtp_rdbx_get_roc(const srtp_rdbx_t *rdbx);
/*
* srtp_rdbx_set_roc_seq(rdbx, roc, seq) initalizes the srtp_rdbx_t at the
* location rdbx to have the rollover counter value roc and packet sequence
* number seq. If the new rollover counter value is less than the current
* rollover counter value, then the function returns
* srtp_err_status_replay_old, otherwise, srtp_err_status_ok is returned.
*/
srtp_err_status_t srtp_rdbx_set_roc_seq(srtp_rdbx_t *rdbx,
uint32_t roc,
uint16_t seq);
#ifdef __cplusplus
}
#endif
#endif /* RDBX_H */

184
trunk/3rdparty/libsrtp-2-fit/crypto/include/sha1.h vendored Normal file
View file

@ -0,0 +1,184 @@
/*
* sha1.h
*
* interface to the Secure Hash Algorithm v.1 (SHA-1), specified in
* FIPS 180-1
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef SHA1_H
#define SHA1_H
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "err.h"
#ifdef OPENSSL
#include <openssl/evp.h>
#include <stdint.h>
#else
#include "datatypes.h"
#endif
#ifdef __cplusplus
extern "C" {
#endif
#ifdef OPENSSL
/*
* srtp_sha1_init(&ctx) initializes the SHA1 context ctx
*
* srtp_sha1_update(&ctx, msg, len) hashes the len octets starting at msg
* into the SHA1 context
*
* srtp_sha1_final(&ctx, output) performs the final processing of the SHA1
* context and writes the result to the 20 octets at output
*
* Return values are ignored on the EVP functions since all three
* of these functions return void.
*
*/
/* OpenSSL 1.1.0 made EVP_MD_CTX an opaque structure, which must be allocated
using EVP_MD_CTX_new. But this function doesn't exist in OpenSSL 1.0.x. */
#if OPENSSL_VERSION_NUMBER < 0x10100000L || LIBRESSL_VERSION_NUMBER
typedef EVP_MD_CTX srtp_sha1_ctx_t;
static inline void srtp_sha1_init(srtp_sha1_ctx_t *ctx)
{
EVP_MD_CTX_init(ctx);
EVP_DigestInit(ctx, EVP_sha1());
}
static inline void srtp_sha1_update(srtp_sha1_ctx_t *ctx,
const uint8_t *M,
int octets_in_msg)
{
EVP_DigestUpdate(ctx, M, octets_in_msg);
}
static inline void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t *output)
{
unsigned int len = 0;
EVP_DigestFinal(ctx, (unsigned char *)output, &len);
EVP_MD_CTX_cleanup(ctx);
}
#else
typedef EVP_MD_CTX *srtp_sha1_ctx_t;
static inline void srtp_sha1_init(srtp_sha1_ctx_t *ctx)
{
*ctx = EVP_MD_CTX_new();
EVP_DigestInit(*ctx, EVP_sha1());
}
static inline void srtp_sha1_update(srtp_sha1_ctx_t *ctx,
const uint8_t *M,
int octets_in_msg)
{
EVP_DigestUpdate(*ctx, M, octets_in_msg);
}
static inline void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t *output)
{
unsigned int len = 0;
EVP_DigestFinal(*ctx, (unsigned char *)output, &len);
EVP_MD_CTX_free(*ctx);
}
#endif
#else
typedef struct {
uint32_t H[5]; /* state vector */
uint32_t M[16]; /* message buffer */
int octets_in_buffer; /* octets of message in buffer */
uint32_t num_bits_in_msg; /* total number of bits in message */
} srtp_sha1_ctx_t;
/*
* srtp_sha1_init(&ctx) initializes the SHA1 context ctx
*
* srtp_sha1_update(&ctx, msg, len) hashes the len octets starting at msg
* into the SHA1 context
*
* srtp_sha1_final(&ctx, output) performs the final processing of the SHA1
* context and writes the result to the 20 octets at output
*
*/
void srtp_sha1_init(srtp_sha1_ctx_t *ctx);
void srtp_sha1_update(srtp_sha1_ctx_t *ctx,
const uint8_t *M,
int octets_in_msg);
void srtp_sha1_final(srtp_sha1_ctx_t *ctx, uint32_t output[5]);
/*
* The srtp_sha1_core function is INTERNAL to SHA-1, but it is declared
* here because it is also used by the cipher SEAL 3.0 in its key
* setup algorithm.
*/
/*
* srtp_sha1_core(M, H) computes the core sha1 compression function, where M is
* the next part of the message and H is the intermediate state {H0,
* H1, ...}
*
* this function does not do any of the padding required in the
* complete sha1 function
*/
void srtp_sha1_core(const uint32_t M[16], uint32_t hash_value[5]);
#endif /* else OPENSSL */
#ifdef __cplusplus
}
#endif
#endif /* SHA1_H */

66
trunk/3rdparty/libsrtp-2-fit/crypto/include/stat.h vendored Normal file
View file

@ -0,0 +1,66 @@
/*
* stats.h
*
* interface to statistical test functions
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef STAT_H
#define STAT_H
#include "datatypes.h" /* for uint8_t */
#include "err.h" /* for srtp_err_status_t */
#ifdef __cplusplus
extern "C" {
#endif
srtp_err_status_t stat_test_monobit(uint8_t *data);
srtp_err_status_t stat_test_poker(uint8_t *data);
srtp_err_status_t stat_test_runs(uint8_t *data);
#ifdef __cplusplus
}
#endif
#endif /* STAT_H */

101
trunk/3rdparty/libsrtp-2-fit/crypto/kernel/alloc.c vendored Normal file
View file

@ -0,0 +1,101 @@
/*
* alloc.c
*
* memory allocation and deallocation
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "alloc.h"
#include "crypto_kernel.h"
/* the debug module for memory allocation */
srtp_debug_module_t srtp_mod_alloc = {
0, /* debugging is off by default */
"alloc" /* printable name for module */
};
/*
* Nota bene: the debugging statements for srtp_crypto_alloc() and
* srtp_crypto_free() have identical prefixes, which include the addresses
* of the memory locations on which they are operating. This fact can
* be used to locate memory leaks, by turning on memory debugging,
* grepping for 'alloc', then matching alloc and free calls by
* address.
*/
#if defined(HAVE_STDLIB_H)
void *srtp_crypto_alloc(size_t size)
{
void *ptr;
if (!size) {
return NULL;
}
ptr = calloc(1, size);
if (ptr) {
debug_print(srtp_mod_alloc, "(location: %p) allocated", ptr);
} else {
debug_print(srtp_mod_alloc, "allocation failed (asked for %zu bytes)\n",
size);
}
return ptr;
}
void srtp_crypto_free(void *ptr)
{
debug_print(srtp_mod_alloc, "(location: %p) freed", ptr);
free(ptr);
}
#else /* we need to define our own memory allocation routines */
#error no memory allocation defined yet
#endif

561
trunk/3rdparty/libsrtp-2-fit/crypto/kernel/crypto_kernel.c vendored Normal file
View file

@ -0,0 +1,561 @@
/*
* crypto_kernel.c
*
* header for the cryptographic kernel
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "alloc.h"
#include "crypto_kernel.h"
#include "cipher_types.h"
/* the debug module for the crypto_kernel */
srtp_debug_module_t srtp_mod_crypto_kernel = {
0, /* debugging is off by default */
"crypto kernel" /* printable name for module */
};
/* crypto_kernel is a global variable, the only one of its datatype */
srtp_crypto_kernel_t crypto_kernel = {
srtp_crypto_kernel_state_insecure, /* start off in insecure state */
NULL, /* no cipher types yet */
NULL, /* no auth types yet */
NULL /* no debug modules yet */
};
#define MAX_RNG_TRIALS 25
srtp_err_status_t srtp_crypto_kernel_init()
{
srtp_err_status_t status;
/* check the security state */
if (crypto_kernel.state == srtp_crypto_kernel_state_secure) {
/*
* we're already in the secure state, but we've been asked to
* re-initialize, so we just re-run the self-tests and then return
*/
return srtp_crypto_kernel_status();
}
/* initialize error reporting system */
status = srtp_err_reporting_init();
if (status) {
return status;
}
/* load debug modules */
status = srtp_crypto_kernel_load_debug_module(&srtp_mod_crypto_kernel);
if (status) {
return status;
}
status = srtp_crypto_kernel_load_debug_module(&srtp_mod_auth);
if (status) {
return status;
}
status = srtp_crypto_kernel_load_debug_module(&srtp_mod_cipher);
if (status) {
return status;
}
status = srtp_crypto_kernel_load_debug_module(&srtp_mod_stat);
if (status) {
return status;
}
status = srtp_crypto_kernel_load_debug_module(&srtp_mod_alloc);
if (status) {
return status;
}
/* load cipher types */
status = srtp_crypto_kernel_load_cipher_type(&srtp_null_cipher,
SRTP_NULL_CIPHER);
if (status) {
return status;
}
status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_icm_128,
SRTP_AES_ICM_128);
if (status) {
return status;
}
status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_icm_256,
SRTP_AES_ICM_256);
if (status) {
return status;
}
status = srtp_crypto_kernel_load_debug_module(&srtp_mod_aes_icm);
if (status) {
return status;
}
#ifdef GCM
status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_icm_192,
SRTP_AES_ICM_192);
if (status) {
return status;
}
status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_gcm_128,
SRTP_AES_GCM_128);
if (status) {
return status;
}
status = srtp_crypto_kernel_load_cipher_type(&srtp_aes_gcm_256,
SRTP_AES_GCM_256);
if (status) {
return status;
}
status = srtp_crypto_kernel_load_debug_module(&srtp_mod_aes_gcm);
if (status) {
return status;
}
#endif
/* load auth func types */
status = srtp_crypto_kernel_load_auth_type(&srtp_null_auth, SRTP_NULL_AUTH);
if (status) {
return status;
}
status = srtp_crypto_kernel_load_auth_type(&srtp_hmac, SRTP_HMAC_SHA1);
if (status) {
return status;
}
status = srtp_crypto_kernel_load_debug_module(&srtp_mod_hmac);
if (status) {
return status;
}
/* change state to secure */
crypto_kernel.state = srtp_crypto_kernel_state_secure;
return srtp_err_status_ok;
}
srtp_err_status_t srtp_crypto_kernel_status()
{
srtp_err_status_t status;
srtp_kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list;
srtp_kernel_auth_type_t *atype = crypto_kernel.auth_type_list;
/* for each cipher type, describe and test */
while (ctype != NULL) {
srtp_err_report(srtp_err_level_info, "cipher: %s\n",
ctype->cipher_type->description);
srtp_err_report(srtp_err_level_info, " self-test: ");
status = srtp_cipher_type_self_test(ctype->cipher_type);
if (status) {
srtp_err_report(srtp_err_level_error, "failed with error code %d\n",
status);
exit(status);
}
srtp_err_report(srtp_err_level_info, "passed\n");
ctype = ctype->next;
}
/* for each auth type, describe and test */
while (atype != NULL) {
srtp_err_report(srtp_err_level_info, "auth func: %s\n",
atype->auth_type->description);
srtp_err_report(srtp_err_level_info, " self-test: ");
status = srtp_auth_type_self_test(atype->auth_type);
if (status) {
srtp_err_report(srtp_err_level_error, "failed with error code %d\n",
status);
exit(status);
}
srtp_err_report(srtp_err_level_info, "passed\n");
atype = atype->next;
}
srtp_crypto_kernel_list_debug_modules();
return srtp_err_status_ok;
}
srtp_err_status_t srtp_crypto_kernel_list_debug_modules()
{
srtp_kernel_debug_module_t *dm = crypto_kernel.debug_module_list;
/* describe each debug module */
srtp_err_report(srtp_err_level_info, "debug modules loaded:\n");
while (dm != NULL) {
srtp_err_report(srtp_err_level_info, " %s ", dm->mod->name);
if (dm->mod->on) {
srtp_err_report(srtp_err_level_info, "(on)\n");
} else {
srtp_err_report(srtp_err_level_info, "(off)\n");
}
dm = dm->next;
}
return srtp_err_status_ok;
}
srtp_err_status_t srtp_crypto_kernel_shutdown()
{
/*
* free dynamic memory used in crypto_kernel at present
*/
/* walk down cipher type list, freeing memory */
while (crypto_kernel.cipher_type_list != NULL) {
srtp_kernel_cipher_type_t *ctype = crypto_kernel.cipher_type_list;
crypto_kernel.cipher_type_list = ctype->next;
debug_print(srtp_mod_crypto_kernel, "freeing memory for cipher %s",
ctype->cipher_type->description);
srtp_crypto_free(ctype);
}
/* walk down authetication module list, freeing memory */
while (crypto_kernel.auth_type_list != NULL) {
srtp_kernel_auth_type_t *atype = crypto_kernel.auth_type_list;
crypto_kernel.auth_type_list = atype->next;
debug_print(srtp_mod_crypto_kernel,
"freeing memory for authentication %s",
atype->auth_type->description);
srtp_crypto_free(atype);
}
/* walk down debug module list, freeing memory */
while (crypto_kernel.debug_module_list != NULL) {
srtp_kernel_debug_module_t *kdm = crypto_kernel.debug_module_list;
crypto_kernel.debug_module_list = kdm->next;
debug_print(srtp_mod_crypto_kernel,
"freeing memory for debug module %s", kdm->mod->name);
srtp_crypto_free(kdm);
}
/* return to insecure state */
crypto_kernel.state = srtp_crypto_kernel_state_insecure;
return srtp_err_status_ok;
}
static inline srtp_err_status_t srtp_crypto_kernel_do_load_cipher_type(
const srtp_cipher_type_t *new_ct,
srtp_cipher_type_id_t id,
int replace)
{
srtp_kernel_cipher_type_t *ctype, *new_ctype;
srtp_err_status_t status;
/* defensive coding */
if (new_ct == NULL) {
return srtp_err_status_bad_param;
}
if (new_ct->id != id) {
return srtp_err_status_bad_param;
}
/* check cipher type by running self-test */
status = srtp_cipher_type_self_test(new_ct);
if (status) {
return status;
}
/* walk down list, checking if this type is in the list already */
ctype = crypto_kernel.cipher_type_list;
while (ctype != NULL) {
if (id == ctype->id) {
if (!replace) {
return srtp_err_status_bad_param;
}
status =
srtp_cipher_type_test(new_ct, ctype->cipher_type->test_data);
if (status) {
return status;
}
new_ctype = ctype;
break;
} else if (new_ct == ctype->cipher_type) {
return srtp_err_status_bad_param;
}
ctype = ctype->next;
}
/* if not found, put new_ct at the head of the list */
if (ctype == NULL) {
/* allocate memory */
new_ctype = (srtp_kernel_cipher_type_t *)srtp_crypto_alloc(
sizeof(srtp_kernel_cipher_type_t));
if (new_ctype == NULL) {
return srtp_err_status_alloc_fail;
}
new_ctype->next = crypto_kernel.cipher_type_list;
/* set head of list to new cipher type */
crypto_kernel.cipher_type_list = new_ctype;
}
/* set fields */
new_ctype->cipher_type = new_ct;
new_ctype->id = id;
return srtp_err_status_ok;
}
srtp_err_status_t srtp_crypto_kernel_load_cipher_type(
const srtp_cipher_type_t *new_ct,
srtp_cipher_type_id_t id)
{
return srtp_crypto_kernel_do_load_cipher_type(new_ct, id, 0);
}
srtp_err_status_t srtp_replace_cipher_type(const srtp_cipher_type_t *new_ct,
srtp_cipher_type_id_t id)
{
return srtp_crypto_kernel_do_load_cipher_type(new_ct, id, 1);
}
srtp_err_status_t srtp_crypto_kernel_do_load_auth_type(
const srtp_auth_type_t *new_at,
srtp_auth_type_id_t id,
int replace)
{
srtp_kernel_auth_type_t *atype, *new_atype;
srtp_err_status_t status;
/* defensive coding */
if (new_at == NULL) {
return srtp_err_status_bad_param;
}
if (new_at->id != id) {
return srtp_err_status_bad_param;
}
/* check auth type by running self-test */
status = srtp_auth_type_self_test(new_at);
if (status) {
return status;
}
/* walk down list, checking if this type is in the list already */
atype = crypto_kernel.auth_type_list;
while (atype != NULL) {
if (id == atype->id) {
if (!replace) {
return srtp_err_status_bad_param;
}
status = srtp_auth_type_test(new_at, atype->auth_type->test_data);
if (status) {
return status;
}
new_atype = atype;
break;
} else if (new_at == atype->auth_type) {
return srtp_err_status_bad_param;
}
atype = atype->next;
}
/* if not found, put new_at at the head of the list */
if (atype == NULL) {
/* allocate memory */
new_atype = (srtp_kernel_auth_type_t *)srtp_crypto_alloc(
sizeof(srtp_kernel_auth_type_t));
if (new_atype == NULL) {
return srtp_err_status_alloc_fail;
}
new_atype->next = crypto_kernel.auth_type_list;
/* set head of list to new auth type */
crypto_kernel.auth_type_list = new_atype;
}
/* set fields */
new_atype->auth_type = new_at;
new_atype->id = id;
return srtp_err_status_ok;
}
srtp_err_status_t srtp_crypto_kernel_load_auth_type(
const srtp_auth_type_t *new_at,
srtp_auth_type_id_t id)
{
return srtp_crypto_kernel_do_load_auth_type(new_at, id, 0);
}
srtp_err_status_t srtp_replace_auth_type(const srtp_auth_type_t *new_at,
srtp_auth_type_id_t id)
{
return srtp_crypto_kernel_do_load_auth_type(new_at, id, 1);
}
const srtp_cipher_type_t *srtp_crypto_kernel_get_cipher_type(
srtp_cipher_type_id_t id)
{
srtp_kernel_cipher_type_t *ctype;
/* walk down list, looking for id */
ctype = crypto_kernel.cipher_type_list;
while (ctype != NULL) {
if (id == ctype->id) {
return ctype->cipher_type;
}
ctype = ctype->next;
}
/* haven't found the right one, indicate failure by returning NULL */
return NULL;
}
srtp_err_status_t srtp_crypto_kernel_alloc_cipher(srtp_cipher_type_id_t id,
srtp_cipher_pointer_t *cp,
int key_len,
int tag_len)
{
const srtp_cipher_type_t *ct;
/*
* if the crypto_kernel is not yet initialized, we refuse to allocate
* any ciphers - this is a bit extra-paranoid
*/
if (crypto_kernel.state != srtp_crypto_kernel_state_secure) {
return srtp_err_status_init_fail;
}
ct = srtp_crypto_kernel_get_cipher_type(id);
if (!ct) {
return srtp_err_status_fail;
}
return ((ct)->alloc(cp, key_len, tag_len));
}
const srtp_auth_type_t *srtp_crypto_kernel_get_auth_type(srtp_auth_type_id_t id)
{
srtp_kernel_auth_type_t *atype;
/* walk down list, looking for id */
atype = crypto_kernel.auth_type_list;
while (atype != NULL) {
if (id == atype->id) {
return atype->auth_type;
}
atype = atype->next;
}
/* haven't found the right one, indicate failure by returning NULL */
return NULL;
}
srtp_err_status_t srtp_crypto_kernel_alloc_auth(srtp_auth_type_id_t id,
srtp_auth_pointer_t *ap,
int key_len,
int tag_len)
{
const srtp_auth_type_t *at;
/*
* if the crypto_kernel is not yet initialized, we refuse to allocate
* any auth functions - this is a bit extra-paranoid
*/
if (crypto_kernel.state != srtp_crypto_kernel_state_secure) {
return srtp_err_status_init_fail;
}
at = srtp_crypto_kernel_get_auth_type(id);
if (!at) {
return srtp_err_status_fail;
}
return ((at)->alloc(ap, key_len, tag_len));
}
srtp_err_status_t srtp_crypto_kernel_load_debug_module(
srtp_debug_module_t *new_dm)
{
srtp_kernel_debug_module_t *kdm, *new;
/* defensive coding */
if (new_dm == NULL || new_dm->name == NULL) {
return srtp_err_status_bad_param;
}
/* walk down list, checking if this type is in the list already */
kdm = crypto_kernel.debug_module_list;
while (kdm != NULL) {
if (strncmp(new_dm->name, kdm->mod->name, 64) == 0) {
return srtp_err_status_bad_param;
}
kdm = kdm->next;
}
/* put new_dm at the head of the list */
/* allocate memory */
new = (srtp_kernel_debug_module_t *)srtp_crypto_alloc(
sizeof(srtp_kernel_debug_module_t));
if (new == NULL) {
return srtp_err_status_alloc_fail;
}
/* set fields */
new->mod = new_dm;
new->next = crypto_kernel.debug_module_list;
/* set head of list to new cipher type */
crypto_kernel.debug_module_list = new;
return srtp_err_status_ok;
}
srtp_err_status_t srtp_crypto_kernel_set_debug_module(const char *name, int on)
{
srtp_kernel_debug_module_t *kdm;
/* walk down list, checking if this type is in the list already */
kdm = crypto_kernel.debug_module_list;
while (kdm != NULL) {
if (strncmp(name, kdm->mod->name, 64) == 0) {
kdm->mod->on = on;
return srtp_err_status_ok;
}
kdm = kdm->next;
}
return srtp_err_status_fail;
}

108
trunk/3rdparty/libsrtp-2-fit/crypto/kernel/err.c vendored Normal file
View file

@ -0,0 +1,108 @@
/*
* err.c
*
* error status reporting functions
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "err.h"
#include "datatypes.h"
#include <string.h>
/* srtp_err_file is the FILE to which errors are reported */
static FILE *srtp_err_file = NULL;
srtp_err_status_t srtp_err_reporting_init()
{
#ifdef ERR_REPORTING_STDOUT
srtp_err_file = stdout;
#elif defined(ERR_REPORTING_FILE)
/* open file for error reporting */
srtp_err_file = fopen(ERR_REPORTING_FILE, "w");
if (srtp_err_file == NULL) {
return srtp_err_status_init_fail;
}
#endif
return srtp_err_status_ok;
}
static srtp_err_report_handler_func_t *srtp_err_report_handler = NULL;
srtp_err_status_t srtp_install_err_report_handler(
srtp_err_report_handler_func_t func)
{
srtp_err_report_handler = func;
return srtp_err_status_ok;
}
void srtp_err_report(srtp_err_reporting_level_t level, const char *format, ...)
{
char msg[512];
va_list args;
if (srtp_err_file != NULL) {
va_start(args, format);
vfprintf(srtp_err_file, format, args);
va_end(args);
}
if (srtp_err_report_handler != NULL) {
va_start(args, format);
if (vsnprintf(msg, sizeof(msg), format, args) > 0) {
/* strip trailing \n, callback should not have one */
size_t l = strlen(msg);
if (l && msg[l - 1] == '\n') {
msg[l - 1] = '\0';
}
srtp_err_report_handler(level, msg);
/*
* NOTE, need to be carefull, there is a potential that
* octet_string_set_to_zero() could
* call srtp_err_report() in the future, leading to recursion
*/
octet_string_set_to_zero(msg, sizeof(msg));
}
va_end(args);
}
}

122
trunk/3rdparty/libsrtp-2-fit/crypto/kernel/key.c vendored Normal file
View file

@ -0,0 +1,122 @@
/*
* key.c
*
* key usage limits enforcement
*
* David A. Mcgrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "key.h"
#define soft_limit 0x10000
srtp_err_status_t srtp_key_limit_set(srtp_key_limit_t key,
const srtp_xtd_seq_num_t s)
{
#ifdef NO_64BIT_MATH
if (high32(s) == 0 && low32(s) < soft_limit) {
return srtp_err_status_bad_param;
}
#else
if (s < soft_limit) {
return srtp_err_status_bad_param;
}
#endif
key->num_left = s;
key->state = srtp_key_state_normal;
return srtp_err_status_ok;
}
srtp_err_status_t srtp_key_limit_clone(srtp_key_limit_t original,
srtp_key_limit_t *new_key)
{
if (original == NULL) {
return srtp_err_status_bad_param;
}
*new_key = original;
return srtp_err_status_ok;
}
srtp_err_status_t srtp_key_limit_check(const srtp_key_limit_t key)
{
if (key->state == srtp_key_state_expired) {
return srtp_err_status_key_expired;
}
return srtp_err_status_ok;
}
srtp_key_event_t srtp_key_limit_update(srtp_key_limit_t key)
{
#ifdef NO_64BIT_MATH
if (low32(key->num_left) == 0) {
// carry
key->num_left =
make64(high32(key->num_left) - 1, low32(key->num_left) - 1);
} else {
// no carry
key->num_left = make64(high32(key->num_left), low32(key->num_left) - 1);
}
if (high32(key->num_left) != 0 || low32(key->num_left) >= soft_limit) {
return srtp_key_event_normal; /* we're above the soft limit */
}
#else
key->num_left--;
if (key->num_left >= soft_limit) {
return srtp_key_event_normal; /* we're above the soft limit */
}
#endif
if (key->state == srtp_key_state_normal) {
/* we just passed the soft limit, so change the state */
key->state = srtp_key_state_past_soft_limit;
}
#ifdef NO_64BIT_MATH
if (low32(key->num_left) == 0 && high32(key->num_left == 0))
#else
if (key->num_left < 1)
#endif
{ /* we just hit the hard limit */
key->state = srtp_key_state_expired;
return srtp_key_event_hard_limit;
}
return srtp_key_event_soft_limit;
}

490
trunk/3rdparty/libsrtp-2-fit/crypto/math/datatypes.c vendored Normal file
View file

@ -0,0 +1,490 @@
/*
* datatypes.c
*
* data types for finite fields and functions for input, output, and
* manipulation
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#ifdef OPENSSL
#include <openssl/crypto.h>
#endif
#include "datatypes.h"
static const int8_t octet_weight[256] = {
0, 1, 1, 2, 1, 2, 2, 3, 1, 2, 2, 3, 2, 3, 3, 4, 1, 2, 2, 3, 2, 3, 3, 4,
2, 3, 3, 4, 3, 4, 4, 5, 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 1, 2, 2, 3, 2, 3, 3, 4,
2, 3, 3, 4, 3, 4, 4, 5, 2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6,
2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 3, 4, 4, 5, 4, 5, 5, 6,
4, 5, 5, 6, 5, 6, 6, 7, 1, 2, 2, 3, 2, 3, 3, 4, 2, 3, 3, 4, 3, 4, 4, 5,
2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 2, 3, 3, 4, 3, 4, 4, 5,
3, 4, 4, 5, 4, 5, 5, 6, 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
2, 3, 3, 4, 3, 4, 4, 5, 3, 4, 4, 5, 4, 5, 5, 6, 3, 4, 4, 5, 4, 5, 5, 6,
4, 5, 5, 6, 5, 6, 6, 7, 3, 4, 4, 5, 4, 5, 5, 6, 4, 5, 5, 6, 5, 6, 6, 7,
4, 5, 5, 6, 5, 6, 6, 7, 5, 6, 6, 7, 6, 7, 7, 8
};
int octet_get_weight(uint8_t octet)
{
return (int)octet_weight[octet];
}
/*
* bit_string is a buffer that is used to hold output strings, e.g.
* for printing.
*/
/* the value MAX_PRINT_STRING_LEN is defined in datatypes.h */
char bit_string[MAX_PRINT_STRING_LEN];
uint8_t srtp_nibble_to_hex_char(uint8_t nibble)
{
char buf[16] = { '0', '1', '2', '3', '4', '5', '6', '7',
'8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
return buf[nibble & 0xF];
}
char *srtp_octet_string_hex_string(const void *s, int length)
{
const uint8_t *str = (const uint8_t *)s;
int i;
/* double length, since one octet takes two hex characters */
length *= 2;
/* truncate string if it would be too long */
if (length > MAX_PRINT_STRING_LEN)
length = MAX_PRINT_STRING_LEN - 2;
for (i = 0; i < length; i += 2) {
bit_string[i] = srtp_nibble_to_hex_char(*str >> 4);
bit_string[i + 1] = srtp_nibble_to_hex_char(*str++ & 0xF);
}
bit_string[i] = 0; /* null terminate string */
return bit_string;
}
char *v128_hex_string(v128_t *x)
{
int i, j;
for (i = j = 0; i < 16; i++) {
bit_string[j++] = srtp_nibble_to_hex_char(x->v8[i] >> 4);
bit_string[j++] = srtp_nibble_to_hex_char(x->v8[i] & 0xF);
}
bit_string[j] = 0; /* null terminate string */
return bit_string;
}
char *v128_bit_string(v128_t *x)
{
int j, i;
uint32_t mask;
for (j = i = 0; j < 4; j++) {
for (mask = 0x80000000; mask > 0; mask >>= 1) {
if (x->v32[j] & mask)
bit_string[i] = '1';
else
bit_string[i] = '0';
++i;
}
}
bit_string[128] = 0; /* null terminate string */
return bit_string;
}
void v128_copy_octet_string(v128_t *x, const uint8_t s[16])
{
#ifdef ALIGNMENT_32BIT_REQUIRED
if ((((uint32_t)&s[0]) & 0x3) != 0)
#endif
{
x->v8[0] = s[0];
x->v8[1] = s[1];
x->v8[2] = s[2];
x->v8[3] = s[3];
x->v8[4] = s[4];
x->v8[5] = s[5];
x->v8[6] = s[6];
x->v8[7] = s[7];
x->v8[8] = s[8];
x->v8[9] = s[9];
x->v8[10] = s[10];
x->v8[11] = s[11];
x->v8[12] = s[12];
x->v8[13] = s[13];
x->v8[14] = s[14];
x->v8[15] = s[15];
}
#ifdef ALIGNMENT_32BIT_REQUIRED
else {
v128_t *v = (v128_t *)&s[0];
v128_copy(x, v);
}
#endif
}
#ifndef DATATYPES_USE_MACROS /* little functions are not macros */
void v128_set_to_zero(v128_t *x)
{
_v128_set_to_zero(x);
}
void v128_copy(v128_t *x, const v128_t *y)
{
_v128_copy(x, y);
}
void v128_xor(v128_t *z, v128_t *x, v128_t *y)
{
_v128_xor(z, x, y);
}
void v128_and(v128_t *z, v128_t *x, v128_t *y)
{
_v128_and(z, x, y);
}
void v128_or(v128_t *z, v128_t *x, v128_t *y)
{
_v128_or(z, x, y);
}
void v128_complement(v128_t *x)
{
_v128_complement(x);
}
int v128_is_eq(const v128_t *x, const v128_t *y)
{
return _v128_is_eq(x, y);
}
int v128_xor_eq(v128_t *x, const v128_t *y)
{
return _v128_xor_eq(x, y);
}
int v128_get_bit(const v128_t *x, int i)
{
return _v128_get_bit(x, i);
}
void v128_set_bit(v128_t *x, int i)
{
_v128_set_bit(x, i);
}
void v128_clear_bit(v128_t *x, int i)
{
_v128_clear_bit(x, i);
}
void v128_set_bit_to(v128_t *x, int i, int y)
{
_v128_set_bit_to(x, i, y);
}
#endif /* DATATYPES_USE_MACROS */
void v128_right_shift(v128_t *x, int shift)
{
const int base_index = shift >> 5;
const int bit_index = shift & 31;
int i, from;
uint32_t b;
if (shift > 127) {
v128_set_to_zero(x);
return;
}
if (bit_index == 0) {
/* copy each word from left size to right side */
x->v32[4 - 1] = x->v32[4 - 1 - base_index];
for (i = 4 - 1; i > base_index; i--)
x->v32[i - 1] = x->v32[i - 1 - base_index];
} else {
/* set each word to the "or" of the two bit-shifted words */
for (i = 4; i > base_index; i--) {
from = i - 1 - base_index;
b = x->v32[from] << bit_index;
if (from > 0)
b |= x->v32[from - 1] >> (32 - bit_index);
x->v32[i - 1] = b;
}
}
/* now wrap up the final portion */
for (i = 0; i < base_index; i++)
x->v32[i] = 0;
}
void v128_left_shift(v128_t *x, int shift)
{
int i;
const int base_index = shift >> 5;
const int bit_index = shift & 31;
if (shift > 127) {
v128_set_to_zero(x);
return;
}
if (bit_index == 0) {
for (i = 0; i < 4 - base_index; i++)
x->v32[i] = x->v32[i + base_index];
} else {
for (i = 0; i < 4 - base_index - 1; i++)
x->v32[i] = (x->v32[i + base_index] >> bit_index) ^
(x->v32[i + base_index + 1] << (32 - bit_index));
x->v32[4 - base_index - 1] = x->v32[4 - 1] >> bit_index;
}
/* now wrap up the final portion */
for (i = 4 - base_index; i < 4; i++)
x->v32[i] = 0;
}
/* functions manipulating bitvector_t */
#ifndef DATATYPES_USE_MACROS /* little functions are not macros */
int bitvector_get_bit(const bitvector_t *v, int bit_index)
{
return _bitvector_get_bit(v, bit_index);
}
void bitvector_set_bit(bitvector_t *v, int bit_index)
{
_bitvector_set_bit(v, bit_index);
}
void bitvector_clear_bit(bitvector_t *v, int bit_index)
{
_bitvector_clear_bit(v, bit_index);
}
#endif /* DATATYPES_USE_MACROS */
int bitvector_alloc(bitvector_t *v, unsigned long length)
{
unsigned long l;
/* Round length up to a multiple of bits_per_word */
length =
(length + bits_per_word - 1) & ~(unsigned long)((bits_per_word - 1));
l = length / bits_per_word * bytes_per_word;
/* allocate memory, then set parameters */
if (l == 0) {
v->word = NULL;
v->length = 0;
return -1;
} else {
v->word = (uint32_t *)srtp_crypto_alloc(l);
if (v->word == NULL) {
v->length = 0;
return -1;
}
}
v->length = length;
/* initialize bitvector to zero */
bitvector_set_to_zero(v);
return 0;
}
void bitvector_dealloc(bitvector_t *v)
{
if (v->word != NULL)
srtp_crypto_free(v->word);
v->word = NULL;
v->length = 0;
}
void bitvector_set_to_zero(bitvector_t *x)
{
/* C99 guarantees that memset(0) will set the value 0 for uint32_t */
memset(x->word, 0, x->length >> 3);
}
char *bitvector_bit_string(bitvector_t *x, char *buf, int len)
{
int j, i;
uint32_t mask;
for (j = i = 0; j < (int)(x->length >> 5) && i < len - 1; j++) {
for (mask = 0x80000000; mask > 0; mask >>= 1) {
if (x->word[j] & mask)
buf[i] = '1';
else
buf[i] = '0';
++i;
if (i >= len - 1)
break;
}
}
buf[i] = 0; /* null terminate string */
return buf;
}
void bitvector_left_shift(bitvector_t *x, int shift)
{
int i;
const int base_index = shift >> 5;
const int bit_index = shift & 31;
const int word_length = x->length >> 5;
if (shift >= (int)x->length) {
bitvector_set_to_zero(x);
return;
}
if (bit_index == 0) {
for (i = 0; i < word_length - base_index; i++)
x->word[i] = x->word[i + base_index];
} else {
for (i = 0; i < word_length - base_index - 1; i++)
x->word[i] = (x->word[i + base_index] >> bit_index) ^
(x->word[i + base_index + 1] << (32 - bit_index));
x->word[word_length - base_index - 1] =
x->word[word_length - 1] >> bit_index;
}
/* now wrap up the final portion */
for (i = word_length - base_index; i < word_length; i++)
x->word[i] = 0;
}
int srtp_octet_string_is_eq(uint8_t *a, uint8_t *b, int len)
{
uint8_t *end = b + len;
uint8_t accumulator = 0;
/*
* We use this somewhat obscure implementation to try to ensure the running
* time only depends on len, even accounting for compiler optimizations.
* The accumulator ends up zero iff the strings are equal.
*/
while (b < end)
accumulator |= (*a++ ^ *b++);
/* Return 1 if *not* equal. */
return accumulator != 0;
}
void srtp_cleanse(void *s, size_t len)
{
volatile unsigned char *p = (volatile unsigned char *)s;
while (len--)
*p++ = 0;
}
void octet_string_set_to_zero(void *s, size_t len)
{
#if defined(OPENSSL) && !defined(OPENSSL_CLEANSE_BROKEN)
OPENSSL_cleanse(s, len);
#else
srtp_cleanse(s, len);
#endif
}
#ifdef TESTAPP_SOURCE
static const char b64chars[] = "ABCDEFGHIJKLMNOPQRSTUVWXYZ"
"abcdefghijklmnopqrstuvwxyz0123456789+/";
static int base64_block_to_octet_triple(char *out, char *in)
{
unsigned char sextets[4] = { 0 };
int j = 0;
int i;
for (i = 0; i < 4; i++) {
char *p = strchr(b64chars, in[i]);
if (p != NULL)
sextets[i] = p - b64chars;
else
j++;
}
out[0] = (sextets[0] << 2) | (sextets[1] >> 4);
if (j < 2)
out[1] = (sextets[1] << 4) | (sextets[2] >> 2);
if (j < 1)
out[2] = (sextets[2] << 6) | sextets[3];
return j;
}
int base64_string_to_octet_string(char *out, int *pad, char *in, int len)
{
int k = 0;
int i = 0;
int j = 0;
if (len % 4 != 0)
return 0;
while (i < len && j == 0) {
j = base64_block_to_octet_triple(out + k, in + i);
k += 3;
i += 4;
}
*pad = j;
return i;
}
#endif

213
trunk/3rdparty/libsrtp-2-fit/crypto/math/stat.c vendored Normal file
View file

@ -0,0 +1,213 @@
/*
* stats.c
*
* statistical tests
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "stat.h"
srtp_debug_module_t srtp_mod_stat = {
0, /* debugging is off by default */
(char *)"stat test" /* printable module name */
};
/*
* each test assumes that 20,000 bits (2500 octets) of data is
* provided as input
*/
#define STAT_TEST_DATA_LEN 2500
srtp_err_status_t stat_test_monobit(uint8_t *data)
{
uint8_t *data_end = data + STAT_TEST_DATA_LEN;
uint16_t ones_count;
ones_count = 0;
while (data < data_end) {
ones_count += octet_get_weight(*data);
data++;
}
debug_print(srtp_mod_stat, "bit count: %d", ones_count);
if ((ones_count < 9725) || (ones_count > 10275))
return srtp_err_status_algo_fail;
return srtp_err_status_ok;
}
srtp_err_status_t stat_test_poker(uint8_t *data)
{
int i;
uint8_t *data_end = data + STAT_TEST_DATA_LEN;
double poker;
uint16_t f[16] = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 };
while (data < data_end) {
f[*data & 0x0f]++; /* increment freq. count for low nibble */
f[(*data) >> 4]++; /* increment freq. count for high nibble */
data++;
}
poker = 0.0;
for (i = 0; i < 16; i++)
poker += (double)f[i] * f[i];
poker *= (16.0 / 5000.0);
poker -= 5000.0;
debug_print(srtp_mod_stat, "poker test: %f\n", poker);
if ((poker < 2.16) || (poker > 46.17))
return srtp_err_status_algo_fail;
return srtp_err_status_ok;
}
/*
* runs[i] holds the number of runs of size (i-1)
*/
srtp_err_status_t stat_test_runs(uint8_t *data)
{
uint8_t *data_end = data + STAT_TEST_DATA_LEN;
uint16_t runs[6] = { 0, 0, 0, 0, 0, 0 };
uint16_t gaps[6] = { 0, 0, 0, 0, 0, 0 };
uint16_t lo_value[6] = { 2315, 1114, 527, 240, 103, 103 };
uint16_t hi_value[6] = { 2685, 1386, 723, 384, 209, 209 };
int state = 0;
uint16_t mask;
int i;
/*
* the state variable holds the number of bits in the
* current run (or gap, if negative)
*/
while (data < data_end) {
/* loop over the bits of this byte */
for (mask = 1; mask < 256; mask <<= 1) {
if (*data & mask) {
/* next bit is a one */
if (state > 0) {
/* prefix is a run, so increment the run-count */
state++;
/* check for long runs */
if (state > 25) {
debug_print(srtp_mod_stat, ">25 runs: %d", state);
return srtp_err_status_algo_fail;
}
} else if (state < 0) {
/* prefix is a gap */
if (state < -25) {
debug_print(srtp_mod_stat, ">25 gaps: %d", state);
return srtp_err_status_algo_fail; /* long-runs test
failed */
}
if (state < -6) {
state = -6; /* group together gaps > 5 */
}
gaps[-1 - state]++; /* increment gap count */
state = 1; /* set state at one set bit */
} else {
/* state is zero; this happens only at initialization */
state = 1;
}
} else {
/* next bit is a zero */
if (state > 0) {
/* prefix is a run */
if (state > 25) {
debug_print(srtp_mod_stat, ">25 runs (2): %d", state);
return srtp_err_status_algo_fail; /* long-runs test
failed */
}
if (state > 6) {
state = 6; /* group together runs > 5 */
}
runs[state - 1]++; /* increment run count */
state = -1; /* set state at one zero bit */
} else if (state < 0) {
/* prefix is a gap, so increment gap-count (decrement state)
*/
state--;
/* check for long gaps */
if (state < -25) {
debug_print(srtp_mod_stat, ">25 gaps (2): %d", state);
return srtp_err_status_algo_fail;
}
} else {
/* state is zero; this happens only at initialization */
state = -1;
}
}
}
/* move along to next octet */
data++;
}
if (srtp_mod_stat.on) {
debug_print0(srtp_mod_stat, "runs test");
for (i = 0; i < 6; i++)
debug_print(srtp_mod_stat, " runs[]: %d", runs[i]);
for (i = 0; i < 6; i++)
debug_print(srtp_mod_stat, " gaps[]: %d", gaps[i]);
}
/* check run and gap counts against the fixed limits */
for (i = 0; i < 6; i++)
if ((runs[i] < lo_value[i]) || (runs[i] > hi_value[i]) ||
(gaps[i] < lo_value[i]) || (gaps[i] > hi_value[i]))
return srtp_err_status_algo_fail;
return srtp_err_status_ok;
}

137
trunk/3rdparty/libsrtp-2-fit/crypto/replay/rdb.c vendored Normal file
View file

@ -0,0 +1,137 @@
/*
* rdb.c
*
* Implements a replay database for packet security
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "rdb.h"
/*
* this implementation of a replay database works as follows:
*
* window_start is the index of the first packet in the window
* bitmask a bit-buffer, containing the most recently entered
* index as the leftmost bit
*
*/
/* srtp_rdb_init initalizes rdb */
srtp_err_status_t srtp_rdb_init(srtp_rdb_t *rdb)
{
v128_set_to_zero(&rdb->bitmask);
rdb->window_start = 0;
return srtp_err_status_ok;
}
/*
* srtp_rdb_check checks to see if index appears in rdb
*/
srtp_err_status_t srtp_rdb_check(const srtp_rdb_t *rdb, uint32_t p_index)
{
/* if the index appears after (or at very end of) the window, its good */
if (p_index >= rdb->window_start + rdb_bits_in_bitmask) {
return srtp_err_status_ok;
}
/* if the index appears before the window, its bad */
if (p_index < rdb->window_start) {
return srtp_err_status_replay_old;
}
/* otherwise, the index appears within the window, so check the bitmask */
if (v128_get_bit(&rdb->bitmask, (p_index - rdb->window_start)) == 1) {
return srtp_err_status_replay_fail;
}
/* otherwise, the index is okay */
return srtp_err_status_ok;
}
/*
* srtp_rdb_add_index adds index to srtp_rdb_t (and does *not* check if
* index appears in db)
*
* this function should be called only after srtp_rdb_check has
* indicated that the index does not appear in the rdb, e.g., a mutex
* should protect the rdb between these calls
*/
srtp_err_status_t srtp_rdb_add_index(srtp_rdb_t *rdb, uint32_t p_index)
{
unsigned int delta;
if (p_index < rdb->window_start)
return srtp_err_status_replay_fail;
delta = (p_index - rdb->window_start);
if (delta < rdb_bits_in_bitmask) {
/* if the p_index is within the window, set the appropriate bit */
v128_set_bit(&rdb->bitmask, delta);
} else {
delta -= rdb_bits_in_bitmask - 1;
/* shift the window forward by delta bits*/
v128_left_shift(&rdb->bitmask, delta);
v128_set_bit(&rdb->bitmask, rdb_bits_in_bitmask - 1);
rdb->window_start += delta;
}
return srtp_err_status_ok;
}
srtp_err_status_t srtp_rdb_increment(srtp_rdb_t *rdb)
{
if (rdb->window_start >= 0x7fffffff) {
return srtp_err_status_key_expired;
}
++rdb->window_start;
return srtp_err_status_ok;
}
uint32_t srtp_rdb_get_value(const srtp_rdb_t *rdb)
{
return rdb->window_start;
}

386
trunk/3rdparty/libsrtp-2-fit/crypto/replay/rdbx.c vendored Normal file
View file

@ -0,0 +1,386 @@
/*
* rdbx.c
*
* a replay database with extended range, using a rollover counter
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "rdbx.h"
/*
* from RFC 3711:
*
* A receiver reconstructs the index i of a packet with sequence
* number SEQ using the estimate
*
* i = 2^16 * v + SEQ,
*
* where v is chosen from the set { ROC-1, ROC, ROC+1 } such that i is
* closest to the value 2^16 * ROC + s_l. If the value r+1 is used,
* then the rollover counter r in the cryptographic context is
* incremented by one (if the packet containing s is authentic).
*/
/*
* rdbx implementation notes
*
* A srtp_xtd_seq_num_t is essentially a sequence number for which some of
* the data on the wire are implicit. It logically consists of a
* rollover counter and a sequence number; the sequence number is the
* explicit part, and the rollover counter is the implicit part.
*
* Upon receiving a sequence_number (e.g. in a newly received SRTP
* packet), the complete srtp_xtd_seq_num_t can be estimated by using a
* local srtp_xtd_seq_num_t as a basis. This is done using the function
* srtp_index_guess(&local, &guess, seq_from_packet). This function
* returns the difference of the guess and the local value. The local
* srtp_xtd_seq_num_t can be moved forward to the guess using the function
* srtp_index_advance(&guess, delta), where delta is the difference.
*
*
* A srtp_rdbx_t consists of a srtp_xtd_seq_num_t and a bitmask. The index is
* highest sequence number that has been received, and the bitmask indicates
* which of the recent indicies have been received as well. The
* highest bit in the bitmask corresponds to the index in the bitmask.
*/
void srtp_index_init(srtp_xtd_seq_num_t *pi)
{
#ifdef NO_64BIT_MATH
*pi = make64(0, 0);
#else
*pi = 0;
#endif
}
void srtp_index_advance(srtp_xtd_seq_num_t *pi, srtp_sequence_number_t s)
{
#ifdef NO_64BIT_MATH
/* a > ~b means a+b will generate a carry */
/* s is uint16 here */
*pi = make64(high32(*pi) + (s > ~low32(*pi) ? 1 : 0), low32(*pi) + s);
#else
*pi += s;
#endif
}
/*
* srtp_index_guess(local, guess, s)
*
* given a srtp_xtd_seq_num_t local (which represents the last
* known-to-be-good received srtp_xtd_seq_num_t) and a sequence number s
* (from a newly arrived packet), sets the contents of *guess to
* contain the best guess of the packet index to which s corresponds,
* and returns the difference between *guess and *local
*
* nota bene - the output is a signed integer, DON'T cast it to a
* unsigned integer!
*/
int32_t srtp_index_guess(const srtp_xtd_seq_num_t *local,
srtp_xtd_seq_num_t *guess,
srtp_sequence_number_t s)
{
#ifdef NO_64BIT_MATH
uint32_t local_roc = ((high32(*local) << 16) | (low32(*local) >> 16));
uint16_t local_seq = (uint16_t)(low32(*local));
#else
uint32_t local_roc = (uint32_t)(*local >> 16);
uint16_t local_seq = (uint16_t)*local;
#endif
uint32_t guess_roc;
uint16_t guess_seq;
int32_t difference;
if (local_seq < seq_num_median) {
if (s - local_seq > seq_num_median) {
guess_roc = local_roc - 1;
difference = s - local_seq - seq_num_max;
} else {
guess_roc = local_roc;
difference = s - local_seq;
}
} else {
if (local_seq - seq_num_median > s) {
guess_roc = local_roc + 1;
difference = s - local_seq + seq_num_max;
} else {
guess_roc = local_roc;
difference = s - local_seq;
}
}
guess_seq = s;
/* Note: guess_roc is 32 bits, so this generates a 48-bit result! */
#ifdef NO_64BIT_MATH
*guess = make64(guess_roc >> 16, (guess_roc << 16) | guess_seq);
#else
*guess = (((uint64_t)guess_roc) << 16) | guess_seq;
#endif
return difference;
}
/*
* rdbx
*
*/
/*
* srtp_rdbx_init(&r, ws) initializes the srtp_rdbx_t pointed to by r with
* window size ws
*/
srtp_err_status_t srtp_rdbx_init(srtp_rdbx_t *rdbx, unsigned long ws)
{
if (ws == 0) {
return srtp_err_status_bad_param;
}
if (bitvector_alloc(&rdbx->bitmask, ws) != 0) {
return srtp_err_status_alloc_fail;
}
srtp_index_init(&rdbx->index);
return srtp_err_status_ok;
}
/*
* srtp_rdbx_dealloc(&r) frees memory for the srtp_rdbx_t pointed to by r
*/
srtp_err_status_t srtp_rdbx_dealloc(srtp_rdbx_t *rdbx)
{
bitvector_dealloc(&rdbx->bitmask);
return srtp_err_status_ok;
}
/*
* srtp_rdbx_set_roc(rdbx, roc) initalizes the srtp_rdbx_t at the location rdbx
* to have the rollover counter value roc. If that value is less than
* the current rollover counter value, then the function returns
* srtp_err_status_replay_old; otherwise, srtp_err_status_ok is returned.
*
*/
srtp_err_status_t srtp_rdbx_set_roc(srtp_rdbx_t *rdbx, uint32_t roc)
{
bitvector_set_to_zero(&rdbx->bitmask);
#ifdef NO_64BIT_MATH
#error not yet implemented
#else
/* make sure that we're not moving backwards */
if (roc < (rdbx->index >> 16)) {
return srtp_err_status_replay_old;
}
rdbx->index &= 0xffff; /* retain lowest 16 bits */
rdbx->index |= ((uint64_t)roc) << 16; /* set ROC */
#endif
return srtp_err_status_ok;
}
/*
* srtp_rdbx_get_packet_index(rdbx) returns the value of the packet index
* for the srtp_rdbx_t pointed to by rdbx
*
*/
srtp_xtd_seq_num_t srtp_rdbx_get_packet_index(const srtp_rdbx_t *rdbx)
{
return rdbx->index;
}
/*
* srtp_rdbx_get_window_size(rdbx) returns the value of the window size
* for the srtp_rdbx_t pointed to by rdbx
*
*/
unsigned long srtp_rdbx_get_window_size(const srtp_rdbx_t *rdbx)
{
return bitvector_get_length(&rdbx->bitmask);
}
/*
* srtp_rdbx_check(&r, delta) checks to see if the srtp_xtd_seq_num_t
* which is at rdbx->index + delta is in the rdb
*/
srtp_err_status_t srtp_rdbx_check(const srtp_rdbx_t *rdbx, int delta)
{
if (delta > 0) { /* if delta is positive, it's good */
return srtp_err_status_ok;
} else if ((int)(bitvector_get_length(&rdbx->bitmask) - 1) + delta < 0) {
/* if delta is lower than the bitmask, it's bad */
return srtp_err_status_replay_old;
} else if (bitvector_get_bit(
&rdbx->bitmask,
(int)(bitvector_get_length(&rdbx->bitmask) - 1) + delta) ==
1) {
/* delta is within the window, so check the bitmask */
return srtp_err_status_replay_fail;
}
/* otherwise, the index is okay */
return srtp_err_status_ok;
}
/*
* srtp_rdbx_add_index adds the srtp_xtd_seq_num_t at rdbx->window_start + d to
* replay_db (and does *not* check if that srtp_xtd_seq_num_t appears in db)
*
* this function should be called only after replay_check has
* indicated that the index does not appear in the rdbx, e.g., a mutex
* should protect the rdbx between these calls if need be
*/
srtp_err_status_t srtp_rdbx_add_index(srtp_rdbx_t *rdbx, int delta)
{
if (delta > 0) {
/* shift forward by delta */
srtp_index_advance(&rdbx->index, delta);
bitvector_left_shift(&rdbx->bitmask, delta);
bitvector_set_bit(&rdbx->bitmask,
bitvector_get_length(&rdbx->bitmask) - 1);
} else {
/* delta is in window */
bitvector_set_bit(&rdbx->bitmask,
bitvector_get_length(&rdbx->bitmask) - 1 + delta);
}
/* note that we need not consider the case that delta == 0 */
return srtp_err_status_ok;
}
/*
* srtp_rdbx_estimate_index(rdbx, guess, s)
*
* given an rdbx and a sequence number s (from a newly arrived packet),
* sets the contents of *guess to contain the best guess of the packet
* index to which s corresponds, and returns the difference between
* *guess and the locally stored synch info
*/
int32_t srtp_rdbx_estimate_index(const srtp_rdbx_t *rdbx,
srtp_xtd_seq_num_t *guess,
srtp_sequence_number_t s)
{
/*
* if the sequence number and rollover counter in the rdbx are
* non-zero, then use the srtp_index_guess(...) function, otherwise, just
* set the rollover counter to zero (since the srtp_index_guess(...)
* function might incorrectly guess that the rollover counter is
* 0xffffffff)
*/
#ifdef NO_64BIT_MATH
/* seq_num_median = 0x8000 */
if (high32(rdbx->index) > 0 || low32(rdbx->index) > seq_num_median)
#else
if (rdbx->index > seq_num_median)
#endif
{
return srtp_index_guess(&rdbx->index, guess, s);
}
#ifdef NO_64BIT_MATH
*guess = make64(0, (uint32_t)s);
#else
*guess = s;
#endif
#ifdef NO_64BIT_MATH
return s - (uint16_t)low32(rdbx->index);
#else
return s - (uint16_t)rdbx->index;
#endif
}
/*
* srtp_rdbx_get_roc(rdbx)
*
* Get the current rollover counter
*
*/
uint32_t srtp_rdbx_get_roc(const srtp_rdbx_t *rdbx)
{
uint32_t roc;
#ifdef NO_64BIT_MATH
roc = ((high32(rdbx->index) << 16) | (low32(rdbx->index) >> 16));
#else
roc = (uint32_t)(rdbx->index >> 16);
#endif
return roc;
}
/*
* srtp_rdbx_set_roc_seq(rdbx, roc, seq) initalizes the srtp_rdbx_t at the
* location rdbx to have the rollover counter value roc and packet sequence
* number seq. If the new rollover counter value is less than the current
* rollover counter value, then the function returns
* srtp_err_status_replay_old, otherwise, srtp_err_status_ok is returned.
*/
srtp_err_status_t srtp_rdbx_set_roc_seq(srtp_rdbx_t *rdbx,
uint32_t roc,
uint16_t seq)
{
#ifdef NO_64BIT_MATH
#error not yet implemented
#else
/* make sure that we're not moving backwards */
if (roc < (rdbx->index >> 16)) {
return srtp_err_status_replay_old;
}
rdbx->index = seq;
rdbx->index |= ((uint64_t)roc) << 16; /* set ROC */
#endif
bitvector_set_to_zero(&rdbx->bitmask);
return srtp_err_status_ok;
}

107
trunk/3rdparty/libsrtp-2-fit/crypto/replay/ut_sim.c vendored Normal file
View file

@ -0,0 +1,107 @@
/*
* ut_sim.c
*
* an unreliable transport simulator
* (for testing replay databases and suchlike)
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "ut_sim.h"
#include "cipher_priv.h"
int ut_compar(const void *a, const void *b)
{
uint8_t r;
srtp_cipher_rand_for_tests(&r, sizeof(r));
return r > (UINT8_MAX / 2) ? -1 : 1;
}
void ut_init(ut_connection *utc)
{
int i;
utc->index = 0;
for (i = 0; i < UT_BUF; i++)
utc->buffer[i] = i;
qsort(utc->buffer, UT_BUF, sizeof(uint32_t), ut_compar);
utc->index = UT_BUF - 1;
}
uint32_t ut_next_index(ut_connection *utc)
{
uint32_t tmp;
tmp = utc->buffer[0];
utc->index++;
utc->buffer[0] = utc->index;
qsort(utc->buffer, UT_BUF, sizeof(uint32_t), ut_compar);
return tmp;
}
#ifdef UT_TEST
#include <stdio.h>
int main()
{
uint32_t i, irecvd, idiff;
ut_connection utc;
ut_init(&utc);
for (i = 0; i < 1000; i++) {
irecvd = ut_next_index(&utc);
idiff = i - irecvd;
printf("%lu\t%lu\t%d\n", i, irecvd, idiff);
}
return 0;
}
#endif

157
trunk/3rdparty/libsrtp-2-fit/crypto/test/aes_calc.c vendored Normal file
View file

@ -0,0 +1,157 @@
/*
* aes_calc.c
*
* A simple AES calculator for generating AES encryption values
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
/*
Example usage (with first NIST FIPS 197 test case):
[sh]$ test/aes_calc 000102030405060708090a0b0c0d0e0f \
00112233445566778899aabbccddeeff -v
plaintext: 00112233445566778899aabbccddeeff
key: 000102030405060708090a0b0c0d0e0f
ciphertext: 69c4e0d86a7b0430d8cdb78070b4c55a
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "aes.h"
#include <stdio.h>
#include <string.h>
#include "util.h"
void usage(char *prog_name)
{
printf("usage: %s <key> <plaintext> [-v]\n", prog_name);
exit(255);
}
#define AES_MAX_KEY_LEN 32
int main(int argc, char *argv[])
{
v128_t data;
uint8_t key[AES_MAX_KEY_LEN];
srtp_aes_expanded_key_t exp_key;
int key_len, len;
int verbose = 0;
srtp_err_status_t status;
if (argc == 3) {
/* we're not in verbose mode */
verbose = 0;
} else if (argc == 4) {
if (strncmp(argv[3], "-v", 2) == 0) {
/* we're in verbose mode */
verbose = 1;
} else {
/* unrecognized flag, complain and exit */
usage(argv[0]);
}
} else {
/* we've been fed the wrong number of arguments - compain and exit */
usage(argv[0]);
}
/* read in key, checking length */
if (strlen(argv[1]) > AES_MAX_KEY_LEN * 2) {
fprintf(stderr, "error: too many digits in key "
"(should be at most %d hexadecimal digits, found %u)\n",
AES_MAX_KEY_LEN * 2, (unsigned)strlen(argv[1]));
exit(1);
}
len = hex_string_to_octet_string((char *)key, argv[1], AES_MAX_KEY_LEN * 2);
/* check that hex string is the right length */
if (len != 32 && len != 48 && len != 64) {
fprintf(stderr, "error: bad number of digits in key "
"(should be 32/48/64 hexadecimal digits, found %d)\n",
len);
exit(1);
}
key_len = len / 2;
/* read in plaintext, checking length */
if (strlen(argv[2]) > 16 * 2) {
fprintf(stderr, "error: too many digits in plaintext "
"(should be %d hexadecimal digits, found %u)\n",
16 * 2, (unsigned)strlen(argv[2]));
exit(1);
}
len = hex_string_to_octet_string((char *)(&data), argv[2], 16 * 2);
/* check that hex string is the right length */
if (len < 16 * 2) {
fprintf(stderr, "error: too few digits in plaintext "
"(should be %d hexadecimal digits, found %d)\n",
16 * 2, len);
exit(1);
}
if (verbose) {
/* print out plaintext */
printf("plaintext:\t%s\n",
octet_string_hex_string((uint8_t *)&data, 16));
}
/* encrypt plaintext */
status = srtp_aes_expand_encryption_key(key, key_len, &exp_key);
if (status) {
fprintf(stderr, "error: AES key expansion failed.\n");
exit(1);
}
srtp_aes_encrypt(&data, &exp_key);
/* write ciphertext to output */
if (verbose) {
printf("key:\t\t%s\n", octet_string_hex_string(key, key_len));
printf("ciphertext:\t");
}
printf("%s\n", v128_hex_string(&data));
return 0;
}

603
trunk/3rdparty/libsrtp-2-fit/crypto/test/cipher_driver.c vendored Normal file
View file

@ -0,0 +1,603 @@
/*
* cipher_driver.c
*
* A driver for the generic cipher type
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h> /* for printf() */
#include "getopt_s.h"
#include "cipher.h"
#include "cipher_priv.h"
#ifdef GCM
#include "aes_icm_ext.h"
#include "aes_gcm.h"
#else
#include "aes_icm.h"
#endif
#define PRINT_DEBUG 0
void cipher_driver_test_throughput(srtp_cipher_t *c);
srtp_err_status_t cipher_driver_self_test(srtp_cipher_type_t *ct);
/*
* cipher_driver_test_buffering(ct) tests the cipher's output
* buffering for correctness by checking the consistency of succesive
* calls
*/
srtp_err_status_t cipher_driver_test_buffering(srtp_cipher_t *c);
/*
* functions for testing cipher cache thrash
*/
srtp_err_status_t cipher_driver_test_array_throughput(srtp_cipher_type_t *ct,
int klen,
int num_cipher);
void cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher);
uint64_t cipher_array_bits_per_second(srtp_cipher_t *cipher_array[],
int num_cipher,
unsigned octets_in_buffer,
int num_trials);
srtp_err_status_t cipher_array_delete(srtp_cipher_t *cipher_array[],
int num_cipher);
srtp_err_status_t cipher_array_alloc_init(srtp_cipher_t ***cipher_array,
int num_ciphers,
srtp_cipher_type_t *ctype,
int klen);
void usage(char *prog_name)
{
printf("usage: %s [ -t | -v | -a ]\n", prog_name);
exit(255);
}
void check_status(srtp_err_status_t s)
{
if (s) {
printf("error (code %d)\n", s);
exit(s);
}
return;
}
/*
* null_cipher and srtp_aes_icm are the cipher meta-objects
* defined in the files in crypto/cipher subdirectory. these are
* declared external so that we can use these cipher types here
*/
extern srtp_cipher_type_t srtp_null_cipher;
extern srtp_cipher_type_t srtp_aes_icm_128;
extern srtp_cipher_type_t srtp_aes_icm_256;
#ifdef GCM
extern srtp_cipher_type_t srtp_aes_icm_192;
extern srtp_cipher_type_t srtp_aes_gcm_128;
extern srtp_cipher_type_t srtp_aes_gcm_256;
#endif
int main(int argc, char *argv[])
{
srtp_cipher_t *c = NULL;
srtp_err_status_t status;
/* clang-format off */
unsigned char test_key[48] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e, 0x1f,
0x20, 0x21, 0x22, 0x23, 0x24, 0x25, 0x26, 0x27,
0x28, 0x29, 0x2a, 0x2b, 0x2c, 0x2d, 0x2e, 0x2f,
};
/* clang-format on */
int q;
unsigned do_timing_test = 0;
unsigned do_validation = 0;
unsigned do_array_timing_test = 0;
/* process input arguments */
while (1) {
q = getopt_s(argc, argv, "tva");
if (q == -1)
break;
switch (q) {
case 't':
do_timing_test = 1;
break;
case 'v':
do_validation = 1;
break;
case 'a':
do_array_timing_test = 1;
break;
default:
usage(argv[0]);
}
}
printf("cipher test driver\n"
"David A. McGrew\n"
"Cisco Systems, Inc.\n");
if (!do_validation && !do_timing_test && !do_array_timing_test)
usage(argv[0]);
/* arry timing (cache thrash) test */
if (do_array_timing_test) {
int max_num_cipher = 1 << 16; /* number of ciphers in cipher_array */
int num_cipher;
for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8)
cipher_driver_test_array_throughput(&srtp_null_cipher, 0,
num_cipher);
for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8)
cipher_driver_test_array_throughput(
&srtp_aes_icm_128, SRTP_AES_ICM_128_KEY_LEN_WSALT, num_cipher);
for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8)
cipher_driver_test_array_throughput(
&srtp_aes_icm_256, SRTP_AES_ICM_256_KEY_LEN_WSALT, num_cipher);
#ifdef GCM
for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8)
cipher_driver_test_array_throughput(
&srtp_aes_icm_192, SRTP_AES_ICM_192_KEY_LEN_WSALT, num_cipher);
for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) {
cipher_driver_test_array_throughput(
&srtp_aes_gcm_128, SRTP_AES_GCM_128_KEY_LEN_WSALT, num_cipher);
}
for (num_cipher = 1; num_cipher < max_num_cipher; num_cipher *= 8) {
cipher_driver_test_array_throughput(
&srtp_aes_gcm_256, SRTP_AES_GCM_256_KEY_LEN_WSALT, num_cipher);
}
#endif
}
if (do_validation) {
cipher_driver_self_test(&srtp_null_cipher);
cipher_driver_self_test(&srtp_aes_icm_128);
cipher_driver_self_test(&srtp_aes_icm_256);
#ifdef GCM
cipher_driver_self_test(&srtp_aes_icm_192);
cipher_driver_self_test(&srtp_aes_gcm_128);
cipher_driver_self_test(&srtp_aes_gcm_256);
#endif
}
/* do timing and/or buffer_test on srtp_null_cipher */
status = srtp_cipher_type_alloc(&srtp_null_cipher, &c, 0, 0);
check_status(status);
status = srtp_cipher_init(c, NULL);
check_status(status);
if (do_timing_test)
cipher_driver_test_throughput(c);
if (do_validation) {
status = cipher_driver_test_buffering(c);
check_status(status);
}
status = srtp_cipher_dealloc(c);
check_status(status);
/* run the throughput test on the aes_icm cipher (128-bit key) */
status = srtp_cipher_type_alloc(&srtp_aes_icm_128, &c,
SRTP_AES_ICM_128_KEY_LEN_WSALT, 0);
if (status) {
fprintf(stderr, "error: can't allocate cipher\n");
exit(status);
}
status = srtp_cipher_init(c, test_key);
check_status(status);
if (do_timing_test)
cipher_driver_test_throughput(c);
if (do_validation) {
status = cipher_driver_test_buffering(c);
check_status(status);
}
status = srtp_cipher_dealloc(c);
check_status(status);
/* repeat the tests with 256-bit keys */
status = srtp_cipher_type_alloc(&srtp_aes_icm_256, &c,
SRTP_AES_ICM_256_KEY_LEN_WSALT, 0);
if (status) {
fprintf(stderr, "error: can't allocate cipher\n");
exit(status);
}
status = srtp_cipher_init(c, test_key);
check_status(status);
if (do_timing_test)
cipher_driver_test_throughput(c);
if (do_validation) {
status = cipher_driver_test_buffering(c);
check_status(status);
}
status = srtp_cipher_dealloc(c);
check_status(status);
#ifdef GCM
/* run the throughput test on the aes_gcm_128 cipher */
status = srtp_cipher_type_alloc(&srtp_aes_gcm_128, &c,
SRTP_AES_GCM_128_KEY_LEN_WSALT, 8);
if (status) {
fprintf(stderr, "error: can't allocate GCM 128 cipher\n");
exit(status);
}
status = srtp_cipher_init(c, test_key);
check_status(status);
if (do_timing_test) {
cipher_driver_test_throughput(c);
}
// GCM ciphers don't do buffering; they're "one shot"
status = srtp_cipher_dealloc(c);
check_status(status);
/* run the throughput test on the aes_gcm_256 cipher */
status = srtp_cipher_type_alloc(&srtp_aes_gcm_256, &c,
SRTP_AES_GCM_256_KEY_LEN_WSALT, 16);
if (status) {
fprintf(stderr, "error: can't allocate GCM 256 cipher\n");
exit(status);
}
status = srtp_cipher_init(c, test_key);
check_status(status);
if (do_timing_test) {
cipher_driver_test_throughput(c);
}
// GCM ciphers don't do buffering; they're "one shot"
status = srtp_cipher_dealloc(c);
check_status(status);
#endif
return 0;
}
void cipher_driver_test_throughput(srtp_cipher_t *c)
{
int i;
int min_enc_len = 32;
int max_enc_len = 2048; /* should be a power of two */
int num_trials = 1000000;
printf("timing %s throughput, key length %d:\n", c->type->description,
c->key_len);
fflush(stdout);
for (i = min_enc_len; i <= max_enc_len; i = i * 2)
printf("msg len: %d\tgigabits per second: %f\n", i,
srtp_cipher_bits_per_second(c, i, num_trials) / 1e9);
}
srtp_err_status_t cipher_driver_self_test(srtp_cipher_type_t *ct)
{
srtp_err_status_t status;
printf("running cipher self-test for %s...", ct->description);
status = srtp_cipher_type_self_test(ct);
if (status) {
printf("failed with error code %d\n", status);
exit(status);
}
printf("passed\n");
return srtp_err_status_ok;
}
/*
* cipher_driver_test_buffering(ct) tests the cipher's output
* buffering for correctness by checking the consistency of succesive
* calls
*/
#define INITIAL_BUFLEN 1024
srtp_err_status_t cipher_driver_test_buffering(srtp_cipher_t *c)
{
int i, j, num_trials = 1000;
unsigned len, buflen = INITIAL_BUFLEN;
uint8_t buffer0[INITIAL_BUFLEN], buffer1[INITIAL_BUFLEN], *current, *end;
uint8_t idx[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x12, 0x34 };
srtp_err_status_t status;
printf("testing output buffering for cipher %s...", c->type->description);
for (i = 0; i < num_trials; i++) {
/* set buffers to zero */
for (j = 0; j < (int)buflen; j++) {
buffer0[j] = buffer1[j] = 0;
}
/* initialize cipher */
status = srtp_cipher_set_iv(c, (uint8_t *)idx, srtp_direction_encrypt);
if (status)
return status;
/* generate 'reference' value by encrypting all at once */
status = srtp_cipher_encrypt(c, buffer0, &buflen);
if (status)
return status;
/* re-initialize cipher */
status = srtp_cipher_set_iv(c, (uint8_t *)idx, srtp_direction_encrypt);
if (status)
return status;
/* now loop over short lengths until buffer1 is encrypted */
current = buffer1;
end = buffer1 + buflen;
while (current < end) {
/* choose a short length */
len = srtp_cipher_rand_u32_for_tests() & 0x01f;
/* make sure that len doesn't cause us to overreach the buffer */
if (current + len > end)
len = end - current;
status = srtp_cipher_encrypt(c, current, &len);
if (status)
return status;
/* advance pointer into buffer1 to reflect encryption */
current += len;
/* if buffer1 is all encrypted, break out of loop */
if (current == end)
break;
}
/* compare buffers */
for (j = 0; j < (int)buflen; j++) {
if (buffer0[j] != buffer1[j]) {
#if PRINT_DEBUG
printf("test case %d failed at byte %d\n", i, j);
printf("computed: %s\n",
octet_string_hex_string(buffer1, buflen));
printf("expected: %s\n",
octet_string_hex_string(buffer0, buflen));
#endif
return srtp_err_status_algo_fail;
}
}
}
printf("passed\n");
return srtp_err_status_ok;
}
/*
* The function cipher_test_throughput_array() tests the effect of CPU
* cache thrash on cipher throughput.
*
* cipher_array_alloc_init(ctype, array, num_ciphers) creates an array
* of srtp_cipher_t of type ctype
*/
srtp_err_status_t cipher_array_alloc_init(srtp_cipher_t ***ca,
int num_ciphers,
srtp_cipher_type_t *ctype,
int klen)
{
int i, j;
srtp_err_status_t status;
uint8_t *key;
srtp_cipher_t **cipher_array;
/* pad klen allocation, to handle aes_icm reading 16 bytes for the
14-byte salt */
int klen_pad = ((klen + 15) >> 4) << 4;
/* allocate array of pointers to ciphers */
cipher_array = (srtp_cipher_t **)srtp_crypto_alloc(sizeof(srtp_cipher_t *) *
num_ciphers);
if (cipher_array == NULL)
return srtp_err_status_alloc_fail;
/* set ca to location of cipher_array */
*ca = cipher_array;
/* allocate key */
key = srtp_crypto_alloc(klen_pad);
if (key == NULL) {
srtp_crypto_free(cipher_array);
return srtp_err_status_alloc_fail;
}
/* allocate and initialize an array of ciphers */
for (i = 0; i < num_ciphers; i++) {
/* allocate cipher */
status = srtp_cipher_type_alloc(ctype, cipher_array, klen, 16);
if (status)
return status;
/* generate random key and initialize cipher */
srtp_cipher_rand_for_tests(key, klen);
for (j = klen; j < klen_pad; j++)
key[j] = 0;
status = srtp_cipher_init(*cipher_array, key);
if (status)
return status;
/* printf("%dth cipher is at %p\n", i, *cipher_array); */
/* printf("%dth cipher description: %s\n", i, */
/* (*cipher_array)->type->description); */
/* advance cipher array pointer */
cipher_array++;
}
srtp_crypto_free(key);
return srtp_err_status_ok;
}
srtp_err_status_t cipher_array_delete(srtp_cipher_t *cipher_array[],
int num_cipher)
{
int i;
for (i = 0; i < num_cipher; i++) {
srtp_cipher_dealloc(cipher_array[i]);
}
srtp_crypto_free(cipher_array);
return srtp_err_status_ok;
}
/*
* cipher_array_bits_per_second(c, l, t) computes (an estimate of) the
* number of bits that a cipher implementation can encrypt in a second
* when distinct keys are used to encrypt distinct messages
*
* c is a cipher (which MUST be allocated an initialized already), l
* is the length in octets of the test data to be encrypted, and t is
* the number of trials
*
* if an error is encountered, the value 0 is returned
*/
uint64_t cipher_array_bits_per_second(srtp_cipher_t *cipher_array[],
int num_cipher,
unsigned octets_in_buffer,
int num_trials)
{
int i;
v128_t nonce;
clock_t timer;
unsigned char *enc_buf;
int cipher_index = srtp_cipher_rand_u32_for_tests() % num_cipher;
/* Over-alloc, for NIST CBC padding */
enc_buf = srtp_crypto_alloc(octets_in_buffer + 17);
if (enc_buf == NULL)
return 0; /* indicate bad parameters by returning null */
/* time repeated trials */
v128_set_to_zero(&nonce);
timer = clock();
for (i = 0; i < num_trials; i++, nonce.v32[3] = i) {
/* length parameter to srtp_cipher_encrypt is in/out -- out is total,
* padded
* length -- so reset it each time. */
unsigned octets_to_encrypt = octets_in_buffer;
/* encrypt buffer with cipher */
srtp_cipher_set_iv(cipher_array[cipher_index], (uint8_t *)&nonce,
srtp_direction_encrypt);
srtp_cipher_encrypt(cipher_array[cipher_index], enc_buf,
&octets_to_encrypt);
/* choose a cipher at random from the array*/
cipher_index = (*((uint32_t *)enc_buf)) % num_cipher;
}
timer = clock() - timer;
srtp_crypto_free(enc_buf);
if (timer == 0) {
/* Too fast! */
return 0;
}
return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
}
void cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher)
{
int i;
int min_enc_len = 16;
int max_enc_len = 2048; /* should be a power of two */
int num_trials = 1000000;
printf("timing %s throughput with key length %d, array size %d:\n",
(ca[0])->type->description, (ca[0])->key_len, num_cipher);
fflush(stdout);
for (i = min_enc_len; i <= max_enc_len; i = i * 4)
printf("msg len: %d\tgigabits per second: %f\n", i,
cipher_array_bits_per_second(ca, num_cipher, i, num_trials) /
1e9);
}
srtp_err_status_t cipher_driver_test_array_throughput(srtp_cipher_type_t *ct,
int klen,
int num_cipher)
{
srtp_cipher_t **ca = NULL;
srtp_err_status_t status;
status = cipher_array_alloc_init(&ca, num_cipher, ct, klen);
if (status) {
printf("error: cipher_array_alloc_init() failed with error code %d\n",
status);
return status;
}
cipher_array_test_throughput(ca, num_cipher);
cipher_array_delete(ca, num_cipher);
return srtp_err_status_ok;
}

256
trunk/3rdparty/libsrtp-2-fit/crypto/test/datatypes_driver.c vendored Normal file
View file

@ -0,0 +1,256 @@
/*
* datatypes_driver.c
*
* a test driver for crypto/math datatypes
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h> /* for printf() */
#include <string.h> /* for strlen() */
#include "datatypes.h"
#include "util.h"
void byte_order(void);
void test_hex_string_funcs(void);
void print_string(char *s);
void test_bswap(void);
void test_set_to_zero(void);
int main(void)
{
/*
* this program includes various and sundry tests for fundamental
* datatypes. it's a grab-bag of throwaway code, retained only in
* case of future problems
*/
int i, j;
v128_t x;
char *r = "The Moving Finger writes; and, having writ,\n"
"Moves on: nor all thy Piety nor Wit\n"
"Shall lure it back to cancel half a Line,\n"
"Nor all thy Tears wash out a Word of it.";
char *s = "incomplet";
print_string(r);
print_string(s);
byte_order();
test_hex_string_funcs();
for (j = 0; j < 128; j++) {
v128_set_to_zero(&x);
/* x.v32[0] = (1 << j); */
v128_set_bit(&x, j);
printf("%s\n", v128_bit_string(&x));
v128_clear_bit(&x, j);
printf("%s\n", v128_bit_string(&x));
}
printf("----------------------------------------------\n");
v128_set_to_zero(&x);
for (i = 0; i < 128; i++) {
v128_set_bit(&x, i);
}
printf("%s\n", v128_bit_string(&x));
printf("----------------------------------------------\n");
v128_set_to_zero(&x);
v128_set_bit(&x, 0);
for (i = 0; i < 128; i++) {
printf("%s\n", v128_bit_string(&x));
v128_right_shift(&x, 1);
}
printf("----------------------------------------------\n");
v128_set_to_zero(&x);
v128_set_bit(&x, 127);
for (i = 0; i < 128; i++) {
printf("%s\n", v128_bit_string(&x));
v128_left_shift(&x, 1);
}
printf("----------------------------------------------\n");
for (i = 0; i < 128; i++) {
v128_set_to_zero(&x);
v128_set_bit(&x, 127);
v128_left_shift(&x, i);
printf("%s\n", v128_bit_string(&x));
}
printf("----------------------------------------------\n");
v128_set_to_zero(&x);
for (i = 0; i < 128; i += 2) {
v128_set_bit(&x, i);
}
printf("bit_string: { %s }\n", v128_bit_string(&x));
printf("get_bit: { ");
for (i = 0; i < 128; i++) {
if (v128_get_bit(&x, i) == 1)
printf("1");
else
printf("0");
}
printf(" } \n");
test_bswap();
test_set_to_zero();
return 0;
}
/* byte_order() prints out byte ordering of datatypes */
void byte_order(void)
{
int i;
v128_t e;
#if 0
v16_t b;
v32_t c;
v64_t d;
for (i=0; i < sizeof(b); i++)
b.octet[i] = i;
for (i=0; i < sizeof(c); i++)
c.octet[i] = i;
for (i=0; i < sizeof(d); i++)
d.octet[i] = i;
printf("v128_t:\t%s\n", v128_hex_string(&e));
printf("v64_t:\t%s\n", v64_hex_string(&d));
printf("v32_t:\t%s\n", v32_hex_string(c));
printf("v16_t:\t%s\n", v16_hex_string(b));
c.value = 0x01020304;
printf("v32_t:\t%s\n", v32_hex_string(c));
b.value = 0x0102;
printf("v16_t:\t%s\n", v16_hex_string(b));
printf("uint16_t ordering:\n");
c.value = 0x00010002;
printf("v32_t:\t%x%x\n", c.v16[0], c.v16[1]);
#endif
printf("byte ordering of crypto/math datatypes:\n");
for (i = 0; i < sizeof(e); i++)
e.v8[i] = i;
printf("v128_t: %s\n", v128_hex_string(&e));
}
void test_hex_string_funcs(void)
{
char hex1[] = "abadcafe";
char hex2[] = "0123456789abcdefqqqqq";
char raw[10];
int len;
len = hex_string_to_octet_string(raw, hex1, strlen(hex1));
printf("computed length: %d\tstring: %s\n", len,
octet_string_hex_string(raw, len / 2));
printf("expected length: %u\tstring: %s\n", (unsigned)strlen(hex1), hex1);
len = hex_string_to_octet_string(raw, hex2, strlen(hex2));
printf("computed length: %d\tstring: %s\n", len,
octet_string_hex_string(raw, len / 2));
printf("expected length: %d\tstring: %s\n", 16, "0123456789abcdef");
}
void print_string(char *s)
{
size_t i;
printf("%s\n", s);
printf("strlen(s) = %u\n", (unsigned)strlen(s));
printf("{ ");
for (i = 0; i < strlen(s); i++) {
printf("0x%x, ", s[i]);
if (((i + 1) % 8) == 0)
printf("\n ");
}
printf("}\n");
}
void test_bswap(void)
{
uint32_t x = 0x11223344;
uint64_t y = 0x1122334455667788LL;
printf("before: %0x\nafter: %0x\n", x, (unsigned int)be32_to_cpu(x));
printf("before: %0llx\nafter: %0llx\n", (unsigned long long)y,
(unsigned long long)be64_to_cpu(y));
y = 1234;
printf("1234: %0llx\n", (unsigned long long)y);
printf("as octet string: %s\n", octet_string_hex_string((uint8_t *)&y, 8));
y = be64_to_cpu(y);
printf("bswapped octet string: %s\n",
octet_string_hex_string((uint8_t *)&y, 8));
}
void test_set_to_zero(void)
{
#define BUFFER_SIZE (16)
uint8_t buffer[BUFFER_SIZE];
size_t i;
for (i = 0; i < BUFFER_SIZE; i++) {
buffer[i] = i & 0xff;
}
printf("Buffer before: %s\n", octet_string_hex_string(buffer, BUFFER_SIZE));
octet_string_set_to_zero(buffer, BUFFER_SIZE);
printf("Buffer after: %s\n", octet_string_hex_string(buffer, BUFFER_SIZE));
for (i = 0; i < BUFFER_SIZE; i++) {
if (buffer[i]) {
fprintf(stderr,
"Buffer contents not zero at position %zu (is %d)\n", i,
buffer[i]);
abort();
}
}
#undef BUFFER_SIZE
}

89
trunk/3rdparty/libsrtp-2-fit/crypto/test/env.c vendored Normal file
View file

@ -0,0 +1,89 @@
/*
* env.c
*
* prints out a brief report on the build environment
*
* David McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include <stdio.h>
#include <string.h> /* for srtcmp() */
#include "config.h"
int main(void)
{
int err_count = 0;
#ifdef WORDS_BIGENDIAN
printf("CPU set to big-endian\t\t\t(WORDS_BIGENDIAN == 1)\n");
#else
printf("CPU set to little-endian\t\t(WORDS_BIGENDIAN == 0)\n");
#endif
#ifdef CPU_RISC
printf("CPU set to RISC\t\t\t\t(CPU_RISC == 1)\n");
#elif defined(CPU_CISC)
printf("CPU set to CISC\t\t\t\t(CPU_CISC == 1)\n");
#else
printf(
"CPU set to an unknown type, probably due to a configuration error\n");
err_count++;
#endif
#ifdef CPU_ALTIVEC
printf("CPU set to ALTIVEC\t\t\t\t(CPU_ALTIVEC == 0)\n");
#endif
#ifndef NO_64BIT_MATH
printf("using native 64-bit type\t\t(NO_64_BIT_MATH == 0)\n");
#else
printf("using built-in 64-bit math\t\t(NO_64_BIT_MATH == 1)\n");
#endif
#ifdef ERR_REPORTING_STDOUT
printf("using stdout for error reporting\t(ERR_REPORTING_STDOUT == 1)\n");
#endif
if (err_count)
printf("warning: configuration is probably in error "
"(found %d problems)\n",
err_count);
return err_count;
}

127
trunk/3rdparty/libsrtp-2-fit/crypto/test/kernel_driver.c vendored Normal file
View file

@ -0,0 +1,127 @@
/*
* kernel_driver.c
*
* a test driver for the crypto_kernel
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h> /* for printf() */
#include "getopt_s.h"
#include "crypto_kernel.h"
void usage(char *prog_name)
{
printf("usage: %s [ -v ][ -d debug_module ]*\n", prog_name);
exit(255);
}
int main(int argc, char *argv[])
{
int q;
int do_validation = 0;
srtp_err_status_t status;
if (argc == 1)
usage(argv[0]);
/* initialize kernel - we need to do this before anything else */
status = srtp_crypto_kernel_init();
if (status) {
printf("error: srtp_crypto_kernel init failed\n");
exit(1);
}
printf("srtp_crypto_kernel successfully initalized\n");
/* process input arguments */
while (1) {
q = getopt_s(argc, argv, "vd:");
if (q == -1)
break;
switch (q) {
case 'v':
do_validation = 1;
break;
case 'd':
status = srtp_crypto_kernel_set_debug_module(optarg_s, 1);
if (status) {
printf("error: set debug module (%s) failed\n", optarg_s);
exit(1);
}
break;
default:
usage(argv[0]);
}
}
if (do_validation) {
printf("checking srtp_crypto_kernel status...\n");
status = srtp_crypto_kernel_status();
if (status) {
printf("failed\n");
exit(1);
}
printf("srtp_crypto_kernel passed self-tests\n");
}
status = srtp_crypto_kernel_shutdown();
if (status) {
printf("error: srtp_crypto_kernel shutdown failed\n");
exit(1);
}
printf("srtp_crypto_kernel successfully shut down\n");
return 0;
}
/*
* crypto_kernel_cipher_test() is a test of the cipher interface
* of the crypto_kernel
*/
srtp_err_status_t crypto_kernel_cipher_test(void)
{
/* not implemented yet! */
return srtp_err_status_ok;
}

387
trunk/3rdparty/libsrtp-2-fit/crypto/test/sha1_driver.c vendored Normal file
View file

@ -0,0 +1,387 @@
/*
* sha1_driver.c
*
* a test driver for SHA-1
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
#include <string.h>
#include "sha1.h"
#include "util.h"
#define SHA_PASS 0
#define SHA_FAIL 1
#define MAX_HASH_DATA_LEN 1024
#define MAX_HASH_OUT_LEN 20
typedef struct hash_test_case_t {
unsigned data_len; /* number of octets in data */
unsigned hash_len; /* number of octets output by hash */
uint8_t data[MAX_HASH_DATA_LEN]; /* message data */
uint8_t hash[MAX_HASH_OUT_LEN]; /* expected hash output */
struct hash_test_case_t *next_test_case;
} hash_test_case_t;
hash_test_case_t *sha1_test_case_list;
srtp_err_status_t hash_test_case_add(hash_test_case_t **list_ptr,
char *hex_data,
unsigned data_len,
char *hex_hash,
unsigned hash_len)
{
hash_test_case_t *list_head = *list_ptr;
hash_test_case_t *test_case;
unsigned tmp_len;
test_case = malloc(sizeof(hash_test_case_t));
if (test_case == NULL)
return srtp_err_status_alloc_fail;
tmp_len = hex_string_to_octet_string((char *)test_case->data, hex_data,
data_len * 2);
if (tmp_len != data_len * 2) {
free(test_case);
return srtp_err_status_parse_err;
}
tmp_len = hex_string_to_octet_string((char *)test_case->hash, hex_hash,
hash_len * 2);
if (tmp_len != hash_len * 2) {
free(test_case);
return srtp_err_status_parse_err;
}
test_case->data_len = data_len;
test_case->hash_len = hash_len;
/* add the new test case to the head of the list */
test_case->next_test_case = list_head;
*list_ptr = test_case;
return srtp_err_status_ok;
}
srtp_err_status_t sha1_test_case_validate(const hash_test_case_t *test_case)
{
srtp_sha1_ctx_t ctx;
uint32_t hash_value[5];
if (test_case == NULL)
return srtp_err_status_bad_param;
if (test_case->hash_len != 20)
return srtp_err_status_bad_param;
if (test_case->data_len > MAX_HASH_DATA_LEN)
return srtp_err_status_bad_param;
srtp_sha1_init(&ctx);
srtp_sha1_update(&ctx, test_case->data, test_case->data_len);
srtp_sha1_final(&ctx, hash_value);
if (0 == memcmp(test_case->hash, hash_value, 20)) {
#if VERBOSE
printf("PASSED: reference value: %s\n",
octet_string_hex_string((const uint8_t *)test_case->hash, 20));
printf("PASSED: computed value: %s\n",
octet_string_hex_string((const uint8_t *)hash_value, 20));
#endif
return srtp_err_status_ok;
}
printf("reference value: %s\n",
octet_string_hex_string((const uint8_t *)test_case->hash, 20));
printf("computed value: %s\n",
octet_string_hex_string((const uint8_t *)hash_value, 20));
return srtp_err_status_algo_fail;
}
struct hex_sha1_test_case_t {
unsigned bit_len;
char hex_data[MAX_HASH_DATA_LEN * 2];
char hex_hash[40];
};
srtp_err_status_t sha1_add_test_cases(void)
{
int i;
srtp_err_status_t err;
/*
* these test cases are taken from the "SHA-1 Sample Vectors"
* provided by NIST at http://csrc.nist.gov/cryptval/shs.html
*/
struct hex_sha1_test_case_t tc[] = {
{ 0, "", "da39a3ee5e6b4b0d3255bfef95601890afd80709" },
{ 8, "a8", "99f2aa95e36f95c2acb0eaf23998f030638f3f15" },
{ 16, "3000", "f944dcd635f9801f7ac90a407fbc479964dec024" },
{ 24, "42749e", "a444319e9b6cc1e8464c511ec0969c37d6bb2619" },
{ 32, "9fc3fe08", "16a0ff84fcc156fd5d3ca3a744f20a232d172253" },
{ 40, "b5c1c6f1af", "fec9deebfcdedaf66dda525e1be43597a73a1f93" },
{ 48, "e47571e5022e", "8ce051181f0ed5e9d0c498f6bc4caf448d20deb5" },
{ 56, "3e1b28839fb758", "67da53837d89e03bf652ef09c369a3415937cfd3" },
{ 64, "a81350cbb224cb90", "305e4ff9888ad855a78573cddf4c5640cce7e946" },
{ 72, "c243d167923dec3ce1",
"5902b77b3265f023f9bbc396ba1a93fa3509bde7" },
{ 80, "50ac18c59d6a37a29bf4",
"fcade5f5d156bf6f9af97bdfa9c19bccfb4ff6ab" },
{ 88, "98e2b611ad3b1cccf634f6",
"1d20fbe00533c10e3cbd6b27088a5de0c632c4b5" },
{ 96, "73fe9afb68e1e8712e5d4eec",
"7e1b7e0f7a8f3455a9c03e9580fd63ae205a2d93" },
{ 104, "9e701ed7d412a9226a2a130e66",
"706f0677146307b20bb0e8d6311e329966884d13" },
{ 112, "6d3ee90413b0a7cbf69e5e6144ca",
"a7241a703aaf0d53fe142f86bf2e849251fa8dff" },
{ 120, "fae24d56514efcb530fd4802f5e71f",
"400f53546916d33ad01a5e6df66822dfbdc4e9e6" },
{ 128, "c5a22dd6eda3fe2bdc4ddb3ce6b35fd1",
"fac8ab93c1ae6c16f0311872b984f729dc928ccd" },
{ 136, "d98cded2adabf08fda356445c781802d95",
"fba6d750c18da58f6e2aab10112b9a5ef3301b3b" },
{ 144, "bcc6d7087a84f00103ccb32e5f5487a751a2",
"29d27c2d44c205c8107f0351b05753ac708226b6" },
{ 152, "36ecacb1055434190dbbc556c48bafcb0feb0d",
"b971bfc1ebd6f359e8d74cb7ecfe7f898d0ba845" },
{ 160, "5ff9edb69e8f6bbd498eb4537580b7fba7ad31d0",
"96d08c430094b9fcc164ad2fb6f72d0a24268f68" },
{ 168, "c95b441d8270822a46a798fae5defcf7b26abace36",
"a287ea752a593d5209e287881a09c49fa3f0beb1" },
{ 176, "83104c1d8a55b28f906f1b72cb53f68cbb097b44f860",
"a06c713779cbd88519ed4a585ac0cb8a5e9d612b" },
{ 184, "755175528d55c39c56493d697b790f099a5ce741f7754b",
"bff7d52c13a3688132a1d407b1ab40f5b5ace298" },
{ 192, "088fc38128bbdb9fd7d65228b3184b3faac6c8715f07272f",
"c7566b91d7b6f56bdfcaa9781a7b6841aacb17e9" },
{ 200, "a4a586eb9245a6c87e3adf1009ac8a49f46c07e14185016895",
"ffa30c0b5c550ea4b1e34f8a60ec9295a1e06ac1" },
{ 208, "8e7c555270c006092c2a3189e2a526b873e2e269f0fb28245256",
"29e66ed23e914351e872aa761df6e4f1a07f4b81" },
{ 216, "a5f3bfa6bb0ba3b59f6b9cbdef8a558ec565e8aa3121f405e7f2f0",
"b28cf5e5b806a01491d41f69bd9248765c5dc292" },
{ 224, "589054f0d2bd3c2c85b466bfd8ce18e6ec3e0b87d944cd093ba36469",
"60224fb72c46069652cd78bcd08029ef64da62f3" },
{ 232, "a0abb12083b5bbc78128601bf1cbdbc0fdf4b862b24d899953d8da0ff3",
"b72c4a86f72608f24c05f3b9088ef92fba431df7" },
{ 240, "82143f4cea6fadbf998e128a8811dc75301cf1db4f079501ea568da68eeb",
"73779ad5d6b71b9b8328ef7220ff12eb167076ac" },
{ 248, "9f1231dd6df1ff7bc0b0d4f989d048672683ce35d956d2f57913046267e6f3",
"a09671d4452d7cf50015c914a1e31973d20cc1a0" },
{ 256,
"041c512b5eed791f80d3282f3a28df263bb1df95e1239a7650e5670fc2187919",
"e88cdcd233d99184a6fd260b8fca1b7f7687aee0" },
{ 264,
"17e81f6ae8c2e5579d69dafa6e070e7111461552d314b691e7a3e7a4feb3fae418",
"010def22850deb1168d525e8c84c28116cb8a269" },
{ 272, "d15976b23a1d712ad28fad04d805f572026b54dd64961fda94d5355a0cc9862"
"0cf77",
"aeaa40ba1717ed5439b1e6ea901b294ba500f9ad" },
{ 280, "09fce4d434f6bd32a44e04b848ff50ec9f642a8a85b37a264dc73f130f22838"
"443328f",
"c6433791238795e34f080a5f1f1723f065463ca0" },
{ 288, "f17af27d776ec82a257d8d46d2b46b639462c56984cc1be9c1222eadb8b2659"
"4a25c709d",
"e21e22b89c1bb944a32932e6b2a2f20d491982c3" },
{ 296, "b13ce635d6f8758143ffb114f2f601cb20b6276951416a2f94fbf4ad081779d"
"79f4f195b22",
"575323a9661f5d28387964d2ba6ab92c17d05a8a" },
{ 304, "5498793f60916ff1c918dde572cdea76da8629ba4ead6d065de3dfb48de94d2"
"34cc1c5002910",
"feb44494af72f245bfe68e86c4d7986d57c11db7" },
{ 312, "498a1e0b39fa49582ae688cd715c86fbaf8a81b8b11b4d1594c49c902d197c8"
"ba8a621fd6e3be5",
"cff2290b3648ba2831b98dde436a72f9ebf51eee" },
{ 320, "3a36ae71521f9af628b3e34dcb0d4513f84c78ee49f10416a98857150b8b15c"
"b5c83afb4b570376e",
"9b4efe9d27b965905b0c3dab67b8d7c9ebacd56c" },
{ 328, "dcc76b40ae0ea3ba253e92ac50fcde791662c5b6c948538cffc2d95e9de99ca"
"c34dfca38910db2678f",
"afedb0ff156205bcd831cbdbda43db8b0588c113" },
{ 336, "5b5ec6ec4fd3ad9c4906f65c747fd4233c11a1736b6b228b92e90cddabb0c7c"
"2fcf9716d3fad261dff33",
"8deb1e858f88293a5e5e4d521a34b2a4efa70fc4" },
{ 344, "df48a37b29b1d6de4e94717d60cdb4293fcf170bba388bddf7a9035a15d433f"
"20fd697c3e4c8b8c5f590ab",
"95cbdac0f74afa69cebd0e5c7defbc6faf0cbeaf" },
{ 352, "1f179b3b82250a65e1b0aee949e218e2f45c7a8dbfd6ba08de05c55acfc226b"
"48c68d7f7057e5675cd96fcfc",
"f0307bcb92842e5ae0cd4f4f14f3df7f877fbef2" },
{ 360, "ee3d72da3a44d971578972a8e6780ce64941267e0f7d0179b214fa97855e179"
"0e888e09fbe3a70412176cb3b54",
"7b13bb0dbf14964bd63b133ac85e22100542ef55" },
{ 368, "d4d4c7843d312b30f610b3682254c8be96d5f6684503f8fbfbcd15774fc1b08"
"4d3741afb8d24aaa8ab9c104f7258",
"c314d2b6cf439be678d2a74e890d96cfac1c02ed" },
{ 376, "32c094944f5936a190a0877fb9178a7bf60ceae36fd530671c5b38c5dbd5e6a"
"6c0d615c2ac8ad04b213cc589541cf6",
"4d0be361e410b47a9d67d8ce0bb6a8e01c53c078" },
{ 384, "e5d3180c14bf27a5409fa12b104a8fd7e9639609bfde6ee82bbf9648be2546d"
"29688a65e2e3f3da47a45ac14343c9c02",
"e5353431ffae097f675cbf498869f6fbb6e1c9f2" },
{ 392, "e7b6e4b69f724327e41e1188a37f4fe38b1dba19cbf5a7311d6e32f1038e97a"
"b506ee05aebebc1eed09fc0e357109818b9",
"b8720a7068a085c018ab18961de2765aa6cd9ac4" },
{ 400, "bc880cb83b8ac68ef2fedc2da95e7677ce2aa18b0e2d8b322701f67af7d5e7a"
"0d96e9e33326ccb7747cfff0852b961bfd475",
"b0732181568543ba85f2b6da602b4b065d9931aa" },
{ 408, "235ea9c2ba7af25400f2e98a47a291b0bccdaad63faa2475721fda5510cc7da"
"d814bce8dabb611790a6abe56030b798b75c944",
"9c22674cf3222c3ba921672694aafee4ce67b96b" },
{ 416, "07e3e29fed63104b8410f323b975fd9fba53f636af8c4e68a53fb202ca35dd9"
"ee07cb169ec5186292e44c27e5696a967f5e67709",
"d128335f4cecca9066cdae08958ce656ff0b4cfc" },
{ 424, "65d2a1dd60a517eb27bfbf530cf6a5458f9d5f4730058bd9814379547f34241"
"822bf67e6335a6d8b5ed06abf8841884c636a25733f",
"0b67c57ac578de88a2ae055caeaec8bb9b0085a0" },
{ 432, "dcc86b3bd461615bab739d8daafac231c0f462e819ad29f9f14058f3ab5b759"
"41d4241ea2f17ebb8a458831b37a9b16dead4a76a9b0e",
"c766f912a89d4ccda88e0cce6a713ef5f178b596" },
{ 440, "4627d54f0568dc126b62a8c35fb46a9ac5024400f2995e51635636e1afc4373"
"dbb848eb32df23914230560b82477e9c3572647a7f2bb92",
"9aa3925a9dcb177b15ccff9b78e70cf344858779" },
{ 448, "ba531affd4381168ef24d8b275a84d9254c7f5cc55fded53aa8024b2c5c5c8a"
"a7146fe1d1b83d62b70467e9a2e2cb67b3361830adbab28d7",
"4811fa30042fc076acf37c8e2274d025307e5943" },
{ 456, "8764dcbcf89dcf4282eb644e3d568bdccb4b13508bfa7bfe0ffc05efd1390be"
"22109969262992d377691eb4f77f3d59ea8466a74abf57b2ef4",
"6743018450c9730761ee2b130df9b91c1e118150" },
{ 464, "497d9df9ddb554f3d17870b1a31986c1be277bc44feff713544217a9f579623"
"d18b5ffae306c25a45521d2759a72c0459b58957255ab592f3be4",
"71ad4a19d37d92a5e6ef3694ddbeb5aa61ada645" },
{ 472, "72c3c2e065aefa8d9f7a65229e818176eef05da83f835107ba90ec2e95472e7"
"3e538f783b416c04654ba8909f26a12db6e5c4e376b7615e4a25819",
"a7d9dc68dacefb7d6116186048cb355cc548e11d" },
{ 480, "7cc9894454d0055ab5069a33984e2f712bef7e3124960d33559f5f3b81906bb"
"66fe64da13c153ca7f5cabc89667314c32c01036d12ecaf5f9a78de98",
"142e429f0522ba5abf5131fa81df82d355b96909" },
{ 488, "74e8404d5a453c5f4d306f2cfa338ca65501c840ddab3fb82117933483afd69"
"13c56aaf8a0a0a6b2a342fc3d9dc7599f4a850dfa15d06c61966d74ea59",
"ef72db70dcbcab991e9637976c6faf00d22caae9" },
{ 496, "46fe5ed326c8fe376fcc92dc9e2714e2240d3253b105adfbb256ff7a19bc409"
"75c604ad7c0071c4fd78a7cb64786e1bece548fa4833c04065fe593f6fb10",
"f220a7457f4588d639dc21407c942e9843f8e26b" },
{ 504, "836dfa2524d621cf07c3d2908835de859e549d35030433c796b81272fd8bc03"
"48e8ddbc7705a5ad1fdf2155b6bc48884ac0cd376925f069a37849c089c864"
"5",
"ddd2117b6e309c233ede85f962a0c2fc215e5c69" },
{ 512, "7e3a4c325cb9c52b88387f93d01ae86d42098f5efa7f9457388b5e74b6d28b2"
"438d42d8b64703324d4aa25ab6aad153ae30cd2b2af4d5e5c00a8a2d0220c61"
"16",
"a3054427cdb13f164a610b348702724c808a0dcc" }
};
for (i = 0; i < 65; i++) {
err = hash_test_case_add(&sha1_test_case_list, tc[i].hex_data,
tc[i].bit_len / 8, tc[i].hex_hash, 20);
if (err) {
printf("error adding hash test case (code %d)\n", err);
return err;
}
}
return srtp_err_status_ok;
}
srtp_err_status_t sha1_dealloc_test_cases(void)
{
hash_test_case_t *t, *next;
for (t = sha1_test_case_list; t != NULL; t = next) {
next = t->next_test_case;
free(t);
}
sha1_test_case_list = NULL;
return srtp_err_status_ok;
}
srtp_err_status_t sha1_validate(void)
{
hash_test_case_t *test_case;
srtp_err_status_t err;
err = sha1_add_test_cases();
if (err) {
printf("error adding SHA1 test cases (error code %d)\n", err);
return err;
}
if (sha1_test_case_list == NULL)
return srtp_err_status_cant_check;
test_case = sha1_test_case_list;
while (test_case != NULL) {
err = sha1_test_case_validate(test_case);
if (err) {
printf("error validating hash test case (error code %d)\n", err);
return err;
}
test_case = test_case->next_test_case;
}
sha1_dealloc_test_cases();
return srtp_err_status_ok;
}
int main(void)
{
srtp_err_status_t err;
printf("sha1 test driver\n");
err = sha1_validate();
if (err) {
printf("SHA1 did not pass validation testing\n");
return 1;
}
printf("SHA1 passed validation tests\n");
return 0;
}

252
trunk/3rdparty/libsrtp-2-fit/crypto/test/stat_driver.c vendored Normal file
View file

@ -0,0 +1,252 @@
/*
* stat-driver.c
*
* test driver for the stat_test functions
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h> /* for printf() */
#include "err.h"
#include "stat.h"
#include "srtp.h"
#include "cipher.h"
#include "cipher_priv.h"
void err_check(srtp_err_status_t s)
{
if (s) {
printf("error (code %d)\n", s);
exit(1);
}
}
int main(int argc, char *argv[])
{
uint8_t buffer[2532];
unsigned int buf_len = 2500;
int i, j;
extern srtp_cipher_type_t srtp_aes_icm_128;
extern srtp_cipher_type_t srtp_aes_icm_256;
#ifdef GCM
extern srtp_cipher_type_t srtp_aes_gcm_128;
extern srtp_cipher_type_t srtp_aes_gcm_256;
#endif
srtp_cipher_t *c;
/* clang-format off */
uint8_t key[46] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05
};
/* clang-format on */
v128_t nonce;
int num_trials = 500;
int num_fail;
printf("statistical tests driver\n");
v128_set_to_zero(&nonce);
for (i = 0; i < 2500; i++)
buffer[i] = 0;
/* run tests */
printf("running stat_tests on all-null buffer, expecting failure\n");
printf("monobit %d\n", stat_test_monobit(buffer));
printf("poker %d\n", stat_test_poker(buffer));
printf("runs %d\n", stat_test_runs(buffer));
srtp_cipher_rand_for_tests(buffer, 2500);
printf("running stat_tests on rand(), expecting success\n");
printf("monobit %d\n", stat_test_monobit(buffer));
printf("poker %d\n", stat_test_poker(buffer));
printf("runs %d\n", stat_test_runs(buffer));
printf("running stat_tests on AES-128-ICM, expecting success\n");
/* set buffer to cipher output */
for (i = 0; i < 2500; i++)
buffer[i] = 0;
err_check(srtp_cipher_type_alloc(&srtp_aes_icm_128, &c,
SRTP_AES_ICM_128_KEY_LEN_WSALT, 0));
err_check(srtp_cipher_init(c, key));
err_check(srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
/* run tests on cipher outout */
printf("monobit %d\n", stat_test_monobit(buffer));
printf("poker %d\n", stat_test_poker(buffer));
printf("runs %d\n", stat_test_runs(buffer));
printf("runs test (please be patient): ");
fflush(stdout);
num_fail = 0;
v128_set_to_zero(&nonce);
for (j = 0; j < num_trials; j++) {
for (i = 0; i < 2500; i++)
buffer[i] = 0;
nonce.v32[3] = i;
err_check(
srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
if (stat_test_runs(buffer)) {
num_fail++;
}
}
printf("%d failures in %d tests\n", num_fail, num_trials);
printf("(nota bene: a small fraction of stat_test failures does not \n"
"indicate that the random source is invalid)\n");
err_check(srtp_cipher_dealloc(c));
printf("running stat_tests on AES-256-ICM, expecting success\n");
/* set buffer to cipher output */
for (i = 0; i < 2500; i++)
buffer[i] = 0;
err_check(srtp_cipher_type_alloc(&srtp_aes_icm_256, &c,
SRTP_AES_ICM_256_KEY_LEN_WSALT, 0));
err_check(srtp_cipher_init(c, key));
err_check(srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
/* run tests on cipher outout */
printf("monobit %d\n", stat_test_monobit(buffer));
printf("poker %d\n", stat_test_poker(buffer));
printf("runs %d\n", stat_test_runs(buffer));
printf("runs test (please be patient): ");
fflush(stdout);
num_fail = 0;
v128_set_to_zero(&nonce);
for (j = 0; j < num_trials; j++) {
for (i = 0; i < 2500; i++)
buffer[i] = 0;
nonce.v32[3] = i;
err_check(
srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
if (stat_test_runs(buffer)) {
num_fail++;
}
}
#ifdef GCM
{
printf("running stat_tests on AES-128-GCM, expecting success\n");
/* set buffer to cipher output */
for (i = 0; i < 2500; i++) {
buffer[i] = 0;
}
err_check(srtp_cipher_type_alloc(&srtp_aes_gcm_128, &c,
SRTP_AES_GCM_128_KEY_LEN_WSALT, 8));
err_check(srtp_cipher_init(c, key));
err_check(
srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
/* run tests on cipher outout */
printf("monobit %d\n", stat_test_monobit(buffer));
printf("poker %d\n", stat_test_poker(buffer));
printf("runs %d\n", stat_test_runs(buffer));
fflush(stdout);
num_fail = 0;
v128_set_to_zero(&nonce);
for (j = 0; j < num_trials; j++) {
for (i = 0; i < 2500; i++) {
buffer[i] = 0;
}
nonce.v32[3] = i;
err_check(srtp_cipher_set_iv(c, (uint8_t *)&nonce,
srtp_direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
buf_len = 2500;
if (stat_test_runs(buffer)) {
num_fail++;
}
}
printf("running stat_tests on AES-256-GCM, expecting success\n");
/* set buffer to cipher output */
for (i = 0; i < 2500; i++) {
buffer[i] = 0;
}
err_check(srtp_cipher_type_alloc(&srtp_aes_gcm_256, &c,
SRTP_AES_GCM_256_KEY_LEN_WSALT, 16));
err_check(srtp_cipher_init(c, key));
err_check(
srtp_cipher_set_iv(c, (uint8_t *)&nonce, srtp_direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
/* run tests on cipher outout */
printf("monobit %d\n", stat_test_monobit(buffer));
printf("poker %d\n", stat_test_poker(buffer));
printf("runs %d\n", stat_test_runs(buffer));
fflush(stdout);
num_fail = 0;
v128_set_to_zero(&nonce);
for (j = 0; j < num_trials; j++) {
for (i = 0; i < 2500; i++) {
buffer[i] = 0;
}
nonce.v32[3] = i;
err_check(srtp_cipher_set_iv(c, (uint8_t *)&nonce,
srtp_direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
buf_len = 2500;
if (stat_test_runs(buffer)) {
num_fail++;
}
}
}
#endif
printf("%d failures in %d tests\n", num_fail, num_trials);
printf("(nota bene: a small fraction of stat_test failures does not \n"
"indicate that the random source is invalid)\n");
err_check(srtp_cipher_dealloc(c));
return 0;
}

32
trunk/3rdparty/libsrtp-2-fit/doc/Makefile.in vendored Normal file
View file

@ -0,0 +1,32 @@
# Makefile for libSRTP documentation
#
# David A. McGrew
# Cisco Systems, Inc.
#
# This makefile does not use the autoconf system; we don't really need
# it. We just run doxygen.
# The most up to date documentation can be found at www.github.com/cisco/libsrtp
srcdir = @srcdir@
top_srcdir = @top_srcdir@
top_builddir = @top_builddir@
VPATH = @srcdir@
# Determine the version of the library
version = $(shell cat $(top_srcdir)/VERSION)
.PHONY: libsrtpdoc clean
libsrtpdoc:
@if test ! -e Doxyfile.in; then \
echo "*** Sorry, can't build doc outside source dir"; exit 1; \
fi
sed 's/LIBSRTPVERSIONNUMBER/$(version)/' Doxyfile.in > Doxyfile
doxygen
clean:
rm -rf html/ Doxyfile
for a in * ; do \
if [ -f "$$a~" ] ; then rm -f $$a~; fi; \
done;

35
trunk/3rdparty/libsrtp-2-fit/format.sh vendored Executable file
View file

@ -0,0 +1,35 @@
#!/bin/sh
#
# format.sh
#
# run clang-format on each .c & .h file
#
# assumes git tree is clean when reporting status
if [ -z "${CLANG_FORMAT}" ]; then
CLANG_FORMAT=clang-format
fi
a=`git ls-files '*.h' '*.c'`
for x in $a; do
if [ $x != "config_in.h" ]; then
$CLANG_FORMAT -i -style=file $x
fi
done
m=`git ls-files -m`
if [ -n "$m" ]; then
v=`$CLANG_FORMAT -version`
echo "Fromatting required when checking with $v"
echo
echo "The following files required formatting:"
for f in $m; do
echo $f
done
if [ "$1" = "-d" ]; then
echo
git diff
fi
exit 1
fi
exit 0

34
trunk/3rdparty/libsrtp-2-fit/fuzzer/Makefile.in vendored Normal file
View file

@ -0,0 +1,34 @@
# Makefile for libSRTP fuzzer
srcdir = @srcdir@
top_srcdir = @top_srcdir@
top_builddir = @top_builddir@
VPATH = @srcdir@
CC = @CC@
CXX = @CXX@
INCDIR = -Iinclude -I$(srcdir)/include -I$(top_srcdir)/include -I$(top_srcdir)/crypto/include/
DEFS = @DEFS@
CPPFLAGS= @CPPFLAGS@ -g
CXXFLAGS= @CXXFLAGS@ -g
CFLAGS = @CFLAGS@ -g
LIBS = @LIBS@
COMPILE = $(CC) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CFLAGS)
COMPILECXX = $(CXX) $(DEFS) $(INCDIR) $(CPPFLAGS) $(CXXFLAGS)
CRYPTOLIB = -lsrtp2
.PHONY: clean
all : srtp-fuzzer
mt19937.o: mt19937.cpp
$(COMPILECXX) -c -std=c++11 mt19937.cpp -o mt19937.o
fuzzer.o: fuzzer.c fuzzer.h testmem.h
$(COMPILE) fuzzer.c -c -o fuzzer.o
testmem.o: testmem.c
$(COMPILE) -O0 testmem.c -c -o testmem.o
srtp-fuzzer: fuzzer.o mt19937.o testmem.o
$(COMPILECXX) -L. -L.. fuzzer.o mt19937.o testmem.o $(LIBFUZZER) $(CRYPTOLIB) $(LIBS) -o srtp-fuzzer
clean:
rm -rf srtp-fuzzer *.o

88
trunk/3rdparty/libsrtp-2-fit/fuzzer/README.md vendored Normal file
View file

@ -0,0 +1,88 @@
# libsrt fuzzer
By Guido Vranken <guidovranken@gmail.com> -- https://guidovranken.wordpress.com/
This is an advanced fuzzer for libSRTP (https://github.com/cisco/libsrtp). It implements several special techniques, described below, that are not often found in fuzzers or elsewhere. All are encouraged to transpose these ideas to their own fuzzers for the betterment of software security.
Feel free to contact me for business enquiries.
## Building
From the repository's root directory:
```sh
CC=clang CXX=clang++ CXXFLAGS="-fsanitize=fuzzer-no-link,address,undefined -g -O3" CFLAGS="-fsanitize=fuzzer-no-link,address,undefined -g -O3" LDFLAGS="-fsanitize=fuzzer-no-link,address,undefined" ./configure
LIBFUZZER="-fsanitize=fuzzer" make srtp-fuzzer
```
## Features
### Portable PRNG
```mt19937.c``` exports the C++11 Mersenne Twister implementaton. Hence, a modern C++ compiler is required to compile this file.
This approach has the following advantages:
- rand() is fickle -- its behavior eg. the sequence of numbers that it generates for a given seed, may differ across systems and libc's.
- C++11 mt19937 is portable, meaning that its behavior will be consistent across platforms. This is important to keep the fuzzing corpus portable.
- No need to implement a portable PRNG ourselves, or risk license incompatability by importing it from other projects.
### Size 0 allocations
To test whether allocations of size 0 eg. ```malloc(0)``` are ever dereferenced and written to, the custom allocater will return an intentionally invalid pointer pointer address for these requests.
For more information, see the comments in ```fuzz_alloc()```.
### Random allocation failures
The custom allocator will periodically return ```NULL``` for heap requests. This tests the library's resilience and correct operation in the event of global memory shortages.
The interval of ```NULL``` return values is deterministic as it relies on the PRNG, so for a given fuzzer input (that encodes the PRNG seed as well), behavior of that input with regards to allocator behaviour is consistent, allowing for reliable reproduction of bugs.
### Detecting inadequate pointer arithmetic
This feature is only available on 32 bit builds.
Unless the ```--no_mmap``` flag is given, the fuzzer will use a special allocation technique for some of the allocation requests. It will use ```mmap()``` to reserve memory at the extremities of the virtual address space -- sometimes at 0x00010000 and sometimes at 0xFFFF0000. This approach can assist in detecting invalid or inadequate pointer arithmetic. For example, consider the following code:
```c
if ( start + n < end ) {
memset(start, 0, n);
}
```
where ```start``` and ```end``` demarcate a memory region, and ```n``` is some positive integer.
If ```n``` is a sufficiently large value, a pointer addition overflow will occur, leading to a page fault. By routinely placing allocations at the high virtual address ```0xFFFF0000```, the chances of detecting this bug are increased. So let's say ```start``` was previously allocated at ```0xFFFF0000```, and ```end``` is ```0xFFFF1000```, and ```n``` is 0xFFFFF. Then the expression effectively becomes:
```c
if ( 0xFFFF0000 + 0x000FFFFF < 0xFFFF1000 ) {
memset(0xFFFF0000, 0, 0x000FFFF);
}
```
The addition ```0xFFFF0000 + 0x000FFFFF``` overflows so the result is ```0x000EFFFF```. Hence:
```c
if ( 0x000EFFFF < 0xFFFF1000 ) { // Expression resolves as true !
```
The subsequent ```memset``` is executed contrary to the programmer's intentions, and a segmentation fault will occur.
While this is a corner case, it can not be ruled out that it might occur in a production environment. What's more, the analyst examining the crash can reason about how the value of ```n``` comes about in the first place, and concoct a crafted input that leads to a very high ```n``` value, making the "exploit" succeed even with average virtual addresses.
Aside from using ```mmap``` to allocate at address ```0xFFFF0000```, the fuzzer will also place allocations at the low virtual address ```0x00010000``` to detect invalid pointer arithmetic involving subtraction:
```c
if ( end - n > start ) {
```
### Output memory testing
```testmem.c``` exports ```fuzz_testmem```. All this function does is copy the input buffer to a newly allocated heap region, and then free that heap region. If AddressSanitizer is enabled, this ensures that the input buffer to ```fuzz_testmem``` is a legal memory region.
If MemorySanitizer is enabled, then ``fuzz_testmem``` calls ```fuzz_testmem_msan````. The latter function writes the data at hand to ```/dev/null```. This is an nice trick to make MemorySanitizer evaluate this data, and crash if it contains uninitialized bytes.
This function has been implemented in a separate file for a reason: from the perspective of an optimizing compiler, this is a meaningless operation, and as such it might be optimized away. Hence, this file must be compiled without optimizations (```-O0``` flag).
## Contributing
When extending the current fuzzer, use variable types whose width is consistent across systems where possible. This is necessary to retain corpus portability. For example, use ```uint64_t``` rather than ```unsigned long```.

936
trunk/3rdparty/libsrtp-2-fit/fuzzer/fuzzer.c vendored Normal file
View file

@ -0,0 +1,936 @@
/* By Guido Vranken <guidovranken@gmail.com> --
* https://guidovranken.wordpress.com/ */
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
#include <stdbool.h>
#include <limits.h>
#include "srtp.h"
#include "srtp_priv.h"
#include "ekt.h"
#include "fuzzer.h"
#include "mt19937.h"
#include "testmem.h"
/* Global variables */
static bool g_no_align = false; /* Can be enabled with --no_align */
static bool g_post_init =
false; /* Set to true once past initialization phase */
static bool g_write_input = false;
#ifdef FUZZ_32BIT
#include <sys/mman.h>
static bool g_no_mmap = false; /* Can be enabled with --no_mmap */
static void *g_mmap_allocation =
NULL; /* Keeps current mmap() allocation address */
static size_t g_mmap_allocation_size =
0; /* Keeps current mmap() allocation size */
#endif
/* Custom allocator functions */
static void *fuzz_alloc(const size_t size, const bool do_zero)
{
void *ret = NULL;
#ifdef FUZZ_32BIT
bool do_malloc = true;
#endif
bool do_mmap, mmap_high = true;
if (size == 0) {
size_t ret;
/* Allocations of size 0 are not illegal, but are a bad practice, since
* writing just a single byte to this region constitutes undefined
* behavior per the C spec. glibc will return a small, valid memory
* region
* whereas OpenBSD will crash upon writing to it.
* Intentionally return a pointer to an invalid page to detect
* unsound code efficiently.
* fuzz_free is aware of this pointer range and will not attempt
* to free()/munmap() it.
*/
ret = 0x01 + (fuzz_mt19937_get() % 1024);
return (void *)ret;
}
/* Don't do mmap()-based allocations during initialization */
if (g_post_init == true) {
/* Even extract these values if --no_mmap is specified.
* This keeps the PRNG output stream consistent across
* fuzzer configurations.
*/
do_mmap = (fuzz_mt19937_get() % 64) == 0 ? true : false;
if (do_mmap == true) {
mmap_high = (fuzz_mt19937_get() % 2) == 0 ? true : false;
}
} else {
do_mmap = false;
}
#ifdef FUZZ_32BIT
/* g_mmap_allocation must be NULL because we only support a single
* concurrent mmap allocation at a time
*/
if (g_mmap_allocation == NULL && g_no_mmap == false && do_mmap == true) {
void *mmap_address;
if (mmap_high == true) {
mmap_address = (void *)0xFFFF0000;
} else {
mmap_address = (void *)0x00010000;
}
g_mmap_allocation_size = size;
ret = mmap(mmap_address, g_mmap_allocation_size, PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
if (ret == MAP_FAILED) {
/* That's okay -- just return NULL to the caller */
ret = NULL;
/* Reset this for the sake of cleanliness */
g_mmap_allocation_size = 0;
}
/* ret not being MAP_FAILED does not mean that ret is the requested
* address (mmap_address). That's okay. We're not going to perform
* a munmap() on it and call malloc() instead. It won't gain us
* anything.
*/
g_mmap_allocation = ret;
do_malloc = false;
}
if (do_malloc == true)
#endif
{
ret = malloc(size);
}
/* Mimic calloc() if so requested */
if (ret != NULL && do_zero) {
memset(ret, 0, size);
}
return ret;
}
/* Internal allocations by this fuzzer must on one hand (sometimes)
* receive memory from mmap(), but on the other hand these requests for
* memory may not fail. By calling this function, the allocation is
* guaranteed to succeed; it first tries with fuzz_alloc(), which may
* fail if it uses mmap(), and if that is the case, memory is allocated
* via the libc allocator (malloc, calloc) which should always succeed */
static void *fuzz_alloc_succeed(const size_t size, const bool do_zero)
{
void *ret = fuzz_alloc(size, do_zero);
if (ret == NULL) {
if (do_zero == false) {
ret = malloc(size);
} else {
ret = calloc(1, size);
}
}
return ret;
}
void *fuzz_calloc(const size_t nmemb, const size_t size)
{
/* We must be past srtp_init() to prevent that that function fails */
if (g_post_init == true) {
/* Fail 1 in 64 allocations on average to test whether the library
* can deal with this properly.
*/
if ((fuzz_mt19937_get() % 64) == 0) {
return NULL;
}
}
return fuzz_alloc(nmemb * size, true);
}
static bool fuzz_is_special_pointer(void *ptr)
{
/* Special, invalid pointers introduced when code attempted
* to do size = 0 allocations.
*/
if ((size_t)ptr >= 0x01 && (size_t)ptr < (0x01 + 1024)) {
return true;
} else {
return false;
}
}
void fuzz_free(void *ptr)
{
if (fuzz_is_special_pointer(ptr) == true) {
return;
}
#ifdef FUZZ_32BIT
if (g_post_init == true && ptr != NULL && ptr == g_mmap_allocation) {
if (munmap(g_mmap_allocation, g_mmap_allocation_size) == -1) {
/* Shouldn't happen */
abort();
}
g_mmap_allocation = NULL;
} else
#endif
{
free(ptr);
}
}
static srtp_err_status_t fuzz_srtp_protect(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki)
{
return srtp_protect(srtp_sender, hdr, len);
}
static srtp_err_status_t fuzz_srtp_unprotect(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki)
{
return srtp_unprotect(srtp_sender, hdr, len);
}
static srtp_err_status_t fuzz_srtp_protect_rtcp(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki)
{
return srtp_protect_rtcp(srtp_sender, hdr, len);
}
static srtp_err_status_t fuzz_srtp_unprotect_rtcp(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki)
{
return srtp_unprotect_rtcp(srtp_sender, hdr, len);
}
static srtp_err_status_t fuzz_srtp_protect_mki(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki)
{
return srtp_protect_mki(srtp_sender, hdr, len, use_mki, mki);
}
static srtp_err_status_t fuzz_srtp_protect_rtcp_mki(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki)
{
return srtp_protect_rtcp_mki(srtp_sender, hdr, len, use_mki, mki);
}
static srtp_err_status_t fuzz_srtp_unprotect_mki(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki)
{
return srtp_unprotect_mki(srtp_sender, hdr, len, use_mki);
}
static srtp_err_status_t fuzz_srtp_unprotect_rtcp_mki(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki)
{
return srtp_unprotect_rtcp_mki(srtp_sender, hdr, len, use_mki);
}
/* Get protect length functions */
static srtp_err_status_t fuzz_srtp_get_protect_length(const srtp_t srtp_ctx,
uint8_t use_mki,
unsigned int mki,
uint32_t *length)
{
return srtp_get_protect_trailer_length(srtp_ctx, 0, 0, length);
}
static srtp_err_status_t fuzz_srtp_get_protect_rtcp_length(
const srtp_t srtp_ctx,
uint8_t use_mki,
unsigned int mki,
uint32_t *length)
{
return srtp_get_protect_rtcp_trailer_length(srtp_ctx, 0, 0, length);
}
static srtp_err_status_t fuzz_srtp_get_protect_mki_length(const srtp_t srtp_ctx,
uint8_t use_mki,
unsigned int mki,
uint32_t *length)
{
return srtp_get_protect_trailer_length(srtp_ctx, use_mki, mki, length);
}
static srtp_err_status_t fuzz_srtp_get_protect_rtcp_mki_length(
const srtp_t srtp_ctx,
uint8_t use_mki,
unsigned int mki,
uint32_t *length)
{
return srtp_get_protect_rtcp_trailer_length(srtp_ctx, use_mki, mki, length);
}
static uint8_t *extract_key(const uint8_t **data,
size_t *size,
const size_t key_size)
{
uint8_t *ret;
if (*size < key_size) {
return NULL;
}
ret = fuzz_alloc_succeed(key_size, false);
EXTRACT(ret, *data, *size, key_size);
return ret;
}
static srtp_master_key_t *extract_master_key(const uint8_t **data,
size_t *size,
const size_t key_size,
bool simulate,
bool *success)
{
srtp_master_key_t *ret = NULL;
uint16_t mki_id_size;
if (simulate == true) {
*success = false;
}
EXTRACT_IF(&mki_id_size, *data, *size, sizeof(mki_id_size));
if (*size < key_size + mki_id_size) {
goto end;
}
if (simulate == true) {
*data += key_size + mki_id_size;
*size -= key_size + mki_id_size;
*success = true;
goto end;
}
ret = fuzz_alloc_succeed(sizeof(srtp_master_key_t), false);
ret->key = fuzz_alloc_succeed(key_size, false);
ret->mki_id = fuzz_alloc_succeed(mki_id_size, false);
EXTRACT(ret->key, *data, *size, key_size);
EXTRACT(ret->mki_id, *data, *size, mki_id_size);
ret->mki_size = mki_id_size;
end:
return ret;
}
static srtp_master_key_t **extract_master_keys(const uint8_t **data,
size_t *size,
const size_t key_size,
unsigned long *num_master_keys)
{
const uint8_t *data_orig = *data;
size_t size_orig = *size;
size_t i = 0;
srtp_master_key_t **ret = NULL;
*num_master_keys = 0;
/* First pass -- dry run, determine how many keys we want and can extract */
while (1) {
uint8_t do_extract_master_key;
bool success;
if (*size < sizeof(do_extract_master_key)) {
goto next;
}
EXTRACT(&do_extract_master_key, *data, *size,
sizeof(do_extract_master_key));
/* Decide whether to extract another key */
if ((do_extract_master_key % 2) == 0) {
break;
}
extract_master_key(data, size, key_size, true, &success);
if (success == false) {
break;
}
(*num_master_keys)++;
}
next:
*data = data_orig;
*size = size_orig;
/* Allocate array of pointers */
ret = fuzz_alloc_succeed(*num_master_keys * sizeof(srtp_master_key_t *),
false);
/* Second pass -- perform the actual extractions */
for (i = 0; i < *num_master_keys; i++) {
uint8_t do_extract_master_key;
EXTRACT_IF(&do_extract_master_key, *data, *size,
sizeof(do_extract_master_key));
if ((do_extract_master_key % 2) == 0) {
break;
}
ret[i] = extract_master_key(data, size, key_size, false, NULL);
if (ret[i] == NULL) {
/* Shouldn't happen */
abort();
}
}
end:
return ret;
}
static srtp_ekt_policy_t extract_ekt_policy(const uint8_t **data, size_t *size)
{
srtp_ekt_policy_t ret = NULL;
struct {
srtp_ekt_spi_t spi;
uint8_t key[16];
} params;
EXTRACT_IF(&params, *data, *size, sizeof(params));
ret = fuzz_alloc_succeed(sizeof(struct srtp_ekt_policy_ctx_t), false);
ret->spi = params.spi;
/* The only supported cipher type */
ret->ekt_cipher_type = SRTP_EKT_CIPHER_AES_128_ECB;
ret->ekt_key = fuzz_alloc_succeed(sizeof(params.key), false);
memcpy(ret->ekt_key, params.key, sizeof(params.key));
ret->next_ekt_policy = NULL;
end:
return ret;
}
static srtp_policy_t *extract_policy(const uint8_t **data, size_t *size)
{
srtp_policy_t *policy = NULL;
struct {
uint8_t srtp_crypto_policy_func;
uint64_t window_size;
uint8_t allow_repeat_tx;
uint8_t ssrc_type;
uint32_t ssrc_value;
uint8_t num_xtn_hdr;
uint8_t with_ekt;
srtp_ekt_spi_t ekt_spi;
uint8_t do_extract_key;
uint8_t do_extract_master_keys;
} params;
EXTRACT_IF(&params, *data, *size, sizeof(params));
params.srtp_crypto_policy_func %= sizeof(fuzz_srtp_crypto_policies) /
sizeof(fuzz_srtp_crypto_policies[0]);
params.allow_repeat_tx %= 2;
params.ssrc_type %=
sizeof(fuzz_ssrc_type_map) / sizeof(fuzz_ssrc_type_map[0]);
params.with_ekt %= 2;
policy = fuzz_alloc_succeed(sizeof(*policy), true);
fuzz_srtp_crypto_policies[params.srtp_crypto_policy_func]
.crypto_policy_func(&policy->rtp);
fuzz_srtp_crypto_policies[params.srtp_crypto_policy_func]
.crypto_policy_func(&policy->rtcp);
if (policy->rtp.cipher_key_len > MAX_KEY_LEN) {
/* Shouldn't happen */
abort();
}
policy->ssrc.type = fuzz_ssrc_type_map[params.ssrc_type].srtp_ssrc_type;
policy->ssrc.value = params.ssrc_value;
if ((params.do_extract_key % 2) == 0) {
policy->key = extract_key(data, size, policy->rtp.cipher_key_len);
if (policy->key == NULL) {
fuzz_free(policy);
return NULL;
}
}
if (params.num_xtn_hdr != 0) {
const size_t xtn_hdr_size = params.num_xtn_hdr * sizeof(int);
if (*size < xtn_hdr_size) {
fuzz_free(policy->key);
fuzz_free(policy);
return NULL;
}
policy->enc_xtn_hdr = fuzz_alloc_succeed(xtn_hdr_size, false);
EXTRACT(policy->enc_xtn_hdr, *data, *size, xtn_hdr_size);
policy->enc_xtn_hdr_count = params.num_xtn_hdr;
}
if ((params.do_extract_master_keys % 2) == 0) {
policy->keys = extract_master_keys(
data, size, policy->rtp.cipher_key_len, &policy->num_master_keys);
if (policy->keys == NULL) {
fuzz_free(policy->key);
fuzz_free(policy->enc_xtn_hdr);
fuzz_free(policy);
return NULL;
}
}
if (params.with_ekt) {
policy->ekt = extract_ekt_policy(data, size);
}
policy->window_size = params.window_size;
policy->allow_repeat_tx = params.allow_repeat_tx;
policy->next = NULL;
end:
return policy;
}
static srtp_policy_t *extract_policies(const uint8_t **data, size_t *size)
{
srtp_policy_t *curpolicy = NULL, *policy_chain = NULL;
curpolicy = extract_policy(data, size);
if (curpolicy == NULL) {
return NULL;
}
policy_chain = curpolicy;
while (1) {
uint8_t do_extract_policy;
EXTRACT_IF(&do_extract_policy, *data, *size, sizeof(do_extract_policy));
/* Decide whether to extract another policy */
if ((do_extract_policy % 2) == 0) {
break;
}
curpolicy->next = extract_policy(data, size);
if (curpolicy->next == NULL) {
break;
}
curpolicy = curpolicy->next;
}
end:
return policy_chain;
}
static uint32_t *extract_remove_stream_ssrc(const uint8_t **data,
size_t *size,
uint8_t *num_remove_stream)
{
uint32_t *ret = NULL;
uint8_t _num_remove_stream;
size_t total_size;
*num_remove_stream = 0;
EXTRACT_IF(&_num_remove_stream, *data, *size, sizeof(_num_remove_stream));
if (_num_remove_stream == 0) {
goto end;
}
total_size = _num_remove_stream * sizeof(uint32_t);
if (*size < total_size) {
goto end;
}
ret = fuzz_alloc_succeed(total_size, false);
EXTRACT(ret, *data, *size, total_size);
*num_remove_stream = _num_remove_stream;
end:
return ret;
}
static uint32_t *extract_set_roc(const uint8_t **data,
size_t *size,
uint8_t *num_set_roc)
{
uint32_t *ret = NULL;
uint8_t _num_set_roc;
size_t total_size;
*num_set_roc = 0;
EXTRACT_IF(&_num_set_roc, *data, *size, sizeof(_num_set_roc));
if (_num_set_roc == 0) {
goto end;
}
/* Tuples of 2 uint32_t's */
total_size = _num_set_roc * sizeof(uint32_t) * 2;
if (*size < total_size) {
goto end;
}
ret = fuzz_alloc_succeed(total_size, false);
EXTRACT(ret, *data, *size, total_size);
*num_set_roc = _num_set_roc;
end:
return ret;
}
static void free_policies(srtp_policy_t *curpolicy)
{
size_t i;
while (curpolicy) {
srtp_policy_t *next = curpolicy->next;
fuzz_free(curpolicy->key);
for (i = 0; i < curpolicy->num_master_keys; i++) {
fuzz_free(curpolicy->keys[i]->key);
fuzz_free(curpolicy->keys[i]->mki_id);
fuzz_free(curpolicy->keys[i]);
}
fuzz_free(curpolicy->keys);
fuzz_free(curpolicy->enc_xtn_hdr);
if (curpolicy->ekt) {
fuzz_free(curpolicy->ekt->ekt_key);
fuzz_free(curpolicy->ekt);
}
fuzz_free(curpolicy);
curpolicy = next;
}
}
static uint8_t *run_srtp_func(const srtp_t srtp_ctx,
const uint8_t **data,
size_t *size)
{
uint8_t *ret = NULL;
uint8_t *copy = NULL, *copy_2 = NULL;
struct {
uint16_t size;
uint8_t srtp_func;
uint8_t use_mki;
uint32_t mki;
uint8_t stretch;
} params_1;
struct {
uint8_t srtp_func;
uint8_t use_mki;
uint32_t mki;
} params_2;
int ret_size;
EXTRACT_IF(&params_1, *data, *size, sizeof(params_1));
params_1.srtp_func %= sizeof(srtp_funcs) / sizeof(srtp_funcs[0]);
params_1.use_mki %= 2;
if (*size < params_1.size) {
goto end;
}
/* Enforce 4 byte alignment */
if (g_no_align == false) {
params_1.size -= params_1.size % 4;
}
if (params_1.size == 0) {
goto end;
}
ret_size = params_1.size;
if (srtp_funcs[params_1.srtp_func].protect == true) {
/* Intentionally not initialized to trigger MemorySanitizer, if
* applicable */
uint32_t alloc_size;
if (srtp_funcs[params_1.srtp_func].get_length(
srtp_ctx, params_1.use_mki, params_1.mki, &alloc_size) !=
srtp_err_status_ok) {
goto end;
}
copy = fuzz_alloc_succeed(ret_size + alloc_size, false);
} else {
copy = fuzz_alloc_succeed(ret_size, false);
}
EXTRACT(copy, *data, *size, params_1.size);
if (srtp_funcs[params_1.srtp_func].srtp_func(
srtp_ctx, copy, &ret_size, params_1.use_mki, params_1.mki) !=
srtp_err_status_ok) {
fuzz_free(copy);
goto end;
}
// fuzz_free(copy);
fuzz_testmem(copy, ret_size);
ret = copy;
EXTRACT_IF(&params_2, *data, *size, sizeof(params_2));
params_2.srtp_func %= sizeof(srtp_funcs) / sizeof(srtp_funcs[0]);
params_2.use_mki %= 2;
if (ret_size == 0) {
goto end;
}
if (srtp_funcs[params_2.srtp_func].protect == true) {
/* Intentionally not initialized to trigger MemorySanitizer, if
* applicable */
uint32_t alloc_size;
if (srtp_funcs[params_2.srtp_func].get_length(
srtp_ctx, params_2.use_mki, params_2.mki, &alloc_size) !=
srtp_err_status_ok) {
goto end;
}
copy_2 = fuzz_alloc_succeed(ret_size + alloc_size, false);
} else {
copy_2 = fuzz_alloc_succeed(ret_size, false);
}
memcpy(copy_2, copy, ret_size);
fuzz_free(copy);
copy = copy_2;
if (srtp_funcs[params_2.srtp_func].srtp_func(
srtp_ctx, copy, &ret_size, params_2.use_mki, params_2.mki) !=
srtp_err_status_ok) {
fuzz_free(copy);
ret = NULL;
goto end;
}
fuzz_testmem(copy, ret_size);
ret = copy;
end:
return ret;
}
void fuzz_srtp_event_handler(srtp_event_data_t *data)
{
fuzz_testmem(data, sizeof(srtp_event_data_t));
if (data->session != NULL) {
fuzz_testmem(data->session, sizeof(*data->session));
}
}
static void fuzz_write_input(const uint8_t *data, size_t size)
{
FILE *fp = fopen("input.bin", "wb");
if (fp == NULL) {
/* Shouldn't happen */
abort();
}
if (size != 0 && fwrite(data, size, 1, fp) != 1) {
printf("Cannot write\n");
/* Shouldn't happen */
abort();
}
fclose(fp);
}
int LLVMFuzzerInitialize(int *argc, char ***argv)
{
char **_argv = *argv;
int i;
bool no_custom_event_handler = false;
if (srtp_init() != srtp_err_status_ok) {
/* Shouldn't happen */
abort();
}
for (i = 0; i < *argc; i++) {
if (strcmp("--no_align", _argv[i]) == 0) {
g_no_align = true;
} else if (strcmp("--no_custom_event_handler", _argv[i]) == 0) {
no_custom_event_handler = true;
} else if (strcmp("--write_input", _argv[i]) == 0) {
g_write_input = true;
}
#ifdef FUZZ_32BIT
else if (strcmp("--no_mmap", _argv[i]) == 0) {
g_no_mmap = true;
}
#endif
else if (strncmp("--", _argv[i], 2) == 0) {
printf("Invalid argument: %s\n", _argv[i]);
exit(0);
}
}
if (no_custom_event_handler == false) {
if (srtp_install_event_handler(fuzz_srtp_event_handler) !=
srtp_err_status_ok) {
/* Shouldn't happen */
abort();
}
}
/* Fully initialized -- past this point, simulated allocation failures
* are allowed to occur */
g_post_init = true;
return 0;
}
int LLVMFuzzerTestOneInput(const uint8_t *data, size_t size)
{
uint8_t num_remove_stream;
uint32_t *remove_stream_ssrc = NULL;
uint8_t num_set_roc;
uint32_t *set_roc = NULL;
srtp_t srtp_ctx = NULL;
srtp_policy_t *policy_chain = NULL, *policy_chain_2 = NULL;
uint32_t randseed;
static bool firstrun = true;
if (firstrun == true) {
/* TODO version check etc and send it to MSAN */
}
#ifdef FUZZ_32BIT
/* Free the mmap allocation made during the previous iteration, if
* applicable */
fuzz_free(g_mmap_allocation);
#endif
if (g_write_input == true) {
fuzz_write_input(data, size);
}
EXTRACT_IF(&randseed, data, size, sizeof(randseed));
fuzz_mt19937_init(randseed);
srand(randseed);
/* policy_chain is used to initialize the srtp context with */
if ((policy_chain = extract_policies(&data, &size)) == NULL) {
goto end;
}
/* policy_chain_2 is used as an argument to srtp_update later on */
if ((policy_chain_2 = extract_policies(&data, &size)) == NULL) {
goto end;
}
/* Create context */
if (srtp_create(&srtp_ctx, policy_chain) != srtp_err_status_ok) {
goto end;
}
// free_policies(policy_chain);
// policy_chain = NULL;
/* Don't check for NULL result -- no extractions is fine */
remove_stream_ssrc =
extract_remove_stream_ssrc(&data, &size, &num_remove_stream);
/* Don't check for NULL result -- no extractions is fine */
set_roc = extract_set_roc(&data, &size, &num_set_roc);
{
uint8_t *ret;
int i = 0, j = 0;
while ((ret = run_srtp_func(srtp_ctx, &data, &size)) != NULL) {
fuzz_free(ret);
/* Keep removing streams until the set of SSRCs extracted from the
* fuzzer input is exhausted */
if (i < num_remove_stream) {
if (srtp_remove_stream(srtp_ctx, remove_stream_ssrc[i]) !=
srtp_err_status_ok) {
goto end;
}
i++;
}
/* Keep setting and getting ROCs until the set of SSRC/ROC tuples
* extracted from the fuzzer input is exhausted */
if (j < num_set_roc * 2) {
uint32_t roc;
if (srtp_set_stream_roc(srtp_ctx, set_roc[j], set_roc[j + 1]) !=
srtp_err_status_ok) {
goto end;
}
if (srtp_get_stream_roc(srtp_ctx, set_roc[j + 1], &roc) !=
srtp_err_status_ok) {
goto end;
}
j += 2;
}
if (policy_chain_2 != NULL) {
/* TODO srtp_update(srtp_ctx, policy_chain_2); */
/* Discard after using once */
free_policies(policy_chain_2);
policy_chain_2 = NULL;
}
}
}
end:
free_policies(policy_chain);
free_policies(policy_chain_2);
fuzz_free(remove_stream_ssrc);
fuzz_free(set_roc);
if (srtp_ctx != NULL) {
srtp_dealloc(srtp_ctx);
}
fuzz_mt19937_destroy();
return 0;
}

176
trunk/3rdparty/libsrtp-2-fit/fuzzer/fuzzer.h vendored Normal file
View file

@ -0,0 +1,176 @@
#define MAX_KEY_LEN 46
#define EXTRACT(dest, src, srcsize, copysize) \
{ \
memcpy((dest), (src), (copysize)); \
(src) += (copysize); \
(srcsize) -= (copysize); \
}
/* Extract data if src contains sufficient bytes, otherwise go to end */
#define EXTRACT_IF(dest, src, srcsize, copysize) \
{ \
if ((srcsize) < (copysize)) { \
goto end; \
} else { \
EXTRACT((dest), (src), (srcsize), (copysize)); \
} \
}
#include <stdint.h>
#if UINTPTR_MAX == 0xffffffff
#define FUZZ_32BIT
#elif UINTPTR_MAX == 0xffffffffffffffff
#else
#error "Cannot detect word size"
#endif
typedef srtp_err_status_t (
*fuzz_srtp_func)(srtp_t, void *, int *, uint8_t, unsigned int);
typedef void (*fuzz_srtp_crypto_policy_func)(srtp_crypto_policy_t *);
typedef srtp_err_status_t (*fuzz_srtp_get_length_func)(const srtp_t,
uint8_t,
unsigned int,
uint32_t *);
struct fuzz_srtp_params {
uint8_t srtp_func;
uint8_t srtp_crypto_policy_func;
uint16_t window_size;
uint8_t allow_repeat_tx;
uint8_t ssrc_type;
unsigned int ssrc_value;
uint8_t key[MAX_KEY_LEN];
uint8_t mki;
};
static srtp_err_status_t fuzz_srtp_protect(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki);
static srtp_err_status_t fuzz_srtp_unprotect(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki);
static srtp_err_status_t fuzz_srtp_protect_rtcp(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki);
static srtp_err_status_t fuzz_srtp_unprotect_rtcp(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki);
static srtp_err_status_t fuzz_srtp_protect_mki(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki);
static srtp_err_status_t fuzz_srtp_protect_rtcp_mki(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki);
static srtp_err_status_t fuzz_srtp_unprotect_mki(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki);
static srtp_err_status_t fuzz_srtp_unprotect_rtcp_mki(srtp_t srtp_sender,
void *hdr,
int *len,
uint8_t use_mki,
unsigned int mki);
static srtp_err_status_t fuzz_srtp_get_protect_length(const srtp_t srtp_ctx,
uint8_t use_mki,
unsigned int mki,
uint32_t *length);
static srtp_err_status_t fuzz_srtp_get_protect_mki_length(const srtp_t srtp_ctx,
uint8_t use_mki,
unsigned int mki,
uint32_t *length);
static srtp_err_status_t fuzz_srtp_get_protect_rtcp_length(
const srtp_t srtp_ctx,
uint8_t use_mki,
unsigned int mki,
uint32_t *length);
static srtp_err_status_t fuzz_srtp_get_protect_rtcp_mki_length(
const srtp_t srtp_ctx,
uint8_t use_mki,
unsigned int mki,
uint32_t *length);
struct fuzz_srtp_func_ext {
fuzz_srtp_func srtp_func;
bool protect;
fuzz_srtp_get_length_func get_length;
};
const struct fuzz_srtp_func_ext srtp_funcs[] = {
{ fuzz_srtp_protect, true, fuzz_srtp_get_protect_length },
{ fuzz_srtp_unprotect, false, NULL },
{ fuzz_srtp_protect_rtcp, true, fuzz_srtp_get_protect_rtcp_length },
{ fuzz_srtp_unprotect_rtcp, false, NULL },
{ fuzz_srtp_protect_mki, true, fuzz_srtp_get_protect_mki_length },
{ fuzz_srtp_unprotect_mki, false, NULL },
{ fuzz_srtp_protect_rtcp_mki, true, fuzz_srtp_get_protect_rtcp_mki_length },
{ fuzz_srtp_unprotect_rtcp_mki, false, NULL }
};
struct fuzz_srtp_crypto_policy_func_ext {
fuzz_srtp_crypto_policy_func crypto_policy_func;
const char *name;
};
const struct fuzz_srtp_crypto_policy_func_ext fuzz_srtp_crypto_policies[] = {
{ srtp_crypto_policy_set_rtp_default, "" },
{ srtp_crypto_policy_set_rtcp_default, "" },
{ srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32,
"srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32" },
{ srtp_crypto_policy_set_aes_cm_128_null_auth,
"srtp_crypto_policy_set_aes_cm_128_null_auth" },
{ srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32,
"srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32" },
{ srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80,
"srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80" },
{ srtp_crypto_policy_set_aes_cm_256_null_auth,
"srtp_crypto_policy_set_aes_cm_256_null_auth" },
{ srtp_crypto_policy_set_null_cipher_hmac_null,
"srtp_crypto_policy_set_null_cipher_hmac_null" },
{ srtp_crypto_policy_set_null_cipher_hmac_sha1_80,
"srtp_crypto_policy_set_null_cipher_hmac_sha1_80" },
#ifdef OPENSSL
{ srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32,
"srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32" },
{ srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80,
"srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80" },
{ srtp_crypto_policy_set_aes_cm_192_null_auth,
"srtp_crypto_policy_set_aes_cm_192_null_auth" },
{ srtp_crypto_policy_set_aes_gcm_128_16_auth,
"srtp_crypto_policy_set_aes_gcm_128_16_auth" },
{ srtp_crypto_policy_set_aes_gcm_128_8_auth,
"srtp_crypto_policy_set_aes_gcm_128_8_auth" },
{ srtp_crypto_policy_set_aes_gcm_128_8_only_auth,
"srtp_crypto_policy_set_aes_gcm_128_8_only_auth" },
{ srtp_crypto_policy_set_aes_gcm_256_16_auth,
"srtp_crypto_policy_set_aes_gcm_256_16_auth" },
{ srtp_crypto_policy_set_aes_gcm_256_8_auth,
"srtp_crypto_policy_set_aes_gcm_256_8_auth" },
{ srtp_crypto_policy_set_aes_gcm_256_8_only_auth,
"srtp_crypto_policy_set_aes_gcm_256_8_only_auth" },
#endif
};
struct fuzz_srtp_ssrc_type_ext {
srtp_ssrc_type_t srtp_ssrc_type;
const char *name;
};
const struct fuzz_srtp_ssrc_type_ext fuzz_ssrc_type_map[] = {
{ ssrc_undefined, "ssrc_undefined" },
{ ssrc_specific, "ssrc_specific" },
{ ssrc_any_inbound, "ssrc_any_inbound" },
{ ssrc_any_outbound, "ssrc_any_outbound" },
};

17
trunk/3rdparty/libsrtp-2-fit/fuzzer/mt19937.cpp vendored Normal file
View file

@ -0,0 +1,17 @@
#include <random>
#include <cstdint>
std::mt19937* mt_rand = NULL;
extern "C" void fuzz_mt19937_init(uint32_t seed) {
mt_rand = new std::mt19937(seed);
}
extern "C" uint32_t fuzz_mt19937_get(void) {
return (*mt_rand)();
}
extern "C" void fuzz_mt19937_destroy(void) {
delete mt_rand;
mt_rand = NULL;
}

4
trunk/3rdparty/libsrtp-2-fit/fuzzer/mt19937.h vendored Normal file
View file

@ -0,0 +1,4 @@
#include <stdint.h>
void fuzz_mt19937_init(uint32_t seed);
uint32_t fuzz_mt19937_get(void);
void fuzz_mt19937_destroy(void);

25
trunk/3rdparty/libsrtp-2-fit/fuzzer/testmem.c vendored Normal file
View file

@ -0,0 +1,25 @@
#include <stdint.h>
#include <stddef.h>
#include <stdlib.h>
#include <string.h>
#ifdef FUZZ_MSAN
#include <stdio.h>
static void fuzz_testmem_msan(void *data, size_t size)
{
/* This is a trick to force MemorySanitizer to evaluate the data at hand */
FILE *fp = fopen("/dev/null", "wb");
fwrite(data, size, 1, fp);
fclose(fp);
}
#endif
void fuzz_testmem(void *data, size_t size)
{
#ifdef FUZZ_MSAN
fuzz_testmem_msan(data, size);
#endif
uint8_t *copy = malloc(size);
memcpy(copy, data, size);
free(copy);
}

3
trunk/3rdparty/libsrtp-2-fit/fuzzer/testmem.h vendored Normal file
View file

@ -0,0 +1,3 @@
#include <stdint.h>
#include <stddef.h>
void fuzz_testmem(void *data, size_t size);

181
trunk/3rdparty/libsrtp-2-fit/include/ekt.h vendored Normal file
View file

@ -0,0 +1,181 @@
/*
* ekt.h
*
* interface to Encrypted Key Transport for SRTP
*
* David McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
/*
* EKT implementation strategy
*
* use stream_template approach
*
* in srtp_unprotect, when a new stream appears, check if template has
* EKT defined, and if it does, then apply EKT processing
*
* question: will we want to allow key-sharing templates in addition
* to EKT templates? could define a new ssrc_type_t that's associated
* with an EKT, e.g. ssrc_any_ekt.
*
*
*/
#ifndef SRTP_EKT_H
#define SRTP_EKT_H
// left in commented out as reminder to not include private headers
//#include "srtp_priv.h"
#ifdef __cplusplus
extern "C" {
#endif
#define SRTP_EKT_CIPHER_DEFAULT 1
#define SRTP_EKT_CIPHER_AES_128_ECB 1
#define SRTP_EKT_CIPHER_AES_192_KEY_WRAP 2
#define SRTP_EKT_CIPHER_AES_256_KEY_WRAP 3
typedef uint16_t srtp_ekt_spi_t;
unsigned srtp_ekt_octets_after_base_tag(srtp_ekt_stream_t ekt);
/*
* an srtp_policy_t structure can contain a pointer to an
* srtp_ekt_policy_t structure
*
* this structure holds all of the high level EKT information, and it
* is passed into libsrtp to indicate what policy should be in effect
*/
typedef struct srtp_ekt_policy_ctx_t {
srtp_ekt_spi_t spi; /* security parameter index */
uint8_t ekt_cipher_type;
uint8_t *ekt_key;
struct srtp_ekt_policy_ctx_t *next_ekt_policy;
} srtp_ekt_policy_ctx_t;
/*
* an srtp_ekt_data_t structure holds the data corresponding to an ekt key,
* spi, and so on
*/
typedef struct srtp_ekt_data_t {
srtp_ekt_spi_t spi;
uint8_t ekt_cipher_type;
srtp_aes_expanded_key_t ekt_enc_key;
srtp_aes_expanded_key_t ekt_dec_key;
struct ekt_data_t *next_ekt_data;
} srtp_ekt_data_t;
/*
* an srtp_stream_ctx_t can contain an srtp_ekt_stream_ctx_t
*
* an srtp_ekt_stream_ctx_t structure holds all of the EKT information for
* a specific SRTP stream
*/
typedef struct srtp_ekt_stream_ctx_t {
srtp_ekt_data_t *data;
uint16_t isn; /* initial sequence number */
uint8_t encrypted_master_key[SRTP_MAX_KEY_LEN];
} srtp_ekt_stream_ctx_t;
srtp_err_status_t srtp_ekt_alloc(srtp_ekt_stream_t *stream_data,
srtp_ekt_policy_t policy);
srtp_err_status_t srtp_ekt_stream_init(srtp_ekt_stream_t e,
srtp_ekt_spi_t spi,
void *ekt_key,
unsigned ekt_cipher_type);
srtp_err_status_t srtp_ekt_stream_init_from_policy(srtp_ekt_stream_t e,
srtp_ekt_policy_t p);
srtp_err_status_t srtp_stream_init_from_ekt(srtp_stream_t stream,
const void *srtcp_hdr,
unsigned pkt_octet_len);
void srtp_ekt_write_data(srtp_ekt_stream_t ekt,
uint8_t *base_tag,
unsigned base_tag_len,
int *packet_len,
srtp_xtd_seq_num_t pkt_index);
/*
* We handle EKT by performing some additional steps before
* authentication (copying the auth tag into a temporary location,
* zeroizing the "base tag" field in the packet)
*
* With EKT, the tag_len parameter is actually the base tag
* length
*/
srtp_err_status_t srtp_ekt_tag_verification_preproces(uint8_t *pkt_tag,
uint8_t *pkt_tag_copy,
unsigned tag_len);
srtp_err_status_t srtp_ekt_tag_verification_postproces(uint8_t *pkt_tag,
uint8_t *pkt_tag_copy,
unsigned tag_len);
/*
* @brief EKT pre-processing for srtcp tag generation
*
* This function does the pre-processing of the SRTCP authentication
* tag format. When EKT is used, it consists of writing the Encrypted
* Master Key, the SRTP ROC, the Initial Sequence Number, and SPI
* fields. The Base Authentication Tag field is set to the all-zero
* value
*
* When EKT is not used, this function is a no-op.
*
*/
srtp_err_status_t srtp_stream_srtcp_auth_tag_generation_preprocess(
const srtp_stream_t *s,
uint8_t *pkt_tag,
unsigned pkt_octet_len);
/* it's not clear that a tag_generation_postprocess function is needed */
srtp_err_status_t srtcp_auth_tag_generation_postprocess(void);
#ifdef __cplusplus
}
#endif
#endif /* SRTP_EKT_H */

67
trunk/3rdparty/libsrtp-2-fit/include/getopt_s.h vendored Normal file
View file

@ -0,0 +1,67 @@
/*
* getopt.h
*
* interface to a minimal implementation of the getopt() function,
* written so that test applications that use that function can run on
* non-POSIX platforms
*
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef GETOPT_S_H
#define GETOPT_S_H
#ifdef __cplusplus
extern "C" {
#endif
/*
* getopt_s(), optarg_s, and optind_s are small, locally defined
* versions of the POSIX standard getopt() interface.
*/
int getopt_s(int argc, char *const argv[], const char *optstring);
extern char *optarg_s; /* defined in getopt.c */
extern int optind_s; /* defined in getopt.c */
#ifdef __cplusplus
}
#endif
#endif /* GETOPT_S_H */

1759
trunk/3rdparty/libsrtp-2-fit/include/srtp.h vendored Normal file
View file

File diff suppressed because it is too large Load diff

280
trunk/3rdparty/libsrtp-2-fit/include/srtp_priv.h vendored Normal file
View file

@ -0,0 +1,280 @@
/*
* srtp_priv.h
*
* private internal data structures and functions for libSRTP
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef SRTP_PRIV_H
#define SRTP_PRIV_H
// Leave this as the top level import. Ensures the existence of defines
#include "config.h"
#include "srtp.h"
#include "rdbx.h"
#include "rdb.h"
#include "integers.h"
#include "cipher.h"
#include "auth.h"
#include "aes.h"
#include "key.h"
#include "crypto_kernel.h"
#ifdef __cplusplus
extern "C" {
#endif
#define SRTP_VER_STRING PACKAGE_STRING
#define SRTP_VERSION PACKAGE_VERSION
typedef struct srtp_stream_ctx_t_ srtp_stream_ctx_t;
typedef srtp_stream_ctx_t *srtp_stream_t;
/*
* the following declarations are libSRTP internal functions
*/
/*
* srtp_get_stream(ssrc) returns a pointer to the stream corresponding
* to ssrc, or NULL if no stream exists for that ssrc
*/
srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc);
/*
* srtp_stream_init_keys(s, k) (re)initializes the srtp_stream_t s by
* deriving all of the needed keys using the KDF and the key k.
*/
srtp_err_status_t srtp_stream_init_keys(srtp_stream_ctx_t *srtp,
srtp_master_key_t *master_key,
const unsigned int current_mki_index);
/*
* srtp_stream_init_all_master_keys(s, k, m) (re)initializes the srtp_stream_t s
* by deriving all of the needed keys for all the master keys using the KDF and
* the keys from k.
*/
srtp_err_status_t srtp_steam_init_all_master_keys(
srtp_stream_ctx_t *srtp,
unsigned char *key,
srtp_master_key_t **keys,
const unsigned int max_master_keys);
/*
* srtp_stream_init(s, p) initializes the srtp_stream_t s to
* use the policy at the location p
*/
srtp_err_status_t srtp_stream_init(srtp_stream_t srtp, const srtp_policy_t *p);
/*
* libsrtp internal datatypes
*/
typedef enum direction_t {
dir_unknown = 0,
dir_srtp_sender = 1,
dir_srtp_receiver = 2
} direction_t;
/*
* srtp_session_keys_t will contain the encryption, hmac, salt keys
* for both SRTP and SRTCP. The session keys will also contain the
* MKI ID which is used to identify the session keys.
*/
typedef struct srtp_session_keys_t {
srtp_cipher_t *rtp_cipher;
srtp_cipher_t *rtp_xtn_hdr_cipher;
srtp_auth_t *rtp_auth;
srtp_cipher_t *rtcp_cipher;
srtp_auth_t *rtcp_auth;
uint8_t salt[SRTP_AEAD_SALT_LEN];
uint8_t c_salt[SRTP_AEAD_SALT_LEN];
uint8_t *mki_id;
unsigned int mki_size;
srtp_key_limit_ctx_t *limit;
} srtp_session_keys_t;
/*
* an srtp_stream_t has its own SSRC, encryption key, authentication
* key, sequence number, and replay database
*
* note that the keys might not actually be unique, in which case the
* srtp_cipher_t and srtp_auth_t pointers will point to the same structures
*/
typedef struct srtp_stream_ctx_t_ {
uint32_t ssrc;
srtp_session_keys_t *session_keys;
unsigned int num_master_keys;
srtp_rdbx_t rtp_rdbx;
srtp_sec_serv_t rtp_services;
srtp_rdb_t rtcp_rdb;
srtp_sec_serv_t rtcp_services;
direction_t direction;
int allow_repeat_tx;
srtp_ekt_stream_t ekt;
int *enc_xtn_hdr;
int enc_xtn_hdr_count;
uint32_t pending_roc;
struct srtp_stream_ctx_t_ *next; /* linked list of streams */
} strp_stream_ctx_t_;
/*
* an srtp_ctx_t holds a stream list and a service description
*/
typedef struct srtp_ctx_t_ {
struct srtp_stream_ctx_t_ *stream_list; /* linked list of streams */
struct srtp_stream_ctx_t_ *stream_template; /* act as template for other */
/* streams */
void *user_data; /* user custom data */
} srtp_ctx_t_;
/*
* srtp_hdr_t represents an RTP or SRTP header. The bit-fields in
* this structure should be declared "unsigned int" instead of
* "unsigned char", but doing so causes the MS compiler to not
* fully pack the bit fields.
*
* In this implementation, an srtp_hdr_t is assumed to be 32-bit aligned
*
* (note that this definition follows that of RFC 1889 Appendix A, but
* is not identical)
*/
#ifndef WORDS_BIGENDIAN
typedef struct {
unsigned char cc : 4; /* CSRC count */
unsigned char x : 1; /* header extension flag */
unsigned char p : 1; /* padding flag */
unsigned char version : 2; /* protocol version */
unsigned char pt : 7; /* payload type */
unsigned char m : 1; /* marker bit */
uint16_t seq; /* sequence number */
uint32_t ts; /* timestamp */
uint32_t ssrc; /* synchronization source */
} srtp_hdr_t;
#else /* BIG_ENDIAN */
typedef struct {
unsigned char version : 2; /* protocol version */
unsigned char p : 1; /* padding flag */
unsigned char x : 1; /* header extension flag */
unsigned char cc : 4; /* CSRC count */
unsigned char m : 1; /* marker bit */
unsigned char pt : 7; /* payload type */
uint16_t seq; /* sequence number */
uint32_t ts; /* timestamp */
uint32_t ssrc; /* synchronization source */
} srtp_hdr_t;
#endif
typedef struct {
uint16_t profile_specific; /* profile-specific info */
uint16_t length; /* number of 32-bit words in extension */
} srtp_hdr_xtnd_t;
/*
* srtcp_hdr_t represents a secure rtcp header
*
* in this implementation, an srtcp header is assumed to be 32-bit
* aligned
*/
#ifndef WORDS_BIGENDIAN
typedef struct {
unsigned char rc : 5; /* reception report count */
unsigned char p : 1; /* padding flag */
unsigned char version : 2; /* protocol version */
unsigned char pt : 8; /* payload type */
uint16_t len; /* length */
uint32_t ssrc; /* synchronization source */
} srtcp_hdr_t;
typedef struct {
unsigned int index : 31; /* srtcp packet index in network order! */
unsigned int e : 1; /* encrypted? 1=yes */
/* optional mikey/etc go here */
/* and then the variable-length auth tag */
} srtcp_trailer_t;
#else /* BIG_ENDIAN */
typedef struct {
unsigned char version : 2; /* protocol version */
unsigned char p : 1; /* padding flag */
unsigned char rc : 5; /* reception report count */
unsigned char pt : 8; /* payload type */
uint16_t len; /* length */
uint32_t ssrc; /* synchronization source */
} srtcp_hdr_t;
typedef struct {
unsigned int e : 1; /* encrypted? 1=yes */
unsigned int index : 31; /* srtcp packet index */
/* optional mikey/etc go here */
/* and then the variable-length auth tag */
} srtcp_trailer_t;
#endif
/*
* srtp_handle_event(srtp, srtm, evnt) calls the event handling
* function, if there is one.
*
* This macro is not included in the documentation as it is
* an internal-only function.
*/
#define srtp_handle_event(srtp, strm, evnt) \
if (srtp_event_handler) { \
srtp_event_data_t data; \
data.session = srtp; \
data.ssrc = ntohl(strm->ssrc); \
data.event = evnt; \
srtp_event_handler(&data); \
}
#ifdef __cplusplus
}
#endif
#endif /* SRTP_PRIV_H */

83
trunk/3rdparty/libsrtp-2-fit/include/ut_sim.h vendored Normal file
View file

@ -0,0 +1,83 @@
/*
* ut-sim.h
*
* an unreliable transport simulator
* (for testing replay databases and suchlike)
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef UT_SIM_H
#define UT_SIM_H
#include "integers.h" /* for uint32_t */
#ifdef __cplusplus
extern "C" {
#endif
#define UT_BUF 160 /* maximum amount of packet reorder */
typedef struct {
uint32_t index;
uint32_t buffer[UT_BUF];
} ut_connection;
/*
* ut_init(&u) initializes the ut_connection
*
* this function should always be the first one called on a new
* ut_connection
*/
void ut_init(ut_connection *utc);
/*
* ut_next_index(&u) returns the next index from the simulated
* unreliable connection
*/
uint32_t ut_next_index(ut_connection *utc);
#ifdef __cplusplus
}
#endif
#endif /* UT_SIM_H */

501
trunk/3rdparty/libsrtp-2-fit/install-sh vendored Executable file
View file

@ -0,0 +1,501 @@
#!/bin/sh
# install - install a program, script, or datafile
scriptversion=2013-12-25.23; # UTC
# This originates from X11R5 (mit/util/scripts/install.sh), which was
# later released in X11R6 (xc/config/util/install.sh) with the
# following copyright and license.
#
# Copyright (C) 1994 X Consortium
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to
# deal in the Software without restriction, including without limitation the
# rights to use, copy, modify, merge, publish, distribute, sublicense, and/or
# sell copies of the Software, and to permit persons to whom the Software is
# furnished to do so, subject to the following conditions:
#
# The above copyright notice and this permission notice shall be included in
# all copies or substantial portions of the Software.
#
# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# X CONSORTIUM BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN
# AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNEC-
# TION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
#
# Except as contained in this notice, the name of the X Consortium shall not
# be used in advertising or otherwise to promote the sale, use or other deal-
# ings in this Software without prior written authorization from the X Consor-
# tium.
#
#
# FSF changes to this file are in the public domain.
#
# Calling this script install-sh is preferred over install.sh, to prevent
# 'make' implicit rules from creating a file called install from it
# when there is no Makefile.
#
# This script is compatible with the BSD install script, but was written
# from scratch.
tab=' '
nl='
'
IFS=" $tab$nl"
# Set DOITPROG to "echo" to test this script.
doit=${DOITPROG-}
doit_exec=${doit:-exec}
# Put in absolute file names if you don't have them in your path;
# or use environment vars.
chgrpprog=${CHGRPPROG-chgrp}
chmodprog=${CHMODPROG-chmod}
chownprog=${CHOWNPROG-chown}
cmpprog=${CMPPROG-cmp}
cpprog=${CPPROG-cp}
mkdirprog=${MKDIRPROG-mkdir}
mvprog=${MVPROG-mv}
rmprog=${RMPROG-rm}
stripprog=${STRIPPROG-strip}
posix_mkdir=
# Desired mode of installed file.
mode=0755
chgrpcmd=
chmodcmd=$chmodprog
chowncmd=
mvcmd=$mvprog
rmcmd="$rmprog -f"
stripcmd=
src=
dst=
dir_arg=
dst_arg=
copy_on_change=false
is_target_a_directory=possibly
usage="\
Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE
or: $0 [OPTION]... SRCFILES... DIRECTORY
or: $0 [OPTION]... -t DIRECTORY SRCFILES...
or: $0 [OPTION]... -d DIRECTORIES...
In the 1st form, copy SRCFILE to DSTFILE.
In the 2nd and 3rd, copy all SRCFILES to DIRECTORY.
In the 4th, create DIRECTORIES.
Options:
--help display this help and exit.
--version display version info and exit.
-c (ignored)
-C install only if different (preserve the last data modification time)
-d create directories instead of installing files.
-g GROUP $chgrpprog installed files to GROUP.
-m MODE $chmodprog installed files to MODE.
-o USER $chownprog installed files to USER.
-s $stripprog installed files.
-t DIRECTORY install into DIRECTORY.
-T report an error if DSTFILE is a directory.
Environment variables override the default commands:
CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG
RMPROG STRIPPROG
"
while test $# -ne 0; do
case $1 in
-c) ;;
-C) copy_on_change=true;;
-d) dir_arg=true;;
-g) chgrpcmd="$chgrpprog $2"
shift;;
--help) echo "$usage"; exit $?;;
-m) mode=$2
case $mode in
*' '* | *"$tab"* | *"$nl"* | *'*'* | *'?'* | *'['*)
echo "$0: invalid mode: $mode" >&2
exit 1;;
esac
shift;;
-o) chowncmd="$chownprog $2"
shift;;
-s) stripcmd=$stripprog;;
-t)
is_target_a_directory=always
dst_arg=$2
# Protect names problematic for 'test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
shift;;
-T) is_target_a_directory=never;;
--version) echo "$0 $scriptversion"; exit $?;;
--) shift
break;;
-*) echo "$0: invalid option: $1" >&2
exit 1;;
*) break;;
esac
shift
done
# We allow the use of options -d and -T together, by making -d
# take the precedence; this is for compatibility with GNU install.
if test -n "$dir_arg"; then
if test -n "$dst_arg"; then
echo "$0: target directory not allowed when installing a directory." >&2
exit 1
fi
fi
if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then
# When -d is used, all remaining arguments are directories to create.
# When -t is used, the destination is already specified.
# Otherwise, the last argument is the destination. Remove it from $@.
for arg
do
if test -n "$dst_arg"; then
# $@ is not empty: it contains at least $arg.
set fnord "$@" "$dst_arg"
shift # fnord
fi
shift # arg
dst_arg=$arg
# Protect names problematic for 'test' and other utilities.
case $dst_arg in
-* | [=\(\)!]) dst_arg=./$dst_arg;;
esac
done
fi
if test $# -eq 0; then
if test -z "$dir_arg"; then
echo "$0: no input file specified." >&2
exit 1
fi
# It's OK to call 'install-sh -d' without argument.
# This can happen when creating conditional directories.
exit 0
fi
if test -z "$dir_arg"; then
if test $# -gt 1 || test "$is_target_a_directory" = always; then
if test ! -d "$dst_arg"; then
echo "$0: $dst_arg: Is not a directory." >&2
exit 1
fi
fi
fi
if test -z "$dir_arg"; then
do_exit='(exit $ret); exit $ret'
trap "ret=129; $do_exit" 1
trap "ret=130; $do_exit" 2
trap "ret=141; $do_exit" 13
trap "ret=143; $do_exit" 15
# Set umask so as not to create temps with too-generous modes.
# However, 'strip' requires both read and write access to temps.
case $mode in
# Optimize common cases.
*644) cp_umask=133;;
*755) cp_umask=22;;
*[0-7])
if test -z "$stripcmd"; then
u_plus_rw=
else
u_plus_rw='% 200'
fi
cp_umask=`expr '(' 777 - $mode % 1000 ')' $u_plus_rw`;;
*)
if test -z "$stripcmd"; then
u_plus_rw=
else
u_plus_rw=,u+rw
fi
cp_umask=$mode$u_plus_rw;;
esac
fi
for src
do
# Protect names problematic for 'test' and other utilities.
case $src in
-* | [=\(\)!]) src=./$src;;
esac
if test -n "$dir_arg"; then
dst=$src
dstdir=$dst
test -d "$dstdir"
dstdir_status=$?
else
# Waiting for this to be detected by the "$cpprog $src $dsttmp" command
# might cause directories to be created, which would be especially bad
# if $src (and thus $dsttmp) contains '*'.
if test ! -f "$src" && test ! -d "$src"; then
echo "$0: $src does not exist." >&2
exit 1
fi
if test -z "$dst_arg"; then
echo "$0: no destination specified." >&2
exit 1
fi
dst=$dst_arg
# If destination is a directory, append the input filename; won't work
# if double slashes aren't ignored.
if test -d "$dst"; then
if test "$is_target_a_directory" = never; then
echo "$0: $dst_arg: Is a directory" >&2
exit 1
fi
dstdir=$dst
dst=$dstdir/`basename "$src"`
dstdir_status=0
else
dstdir=`dirname "$dst"`
test -d "$dstdir"
dstdir_status=$?
fi
fi
obsolete_mkdir_used=false
if test $dstdir_status != 0; then
case $posix_mkdir in
'')
# Create intermediate dirs using mode 755 as modified by the umask.
# This is like FreeBSD 'install' as of 1997-10-28.
umask=`umask`
case $stripcmd.$umask in
# Optimize common cases.
*[2367][2367]) mkdir_umask=$umask;;
.*0[02][02] | .[02][02] | .[02]) mkdir_umask=22;;
*[0-7])
mkdir_umask=`expr $umask + 22 \
- $umask % 100 % 40 + $umask % 20 \
- $umask % 10 % 4 + $umask % 2
`;;
*) mkdir_umask=$umask,go-w;;
esac
# With -d, create the new directory with the user-specified mode.
# Otherwise, rely on $mkdir_umask.
if test -n "$dir_arg"; then
mkdir_mode=-m$mode
else
mkdir_mode=
fi
posix_mkdir=false
case $umask in
*[123567][0-7][0-7])
# POSIX mkdir -p sets u+wx bits regardless of umask, which
# is incompatible with FreeBSD 'install' when (umask & 300) != 0.
;;
*)
tmpdir=${TMPDIR-/tmp}/ins$RANDOM-$$
trap 'ret=$?; rmdir "$tmpdir/d" "$tmpdir" 2>/dev/null; exit $ret' 0
if (umask $mkdir_umask &&
exec $mkdirprog $mkdir_mode -p -- "$tmpdir/d") >/dev/null 2>&1
then
if test -z "$dir_arg" || {
# Check for POSIX incompatibilities with -m.
# HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or
# other-writable bit of parent directory when it shouldn't.
# FreeBSD 6.1 mkdir -m -p sets mode of existing directory.
ls_ld_tmpdir=`ls -ld "$tmpdir"`
case $ls_ld_tmpdir in
d????-?r-*) different_mode=700;;
d????-?--*) different_mode=755;;
*) false;;
esac &&
$mkdirprog -m$different_mode -p -- "$tmpdir" && {
ls_ld_tmpdir_1=`ls -ld "$tmpdir"`
test "$ls_ld_tmpdir" = "$ls_ld_tmpdir_1"
}
}
then posix_mkdir=:
fi
rmdir "$tmpdir/d" "$tmpdir"
else
# Remove any dirs left behind by ancient mkdir implementations.
rmdir ./$mkdir_mode ./-p ./-- 2>/dev/null
fi
trap '' 0;;
esac;;
esac
if
$posix_mkdir && (
umask $mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir"
)
then :
else
# The umask is ridiculous, or mkdir does not conform to POSIX,
# or it failed possibly due to a race condition. Create the
# directory the slow way, step by step, checking for races as we go.
case $dstdir in
/*) prefix='/';;
[-=\(\)!]*) prefix='./';;
*) prefix='';;
esac
oIFS=$IFS
IFS=/
set -f
set fnord $dstdir
shift
set +f
IFS=$oIFS
prefixes=
for d
do
test X"$d" = X && continue
prefix=$prefix$d
if test -d "$prefix"; then
prefixes=
else
if $posix_mkdir; then
(umask=$mkdir_umask &&
$doit_exec $mkdirprog $mkdir_mode -p -- "$dstdir") && break
# Don't fail if two instances are running concurrently.
test -d "$prefix" || exit 1
else
case $prefix in
*\'*) qprefix=`echo "$prefix" | sed "s/'/'\\\\\\\\''/g"`;;
*) qprefix=$prefix;;
esac
prefixes="$prefixes '$qprefix'"
fi
fi
prefix=$prefix/
done
if test -n "$prefixes"; then
# Don't fail if two instances are running concurrently.
(umask $mkdir_umask &&
eval "\$doit_exec \$mkdirprog $prefixes") ||
test -d "$dstdir" || exit 1
obsolete_mkdir_used=true
fi
fi
fi
if test -n "$dir_arg"; then
{ test -z "$chowncmd" || $doit $chowncmd "$dst"; } &&
{ test -z "$chgrpcmd" || $doit $chgrpcmd "$dst"; } &&
{ test "$obsolete_mkdir_used$chowncmd$chgrpcmd" = false ||
test -z "$chmodcmd" || $doit $chmodcmd $mode "$dst"; } || exit 1
else
# Make a couple of temp file names in the proper directory.
dsttmp=$dstdir/_inst.$$_
rmtmp=$dstdir/_rm.$$_
# Trap to clean up those temp files at exit.
trap 'ret=$?; rm -f "$dsttmp" "$rmtmp" && exit $ret' 0
# Copy the file name to the temp name.
(umask $cp_umask && $doit_exec $cpprog "$src" "$dsttmp") &&
# and set any options; do chmod last to preserve setuid bits.
#
# If any of these fail, we abort the whole thing. If we want to
# ignore errors from any of these, just make sure not to ignore
# errors from the above "$doit $cpprog $src $dsttmp" command.
#
{ test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } &&
{ test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } &&
{ test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } &&
{ test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } &&
# If -C, don't bother to copy if it wouldn't change the file.
if $copy_on_change &&
old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` &&
new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` &&
set -f &&
set X $old && old=:$2:$4:$5:$6 &&
set X $new && new=:$2:$4:$5:$6 &&
set +f &&
test "$old" = "$new" &&
$cmpprog "$dst" "$dsttmp" >/dev/null 2>&1
then
rm -f "$dsttmp"
else
# Rename the file to the real destination.
$doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null ||
# The rename failed, perhaps because mv can't rename something else
# to itself, or perhaps because mv is so ancient that it does not
# support -f.
{
# Now remove or move aside any old file at destination location.
# We try this two ways since rm can't unlink itself on some
# systems and the destination file might be busy for other
# reasons. In this case, the final cleanup might fail but the new
# file should still install successfully.
{
test ! -f "$dst" ||
$doit $rmcmd -f "$dst" 2>/dev/null ||
{ $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null &&
{ $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }
} ||
{ echo "$0: cannot unlink or rename $dst" >&2
(exit 1); exit 1
}
} &&
# Now rename the file to the real destination.
$doit $mvcmd "$dsttmp" "$dst"
}
fi || exit 1
trap '' 0
fi
done
# Local variables:
# eval: (add-hook 'write-file-hooks 'time-stamp)
# time-stamp-start: "scriptversion="
# time-stamp-format: "%:y-%02m-%02d.%02H"
# time-stamp-time-zone: "UTC"
# time-stamp-end: "; # UTC"
# End:

35
trunk/3rdparty/libsrtp-2-fit/install-win.bat vendored Normal file
View file

@ -0,0 +1,35 @@
:: Installs from srtp windows build directory to directory specified on
:: command line
@if "%1"=="" (
echo "Usage: %~nx0 destdir"
exit /b 1
) else (
set destdir=%1
)
@if not exist %destdir% (
echo %destdir% not found
exit /b 1
)
@for %%d in (include\srtp.h crypto\include\cipher.h Debug\srtp2.lib Release\srtp2.lib x64\Debug\srtp2.lib x64\Release\srtp2.lib) do (
if not exist "%%d" (
echo "%%d not found: are you in the right directory?"
exit /b 1
)
)
mkdir %destdir%\include
mkdir %destdir%\include\srtp2
mkdir %destdir%\lib
mkdir %destdir%\lib\x64
@for %%d in (include\srtp.h include\ekt.h crypto\include\cipher.h crypto\include\auth.h crypto\include\crypto_types.h) do (
copy %%d %destdir%\include\srtp2
)
copy Release\srtp2.lib %destdir%\lib\srtp2.lib
copy Debug\srtp2.lib %destdir%\lib\srtp2d.lib
copy x64\Release\srtp2.lib %destdir%\lib\x64\srtp2.lib
copy x64\Debug\srtp2.lib %destdir%\lib\x64\srtp2d.lib

11
trunk/3rdparty/libsrtp-2-fit/libsrtp2.pc.in vendored Normal file
View file

@ -0,0 +1,11 @@
prefix=@prefix@
exec_prefix=@prefix@
libdir=@libdir@
includedir=@includedir@
Name: @PACKAGE_NAME@
Version: @PACKAGE_VERSION@
Description: Library for SRTP (Secure Realtime Transport Protocol)
Libs: -L${libdir} -lsrtp2 @LIBS@
Cflags: -I${includedir}

281
trunk/3rdparty/libsrtp-2-fit/srtp/ekt.c vendored Normal file
View file

@ -0,0 +1,281 @@
/*
* ekt.c
*
* Encrypted Key Transport for SRTP
*
* David McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include "srtp_priv.h"
#include "err.h"
#include "ekt.h"
extern srtp_debug_module_t mod_srtp;
/*
* The EKT Authentication Tag format.
*
* 0 1 2 3
* 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* : Base Authentication Tag :
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* : Encrypted Master Key :
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Rollover Counter |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
* | Initial Sequence Number | Security Parameter Index |
* +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
*
*/
#define EKT_OCTETS_AFTER_BASE_TAG 24
#define EKT_OCTETS_AFTER_EMK 8
#define EKT_OCTETS_AFTER_ROC 4
#define EKT_SPI_LEN 2
unsigned srtp_ekt_octets_after_base_tag(srtp_ekt_stream_t ekt)
{
/*
* if the pointer ekt is NULL, then EKT is not in effect, so we
* indicate this by returning zero
*/
if (!ekt)
return 0;
switch (ekt->data->ekt_cipher_type) {
case SRTP_EKT_CIPHER_AES_128_ECB:
return 16 + EKT_OCTETS_AFTER_EMK;
break;
default:
break;
}
return 0;
}
static inline srtp_ekt_spi_t srtcp_packet_get_ekt_spi(
const uint8_t *packet_start,
unsigned pkt_octet_len)
{
const uint8_t *spi_location;
spi_location = packet_start + (pkt_octet_len - EKT_SPI_LEN);
return *((const srtp_ekt_spi_t *)spi_location);
}
static inline uint32_t srtcp_packet_get_ekt_roc(const uint8_t *packet_start,
unsigned pkt_octet_len)
{
const uint8_t *roc_location;
roc_location = packet_start + (pkt_octet_len - EKT_OCTETS_AFTER_ROC);
return *((const uint32_t *)roc_location);
}
static inline const uint8_t *srtcp_packet_get_emk_location(
const uint8_t *packet_start,
unsigned pkt_octet_len)
{
const uint8_t *location;
location = packet_start + (pkt_octet_len - EKT_OCTETS_AFTER_BASE_TAG);
return location;
}
srtp_err_status_t srtp_ekt_alloc(srtp_ekt_stream_t *stream_data,
srtp_ekt_policy_t policy)
{
/*
* if the policy pointer is NULL, then EKT is not in use
* so we just set the EKT stream data pointer to NULL
*/
if (!policy) {
*stream_data = NULL;
return srtp_err_status_ok;
}
/* TODO */
*stream_data = NULL;
return srtp_err_status_ok;
}
srtp_err_status_t srtp_ekt_stream_init_from_policy(
srtp_ekt_stream_t stream_data,
srtp_ekt_policy_t policy)
{
if (!stream_data)
return srtp_err_status_ok;
return srtp_err_status_ok;
}
void aes_decrypt_with_raw_key(void *ciphertext, const void *key, int key_len)
{
#ifndef GCM
// FIXME: need to get this working through the crypto module interface
srtp_aes_expanded_key_t expanded_key;
srtp_aes_expand_decryption_key(key, key_len, &expanded_key);
srtp_aes_decrypt(ciphertext, &expanded_key);
#endif
}
/*
* The function srtp_stream_init_from_ekt() initializes a stream using
* the EKT data from an SRTCP trailer.
*/
srtp_err_status_t srtp_stream_init_from_ekt(srtp_stream_t stream,
const void *srtcp_hdr,
unsigned pkt_octet_len)
{
srtp_err_status_t err;
const uint8_t *master_key;
srtp_policy_t srtp_policy;
uint32_t roc;
/*
* NOTE: at present, we only support a single ekt_policy at a time.
*/
if (stream->ekt->data->spi !=
srtcp_packet_get_ekt_spi(srtcp_hdr, pkt_octet_len))
return srtp_err_status_no_ctx;
if (stream->ekt->data->ekt_cipher_type != SRTP_EKT_CIPHER_AES_128_ECB)
return srtp_err_status_bad_param;
/* decrypt the Encrypted Master Key field */
master_key = srtcp_packet_get_emk_location(srtcp_hdr, pkt_octet_len);
/* FIX!? This decrypts the master key in-place, and never uses it */
/* FIX!? It's also passing to ekt_dec_key (which is an aes_expanded_key_t)
* to a function which expects a raw (unexpanded) key */
aes_decrypt_with_raw_key((void *)master_key,
&stream->ekt->data->ekt_dec_key, 16);
/* set the SRTP ROC */
roc = srtcp_packet_get_ekt_roc(srtcp_hdr, pkt_octet_len);
err = srtp_rdbx_set_roc(&stream->rtp_rdbx, roc);
if (err)
return err;
err = srtp_stream_init(stream, &srtp_policy);
if (err)
return err;
return srtp_err_status_ok;
}
void srtp_ekt_write_data(srtp_ekt_stream_t ekt,
uint8_t *base_tag,
unsigned base_tag_len,
int *packet_len,
srtp_xtd_seq_num_t pkt_index)
{
uint32_t roc;
uint16_t isn;
unsigned emk_len;
uint8_t *packet;
/* if the pointer ekt is NULL, then EKT is not in effect */
if (!ekt) {
debug_print0(mod_srtp, "EKT not in use");
return;
}
/* write zeros into the location of the base tag */
octet_string_set_to_zero(base_tag, base_tag_len);
packet = base_tag + base_tag_len;
/* copy encrypted master key into packet */
emk_len = srtp_ekt_octets_after_base_tag(ekt);
memcpy(packet, ekt->encrypted_master_key, emk_len);
debug_print(mod_srtp, "writing EKT EMK: %s,",
srtp_octet_string_hex_string(packet, emk_len));
packet += emk_len;
/* copy ROC into packet */
roc = (uint32_t)(pkt_index >> 16);
*((uint32_t *)packet) = be32_to_cpu(roc);
debug_print(mod_srtp, "writing EKT ROC: %s,",
srtp_octet_string_hex_string(packet, sizeof(roc)));
packet += sizeof(roc);
/* copy ISN into packet */
isn = (uint16_t)pkt_index;
*((uint16_t *)packet) = htons(isn);
debug_print(mod_srtp, "writing EKT ISN: %s,",
srtp_octet_string_hex_string(packet, sizeof(isn)));
packet += sizeof(isn);
/* copy SPI into packet */
*((uint16_t *)packet) = htons(ekt->data->spi);
debug_print(mod_srtp, "writing EKT SPI: %s,",
srtp_octet_string_hex_string(packet, sizeof(ekt->data->spi)));
/* increase packet length appropriately */
*packet_len += EKT_OCTETS_AFTER_EMK + emk_len;
}
/*
* The function call srtcp_ekt_trailer(ekt, auth_len, auth_tag )
*
* If the pointer ekt is NULL, then the other inputs are unaffected.
*
* auth_tag is a pointer to the pointer to the location of the
* authentication tag in the packet. If EKT is in effect, then the
* auth_tag pointer is set to the location
*/
void srtcp_ekt_trailer(srtp_ekt_stream_t ekt,
unsigned *auth_len,
void **auth_tag,
void *tag_copy)
{
/*
* if there is no EKT policy, then the other inputs are unaffected
*/
if (!ekt)
return;
/* copy auth_tag into temporary location */
}

4727
trunk/3rdparty/libsrtp-2-fit/srtp/srtp.c vendored Normal file
View file

File diff suppressed because it is too large Load diff

713
trunk/3rdparty/libsrtp-2-fit/test/cutest.h vendored Normal file
View file

@ -0,0 +1,713 @@
/*
* CUTest -- C/C++ Unit Test facility
* <http://github.com/mity/cutest>
*
* Copyright (c) 2013-2017 Martin Mitas
*
* Permission is hereby granted, free of charge, to any person obtaining a
* copy of this software and associated documentation files (the "Software"),
* to deal in the Software without restriction, including without limitation
* the rights to use, copy, modify, merge, publish, distribute, sublicense,
* and/or sell copies of the Software, and to permit persons to whom the
* Software is furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
* OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
* FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS
* IN THE SOFTWARE.
*/
#ifndef CUTEST_H__
#define CUTEST_H__
/************************
*** Public interface ***
************************/
/* By default, <cutest.h> provides the main program entry point (function
* main()). However, if the test suite is composed of multiple source files
* which include <cutest.h>, then this causes a problem of multiple main()
* definitions. To avoid this problem, #define macro TEST_NO_MAIN in all
* compilation units but one.
*/
/* Macro to specify list of unit tests in the suite.
* The unit test implementation MUST provide list of unit tests it implements
* with this macro:
*
* TEST_LIST = {
* { "test1_name", test1_func_ptr },
* { "test2_name", test2_func_ptr },
* ...
* { 0 }
* };
*
* The list specifies names of each test (must be unique) and pointer to
* a function implementing it. The function does not take any arguments
* and has no return values, i.e. every test function has tp be compatible
* with this prototype:
*
* void test_func(void);
*/
#define TEST_LIST const struct test__ test_list__[]
/* Macros for testing whether an unit test succeeds or fails. These macros
* can be used arbitrarily in functions implementing the unit tests.
*
* If any condition fails throughout execution of a test, the test fails.
*
* TEST_CHECK takes only one argument (the condition), TEST_CHECK_ allows
* also to specify an error message to print out if the condition fails.
* (It expects printf-like format string and its parameters). The macros
* return non-zero (condition passes) or 0 (condition fails).
*
* That can be useful when more conditions should be checked only if some
* preceding condition passes, as illustrated in this code snippet:
*
* SomeStruct* ptr = allocate_some_struct();
* if(TEST_CHECK(ptr != NULL)) {
* TEST_CHECK(ptr->member1 < 100);
* TEST_CHECK(ptr->member2 > 200);
* }
*/
#define TEST_CHECK_(cond, ...) \
test_check__((cond), __FILE__, __LINE__, __VA_ARGS__)
#define TEST_CHECK(cond) test_check__((cond), __FILE__, __LINE__, "%s", #cond)
/**********************
*** Implementation ***
**********************/
/* The unit test files should not rely on anything below. */
#include <stdarg.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#if defined(unix) || defined(__unix__) || defined(__unix) || defined(__APPLE__)
#define CUTEST_UNIX__ 1
#include <errno.h>
#include <unistd.h>
#include <sys/types.h>
#include <sys/wait.h>
#include <signal.h>
#endif
#if defined(_WIN32) || defined(__WIN32__) || defined(__WINDOWS__)
#define CUTEST_WIN__ 1
#include <windows.h>
#include <io.h>
#endif
#ifdef __cplusplus
#include <exception>
#endif
/* Note our global private identifiers end with '__' to mitigate risk of clash
* with the unit tests implementation. */
#ifdef __cplusplus
extern "C" {
#endif
struct test__ {
const char *name;
void (*func)(void);
};
extern const struct test__ test_list__[];
int test_check__(int cond, const char *file, int line, const char *fmt, ...);
#ifndef TEST_NO_MAIN
static char *test_argv0__ = NULL;
static int test_count__ = 0;
static int test_no_exec__ = 0;
static int test_no_summary__ = 0;
static int test_skip_mode__ = 0;
static int test_stat_failed_units__ = 0;
static int test_stat_run_units__ = 0;
static const struct test__ *test_current_unit__ = NULL;
static int test_current_already_logged__ = 0;
static int test_verbose_level__ = 2;
static int test_current_failures__ = 0;
static int test_colorize__ = 0;
#define CUTEST_COLOR_DEFAULT__ 0
#define CUTEST_COLOR_GREEN__ 1
#define CUTEST_COLOR_RED__ 2
#define CUTEST_COLOR_DEFAULT_INTENSIVE__ 3
#define CUTEST_COLOR_GREEN_INTENSIVE__ 4
#define CUTEST_COLOR_RED_INTENSIVE__ 5
static size_t test_print_in_color__(int color, const char *fmt, ...)
{
va_list args;
char buffer[256];
size_t n;
va_start(args, fmt);
vsnprintf(buffer, sizeof(buffer), fmt, args);
va_end(args);
buffer[sizeof(buffer) - 1] = '\0';
if (!test_colorize__) {
return printf("%s", buffer);
}
#if defined CUTEST_UNIX__
{
const char *col_str;
switch (color) {
case CUTEST_COLOR_GREEN__:
col_str = "\033[0;32m";
break;
case CUTEST_COLOR_RED__:
col_str = "\033[0;31m";
break;
case CUTEST_COLOR_GREEN_INTENSIVE__:
col_str = "\033[1;32m";
break;
case CUTEST_COLOR_RED_INTENSIVE__:
col_str = "\033[1;30m";
break;
case CUTEST_COLOR_DEFAULT_INTENSIVE__:
col_str = "\033[1m";
break;
default:
col_str = "\033[0m";
break;
}
printf("%s", col_str);
n = printf("%s", buffer);
printf("\033[0m");
return n;
}
#elif defined CUTEST_WIN__
{
HANDLE h;
CONSOLE_SCREEN_BUFFER_INFO info;
WORD attr;
h = GetStdHandle(STD_OUTPUT_HANDLE);
GetConsoleScreenBufferInfo(h, &info);
switch (color) {
case CUTEST_COLOR_GREEN__:
attr = FOREGROUND_GREEN;
break;
case CUTEST_COLOR_RED__:
attr = FOREGROUND_RED;
break;
case CUTEST_COLOR_GREEN_INTENSIVE__:
attr = FOREGROUND_GREEN | FOREGROUND_INTENSITY;
break;
case CUTEST_COLOR_RED_INTENSIVE__:
attr = FOREGROUND_RED | FOREGROUND_INTENSITY;
break;
case CUTEST_COLOR_DEFAULT_INTENSIVE__:
attr = FOREGROUND_BLUE | FOREGROUND_GREEN | FOREGROUND_RED |
FOREGROUND_INTENSITY;
break;
default:
attr = 0;
break;
}
if (attr != 0)
SetConsoleTextAttribute(h, attr);
n = printf("%s", buffer);
SetConsoleTextAttribute(h, info.wAttributes);
return n;
}
#else
n = printf("%s", buffer);
return n;
#endif
}
int test_check__(int cond, const char *file, int line, const char *fmt, ...)
{
const char *result_str;
int result_color;
int verbose_level;
if (cond) {
result_str = "ok";
result_color = CUTEST_COLOR_GREEN__;
verbose_level = 3;
} else {
if (!test_current_already_logged__ && test_current_unit__ != NULL) {
printf("[ ");
test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__, "FAILED");
printf(" ]\n");
}
result_str = "failed";
result_color = CUTEST_COLOR_RED__;
verbose_level = 2;
test_current_failures__++;
test_current_already_logged__++;
}
if (test_verbose_level__ >= verbose_level) {
size_t n = 0;
va_list args;
printf(" ");
if (file != NULL)
n += printf("%s:%d: Check ", file, line);
va_start(args, fmt);
n += vprintf(fmt, args);
va_end(args);
printf("... ");
test_print_in_color__(result_color, result_str);
printf("\n");
test_current_already_logged__++;
}
return (cond != 0);
}
static void test_list_names__(void)
{
const struct test__ *test;
printf("Unit tests:\n");
for (test = &test_list__[0]; test->func != NULL; test++)
printf(" %s\n", test->name);
}
static const struct test__ *test_by_name__(const char *name)
{
const struct test__ *test;
for (test = &test_list__[0]; test->func != NULL; test++) {
if (strcmp(test->name, name) == 0)
return test;
}
return NULL;
}
/* Call directly the given test unit function. */
static int test_do_run__(const struct test__ *test)
{
test_current_unit__ = test;
test_current_failures__ = 0;
test_current_already_logged__ = 0;
if (test_verbose_level__ >= 3) {
test_print_in_color__(CUTEST_COLOR_DEFAULT_INTENSIVE__, "Test %s:\n",
test->name);
test_current_already_logged__++;
} else if (test_verbose_level__ >= 1) {
size_t n;
char spaces[32];
n = test_print_in_color__(CUTEST_COLOR_DEFAULT_INTENSIVE__,
"Test %s... ", test->name);
memset(spaces, ' ', sizeof(spaces));
if (n < sizeof(spaces))
printf("%.*s", (int)(sizeof(spaces) - n), spaces);
} else {
test_current_already_logged__ = 1;
}
#ifdef __cplusplus
try {
#endif
/* This is good to do for case the test unit e.g. crashes. */
fflush(stdout);
fflush(stderr);
test->func();
#ifdef __cplusplus
} catch (std::exception &e) {
const char *what = e.what();
if (what != NULL)
test_check__(0, NULL, 0, "Threw std::exception: %s", what);
else
test_check__(0, NULL, 0, "Threw std::exception");
} catch (...) {
test_check__(0, NULL, 0, "Threw an exception");
}
#endif
if (test_verbose_level__ >= 3) {
switch (test_current_failures__) {
case 0:
test_print_in_color__(CUTEST_COLOR_GREEN_INTENSIVE__,
" All conditions have passed.\n\n");
break;
case 1:
test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__,
" One condition has FAILED.\n\n");
break;
default:
test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__,
" %d conditions have FAILED.\n\n",
test_current_failures__);
break;
}
} else if (test_verbose_level__ >= 1 && test_current_failures__ == 0) {
printf("[ ");
test_print_in_color__(CUTEST_COLOR_GREEN_INTENSIVE__, "OK");
printf(" ]\n");
}
test_current_unit__ = NULL;
return (test_current_failures__ == 0) ? 0 : -1;
}
#if defined(CUTEST_UNIX__) || defined(CUTEST_WIN__)
/* Called if anything goes bad in cutest, or if the unit test ends in other
* way then by normal returning from its function (e.g. exception or some
* abnormal child process termination). */
static void test_error__(const char *fmt, ...)
{
va_list args;
if (test_verbose_level__ == 0)
return;
if (test_verbose_level__ <= 2 && !test_current_already_logged__ &&
test_current_unit__ != NULL) {
printf("[ ");
test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__, "FAILED");
printf(" ]\n");
}
if (test_verbose_level__ >= 2) {
test_print_in_color__(CUTEST_COLOR_RED_INTENSIVE__, " Error: ");
va_start(args, fmt);
vprintf(fmt, args);
va_end(args);
printf("\n");
}
}
#endif
/* Trigger the unit test. If possible (and not suppressed) it starts a child
* process who calls test_do_run__(), otherwise it calls test_do_run__()
* directly. */
static void test_run__(const struct test__ *test)
{
int failed = 1;
test_current_unit__ = test;
test_current_already_logged__ = 0;
if (!test_no_exec__) {
#if defined(CUTEST_UNIX__)
pid_t pid;
int exit_code;
pid = fork();
if (pid == (pid_t)-1) {
test_error__("Cannot fork. %s [%d]", strerror(errno), errno);
failed = 1;
} else if (pid == 0) {
/* Child: Do the test. */
failed = (test_do_run__(test) != 0);
exit(failed ? 1 : 0);
} else {
/* Parent: Wait until child terminates and analyze its exit code. */
waitpid(pid, &exit_code, 0);
if (WIFEXITED(exit_code)) {
switch (WEXITSTATUS(exit_code)) {
case 0:
failed = 0;
break; /* test has passed. */
case 1: /* noop */
break; /* "normal" failure. */
default:
test_error__("Unexpected exit code [%d]",
WEXITSTATUS(exit_code));
}
} else if (WIFSIGNALED(exit_code)) {
char tmp[32];
const char *signame;
switch (WTERMSIG(exit_code)) {
case SIGINT:
signame = "SIGINT";
break;
case SIGHUP:
signame = "SIGHUP";
break;
case SIGQUIT:
signame = "SIGQUIT";
break;
case SIGABRT:
signame = "SIGABRT";
break;
case SIGKILL:
signame = "SIGKILL";
break;
case SIGSEGV:
signame = "SIGSEGV";
break;
case SIGILL:
signame = "SIGILL";
break;
case SIGTERM:
signame = "SIGTERM";
break;
default:
sprintf(tmp, "signal %d", WTERMSIG(exit_code));
signame = tmp;
break;
}
test_error__("Test interrupted by %s", signame);
} else {
test_error__("Test ended in an unexpected way [%d]", exit_code);
}
}
#elif defined(CUTEST_WIN__)
char buffer[512] = { 0 };
STARTUPINFOA startupInfo = { 0 };
PROCESS_INFORMATION processInfo;
DWORD exitCode;
/* Windows has no fork(). So we propagate all info into the child
* through a command line arguments. */
_snprintf(buffer, sizeof(buffer) - 1,
"%s --no-exec --no-summary --verbose=%d --color=%s -- \"%s\"",
test_argv0__, test_verbose_level__,
test_colorize__ ? "always" : "never", test->name);
startupInfo.cb = sizeof(STARTUPINFO);
if (CreateProcessA(NULL, buffer, NULL, NULL, FALSE, 0, NULL, NULL,
&startupInfo, &processInfo)) {
WaitForSingleObject(processInfo.hProcess, INFINITE);
GetExitCodeProcess(processInfo.hProcess, &exitCode);
CloseHandle(processInfo.hThread);
CloseHandle(processInfo.hProcess);
failed = (exitCode != 0);
} else {
test_error__("Cannot create unit test subprocess [%ld].",
GetLastError());
failed = 1;
}
#else
/* A platform where we don't know how to run child process. */
failed = (test_do_run__(test) != 0);
#endif
} else {
/* Child processes suppressed through --no-exec. */
failed = (test_do_run__(test) != 0);
}
test_current_unit__ = NULL;
test_stat_run_units__++;
if (failed)
test_stat_failed_units__++;
}
#if defined(CUTEST_WIN__)
/* Callback for SEH events. */
static LONG CALLBACK test_exception_filter__(EXCEPTION_POINTERS *ptrs)
{
test_error__("Unhandled SEH exception %08lx at %p.",
ptrs->ExceptionRecord->ExceptionCode,
ptrs->ExceptionRecord->ExceptionAddress);
fflush(stdout);
fflush(stderr);
return EXCEPTION_EXECUTE_HANDLER;
}
#endif
static void test_help__(void)
{
printf("Usage: %s [options] [test...]\n", test_argv0__);
printf("Run the specified unit tests; or if the option '--skip' is used, "
"run all\n");
printf("tests in the suite but those listed. By default, if no tests are "
"specified\n");
printf("on the command line, all unit tests in the suite are run.\n");
printf("\n");
printf("Options:\n");
printf(
" -s, --skip Execute all unit tests but the listed ones\n");
printf(" --no-exec Do not execute unit tests as child "
"processes\n");
printf(
" --no-summary Suppress printing of test results summary\n");
printf(" -l, --list List unit tests in the suite and exit\n");
printf(" -v, --verbose Enable more verbose output\n");
printf(" --verbose=LEVEL Set verbose level to LEVEL:\n");
printf(" 0 ... Be silent\n");
printf(" 1 ... Output one line per test (and "
"summary)\n");
printf(" 2 ... As 1 and failed conditions (this "
"is default)\n");
printf(" 3 ... As 1 and all conditions (and "
"extended summary)\n");
printf(" --color=WHEN Enable colorized output (WHEN is one of "
"'auto', 'always', 'never')\n");
printf(" -h, --help Display this help and exit\n");
printf("\n");
test_list_names__();
}
int main(int argc, char **argv)
{
const struct test__ **tests = NULL;
int i, j, n = 0;
int seen_double_dash = 0;
test_argv0__ = argv[0];
#if defined CUTEST_UNIX__
test_colorize__ = isatty(STDOUT_FILENO);
#elif defined CUTEST_WIN__
test_colorize__ = _isatty(_fileno(stdout));
#else
test_colorize__ = 0;
#endif
/* Parse options */
for (i = 1; i < argc; i++) {
if (seen_double_dash || argv[i][0] != '-') {
tests = (const struct test__ **)realloc(
(void *)tests, (n + 1) * sizeof(const struct test__ *));
if (tests == NULL) {
fprintf(stderr, "Out of memory.\n");
exit(2);
}
tests[n] = test_by_name__(argv[i]);
if (tests[n] == NULL) {
fprintf(stderr, "%s: Unrecognized unit test '%s'\n", argv[0],
argv[i]);
fprintf(stderr, "Try '%s --list' for list of unit tests.\n",
argv[0]);
exit(2);
}
n++;
} else if (strcmp(argv[i], "--") == 0) {
seen_double_dash = 1;
} else if (strcmp(argv[i], "--help") == 0 ||
strcmp(argv[i], "-h") == 0) {
test_help__();
exit(0);
} else if (strcmp(argv[i], "--verbose") == 0 ||
strcmp(argv[i], "-v") == 0) {
test_verbose_level__++;
} else if (strncmp(argv[i], "--verbose=", 10) == 0) {
test_verbose_level__ = atoi(argv[i] + 10);
} else if (strcmp(argv[i], "--color=auto") == 0) {
/* noop (set from above) */
} else if (strcmp(argv[i], "--color=always") == 0 ||
strcmp(argv[i], "--color") == 0) {
test_colorize__ = 1;
} else if (strcmp(argv[i], "--color=never") == 0) {
test_colorize__ = 0;
} else if (strcmp(argv[i], "--skip") == 0 ||
strcmp(argv[i], "-s") == 0) {
test_skip_mode__ = 1;
} else if (strcmp(argv[i], "--no-exec") == 0) {
test_no_exec__ = 1;
} else if (strcmp(argv[i], "--no-summary") == 0) {
test_no_summary__ = 1;
} else if (strcmp(argv[i], "--list") == 0 ||
strcmp(argv[i], "-l") == 0) {
test_list_names__();
exit(0);
} else {
fprintf(stderr, "%s: Unrecognized option '%s'\n", argv[0], argv[i]);
fprintf(stderr, "Try '%s --help' for more information.\n", argv[0]);
exit(2);
}
}
#if defined(CUTEST_WIN__)
SetUnhandledExceptionFilter(test_exception_filter__);
#endif
/* Count all test units */
test_count__ = 0;
for (i = 0; test_list__[i].func != NULL; i++)
test_count__++;
/* Run the tests */
if (n == 0) {
/* Run all tests */
for (i = 0; test_list__[i].func != NULL; i++)
test_run__(&test_list__[i]);
} else if (!test_skip_mode__) {
/* Run the listed tests */
for (i = 0; i < n; i++)
test_run__(tests[i]);
} else {
/* Run all tests except those listed */
for (i = 0; test_list__[i].func != NULL; i++) {
int want_skip = 0;
for (j = 0; j < n; j++) {
if (tests[j] == &test_list__[i]) {
want_skip = 1;
break;
}
}
if (!want_skip)
test_run__(&test_list__[i]);
}
}
/* Write a summary */
if (!test_no_summary__ && test_verbose_level__ >= 1) {
test_print_in_color__(CUTEST_COLOR_DEFAULT_INTENSIVE__, "\nSummary:\n");
if (test_verbose_level__ >= 3) {
printf(" Count of all unit tests: %4d\n", test_count__);
printf(" Count of run unit tests: %4d\n",
test_stat_run_units__);
printf(" Count of failed unit tests: %4d\n",
test_stat_failed_units__);
printf(" Count of skipped unit tests: %4d\n",
test_count__ - test_stat_run_units__);
}
if (test_stat_failed_units__ == 0) {
test_print_in_color__(CUTEST_COLOR_GREEN_INTENSIVE__,
" SUCCESS: All unit tests have passed.\n");
} else {
test_print_in_color__(
CUTEST_COLOR_RED_INTENSIVE__,
" FAILED: %d of %d unit tests have failed.\n",
test_stat_failed_units__, test_stat_run_units__);
}
}
if (tests != NULL)
free((void *)tests);
return (test_stat_failed_units__ == 0) ? 0 : 1;
}
#endif /* #ifndef TEST_NO_MAIN */
#ifdef __cplusplus
} /* extern "C" */
#endif
#endif /* #ifndef CUTEST_H__ */

261
trunk/3rdparty/libsrtp-2-fit/test/dtls_srtp_driver.c vendored Normal file
View file

@ -0,0 +1,261 @@
/*
* dtls_srtp_driver.c
*
* test driver for DTLS-SRTP functions
*
* David McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include <stdio.h> /* for printf() */
#include "getopt_s.h" /* for local getopt() */
#include "srtp_priv.h"
srtp_err_status_t test_dtls_srtp(void);
srtp_hdr_t *srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc);
void usage(char *prog_name)
{
printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n"
" -d <mod> turn on debugging module <mod>\n"
" -l list debugging modules\n",
prog_name);
exit(1);
}
int main(int argc, char *argv[])
{
unsigned do_list_mods = 0;
int q;
srtp_err_status_t err;
printf("dtls_srtp_driver\n");
/* initialize srtp library */
err = srtp_init();
if (err) {
printf("error: srtp init failed with error code %d\n", err);
exit(1);
}
/* process input arguments */
while (1) {
q = getopt_s(argc, argv, "ld:");
if (q == -1)
break;
switch (q) {
case 'l':
do_list_mods = 1;
break;
case 'd':
err = srtp_crypto_kernel_set_debug_module(optarg_s, 1);
if (err) {
printf("error: set debug module (%s) failed\n", optarg_s);
exit(1);
}
break;
default:
usage(argv[0]);
}
}
if (do_list_mods) {
err = srtp_crypto_kernel_list_debug_modules();
if (err) {
printf("error: list of debug modules failed\n");
exit(1);
}
}
printf("testing dtls_srtp...");
err = test_dtls_srtp();
if (err) {
printf("\nerror (code %d)\n", err);
exit(1);
}
printf("passed\n");
/* shut down srtp library */
err = srtp_shutdown();
if (err) {
printf("error: srtp shutdown failed with error code %d\n", err);
exit(1);
}
return 0;
}
srtp_err_status_t test_dtls_srtp(void)
{
srtp_hdr_t *test_packet;
int test_packet_len = 80;
srtp_t s;
srtp_policy_t policy;
uint8_t key[SRTP_MAX_KEY_LEN];
uint8_t salt[SRTP_MAX_KEY_LEN];
unsigned int key_len, salt_len;
srtp_profile_t profile;
srtp_err_status_t err;
memset(&policy, 0x0, sizeof(srtp_policy_t));
/* create a 'null' SRTP session */
err = srtp_create(&s, NULL);
if (err)
return err;
/*
* verify that packet-processing functions behave properly - we
* expect that these functions will return srtp_err_status_no_ctx
*/
test_packet = srtp_create_test_packet(80, 0xa5a5a5a5);
if (test_packet == NULL)
return srtp_err_status_alloc_fail;
err = srtp_protect(s, test_packet, &test_packet_len);
if (err != srtp_err_status_no_ctx) {
printf("wrong return value from srtp_protect() (got code %d)\n", err);
return srtp_err_status_fail;
}
err = srtp_unprotect(s, test_packet, &test_packet_len);
if (err != srtp_err_status_no_ctx) {
printf("wrong return value from srtp_unprotect() (got code %d)\n", err);
return srtp_err_status_fail;
}
err = srtp_protect_rtcp(s, test_packet, &test_packet_len);
if (err != srtp_err_status_no_ctx) {
printf("wrong return value from srtp_protect_rtcp() (got code %d)\n",
err);
return srtp_err_status_fail;
}
err = srtp_unprotect_rtcp(s, test_packet, &test_packet_len);
if (err != srtp_err_status_no_ctx) {
printf("wrong return value from srtp_unprotect_rtcp() (got code %d)\n",
err);
return srtp_err_status_fail;
}
/*
* set keys to known values for testing
*/
profile = srtp_profile_aes128_cm_sha1_80;
key_len = srtp_profile_get_master_key_length(profile);
salt_len = srtp_profile_get_master_salt_length(profile);
memset(key, 0xff, key_len);
memset(salt, 0xee, salt_len);
srtp_append_salt_to_key(key, key_len, salt, salt_len);
policy.key = key;
/* initialize SRTP policy from profile */
err = srtp_crypto_policy_set_from_profile_for_rtp(&policy.rtp, profile);
if (err)
return err;
err = srtp_crypto_policy_set_from_profile_for_rtcp(&policy.rtcp, profile);
if (err)
return err;
policy.ssrc.type = ssrc_any_inbound;
policy.ekt = NULL;
policy.window_size = 128;
policy.allow_repeat_tx = 0;
policy.next = NULL;
err = srtp_add_stream(s, &policy);
if (err)
return err;
err = srtp_dealloc(s);
if (err)
return err;
free(test_packet);
return srtp_err_status_ok;
}
/*
* srtp_create_test_packet(len, ssrc) returns a pointer to a
* (malloced) example RTP packet whose data field has the length given
* by pkt_octet_len and the SSRC value ssrc. The total length of the
* packet is twelve octets longer, since the header is at the
* beginning. There is room at the end of the packet for a trailer,
* and the four octets following the packet are filled with 0xff
* values to enable testing for overwrites.
*
* note that the location of the test packet can (and should) be
* deallocated with the free() call once it is no longer needed.
*/
srtp_hdr_t *srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc)
{
int i;
uint8_t *buffer;
srtp_hdr_t *hdr;
int bytes_in_hdr = 12;
/* allocate memory for test packet */
hdr = malloc(pkt_octet_len + bytes_in_hdr + SRTP_MAX_TRAILER_LEN + 4);
if (!hdr)
return NULL;
hdr->version = 2; /* RTP version two */
hdr->p = 0; /* no padding needed */
hdr->x = 0; /* no header extension */
hdr->cc = 0; /* no CSRCs */
hdr->m = 0; /* marker bit */
hdr->pt = 0xf; /* payload type */
hdr->seq = htons(0x1234); /* sequence number */
hdr->ts = htonl(0xdecafbad); /* timestamp */
hdr->ssrc = htonl(ssrc); /* synch. source */
buffer = (uint8_t *)hdr;
buffer += bytes_in_hdr;
/* set RTP data to 0xab */
for (i = 0; i < pkt_octet_len; i++)
*buffer++ = 0xab;
/* set post-data value to 0xffff to enable overrun checking */
for (i = 0; i < SRTP_MAX_TRAILER_LEN + 4; i++)
*buffer++ = 0xff;
return hdr;
}

109
trunk/3rdparty/libsrtp-2-fit/test/getopt_s.c vendored Normal file
View file

@ -0,0 +1,109 @@
/*
* getopt.c
*
* a minimal implementation of the getopt() function, written so that
* test applications that use that function can run on non-POSIX
* platforms
*
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include <stdlib.h> /* for NULL */
int optind_s = 0;
char *optarg_s;
#define GETOPT_FOUND_WITHOUT_ARGUMENT 2
#define GETOPT_FOUND_WITH_ARGUMENT 1
#define GETOPT_NOT_FOUND 0
static int getopt_check_character(char c, const char *string)
{
unsigned int max_string_len = 128;
while (*string != 0) {
if (max_string_len == 0) {
return GETOPT_NOT_FOUND;
}
max_string_len--;
if (*string++ == c) {
if (*string == ':') {
return GETOPT_FOUND_WITH_ARGUMENT;
} else {
return GETOPT_FOUND_WITHOUT_ARGUMENT;
}
}
}
return GETOPT_NOT_FOUND;
}
int getopt_s(int argc, char *const argv[], const char *optstring)
{
while (optind_s + 1 < argc) {
char *string;
/* move 'string' on to next argument */
optind_s++;
string = argv[optind_s];
if (string == NULL)
return '?'; /* NULL argument string */
if (string[0] != '-')
return -1; /* found an unexpected character */
switch (getopt_check_character(string[1], optstring)) {
case GETOPT_FOUND_WITH_ARGUMENT:
if (optind_s + 1 < argc) {
optind_s++;
optarg_s = argv[optind_s];
return string[1];
} else {
return '?'; /* argument missing */
}
case GETOPT_FOUND_WITHOUT_ARGUMENT:
return string[1];
case GETOPT_NOT_FOUND:
default:
return '?'; /* didn't find expected character */
break;
}
}
return -1;
}

360
trunk/3rdparty/libsrtp-2-fit/test/rdbx_driver.c vendored Normal file
View file

@ -0,0 +1,360 @@
/*
* rdbx_driver.c
*
* driver for the rdbx implementation (replay database with extended range)
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h> /* for printf() */
#include "getopt_s.h" /* for local getopt() */
#include "rdbx.h"
#include "cipher_priv.h"
#ifdef ROC_TEST
#error "srtp_rdbx_t won't work with ROC_TEST - bitmask same size as seq_median"
#endif
#include "ut_sim.h"
srtp_err_status_t test_replay_dbx(int num_trials, unsigned long ws);
double rdbx_check_adds_per_second(int num_trials, unsigned long ws);
void usage(char *prog_name)
{
printf("usage: %s [ -t | -v ]\n", prog_name);
exit(255);
}
int main(int argc, char *argv[])
{
double rate;
srtp_err_status_t status;
int q;
unsigned do_timing_test = 0;
unsigned do_validation = 0;
/* process input arguments */
while (1) {
q = getopt_s(argc, argv, "tv");
if (q == -1)
break;
switch (q) {
case 't':
do_timing_test = 1;
break;
case 'v':
do_validation = 1;
break;
default:
usage(argv[0]);
}
}
printf("rdbx (replay database w/ extended range) test driver\n"
"David A. McGrew\n"
"Cisco Systems, Inc.\n");
if (!do_validation && !do_timing_test)
usage(argv[0]);
if (do_validation) {
printf("testing srtp_rdbx_t (ws=128)...\n");
status = test_replay_dbx(1 << 12, 128);
if (status) {
printf("failed\n");
exit(1);
}
printf("passed\n");
printf("testing srtp_rdbx_t (ws=1024)...\n");
status = test_replay_dbx(1 << 12, 1024);
if (status) {
printf("failed\n");
exit(1);
}
printf("passed\n");
}
if (do_timing_test) {
rate = rdbx_check_adds_per_second(1 << 18, 128);
printf("rdbx_check/replay_adds per second (ws=128): %e\n", rate);
rate = rdbx_check_adds_per_second(1 << 18, 1024);
printf("rdbx_check/replay_adds per second (ws=1024): %e\n", rate);
}
return 0;
}
void print_rdbx(srtp_rdbx_t *rdbx)
{
char buf[2048];
printf("rdbx: {%llu, %s}\n", (unsigned long long)(rdbx->index),
bitvector_bit_string(&rdbx->bitmask, buf, sizeof(buf)));
}
/*
* rdbx_check_add(rdbx, idx) checks a known-to-be-good idx against
* rdbx, then adds it. if a failure is detected (i.e., the check
* indicates that the value is already in rdbx) then
* srtp_err_status_algo_fail is returned.
*
*/
srtp_err_status_t rdbx_check_add(srtp_rdbx_t *rdbx, uint32_t idx)
{
int delta;
srtp_xtd_seq_num_t est;
delta = srtp_index_guess(&rdbx->index, &est, idx);
if (srtp_rdbx_check(rdbx, delta) != srtp_err_status_ok) {
printf("replay_check failed at index %u\n", idx);
return srtp_err_status_algo_fail;
}
/*
* in practice, we'd authenticate the packet containing idx, using
* the estimated value est, at this point
*/
if (srtp_rdbx_add_index(rdbx, delta) != srtp_err_status_ok) {
printf("rdbx_add_index failed at index %u\n", idx);
return srtp_err_status_algo_fail;
}
return srtp_err_status_ok;
}
/*
* rdbx_check_expect_failure(srtp_rdbx_t *rdbx, uint32_t idx)
*
* checks that a sequence number idx is in the replay database
* and thus will be rejected
*/
srtp_err_status_t rdbx_check_expect_failure(srtp_rdbx_t *rdbx, uint32_t idx)
{
int delta;
srtp_xtd_seq_num_t est;
srtp_err_status_t status;
delta = srtp_index_guess(&rdbx->index, &est, idx);
status = srtp_rdbx_check(rdbx, delta);
if (status == srtp_err_status_ok) {
printf("delta: %d ", delta);
printf("replay_check failed at index %u (false positive)\n", idx);
return srtp_err_status_algo_fail;
}
return srtp_err_status_ok;
}
srtp_err_status_t rdbx_check_add_unordered(srtp_rdbx_t *rdbx, uint32_t idx)
{
int delta;
srtp_xtd_seq_num_t est;
srtp_err_status_t rstat;
delta = srtp_index_guess(&rdbx->index, &est, idx);
rstat = srtp_rdbx_check(rdbx, delta);
if ((rstat != srtp_err_status_ok) &&
(rstat != srtp_err_status_replay_old)) {
printf("replay_check_add_unordered failed at index %u\n", idx);
return srtp_err_status_algo_fail;
}
if (rstat == srtp_err_status_replay_old) {
return srtp_err_status_ok;
}
if (srtp_rdbx_add_index(rdbx, delta) != srtp_err_status_ok) {
printf("rdbx_add_index failed at index %u\n", idx);
return srtp_err_status_algo_fail;
}
return srtp_err_status_ok;
}
srtp_err_status_t test_replay_dbx(int num_trials, unsigned long ws)
{
srtp_rdbx_t rdbx;
uint32_t idx, ircvd;
ut_connection utc;
srtp_err_status_t status;
int num_fp_trials;
status = srtp_rdbx_init(&rdbx, ws);
if (status) {
printf("replay_init failed with error code %d\n", status);
exit(1);
}
/*
* test sequential insertion
*/
printf("\ttesting sequential insertion...");
for (idx = 0; (int)idx < num_trials; idx++) {
status = rdbx_check_add(&rdbx, idx);
if (status)
return status;
}
printf("passed\n");
/*
* test for false positives by checking all of the index
* values which we've just added
*
* note that we limit the number of trials here, since allowing the
* rollover counter to roll over would defeat this test
*/
num_fp_trials = num_trials % 0x10000;
if (num_fp_trials == 0) {
printf("warning: no false positive tests performed\n");
}
printf("\ttesting for false positives...");
for (idx = 0; (int)idx < num_fp_trials; idx++) {
status = rdbx_check_expect_failure(&rdbx, idx);
if (status)
return status;
}
printf("passed\n");
/* re-initialize */
srtp_rdbx_dealloc(&rdbx);
if (srtp_rdbx_init(&rdbx, ws) != srtp_err_status_ok) {
printf("replay_init failed\n");
return srtp_err_status_init_fail;
}
/*
* test non-sequential insertion
*
* this test covers only fase negatives, since the values returned
* by ut_next_index(...) are distinct
*/
ut_init(&utc);
printf("\ttesting non-sequential insertion...");
for (idx = 0; (int)idx < num_trials; idx++) {
ircvd = ut_next_index(&utc);
status = rdbx_check_add_unordered(&rdbx, ircvd);
if (status)
return status;
status = rdbx_check_expect_failure(&rdbx, ircvd);
if (status)
return status;
}
printf("passed\n");
/* re-initialize */
srtp_rdbx_dealloc(&rdbx);
if (srtp_rdbx_init(&rdbx, ws) != srtp_err_status_ok) {
printf("replay_init failed\n");
return srtp_err_status_init_fail;
}
/*
* test insertion with large gaps.
* check for false positives for each insertion.
*/
printf("\ttesting insertion with large gaps...");
for (idx = 0, ircvd = 0; (int)idx < num_trials;
idx++, ircvd += (1 << (srtp_cipher_rand_u32_for_tests() % 12))) {
status = rdbx_check_add(&rdbx, ircvd);
if (status)
return status;
status = rdbx_check_expect_failure(&rdbx, ircvd);
if (status)
return status;
}
printf("passed\n");
srtp_rdbx_dealloc(&rdbx);
return srtp_err_status_ok;
}
#include <time.h> /* for clock() */
double rdbx_check_adds_per_second(int num_trials, unsigned long ws)
{
uint32_t i;
int delta;
srtp_rdbx_t rdbx;
srtp_xtd_seq_num_t est;
clock_t timer;
int failures; /* count number of failures */
if (srtp_rdbx_init(&rdbx, ws) != srtp_err_status_ok) {
printf("replay_init failed\n");
exit(1);
}
failures = 0;
timer = clock();
for (i = 0; (int)i < num_trials; i++) {
delta = srtp_index_guess(&rdbx.index, &est, i);
if (srtp_rdbx_check(&rdbx, delta) != srtp_err_status_ok)
++failures;
else if (srtp_rdbx_add_index(&rdbx, delta) != srtp_err_status_ok)
++failures;
}
timer = clock() - timer;
if (timer < 1) {
timer = 1;
}
printf("number of failures: %d \n", failures);
srtp_rdbx_dealloc(&rdbx);
return (double)CLOCKS_PER_SEC * num_trials / timer;
}

285
trunk/3rdparty/libsrtp-2-fit/test/replay_driver.c vendored Normal file
View file

@ -0,0 +1,285 @@
/*
* replay_driver.c
*
* A driver for the replay_database implementation
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
#include "rdb.h"
#include "ut_sim.h"
#include "cipher_priv.h"
/*
* num_trials defines the number of trials that are used in the
* validation functions below
*/
unsigned num_trials = 1 << 16;
srtp_err_status_t test_rdb_db(void);
double rdb_check_adds_per_second(void);
int main(void)
{
srtp_err_status_t err;
printf("testing anti-replay database (srtp_rdb_t)...\n");
err = test_rdb_db();
if (err) {
printf("failed\n");
exit(1);
}
printf("done\n");
printf("rdb_check/rdb_adds per second: %e\n", rdb_check_adds_per_second());
return 0;
}
void print_rdb(srtp_rdb_t *rdb)
{
printf("rdb: {%u, %s}\n", rdb->window_start,
v128_bit_string(&rdb->bitmask));
}
srtp_err_status_t rdb_check_add(srtp_rdb_t *rdb, uint32_t idx)
{
if (srtp_rdb_check(rdb, idx) != srtp_err_status_ok) {
printf("rdb_check failed at index %u\n", idx);
return srtp_err_status_fail;
}
if (srtp_rdb_add_index(rdb, idx) != srtp_err_status_ok) {
printf("rdb_add_index failed at index %u\n", idx);
return srtp_err_status_fail;
}
return srtp_err_status_ok;
}
srtp_err_status_t rdb_check_expect_failure(srtp_rdb_t *rdb, uint32_t idx)
{
srtp_err_status_t err;
err = srtp_rdb_check(rdb, idx);
if ((err != srtp_err_status_replay_old) &&
(err != srtp_err_status_replay_fail)) {
printf("rdb_check failed at index %u (false positive)\n", idx);
return srtp_err_status_fail;
}
return srtp_err_status_ok;
}
srtp_err_status_t rdb_check_add_unordered(srtp_rdb_t *rdb, uint32_t idx)
{
srtp_err_status_t rstat;
/* printf("index: %u\n", idx); */
rstat = srtp_rdb_check(rdb, idx);
if ((rstat != srtp_err_status_ok) &&
(rstat != srtp_err_status_replay_old)) {
printf("rdb_check_add_unordered failed at index %u\n", idx);
return rstat;
}
if (rstat == srtp_err_status_replay_old) {
return srtp_err_status_ok;
}
if (srtp_rdb_add_index(rdb, idx) != srtp_err_status_ok) {
printf("rdb_add_index failed at index %u\n", idx);
return srtp_err_status_fail;
}
return srtp_err_status_ok;
}
srtp_err_status_t test_rdb_db()
{
srtp_rdb_t rdb;
uint32_t idx, ircvd;
ut_connection utc;
srtp_err_status_t err;
if (srtp_rdb_init(&rdb) != srtp_err_status_ok) {
printf("rdb_init failed\n");
return srtp_err_status_init_fail;
}
/* test sequential insertion */
for (idx = 0; idx < num_trials; idx++) {
err = rdb_check_add(&rdb, idx);
if (err)
return err;
}
/* test for false positives */
for (idx = 0; idx < num_trials; idx++) {
err = rdb_check_expect_failure(&rdb, idx);
if (err)
return err;
}
/* re-initialize */
if (srtp_rdb_init(&rdb) != srtp_err_status_ok) {
printf("rdb_init failed\n");
return srtp_err_status_fail;
}
/* test non-sequential insertion */
ut_init(&utc);
for (idx = 0; idx < num_trials; idx++) {
ircvd = ut_next_index(&utc);
err = rdb_check_add_unordered(&rdb, ircvd);
if (err)
return err;
err = rdb_check_expect_failure(&rdb, ircvd);
if (err)
return err;
}
/* re-initialize */
if (srtp_rdb_init(&rdb) != srtp_err_status_ok) {
printf("rdb_init failed\n");
return srtp_err_status_fail;
}
/* test insertion with large gaps */
for (idx = 0, ircvd = 0; idx < num_trials;
idx++, ircvd += (1 << (srtp_cipher_rand_u32_for_tests() % 10))) {
err = rdb_check_add(&rdb, ircvd);
if (err)
return err;
err = rdb_check_expect_failure(&rdb, ircvd);
if (err)
return err;
}
/* re-initialize */
if (srtp_rdb_init(&rdb) != srtp_err_status_ok) {
printf("rdb_init failed\n");
return srtp_err_status_fail;
}
/* test loss of first 513 packets */
for (idx = 0; idx < num_trials; idx++) {
err = rdb_check_add(&rdb, idx + 513);
if (err)
return err;
}
/* test for false positives */
for (idx = 0; idx < num_trials + 513; idx++) {
err = rdb_check_expect_failure(&rdb, idx);
if (err)
return err;
}
/* test for key expired */
if (srtp_rdb_init(&rdb) != srtp_err_status_ok) {
printf("rdb_init failed\n");
return srtp_err_status_fail;
}
rdb.window_start = 0x7ffffffe;
if (srtp_rdb_increment(&rdb) != srtp_err_status_ok) {
printf("srtp_rdb_increment of 0x7ffffffe failed\n");
return srtp_err_status_fail;
}
if (srtp_rdb_get_value(&rdb) != 0x7fffffff) {
printf("rdb valiue was not 0x7fffffff\n");
return srtp_err_status_fail;
}
if (srtp_rdb_increment(&rdb) != srtp_err_status_key_expired) {
printf("srtp_rdb_increment of 0x7fffffff did not return "
"srtp_err_status_key_expired\n");
return srtp_err_status_fail;
}
if (srtp_rdb_get_value(&rdb) != 0x7fffffff) {
printf("rdb valiue was not 0x7fffffff\n");
return srtp_err_status_fail;
}
return srtp_err_status_ok;
}
#include <time.h> /* for clock() */
#include <stdlib.h> /* for random() */
#define REPLAY_NUM_TRIALS 10000000
double rdb_check_adds_per_second(void)
{
uint32_t i;
srtp_rdb_t rdb;
clock_t timer;
int failures = 0; /* count number of failures */
if (srtp_rdb_init(&rdb) != srtp_err_status_ok) {
printf("rdb_init failed\n");
exit(1);
}
timer = clock();
for (i = 0; i < REPLAY_NUM_TRIALS; i += 3) {
if (srtp_rdb_check(&rdb, i + 2) != srtp_err_status_ok)
++failures;
if (srtp_rdb_add_index(&rdb, i + 2) != srtp_err_status_ok)
++failures;
if (srtp_rdb_check(&rdb, i + 1) != srtp_err_status_ok)
++failures;
if (srtp_rdb_add_index(&rdb, i + 1) != srtp_err_status_ok)
++failures;
if (srtp_rdb_check(&rdb, i) != srtp_err_status_ok)
++failures;
if (srtp_rdb_add_index(&rdb, i) != srtp_err_status_ok)
++failures;
}
timer = clock() - timer;
return (double)CLOCKS_PER_SEC * REPLAY_NUM_TRIALS / timer;
}

170
trunk/3rdparty/libsrtp-2-fit/test/roc_driver.c vendored Normal file
View file

@ -0,0 +1,170 @@
/*
* roc_driver.c
*
* test driver for rollover counter replay implementation
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include <stdio.h>
/*
* defining ROC_TEST causes small datatypes to be used in
* srtp_xtd_seq_num_t - this allows the functions to be exhaustively tested.
*/
#if ROC_NEEDS_TO_BE_TESTED
#define ROC_TEST
#endif
#include "rdbx.h"
#include "ut_sim.h"
srtp_err_status_t roc_test(int num_trials);
int main(void)
{
srtp_err_status_t status;
printf("rollover counter test driver\n"
"David A. McGrew\n"
"Cisco Systems, Inc.\n");
printf("testing index functions...");
status = roc_test(1 << 18);
if (status) {
printf("failed\n");
exit(status);
}
printf("passed\n");
return 0;
}
#define ROC_VERBOSE 0
srtp_err_status_t roc_test(int num_trials)
{
srtp_xtd_seq_num_t local, est, ref;
ut_connection utc;
int i, num_bad_est = 0;
int delta;
uint32_t ircvd;
double failure_rate;
srtp_index_init(&local);
srtp_index_init(&ref);
srtp_index_init(&est);
printf("\n\ttesting sequential insertion...");
for (i = 0; i < 2048; i++) {
srtp_index_guess(&local, &est, (uint16_t)ref);
#if ROC_VERBOSE
printf("%lld, %lld, %d\n", ref, est, i);
#endif
if (ref != est) {
#if ROC_VERBOSE
printf(" *bad estimate*\n");
#endif
++num_bad_est;
}
srtp_index_advance(&ref, 1);
}
failure_rate = (double)num_bad_est / num_trials;
if (failure_rate > 0.01) {
printf("error: failure rate too high (%d bad estimates in %d trials)\n",
num_bad_est, num_trials);
return srtp_err_status_algo_fail;
}
printf("done\n");
printf("\ttesting non-sequential insertion...");
srtp_index_init(&local);
srtp_index_init(&ref);
srtp_index_init(&est);
ut_init(&utc);
for (i = 0; i < num_trials; i++) {
/* get next seq num from unreliable transport simulator */
ircvd = ut_next_index(&utc);
/* set ref to value of ircvd */
ref = ircvd;
/* estimate index based on low bits of ircvd */
delta = srtp_index_guess(&local, &est, (uint16_t)ref);
#if ROC_VERBOSE
printf("ref: %lld, local: %lld, est: %lld, ircvd: %d, delta: %d\n", ref,
local, est, ircvd, delta);
#endif
if (local + delta != est) {
printf(" *bad delta*: local %llu + delta %d != est %llu\n",
(unsigned long long)local, delta, (unsigned long long)est);
return srtp_err_status_algo_fail;
}
/* now update local srtp_xtd_seq_num_t as necessary */
if (delta > 0)
srtp_index_advance(&local, delta);
if (ref != est) {
#if ROC_VERBOSE
printf(" *bad estimate*\n");
#endif
/* record failure event */
++num_bad_est;
/* reset local value to correct value */
local = ref;
}
}
failure_rate = (double)num_bad_est / num_trials;
if (failure_rate > 0.01) {
printf("error: failure rate too high (%d bad estimates in %d trials)\n",
num_bad_est, num_trials);
return srtp_err_status_algo_fail;
}
printf("done\n");
return srtp_err_status_ok;
}

229
trunk/3rdparty/libsrtp-2-fit/test/rtp.c vendored Normal file
View file

@ -0,0 +1,229 @@
/*
* rtp.c
*
* library functions for the real-time transport protocol
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include "rtp.h"
#include <stdio.h>
#include <string.h>
#include <sys/types.h>
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#include "cipher_priv.h"
#define PRINT_DEBUG 0 /* set to 1 to print out debugging data */
#define VERBOSE_DEBUG 0 /* set to 1 to print out more data */
int rtp_sendto(rtp_sender_t sender, const void *msg, int len)
{
int octets_sent;
srtp_err_status_t stat;
int pkt_len = len + RTP_HEADER_LEN;
/* marshal data */
strncpy(sender->message.body, msg, len);
/* update header */
sender->message.header.seq = ntohs(sender->message.header.seq) + 1;
sender->message.header.seq = htons(sender->message.header.seq);
sender->message.header.ts = ntohl(sender->message.header.ts) + 1;
sender->message.header.ts = htonl(sender->message.header.ts);
/* apply srtp */
stat = srtp_protect(sender->srtp_ctx, &sender->message.header, &pkt_len);
if (stat) {
#if PRINT_DEBUG
fprintf(stderr, "error: srtp protection failed with code %d\n", stat);
#endif
return -1;
}
#if VERBOSE_DEBUG
srtp_print_packet(&sender->message.header, pkt_len);
#endif
octets_sent =
sendto(sender->socket, (void *)&sender->message, pkt_len, 0,
(struct sockaddr *)&sender->addr, sizeof(struct sockaddr_in));
if (octets_sent != pkt_len) {
#if PRINT_DEBUG
fprintf(stderr, "error: couldn't send message %s", (char *)msg);
perror("");
#endif
}
return octets_sent;
}
int rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len)
{
int octets_recvd;
srtp_err_status_t stat;
octets_recvd = recvfrom(receiver->socket, (void *)&receiver->message, *len,
0, (struct sockaddr *)NULL, 0);
if (octets_recvd == -1) {
*len = 0;
return -1;
}
/* verify rtp header */
if (receiver->message.header.version != 2) {
*len = 0;
return -1;
}
#if PRINT_DEBUG
fprintf(stderr, "%d octets received from SSRC %u\n", octets_recvd,
receiver->message.header.ssrc);
#endif
#if VERBOSE_DEBUG
srtp_print_packet(&receiver->message.header, octets_recvd);
#endif
/* apply srtp */
stat = srtp_unprotect(receiver->srtp_ctx, &receiver->message.header,
&octets_recvd);
if (stat) {
fprintf(stderr, "error: srtp unprotection failed with code %d%s\n",
stat,
stat == srtp_err_status_replay_fail
? " (replay check failed)"
: stat == srtp_err_status_auth_fail ? " (auth check failed)"
: "");
return -1;
}
strncpy(msg, receiver->message.body, octets_recvd);
return octets_recvd;
}
int rtp_sender_init(rtp_sender_t sender,
int sock,
struct sockaddr_in addr,
unsigned int ssrc)
{
/* set header values */
sender->message.header.ssrc = htonl(ssrc);
sender->message.header.ts = 0;
sender->message.header.seq = (uint16_t)srtp_cipher_rand_u32_for_tests();
sender->message.header.m = 0;
sender->message.header.pt = 0x1;
sender->message.header.version = 2;
sender->message.header.p = 0;
sender->message.header.x = 0;
sender->message.header.cc = 0;
/* set other stuff */
sender->socket = sock;
sender->addr = addr;
return 0;
}
int rtp_receiver_init(rtp_receiver_t rcvr,
int sock,
struct sockaddr_in addr,
unsigned int ssrc)
{
/* set header values */
rcvr->message.header.ssrc = htonl(ssrc);
rcvr->message.header.ts = 0;
rcvr->message.header.seq = 0;
rcvr->message.header.m = 0;
rcvr->message.header.pt = 0x1;
rcvr->message.header.version = 2;
rcvr->message.header.p = 0;
rcvr->message.header.x = 0;
rcvr->message.header.cc = 0;
/* set other stuff */
rcvr->socket = sock;
rcvr->addr = addr;
return 0;
}
int rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy)
{
return srtp_create(&sender->srtp_ctx, policy);
}
int rtp_sender_deinit_srtp(rtp_sender_t sender)
{
return srtp_dealloc(sender->srtp_ctx);
}
int rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy)
{
return srtp_create(&sender->srtp_ctx, policy);
}
int rtp_receiver_deinit_srtp(rtp_receiver_t sender)
{
return srtp_dealloc(sender->srtp_ctx);
}
rtp_sender_t rtp_sender_alloc(void)
{
return (rtp_sender_t)malloc(sizeof(rtp_sender_ctx_t));
}
void rtp_sender_dealloc(rtp_sender_t rtp_ctx)
{
free(rtp_ctx);
}
rtp_receiver_t rtp_receiver_alloc(void)
{
return (rtp_receiver_t)malloc(sizeof(rtp_receiver_ctx_t));
}
void rtp_receiver_dealloc(rtp_receiver_t rtp_ctx)
{
free(rtp_ctx);
}

155
trunk/3rdparty/libsrtp-2-fit/test/rtp.h vendored Normal file
View file

@ -0,0 +1,155 @@
/*
* rtp.h
*
* rtp interface for srtp reference implementation
*
* David A. McGrew
* Cisco Systems, Inc.
*
* data types:
*
* rtp_msg_t an rtp message (the data that goes on the wire)
* rtp_sender_t sender side socket and rtp info
* rtp_receiver_t receiver side socket and rtp info
*
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef SRTP_RTP_H
#define SRTP_RTP_H
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#elif defined HAVE_WINSOCK2_H
#include <winsock2.h>
#endif
#include "srtp_priv.h"
#ifdef __cplusplus
extern "C" {
#endif
/*
* RTP_HEADER_LEN indicates the size of an RTP header
*/
#define RTP_HEADER_LEN 12
/*
* RTP_MAX_BUF_LEN defines the largest RTP packet in the rtp.c implementation
*/
#define RTP_MAX_BUF_LEN 16384
typedef srtp_hdr_t rtp_hdr_t;
typedef struct {
srtp_hdr_t header;
char body[RTP_MAX_BUF_LEN];
} rtp_msg_t;
typedef struct rtp_sender_ctx_t {
rtp_msg_t message;
int socket;
srtp_ctx_t *srtp_ctx;
struct sockaddr_in addr; /* reciever's address */
} rtp_sender_ctx_t;
typedef struct rtp_receiver_ctx_t {
rtp_msg_t message;
int socket;
srtp_ctx_t *srtp_ctx;
struct sockaddr_in addr; /* receiver's address */
} rtp_receiver_ctx_t;
typedef struct rtp_sender_ctx_t *rtp_sender_t;
typedef struct rtp_receiver_ctx_t *rtp_receiver_t;
int rtp_sendto(rtp_sender_t sender, const void *msg, int len);
int rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len);
int rtp_receiver_init(rtp_receiver_t rcvr,
int sock,
struct sockaddr_in addr,
unsigned int ssrc);
int rtp_sender_init(rtp_sender_t sender,
int sock,
struct sockaddr_in addr,
unsigned int ssrc);
/*
* srtp_sender_init(...) initializes an rtp_sender_t
*/
int srtp_sender_init(
rtp_sender_t rtp_ctx, /* structure to be init'ed */
struct sockaddr_in name, /* socket name */
srtp_sec_serv_t security_services, /* sec. servs. to be used */
unsigned char *input_key /* master key/salt in hex */
);
int srtp_receiver_init(
rtp_receiver_t rtp_ctx, /* structure to be init'ed */
struct sockaddr_in name, /* socket name */
srtp_sec_serv_t security_services, /* sec. servs. to be used */
unsigned char *input_key /* master key/salt in hex */
);
int rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy);
int rtp_sender_deinit_srtp(rtp_sender_t sender);
int rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy);
int rtp_receiver_deinit_srtp(rtp_receiver_t sender);
rtp_sender_t rtp_sender_alloc(void);
void rtp_sender_dealloc(rtp_sender_t rtp_ctx);
rtp_receiver_t rtp_receiver_alloc(void);
void rtp_receiver_dealloc(rtp_receiver_t rtp_ctx);
#ifdef __cplusplus
}
#endif
#endif /* SRTP_RTP_H */

785
trunk/3rdparty/libsrtp-2-fit/test/rtp_decoder.c vendored Normal file
View file

@ -0,0 +1,785 @@
/*
* rtp_decoder.c
*
* decoder structures and functions for SRTP pcap decoder
*
* Example:
* $ wget --no-check-certificate \
* https://raw.githubusercontent.com/gteissier/srtp-decrypt/master/marseillaise-srtp.pcap
* $ ./test/rtp_decoder -a -t 10 -e 128 -b \
* aSBrbm93IGFsbCB5b3VyIGxpdHRsZSBzZWNyZXRz \
* < ~/marseillaise-srtp.pcap \
* | text2pcap -t "%M:%S." -u 10000,10000 - - \
* > ./marseillaise-rtp.pcap
*
* There is also a different way of setting up key size and tag size
* based upon RFC 4568 crypto suite specification, i.e.:
*
* $ ./test/rtp_decoder -s AES_CM_128_HMAC_SHA1_80 -b \
* aSBrbm93IGFsbCB5b3VyIGxpdHRsZSBzZWNyZXRz ...
*
* Audio can be extracted using extractaudio utility from the RTPproxy
* package:
*
* $ extractaudio -A ./marseillaise-rtp.pcap ./marseillaise-out.wav
*
* Bernardo Torres <bernardo@torresautomacao.com.br>
*
* Some structure and code from https://github.com/gteissier/srtp-decrypt
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#include "getopt_s.h" /* for local getopt() */
#include <assert.h> /* for assert() */
#include <pcap.h>
#include "rtp_decoder.h"
#include "util.h"
#ifndef timersub
#define timersub(a, b, result) \
do { \
(result)->tv_sec = (a)->tv_sec - (b)->tv_sec; \
(result)->tv_usec = (a)->tv_usec - (b)->tv_usec; \
if ((result)->tv_usec < 0) { \
--(result)->tv_sec; \
(result)->tv_usec += 1000000; \
} \
} while (0)
#endif
#define MAX_KEY_LEN 96
#define MAX_FILTER 256
#define MAX_FILE 255
struct srtp_crypto_suite {
const char *can_name;
int gcm_on;
int key_size;
int tag_size;
};
static struct srtp_crypto_suite srtp_crypto_suites[] = {
#if 0
{.can_name = "F8_128_HMAC_SHA1_32", .gcm_on = 0, .key_size = 128, .tag_size = 4},
#endif
{.can_name = "AES_CM_128_HMAC_SHA1_32",
.gcm_on = 0,
.key_size = 128,
.tag_size = 4 },
{.can_name = "AES_CM_128_HMAC_SHA1_80",
.gcm_on = 0,
.key_size = 128,
.tag_size = 10 },
{.can_name = "AES_192_CM_HMAC_SHA1_32",
.gcm_on = 0,
.key_size = 192,
.tag_size = 4 },
{.can_name = "AES_192_CM_HMAC_SHA1_80",
.gcm_on = 0,
.key_size = 192,
.tag_size = 10 },
{.can_name = "AES_256_CM_HMAC_SHA1_32",
.gcm_on = 0,
.key_size = 256,
.tag_size = 4 },
{.can_name = "AES_256_CM_HMAC_SHA1_80",
.gcm_on = 0,
.key_size = 256,
.tag_size = 10 },
{.can_name = "AEAD_AES_128_GCM",
.gcm_on = 1,
.key_size = 128,
.tag_size = 16 },
{.can_name = "AEAD_AES_256_GCM",
.gcm_on = 1,
.key_size = 256,
.tag_size = 16 },
{.can_name = NULL }
};
void rtp_decoder_srtp_log_handler(srtp_log_level_t level,
const char *msg,
void *data)
{
char level_char = '?';
switch (level) {
case srtp_log_level_error:
level_char = 'e';
break;
case srtp_log_level_warning:
level_char = 'w';
break;
case srtp_log_level_info:
level_char = 'i';
break;
case srtp_log_level_debug:
level_char = 'd';
break;
}
fprintf(stderr, "SRTP-LOG [%c]: %s\n", level_char, msg);
}
int main(int argc, char *argv[])
{
char errbuf[PCAP_ERRBUF_SIZE];
bpf_u_int32 pcap_net = 0;
pcap_t *pcap_handle;
#if BEW
struct sockaddr_in local;
#endif
srtp_sec_serv_t sec_servs = sec_serv_none;
int c;
struct srtp_crypto_suite scs, *i_scsp;
scs.key_size = 128;
scs.tag_size = 0;
int gcm_on = 0;
char *input_key = NULL;
int b64_input = 0;
char key[MAX_KEY_LEN];
struct bpf_program fp;
char filter_exp[MAX_FILTER] = "";
char pcap_file[MAX_FILE] = "-";
int rtp_packet_offset = DEFAULT_RTP_OFFSET;
rtp_decoder_t dec;
srtp_policy_t policy = { { 0 } };
rtp_decoder_mode_t mode = mode_rtp;
srtp_err_status_t status;
int len;
int expected_len;
int do_list_mods = 0;
fprintf(stderr, "Using %s [0x%x]\n", srtp_get_version_string(),
srtp_get_version());
/* initialize srtp library */
status = srtp_init();
if (status) {
fprintf(stderr,
"error: srtp initialization failed with error code %d\n",
status);
exit(1);
}
status = srtp_install_log_handler(rtp_decoder_srtp_log_handler, NULL);
if (status) {
fprintf(stderr, "error: install log handler failed\n");
exit(1);
}
/* check args */
while (1) {
c = getopt_s(argc, argv, "b:k:gt:ae:ld:f:s:m:p:o:");
if (c == -1) {
break;
}
switch (c) {
case 'b':
b64_input = 1;
/* fall thru */
case 'k':
input_key = optarg_s;
break;
case 'e':
scs.key_size = atoi(optarg_s);
if (scs.key_size != 128 && scs.key_size != 192 &&
scs.key_size != 256) {
fprintf(
stderr,
"error: encryption key size must be 128, 192 or 256 (%d)\n",
scs.key_size);
exit(1);
}
input_key = malloc(scs.key_size);
sec_servs |= sec_serv_conf;
break;
case 't':
scs.tag_size = atoi(optarg_s);
break;
case 'a':
sec_servs |= sec_serv_auth;
break;
case 'g':
gcm_on = 1;
sec_servs |= sec_serv_auth;
break;
case 'd':
status = srtp_set_debug_module(optarg_s, 1);
if (status) {
fprintf(stderr, "error: set debug module (%s) failed\n",
optarg_s);
exit(1);
}
break;
case 'f':
if (strlen(optarg_s) > MAX_FILTER) {
fprintf(stderr, "error: filter bigger than %d characters\n",
MAX_FILTER);
exit(1);
}
fprintf(stderr, "Setting filter as %s\n", optarg_s);
strcpy(filter_exp, optarg_s);
break;
case 'l':
do_list_mods = 1;
break;
case 's':
for (i_scsp = &srtp_crypto_suites[0]; i_scsp->can_name != NULL;
i_scsp++) {
if (strcasecmp(i_scsp->can_name, optarg_s) == 0) {
break;
}
}
if (i_scsp->can_name == NULL) {
fprintf(stderr, "Unknown/unsupported crypto suite name %s\n",
optarg_s);
exit(1);
}
scs = *i_scsp;
input_key = malloc(scs.key_size);
sec_servs |= sec_serv_conf | sec_serv_auth;
gcm_on = scs.gcm_on;
break;
case 'm':
if (strcasecmp("rtp", optarg_s) == 0) {
mode = mode_rtp;
} else if (strcasecmp("rtcp", optarg_s) == 0) {
mode = mode_rtcp;
} else if (strcasecmp("rtcp-mux", optarg_s) == 0) {
mode = mode_rtcp_mux;
} else {
fprintf(stderr, "Unknown/unsupported mode %s\n", optarg_s);
exit(1);
}
break;
case 'p':
if (strlen(optarg_s) > MAX_FILE) {
fprintf(stderr,
"error: pcap file path bigger than %d characters\n",
MAX_FILE);
exit(1);
}
strcpy(pcap_file, optarg_s);
break;
case 'o':
rtp_packet_offset = atoi(optarg_s);
break;
default:
usage(argv[0]);
}
}
if (scs.tag_size == 0) {
if (gcm_on) {
scs.tag_size = 16;
} else {
scs.tag_size = 10;
}
}
if (gcm_on && scs.tag_size != 8 && scs.tag_size != 16) {
fprintf(stderr, "error: GCM tag size must be 8 or 16 (%d)\n",
scs.tag_size);
exit(1);
}
if (!gcm_on && scs.tag_size != 4 && scs.tag_size != 10) {
fprintf(stderr, "error: non GCM tag size must be 4 or 10 (%d)\n",
scs.tag_size);
exit(1);
}
if (do_list_mods) {
status = srtp_list_debug_modules();
if (status) {
fprintf(stderr, "error: list of debug modules failed\n");
exit(1);
}
return 0;
}
if ((sec_servs && !input_key) || (!sec_servs && input_key)) {
/*
* a key must be provided if and only if security services have
* been requested
*/
if (input_key == NULL) {
fprintf(stderr, "key not provided\n");
}
if (!sec_servs) {
fprintf(stderr, "no secservs\n");
}
fprintf(stderr, "provided\n");
usage(argv[0]);
}
/* report security services selected on the command line */
fprintf(stderr, "security services: ");
if (sec_servs & sec_serv_conf)
fprintf(stderr, "confidentiality ");
if (sec_servs & sec_serv_auth)
fprintf(stderr, "message authentication");
if (sec_servs == sec_serv_none)
fprintf(stderr, "none");
fprintf(stderr, "\n");
/* set up the srtp policy and master key */
if (sec_servs) {
/*
* create policy structure, using the default mechanisms but
* with only the security services requested on the command line,
* using the right SSRC value
*/
switch (sec_servs) {
case sec_serv_conf_and_auth:
if (gcm_on) {
#ifdef OPENSSL
switch (scs.key_size) {
case 128:
if (scs.tag_size == 16) {
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_16_auth(
&policy.rtcp);
} else {
srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp);
}
break;
case 256:
if (scs.tag_size == 16) {
srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_256_16_auth(
&policy.rtcp);
} else {
srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtcp);
}
break;
}
#else
fprintf(stderr, "error: GCM mode only supported when using the "
"OpenSSL crypto engine.\n");
return 0;
#endif
} else {
switch (scs.key_size) {
case 128:
if (scs.tag_size == 4) {
srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(
&policy.rtp);
srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(
&policy.rtcp);
} else {
srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(
&policy.rtp);
srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(
&policy.rtcp);
}
break;
case 192:
#ifdef OPENSSL
if (scs.tag_size == 4) {
srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32(
&policy.rtp);
srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80(
&policy.rtcp);
} else {
srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80(
&policy.rtp);
srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80(
&policy.rtcp);
}
#else
fprintf(stderr,
"error: AES 192 mode only supported when using the "
"OpenSSL crypto engine.\n");
return 0;
#endif
break;
case 256:
if (scs.tag_size == 4) {
srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32(
&policy.rtp);
srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(
&policy.rtcp);
} else {
srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(
&policy.rtp);
srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(
&policy.rtcp);
}
break;
}
}
break;
case sec_serv_conf:
if (gcm_on) {
fprintf(
stderr,
"error: GCM mode must always be used with auth enabled\n");
return -1;
} else {
switch (scs.key_size) {
case 128:
srtp_crypto_policy_set_aes_cm_128_null_auth(&policy.rtp);
srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(
&policy.rtcp);
break;
case 192:
#ifdef OPENSSL
srtp_crypto_policy_set_aes_cm_192_null_auth(&policy.rtp);
srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80(
&policy.rtcp);
#else
fprintf(stderr,
"error: AES 192 mode only supported when using the "
"OpenSSL crypto engine.\n");
return 0;
#endif
break;
case 256:
srtp_crypto_policy_set_aes_cm_256_null_auth(&policy.rtp);
srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(
&policy.rtcp);
break;
}
}
break;
case sec_serv_auth:
if (gcm_on) {
#ifdef OPENSSL
switch (scs.key_size) {
case 128:
srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_8_only_auth(
&policy.rtcp);
break;
case 256:
srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_256_8_only_auth(
&policy.rtcp);
break;
}
#else
printf("error: GCM mode only supported when using the OpenSSL "
"crypto engine.\n");
return 0;
#endif
} else {
srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&policy.rtp);
srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
}
break;
default:
fprintf(stderr, "error: unknown security service requested\n");
return -1;
}
policy.key = (uint8_t *)key;
policy.ekt = NULL;
policy.next = NULL;
policy.window_size = 128;
policy.allow_repeat_tx = 0;
policy.rtp.sec_serv = sec_servs;
policy.rtcp.sec_serv =
sec_servs; // sec_serv_none; /* we don't do RTCP anyway */
fprintf(stderr, "setting tag len %d\n", scs.tag_size);
policy.rtp.auth_tag_len = scs.tag_size;
if (gcm_on && scs.tag_size != 8) {
fprintf(stderr, "set tag len %d\n", scs.tag_size);
policy.rtp.auth_tag_len = scs.tag_size;
}
/*
* read key from hexadecimal or base64 on command line into an octet
* string
*/
if (b64_input) {
int pad;
expected_len = policy.rtp.cipher_key_len * 4 / 3;
len = base64_string_to_octet_string(key, &pad, input_key,
strlen(input_key));
} else {
expected_len = policy.rtp.cipher_key_len * 2;
len = hex_string_to_octet_string(key, input_key, expected_len);
}
/* check that hex string is the right length */
if (len < expected_len) {
fprintf(stderr, "error: too few digits in key/salt "
"(should be %d digits, found %d)\n",
expected_len, len);
exit(1);
}
if (strlen(input_key) > policy.rtp.cipher_key_len * 2) {
fprintf(stderr, "error: too many digits in key/salt "
"(should be %d hexadecimal digits, found %u)\n",
policy.rtp.cipher_key_len * 2, (unsigned)strlen(input_key));
exit(1);
}
int key_octets = (scs.key_size / 8);
int salt_octets = policy.rtp.cipher_key_len - key_octets;
fprintf(stderr, "set master key/salt to %s/",
octet_string_hex_string(key, key_octets));
fprintf(stderr, "%s\n",
octet_string_hex_string(key + key_octets, salt_octets));
} else {
fprintf(stderr,
"error: neither encryption or authentication were selected\n");
exit(1);
}
pcap_handle = pcap_open_offline(pcap_file, errbuf);
if (!pcap_handle) {
fprintf(stderr, "libpcap failed to open file '%s'\n", errbuf);
exit(1);
}
assert(pcap_handle != NULL);
if ((pcap_compile(pcap_handle, &fp, filter_exp, 1, pcap_net)) == -1) {
fprintf(stderr, "Couldn't parse filter %s: %s\n", filter_exp,
pcap_geterr(pcap_handle));
return (2);
}
if (pcap_setfilter(pcap_handle, &fp) == -1) {
fprintf(stderr, "couldn't install filter %s: %s\n", filter_exp,
pcap_geterr(pcap_handle));
return (2);
}
dec = rtp_decoder_alloc();
if (dec == NULL) {
fprintf(stderr, "error: malloc() failed\n");
exit(1);
}
fprintf(stderr, "Starting decoder\n");
if (rtp_decoder_init(dec, policy, mode, rtp_packet_offset)) {
fprintf(stderr, "error: init failed\n");
exit(1);
}
pcap_loop(pcap_handle, 0, rtp_decoder_handle_pkt, (u_char *)dec);
if (dec->mode == mode_rtp || dec->mode == mode_rtcp_mux) {
fprintf(stderr, "RTP packets decoded: %d\n", dec->rtp_cnt);
}
if (dec->mode == mode_rtcp || dec->mode == mode_rtcp_mux) {
fprintf(stderr, "RTCP packets decoded: %d\n", dec->rtcp_cnt);
}
fprintf(stderr, "Packet decode errors: %d\n", dec->error_cnt);
rtp_decoder_deinit(dec);
rtp_decoder_dealloc(dec);
status = srtp_shutdown();
if (status) {
fprintf(stderr, "error: srtp shutdown failed with error code %d\n",
status);
exit(1);
}
return 0;
}
void usage(char *string)
{
fprintf(
stderr,
"usage: %s [-d <debug>]* [[-k][-b] <key>] [-a][-t][-e] [-s "
"<srtp-crypto-suite>] [-m <mode>]\n"
"or %s -l\n"
"where -a use message authentication\n"
" -e <key size> use encryption (use 128 or 256 for key size)\n"
" -g Use AES-GCM mode (must be used with -e)\n"
" -t <tag size> Tag size to use (in GCM mode use 8 or 16)\n"
" -k <key> sets the srtp master key given in hexadecimal\n"
" -b <key> sets the srtp master key given in base64\n"
" -l list debug modules\n"
" -f \"<pcap filter>\" to filter only the desired SRTP packets\n"
" -d <debug> turn on debugging for module <debug>\n"
" -s \"<srtp-crypto-suite>\" to set both key and tag size based\n"
" on RFC4568-style crypto suite specification\n"
" -m <mode> set the mode to be one of [rtp]|rtcp|rtcp-mux\n"
" -p <pcap file> path to pcap file (defaults to stdin)\n"
" -o byte offset of RTP packet in capture (defaults to 42)\n",
string, string);
exit(1);
}
rtp_decoder_t rtp_decoder_alloc(void)
{
return (rtp_decoder_t)malloc(sizeof(rtp_decoder_ctx_t));
}
void rtp_decoder_dealloc(rtp_decoder_t rtp_ctx)
{
free(rtp_ctx);
}
int rtp_decoder_deinit(rtp_decoder_t decoder)
{
if (decoder->srtp_ctx) {
return srtp_dealloc(decoder->srtp_ctx);
}
return 0;
}
int rtp_decoder_init(rtp_decoder_t dcdr,
srtp_policy_t policy,
rtp_decoder_mode_t mode,
int rtp_packet_offset)
{
dcdr->rtp_offset = rtp_packet_offset;
dcdr->srtp_ctx = NULL;
dcdr->start_tv.tv_usec = 0;
dcdr->start_tv.tv_sec = 0;
dcdr->frame_nr = -1;
dcdr->error_cnt = 0;
dcdr->rtp_cnt = 0;
dcdr->rtcp_cnt = 0;
dcdr->mode = mode;
dcdr->policy = policy;
dcdr->policy.ssrc.type = ssrc_any_inbound;
if (srtp_create(&dcdr->srtp_ctx, &dcdr->policy)) {
return 1;
}
return 0;
}
/*
* decodes key as base64
*/
void hexdump(const void *ptr, size_t size)
{
int i, j;
const unsigned char *cptr = ptr;
for (i = 0; i < size; i += 16) {
fprintf(stdout, "%04x ", i);
for (j = 0; j < 16 && i + j < size; j++) {
fprintf(stdout, "%02x ", cptr[i + j]);
}
fprintf(stdout, "\n");
}
}
void rtp_decoder_handle_pkt(u_char *arg,
const struct pcap_pkthdr *hdr,
const u_char *bytes)
{
rtp_decoder_t dcdr = (rtp_decoder_t)arg;
rtp_msg_t message;
int rtp;
int pktsize;
struct timeval delta;
int octets_recvd;
srtp_err_status_t status;
dcdr->frame_nr++;
if ((dcdr->start_tv.tv_sec == 0) && (dcdr->start_tv.tv_usec == 0)) {
dcdr->start_tv = hdr->ts;
}
if (hdr->caplen < dcdr->rtp_offset) {
return;
}
const void *rtp_packet = bytes + dcdr->rtp_offset;
memcpy((void *)&message, rtp_packet, hdr->caplen - dcdr->rtp_offset);
pktsize = hdr->caplen - dcdr->rtp_offset;
octets_recvd = pktsize;
if (octets_recvd == -1) {
return;
}
if (dcdr->mode == mode_rtp) {
rtp = 1;
} else if (dcdr->mode == mode_rtcp) {
rtp = 0;
} else {
rtp = 1;
if (octets_recvd >= 2) {
/* rfc5761 */
u_char payload_type = *(bytes + dcdr->rtp_offset + 1) & 0x7f;
rtp = payload_type < 64 || payload_type > 95;
}
}
if (rtp) {
/* verify rtp header */
if (message.header.version != 2) {
return;
}
status = srtp_unprotect(dcdr->srtp_ctx, &message, &octets_recvd);
if (status) {
dcdr->error_cnt++;
return;
}
dcdr->rtp_cnt++;
} else {
status = srtp_unprotect_rtcp(dcdr->srtp_ctx, &message, &octets_recvd);
if (status) {
dcdr->error_cnt++;
return;
}
dcdr->rtcp_cnt++;
}
timersub(&hdr->ts, &dcdr->start_tv, &delta);
fprintf(stdout, "%02ld:%02ld.%06ld\n", delta.tv_sec / 60, delta.tv_sec % 60,
(long)delta.tv_usec);
hexdump(&message, octets_recvd);
}
void rtp_print_error(srtp_err_status_t status, char *message)
{
// clang-format off
fprintf(stderr,
"error: %s %d%s\n", message, status,
status == srtp_err_status_replay_fail ? " (replay check failed)" :
status == srtp_err_status_bad_param ? " (bad param)" :
status == srtp_err_status_no_ctx ? " (no context)" :
status == srtp_err_status_cipher_fail ? " (cipher failed)" :
status == srtp_err_status_key_expired ? " (key expired)" :
status == srtp_err_status_auth_fail ? " (auth check failed)" : "");
// clang-format on
}

122
trunk/3rdparty/libsrtp-2-fit/test/rtp_decoder.h vendored Normal file
View file

@ -0,0 +1,122 @@
/*
* rtp_decoder.h
*
* decoder structures and functions for SRTP pcap decoder
*
* Bernardo Torres <bernardo@torresautomacao.com.br>
*
* Some structure and code from https://github.com/gteissier/srtp-decrypt
*
*/
/*
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef RTP_DECODER_H
#define RTP_DECODER_H
#include "srtp_priv.h"
#include "rtp.h"
#define DEFAULT_RTP_OFFSET 42
typedef enum {
mode_rtp = 0,
mode_rtcp,
mode_rtcp_mux,
} rtp_decoder_mode_t;
typedef struct rtp_decoder_ctx_t {
srtp_policy_t policy;
srtp_ctx_t *srtp_ctx;
rtp_decoder_mode_t mode;
int rtp_offset;
struct timeval start_tv;
int frame_nr;
int error_cnt;
int rtp_cnt;
int rtcp_cnt;
} rtp_decoder_ctx_t;
typedef struct rtp_decoder_ctx_t *rtp_decoder_t;
/*
* error to string
*/
void rtp_print_error(srtp_err_status_t status, char *message);
/*
* prints the output of a random buffer in hexadecimal
*/
void hexdump(const void *ptr, size_t size);
/*
* the function usage() prints an error message describing how this
* program should be called, then calls exit()
*/
void usage(char *prog_name);
/*
* transforms base64 key into octet
*/
char *decode_sdes(char *in, char *out);
/*
* pcap handling
*/
void rtp_decoder_handle_pkt(u_char *arg,
const struct pcap_pkthdr *hdr,
const u_char *bytes);
rtp_decoder_t rtp_decoder_alloc(void);
void rtp_decoder_dealloc(rtp_decoder_t rtp_ctx);
int rtp_decoder_init(rtp_decoder_t dcdr,
srtp_policy_t policy,
rtp_decoder_mode_t mode,
int rtp_packet_offset);
int rtp_decoder_deinit(rtp_decoder_t decoder);
void rtp_decoder_srtp_log_handler(srtp_log_level_t level,
const char *msg,
void *data);
void rtp_decoder_srtp_log_handler(srtp_log_level_t level,
const char *msg,
void *data);
#endif /* RTP_DECODER_H */

701
trunk/3rdparty/libsrtp-2-fit/test/rtpw.c vendored Normal file
View file

@ -0,0 +1,701 @@
/*
* rtpw.c
*
* rtp word sender/receiver
*
* David A. McGrew
* Cisco Systems, Inc.
*
* This app is a simple RTP application intended only for testing
* libsrtp. It reads one word at a time from words.txt (or
* whatever file is specified as DICT_FILE or with -w), and sends one word out
* each USEC_RATE microseconds. Secure RTP protections can be
* applied. See the usage() function for more details.
*
*/
/*
*
* Copyright (c) 2001-2017, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "getopt_s.h" /* for local getopt() */
#include <stdio.h> /* for printf, fprintf */
#include <stdlib.h> /* for atoi() */
#include <errno.h>
#include <signal.h> /* for signal() */
#include <string.h> /* for strncpy() */
#include <time.h> /* for usleep() */
#ifdef HAVE_UNISTD_H
#include <unistd.h> /* for close() */
#elif defined(_MSC_VER)
#include <io.h> /* for _close() */
#define close _close
#endif
#ifdef HAVE_SYS_SOCKET_H
#include <sys/socket.h>
#endif
#ifdef HAVE_NETINET_IN_H
#include <netinet/in.h>
#elif defined HAVE_WINSOCK2_H
#include <winsock2.h>
#include <ws2tcpip.h>
#define RTPW_USE_WINSOCK2 1
#endif
#ifdef HAVE_ARPA_INET_H
#include <arpa/inet.h>
#endif
#include "srtp.h"
#include "rtp.h"
#include "util.h"
#define DICT_FILE "words.txt"
#define USEC_RATE (5e5)
#define MAX_WORD_LEN 128
#define ADDR_IS_MULTICAST(a) IN_MULTICAST(htonl(a))
#define MAX_KEY_LEN 96
#ifndef HAVE_USLEEP
#ifdef HAVE_WINDOWS_H
#define usleep(us) Sleep((us) / 1000)
#else
#define usleep(us) sleep((us) / 1000000)
#endif
#endif
/*
* the function usage() prints an error message describing how this
* program should be called, then calls exit()
*/
void usage(char *prog_name);
/*
* leave_group(...) de-registers from a multicast group
*/
void leave_group(int sock, struct ip_mreq mreq, char *name);
/*
* setup_signal_handler() sets up a signal handler to trigger
* cleanups after an interrupt
*/
int setup_signal_handler(char *name);
/*
* handle_signal(...) handles interrupt signal to trigger cleanups
*/
volatile int interrupted = 0;
/*
* program_type distinguishes the [s]rtp sender and receiver cases
*/
typedef enum { sender, receiver, unknown } program_type;
int main(int argc, char *argv[])
{
char *dictfile = DICT_FILE;
FILE *dict;
char word[MAX_WORD_LEN];
int sock, ret;
struct in_addr rcvr_addr;
struct sockaddr_in name;
struct ip_mreq mreq;
#if BEW
struct sockaddr_in local;
#endif
program_type prog_type = unknown;
srtp_sec_serv_t sec_servs = sec_serv_none;
unsigned char ttl = 5;
int c;
int key_size = 128;
int tag_size = 8;
int gcm_on = 0;
char *input_key = NULL;
int b64_input = 0;
char *address = NULL;
char key[MAX_KEY_LEN];
unsigned short port = 0;
rtp_sender_t snd;
srtp_policy_t policy;
srtp_err_status_t status;
int len;
int expected_len;
int do_list_mods = 0;
uint32_t ssrc = 0xdeadbeef; /* ssrc value hardcoded for now */
#ifdef RTPW_USE_WINSOCK2
WORD wVersionRequested = MAKEWORD(2, 0);
WSADATA wsaData;
ret = WSAStartup(wVersionRequested, &wsaData);
if (ret != 0) {
fprintf(stderr, "error: WSAStartup() failed: %d\n", ret);
exit(1);
}
#endif
memset(&policy, 0x0, sizeof(srtp_policy_t));
printf("Using %s [0x%x]\n", srtp_get_version_string(), srtp_get_version());
if (setup_signal_handler(argv[0]) != 0) {
exit(1);
}
/* initialize srtp library */
status = srtp_init();
if (status) {
printf("error: srtp initialization failed with error code %d\n",
status);
exit(1);
}
/* check args */
while (1) {
c = getopt_s(argc, argv, "b:k:rsgt:ae:ld:w:");
if (c == -1) {
break;
}
switch (c) {
case 'b':
b64_input = 1;
/* fall thru */
case 'k':
input_key = optarg_s;
break;
case 'e':
key_size = atoi(optarg_s);
if (key_size != 128 && key_size != 256) {
printf("error: encryption key size must be 128 or 256 (%d)\n",
key_size);
exit(1);
}
sec_servs |= sec_serv_conf;
break;
case 't':
tag_size = atoi(optarg_s);
if (tag_size != 8 && tag_size != 16) {
printf("error: GCM tag size must be 8 or 16 (%d)\n", tag_size);
exit(1);
}
break;
case 'a':
sec_servs |= sec_serv_auth;
break;
case 'g':
gcm_on = 1;
sec_servs |= sec_serv_auth;
break;
case 'r':
prog_type = receiver;
break;
case 's':
prog_type = sender;
break;
case 'd':
status = srtp_set_debug_module(optarg_s, 1);
if (status) {
printf("error: set debug module (%s) failed\n", optarg_s);
exit(1);
}
break;
case 'l':
do_list_mods = 1;
break;
case 'w':
dictfile = optarg_s;
break;
default:
usage(argv[0]);
}
}
if (prog_type == unknown) {
if (do_list_mods) {
status = srtp_list_debug_modules();
if (status) {
printf("error: list of debug modules failed\n");
exit(1);
}
return 0;
} else {
printf("error: neither sender [-s] nor receiver [-r] specified\n");
usage(argv[0]);
}
}
if ((sec_servs && !input_key) || (!sec_servs && input_key)) {
/*
* a key must be provided if and only if security services have
* been requested
*/
usage(argv[0]);
}
if (argc != optind_s + 2) {
/* wrong number of arguments */
usage(argv[0]);
}
/* get address from arg */
address = argv[optind_s++];
/* get port from arg */
port = atoi(argv[optind_s++]);
/* set address */
#ifdef HAVE_INET_ATON
if (0 == inet_aton(address, &rcvr_addr)) {
fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0],
address);
exit(1);
}
if (rcvr_addr.s_addr == INADDR_NONE) {
fprintf(stderr, "%s: address error", argv[0]);
exit(1);
}
#else
rcvr_addr.s_addr = inet_addr(address);
if (0xffffffff == rcvr_addr.s_addr) {
fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0],
address);
exit(1);
}
#endif
/* open socket */
sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP);
if (sock < 0) {
int err;
#ifdef RTPW_USE_WINSOCK2
err = WSAGetLastError();
#else
err = errno;
#endif
fprintf(stderr, "%s: couldn't open socket: %d\n", argv[0], err);
exit(1);
}
memset(&name, 0, sizeof(struct sockaddr_in));
name.sin_addr = rcvr_addr;
name.sin_family = PF_INET;
name.sin_port = htons(port);
if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) {
if (prog_type == sender) {
ret = setsockopt(sock, IPPROTO_IP, IP_MULTICAST_TTL, &ttl,
sizeof(ttl));
if (ret < 0) {
fprintf(stderr, "%s: Failed to set TTL for multicast group",
argv[0]);
perror("");
exit(1);
}
}
mreq.imr_multiaddr.s_addr = rcvr_addr.s_addr;
mreq.imr_interface.s_addr = htonl(INADDR_ANY);
ret = setsockopt(sock, IPPROTO_IP, IP_ADD_MEMBERSHIP, (void *)&mreq,
sizeof(mreq));
if (ret < 0) {
fprintf(stderr, "%s: Failed to join multicast group", argv[0]);
perror("");
exit(1);
}
}
/* report security services selected on the command line */
printf("security services: ");
if (sec_servs & sec_serv_conf)
printf("confidentiality ");
if (sec_servs & sec_serv_auth)
printf("message authentication");
if (sec_servs == sec_serv_none)
printf("none");
printf("\n");
/* set up the srtp policy and master key */
if (sec_servs) {
/*
* create policy structure, using the default mechanisms but
* with only the security services requested on the command line,
* using the right SSRC value
*/
switch (sec_servs) {
case sec_serv_conf_and_auth:
if (gcm_on) {
#ifdef GCM
switch (key_size) {
case 128:
srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp);
break;
case 256:
srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtcp);
break;
}
#else
printf("error: GCM mode only supported when using the OpenSSL "
"or NSS crypto engine.\n");
return 0;
#endif
} else {
switch (key_size) {
case 128:
srtp_crypto_policy_set_rtp_default(&policy.rtp);
srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
break;
case 256:
srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtp);
srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
break;
}
}
break;
case sec_serv_conf:
if (gcm_on) {
printf(
"error: GCM mode must always be used with auth enabled\n");
return -1;
} else {
switch (key_size) {
case 128:
srtp_crypto_policy_set_aes_cm_128_null_auth(&policy.rtp);
srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
break;
case 256:
srtp_crypto_policy_set_aes_cm_256_null_auth(&policy.rtp);
srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
break;
}
}
break;
case sec_serv_auth:
if (gcm_on) {
#ifdef GCM
switch (key_size) {
case 128:
srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_8_only_auth(
&policy.rtcp);
break;
case 256:
srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_256_8_only_auth(
&policy.rtcp);
break;
}
#else
printf("error: GCM mode only supported when using the OpenSSL "
"crypto engine.\n");
return 0;
#endif
} else {
srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&policy.rtp);
srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
}
break;
default:
printf("error: unknown security service requested\n");
return -1;
}
policy.ssrc.type = ssrc_specific;
policy.ssrc.value = ssrc;
policy.key = (uint8_t *)key;
policy.ekt = NULL;
policy.next = NULL;
policy.window_size = 128;
policy.allow_repeat_tx = 0;
policy.rtp.sec_serv = sec_servs;
policy.rtcp.sec_serv = sec_serv_none; /* we don't do RTCP anyway */
if (gcm_on && tag_size != 8) {
policy.rtp.auth_tag_len = tag_size;
}
/*
* read key from hexadecimal or base64 on command line into an octet
* string
*/
if (b64_input) {
int pad;
expected_len = (policy.rtp.cipher_key_len * 4) / 3;
len = base64_string_to_octet_string(key, &pad, input_key,
expected_len);
if (pad != 0) {
fprintf(stderr, "error: padding in base64 unexpected\n");
exit(1);
}
} else {
expected_len = policy.rtp.cipher_key_len * 2;
len = hex_string_to_octet_string(key, input_key, expected_len);
}
/* check that hex string is the right length */
if (len < expected_len) {
fprintf(stderr, "error: too few digits in key/salt "
"(should be %d digits, found %d)\n",
expected_len, len);
exit(1);
}
if ((int)strlen(input_key) > policy.rtp.cipher_key_len * 2) {
fprintf(stderr, "error: too many digits in key/salt "
"(should be %d hexadecimal digits, found %u)\n",
policy.rtp.cipher_key_len * 2, (unsigned)strlen(input_key));
exit(1);
}
printf("set master key/salt to %s/", octet_string_hex_string(key, 16));
printf("%s\n", octet_string_hex_string(key + 16, 14));
} else {
/*
* we're not providing security services, so set the policy to the
* null policy
*
* Note that this policy does not conform to the SRTP
* specification, since RTCP authentication is required. However,
* the effect of this policy is to turn off SRTP, so that this
* application is now a vanilla-flavored RTP application.
*/
srtp_crypto_policy_set_null_cipher_hmac_null(&policy.rtp);
srtp_crypto_policy_set_null_cipher_hmac_null(&policy.rtcp);
policy.key = (uint8_t *)key;
policy.ssrc.type = ssrc_specific;
policy.ssrc.value = ssrc;
policy.window_size = 0;
policy.allow_repeat_tx = 0;
policy.ekt = NULL;
policy.next = NULL;
}
if (prog_type == sender) {
#if BEW
/* bind to local socket (to match crypto policy, if need be) */
memset(&local, 0, sizeof(struct sockaddr_in));
local.sin_addr.s_addr = htonl(INADDR_ANY);
local.sin_port = htons(port);
ret = bind(sock, (struct sockaddr *)&local, sizeof(struct sockaddr_in));
if (ret < 0) {
fprintf(stderr, "%s: bind failed\n", argv[0]);
perror("");
exit(1);
}
#endif /* BEW */
/* initialize sender's rtp and srtp contexts */
snd = rtp_sender_alloc();
if (snd == NULL) {
fprintf(stderr, "error: malloc() failed\n");
exit(1);
}
rtp_sender_init(snd, sock, name, ssrc);
status = rtp_sender_init_srtp(snd, &policy);
if (status) {
fprintf(stderr, "error: srtp_create() failed with code %d\n",
status);
exit(1);
}
/* open dictionary */
dict = fopen(dictfile, "r");
if (dict == NULL) {
fprintf(stderr, "%s: couldn't open file %s\n", argv[0], dictfile);
if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) {
leave_group(sock, mreq, argv[0]);
}
exit(1);
}
/* read words from dictionary, then send them off */
while (!interrupted && fgets(word, MAX_WORD_LEN, dict) != NULL) {
len = strlen(word) + 1; /* plus one for null */
if (len > MAX_WORD_LEN)
printf("error: word %s too large to send\n", word);
else {
rtp_sendto(snd, word, len);
printf("sending word: %s", word);
}
usleep(USEC_RATE);
}
rtp_sender_deinit_srtp(snd);
rtp_sender_dealloc(snd);
fclose(dict);
} else { /* prog_type == receiver */
rtp_receiver_t rcvr;
if (bind(sock, (struct sockaddr *)&name, sizeof(name)) < 0) {
close(sock);
fprintf(stderr, "%s: socket bind error\n", argv[0]);
perror(NULL);
if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) {
leave_group(sock, mreq, argv[0]);
}
exit(1);
}
rcvr = rtp_receiver_alloc();
if (rcvr == NULL) {
fprintf(stderr, "error: malloc() failed\n");
exit(1);
}
rtp_receiver_init(rcvr, sock, name, ssrc);
status = rtp_receiver_init_srtp(rcvr, &policy);
if (status) {
fprintf(stderr, "error: srtp_create() failed with code %d\n",
status);
exit(1);
}
/* get next word and loop */
while (!interrupted) {
len = MAX_WORD_LEN;
if (rtp_recvfrom(rcvr, word, &len) > -1)
printf("\tword: %s\n", word);
}
rtp_receiver_deinit_srtp(rcvr);
rtp_receiver_dealloc(rcvr);
}
if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) {
leave_group(sock, mreq, argv[0]);
}
#ifdef RTPW_USE_WINSOCK2
ret = closesocket(sock);
#else
ret = close(sock);
#endif
if (ret < 0) {
fprintf(stderr, "%s: Failed to close socket", argv[0]);
perror("");
}
status = srtp_shutdown();
if (status) {
printf("error: srtp shutdown failed with error code %d\n", status);
exit(1);
}
#ifdef RTPW_USE_WINSOCK2
WSACleanup();
#endif
return 0;
}
void usage(char *string)
{
printf("usage: %s [-d <debug>]* [-k <key> [-a][-e]] "
"[-s | -r] dest_ip dest_port\n"
"or %s -l\n"
"where -a use message authentication\n"
" -e <key size> use encryption (use 128 or 256 for key size)\n"
" -g Use AES-GCM mode (must be used with -e)\n"
" -t <tag size> Tag size to use in GCM mode (use 8 or 16)\n"
" -k <key> sets the srtp master key given in hexadecimal\n"
" -b <key> sets the srtp master key given in base64\n"
" -s act as rtp sender\n"
" -r act as rtp receiver\n"
" -l list debug modules\n"
" -d <debug> turn on debugging for module <debug>\n"
" -w <wordsfile> use <wordsfile> for input, rather than %s\n",
string, string, DICT_FILE);
exit(1);
}
void leave_group(int sock, struct ip_mreq mreq, char *name)
{
int ret;
ret = setsockopt(sock, IPPROTO_IP, IP_DROP_MEMBERSHIP, (void *)&mreq,
sizeof(mreq));
if (ret < 0) {
fprintf(stderr, "%s: Failed to leave multicast group", name);
perror("");
}
}
void handle_signal(int signum)
{
interrupted = 1;
/* Reset handler explicitly, in case we don't have sigaction() (and signal()
has BSD semantics), or we don't have SA_RESETHAND */
signal(signum, SIG_DFL);
}
int setup_signal_handler(char *name)
{
#if HAVE_SIGACTION
struct sigaction act;
memset(&act, 0, sizeof(act));
act.sa_handler = handle_signal;
sigemptyset(&act.sa_mask);
#if defined(SA_RESETHAND)
act.sa_flags = SA_RESETHAND;
#else
act.sa_flags = 0;
#endif
/* Note that we're not setting SA_RESTART; we want recvfrom to return
* EINTR when we signal the receiver. */
if (sigaction(SIGTERM, &act, NULL) != 0) {
fprintf(stderr, "%s: error setting up signal handler", name);
perror("");
return -1;
}
#else
if (signal(SIGTERM, handle_signal) == SIG_ERR) {
fprintf(stderr, "%s: error setting up signal handler", name);
perror("");
return -1;
}
#endif
return 0;
}

176
trunk/3rdparty/libsrtp-2-fit/test/rtpw_test.sh vendored Executable file
View file

@ -0,0 +1,176 @@
#!/bin/sh
#
# usage: rtpw_test <rtpw_commands>
#
# tests the rtpw sender and receiver functions
#
# Copyright (c) 2001-2017, Cisco Systems, Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials provided
# with the distribution.
#
# Neither the name of the Cisco Systems, Inc. nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
# COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
# OF THE POSSIBILITY OF SUCH DAMAGE.
#
case $(uname -s) in
*CYGWIN*|*MINGW*)
EXE=".exe"
;;
*Linux*)
EXE=""
export LD_LIBRARY_PATH=$CRYPTO_LIBDIR
;;
*Darwin*)
EXE=""
export DYLD_LIBRARY_PATH=$CRYPTO_LIBDIR
;;
esac
RTPW=./rtpw$EXE
DEST_PORT=9999
DURATION=3
key=Ky7cUDT2GnI0XKWYbXv9AYmqbcLsqzL9mvdN9t/G
ARGS="-b $key -a -e 128"
# First, we run "killall" to get rid of all existing rtpw processes.
# This step also enables this script to clean up after itself; if this
# script is interrupted after the rtpw processes are started but before
# they are killed, those processes will linger. Re-running the script
# will get rid of them.
killall rtpw 2>/dev/null
if test -x $RTPW; then
echo $0 ": starting rtpw receiver process... "
$RTPW $* $ARGS -r 0.0.0.0 $DEST_PORT &
receiver_pid=$!
echo $0 ": receiver PID = $receiver_pid"
sleep 1
# verify that the background job is running
ps -e | grep -q $receiver_pid
retval=$?
echo $retval
if [ $retval != 0 ]; then
echo $0 ": error"
exit 254
fi
echo $0 ": starting rtpw sender process..."
$RTPW $* $ARGS -s 127.0.0.1 $DEST_PORT &
sender_pid=$!
echo $0 ": sender PID = $sender_pid"
# verify that the background job is running
ps -e | grep -q $sender_pid
retval=$?
echo $retval
if [ $retval != 0 ]; then
echo $0 ": error"
exit 255
fi
sleep $DURATION
kill $receiver_pid
kill $sender_pid
wait $receiver_pid 2>/dev/null
wait $sender_pid 2>/dev/null
key=033490ba9e82994fc21013395739038992b2edc5034f61a72345ca598d7bfd0189aa6dc2ecab32fd9af74df6dfc6
ARGS="-k $key -a -e 256"
echo $0 ": starting rtpw receiver process... "
$RTPW $* $ARGS -r 0.0.0.0 $DEST_PORT &
receiver_pid=$!
echo $0 ": receiver PID = $receiver_pid"
sleep 1
# verify that the background job is running
ps -e | grep -q $receiver_pid
retval=$?
echo $retval
if [ $retval != 0 ]; then
echo $0 ": error"
exit 254
fi
echo $0 ": starting rtpw sender process..."
$RTPW $* $ARGS -s 127.0.0.1 $DEST_PORT &
sender_pid=$!
echo $0 ": sender PID = $sender_pid"
# verify that the background job is running
ps -e | grep -q $sender_pid
retval=$?
echo $retval
if [ $retval != 0 ]; then
echo $0 ": error"
exit 255
fi
sleep $DURATION
kill $receiver_pid
kill $sender_pid
wait $receiver_pid 2>/dev/null
wait $sender_pid 2>/dev/null
echo $0 ": done (test passed)"
else
echo "error: can't find executable" $RTPW
exit 1
fi
# EOF

260
trunk/3rdparty/libsrtp-2-fit/test/rtpw_test_gcm.sh vendored Executable file
View file

@ -0,0 +1,260 @@
#!/bin/sh
#
# usage: rtpw_test <rtpw_commands>
#
# tests the rtpw sender and receiver functions
#
# Copyright (c) 2001-2017, Cisco Systems, Inc.
# All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
#
# Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
#
# Redistributions in binary form must reproduce the above
# copyright notice, this list of conditions and the following
# disclaimer in the documentation and/or other materials provided
# with the distribution.
#
# Neither the name of the Cisco Systems, Inc. nor the names of its
# contributors may be used to endorse or promote products derived
# from this software without specific prior written permission.
#
# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
# FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
# COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
# INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
# (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
# STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
# ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
# OF THE POSSIBILITY OF SUCH DAMAGE.
#
case $(uname -s) in
*CYGWIN*|*MINGW*)
EXE=".exe"
;;
*Linux*)
EXE=""
export LD_LIBRARY_PATH=$CRYPTO_LIBDIR
;;
*Darwin*)
EXE=""
export DYLD_LIBRARY_PATH=$CRYPTO_LIBDIR
;;
esac
RTPW=./rtpw$EXE
DEST_PORT=9999
DURATION=3
# First, we run "killall" to get rid of all existing rtpw processes.
# This step also enables this script to clean up after itself; if this
# script is interrupted after the rtpw processes are started but before
# they are killed, those processes will linger. Re-running the script
# will get rid of them.
killall rtpw 2>/dev/null
if test -x $RTPW; then
GCMARGS128="-k 01234567890123456789012345678901234567890123456789012345 -g -e 128"
echo $0 ": starting GCM mode 128-bit rtpw receiver process... "
exec $RTPW $* $GCMARGS128 -r 127.0.0.1 $DEST_PORT &
receiver_pid=$!
echo $0 ": receiver PID = $receiver_pid"
sleep 1
# verify that the background job is running
ps -e | grep -q $receiver_pid
retval=$?
echo $retval
if [ $retval != 0 ]; then
echo $0 ": error"
exit 254
fi
echo $0 ": starting GCM 128-bit rtpw sender process..."
exec $RTPW $* $GCMARGS128 -s 127.0.0.1 $DEST_PORT &
sender_pid=$!
echo $0 ": sender PID = $sender_pid"
# verify that the background job is running
ps -e | grep -q $sender_pid
retval=$?
echo $retval
if [ $retval != 0 ]; then
echo $0 ": error"
exit 255
fi
sleep $DURATION
kill $receiver_pid
kill $sender_pid
wait $receiver_pid 2>/dev/null
wait $sender_pid 2>/dev/null
GCMARGS128="-k 01234567890123456789012345678901234567890123456789012345 -g -t 16 -e 128"
echo $0 ": starting GCM mode 128-bit (16 byte tag) rtpw receiver process... "
exec $RTPW $* $GCMARGS128 -r 127.0.0.1 $DEST_PORT &
receiver_pid=$!
echo $0 ": receiver PID = $receiver_pid"
sleep 1
# verify that the background job is running
ps -e | grep -q $receiver_pid
retval=$?
echo $retval
if [ $retval != 0 ]; then
echo $0 ": error"
exit 254
fi
echo $0 ": starting GCM 128-bit (16 byte tag) rtpw sender process..."
exec $RTPW $* $GCMARGS128 -s 127.0.0.1 $DEST_PORT &
sender_pid=$!
echo $0 ": sender PID = $sender_pid"
# verify that the background job is running
ps -e | grep -q $sender_pid
retval=$?
echo $retval
if [ $retval != 0 ]; then
echo $0 ": error"
exit 255
fi
sleep $DURATION
kill $receiver_pid
kill $sender_pid
wait $receiver_pid 2>/dev/null
wait $sender_pid 2>/dev/null
GCMARGS256="-k 0123456789012345678901234567890123456789012345678901234567890123456789012345678901234567 -g -e 256"
echo $0 ": starting GCM mode 256-bit rtpw receiver process... "
exec $RTPW $* $GCMARGS256 -r 127.0.0.1 $DEST_PORT &
receiver_pid=$!
echo $0 ": receiver PID = $receiver_pid"
sleep 1
# verify that the background job is running
ps -e | grep -q $receiver_pid
retval=$?
echo $retval
if [ $retval != 0 ]; then
echo $0 ": error"
exit 254
fi
echo $0 ": starting GCM 256-bit rtpw sender process..."
exec $RTPW $* $GCMARGS256 -s 127.0.0.1 $DEST_PORT &
sender_pid=$!
echo $0 ": sender PID = $sender_pid"
# verify that the background job is running
ps -e | grep -q $sender_pid
retval=$?
echo $retval
if [ $retval != 0 ]; then
echo $0 ": error"
exit 255
fi
sleep $DURATION
kill $receiver_pid
kill $sender_pid
wait $receiver_pid 2>/dev/null
wait $sender_pid 2>/dev/null
GCMARGS256="-k a123456789012345678901234567890123456789012345678901234567890123456789012345678901234567 -g -t 16 -e 256"
echo $0 ": starting GCM mode 256-bit (16 byte tag) rtpw receiver process... "
exec $RTPW $* $GCMARGS256 -r 127.0.0.1 $DEST_PORT &
receiver_pid=$!
echo $0 ": receiver PID = $receiver_pid"
sleep 1
# verify that the background job is running
ps -e | grep -q $receiver_pid
retval=$?
echo $retval
if [ $retval != 0 ]; then
echo $0 ": error"
exit 254
fi
echo $0 ": starting GCM 256-bit (16 byte tag) rtpw sender process..."
exec $RTPW $* $GCMARGS256 -s 127.0.0.1 $DEST_PORT &
sender_pid=$!
echo $0 ": sender PID = $sender_pid"
# verify that the background job is running
ps -e | grep -q $sender_pid
retval=$?
echo $retval
if [ $retval != 0 ]; then
echo $0 ": error"
exit 255
fi
sleep $DURATION
kill $receiver_pid
kill $sender_pid
wait $receiver_pid 2>/dev/null
wait $sender_pid 2>/dev/null
echo $0 ": done (test passed)"
else
echo "error: can't find executable" $RTPW
exit 1
fi
# EOF

Some files were not shown because too many files have changed in this diff Show more