diff options
Diffstat (limited to 'include')
| -rw-r--r-- | include/ekt.h | 181 | ||||
| -rw-r--r-- | include/err.h | 184 | ||||
| -rw-r--r-- | include/getopt_s.h (renamed from include/stat.h) | 55 | ||||
| -rw-r--r-- | include/rdb.h | 94 | ||||
| -rw-r--r-- | include/rdbx.h | 146 | ||||
| -rw-r--r-- | include/rtp.h | 119 | ||||
| -rw-r--r-- | include/srtp.h | 1706 | ||||
| -rw-r--r-- | include/srtp_priv.h | 280 | ||||
| -rw-r--r-- | include/srtp_ust.h | 293 | ||||
| -rw-r--r-- | include/ut_sim.h | 40 |
10 files changed, 1814 insertions, 1284 deletions
diff --git a/include/ekt.h b/include/ekt.h new file mode 100644 index 0000000..a289a53 --- /dev/null +++ b/include/ekt.h @@ -0,0 +1,181 @@ +/* + * ekt.h + * + * interface to Encrypted Key Transport for SRTP + * + * David McGrew + * Cisco Systems, Inc. + */ +/* + * + * Copyright (c) 2001-2017 Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +/* + * EKT implementation strategy + * + * use stream_template approach + * + * in srtp_unprotect, when a new stream appears, check if template has + * EKT defined, and if it does, then apply EKT processing + * + * question: will we want to allow key-sharing templates in addition + * to EKT templates? could define a new ssrc_type_t that's associated + * with an EKT, e.g. ssrc_any_ekt. + * + * + */ + +#ifndef SRTP_EKT_H +#define SRTP_EKT_H + +// left in commented out as reminder to not include private headers +//#include "srtp_priv.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#define SRTP_EKT_CIPHER_DEFAULT 1 +#define SRTP_EKT_CIPHER_AES_128_ECB 1 +#define SRTP_EKT_CIPHER_AES_192_KEY_WRAP 2 +#define SRTP_EKT_CIPHER_AES_256_KEY_WRAP 3 + +typedef uint16_t srtp_ekt_spi_t; + +unsigned srtp_ekt_octets_after_base_tag(srtp_ekt_stream_t ekt); + +/* + * an srtp_policy_t structure can contain a pointer to an + * srtp_ekt_policy_t structure + * + * this structure holds all of the high level EKT information, and it + * is passed into libsrtp to indicate what policy should be in effect + */ + +typedef struct srtp_ekt_policy_ctx_t { + srtp_ekt_spi_t spi; /* security parameter index */ + uint8_t ekt_cipher_type; + uint8_t *ekt_key; + struct srtp_ekt_policy_ctx_t *next_ekt_policy; +} srtp_ekt_policy_ctx_t; + +/* + * an srtp_ekt_data_t structure holds the data corresponding to an ekt key, + * spi, and so on + */ + +typedef struct srtp_ekt_data_t { + srtp_ekt_spi_t spi; + uint8_t ekt_cipher_type; + srtp_aes_expanded_key_t ekt_enc_key; + srtp_aes_expanded_key_t ekt_dec_key; + struct ekt_data_t *next_ekt_data; +} srtp_ekt_data_t; + +/* + * an srtp_stream_ctx_t can contain an srtp_ekt_stream_ctx_t + * + * an srtp_ekt_stream_ctx_t structure holds all of the EKT information for + * a specific SRTP stream + */ + +typedef struct srtp_ekt_stream_ctx_t { + srtp_ekt_data_t *data; + uint16_t isn; /* initial sequence number */ + uint8_t encrypted_master_key[SRTP_MAX_KEY_LEN]; +} srtp_ekt_stream_ctx_t; + +srtp_err_status_t srtp_ekt_alloc(srtp_ekt_stream_t *stream_data, + srtp_ekt_policy_t policy); + +srtp_err_status_t srtp_ekt_stream_init(srtp_ekt_stream_t e, + srtp_ekt_spi_t spi, + void *ekt_key, + unsigned ekt_cipher_type); + +srtp_err_status_t srtp_ekt_stream_init_from_policy(srtp_ekt_stream_t e, + srtp_ekt_policy_t p); + +srtp_err_status_t srtp_stream_init_from_ekt(srtp_stream_t stream, + const void *srtcp_hdr, + unsigned pkt_octet_len); + +void srtp_ekt_write_data(srtp_ekt_stream_t ekt, + uint8_t *base_tag, + unsigned base_tag_len, + int *packet_len, + srtp_xtd_seq_num_t pkt_index); + +/* + * We handle EKT by performing some additional steps before + * authentication (copying the auth tag into a temporary location, + * zeroizing the "base tag" field in the packet) + * + * With EKT, the tag_len parameter is actually the base tag + * length + */ +srtp_err_status_t srtp_ekt_tag_verification_preproces(uint8_t *pkt_tag, + uint8_t *pkt_tag_copy, + unsigned tag_len); + +srtp_err_status_t srtp_ekt_tag_verification_postproces(uint8_t *pkt_tag, + uint8_t *pkt_tag_copy, + unsigned tag_len); + +/* + * @brief EKT pre-processing for srtcp tag generation + * + * This function does the pre-processing of the SRTCP authentication + * tag format. When EKT is used, it consists of writing the Encrypted + * Master Key, the SRTP ROC, the Initial Sequence Number, and SPI + * fields. The Base Authentication Tag field is set to the all-zero + * value + * + * When EKT is not used, this function is a no-op. + * + */ +srtp_err_status_t srtp_stream_srtcp_auth_tag_generation_preprocess( + const srtp_stream_t *s, + uint8_t *pkt_tag, + unsigned pkt_octet_len); + +/* it's not clear that a tag_generation_postprocess function is needed */ +srtp_err_status_t srtcp_auth_tag_generation_postprocess(void); + +#ifdef __cplusplus +} +#endif + +#endif /* SRTP_EKT_H */ diff --git a/include/err.h b/include/err.h deleted file mode 100644 index b8d46fb..0000000 --- a/include/err.h +++ /dev/null @@ -1,184 +0,0 @@ -/* - * err.h - * - * error status codes - * - * David A. McGrew - * Cisco Systems, Inc. - */ -/* - * - * Copyright (c) 2001-2005, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef ERR_H -#define ERR_H - -#include "config.h" /* check for ERR_REPORTING_SYSLOG */ - -#ifdef ERR_REPORTING_FILE -#include <stdio.h> -#endif - -#include <stdarg.h> - -/** - * @defgroup Error Error Codes - * - * Error status codes are represented by the enumeration err_status_t. - * - * @{ - */ - - -/* - * @brief err_status_t defines error codes. - * - * The enumeration err_status_t defines error codes. Note that the - * value of err_status_ok is equal to zero, which can simplify error - * checking somewhat. - * - */ -typedef enum { - err_status_ok = 0, /**< nothing to report */ - err_status_fail = 1, /**< unspecified failure */ - err_status_bad_param = 2, /**< unsupported parameter */ - err_status_alloc_fail = 3, /**< couldn't allocate memory */ - err_status_dealloc_fail = 4, /**< couldn't deallocate properly */ - err_status_init_fail = 5, /**< couldn't initialize */ - err_status_terminus = 6, /**< can't process as much data as requested */ - err_status_auth_fail = 7, /**< authentication failure */ - err_status_cipher_fail = 8, /**< cipher failure */ - err_status_replay_fail = 9, /**< replay check failed (bad index) */ - err_status_replay_old = 10, /**< replay check failed (index too old) */ - err_status_algo_fail = 11, /**< algorithm failed test routine */ - err_status_no_such_op = 12, /**< unsupported operation */ - err_status_no_ctx = 13, /**< no appropriate context found */ - err_status_cant_check = 14, /**< unable to perform desired validation */ - err_status_key_expired = 15 /**< can't use key any more */ -} err_status_t; - -/** - * @} - */ - -#if (ERR_REPORTING_SYSLOG) - -#include <syslog.h> - -typedef enum { - err_level_emergency = LOG_EMERG, - err_level_alert = LOG_ALERT, - err_level_critical = LOG_CRIT, - err_level_error = LOG_ERR, - err_level_warning = LOG_WARNING, - err_level_notice = LOG_NOTICE, - err_level_info = LOG_INFO, - err_level_debug = LOG_DEBUG, - err_level_none -} err_reporting_level_t; - -#else - -typedef enum { - err_level_emergency, - err_level_alert, - err_level_critical, - err_level_error, - err_level_warning, - err_level_notice, - err_level_info, - err_level_debug, - err_level_none -} err_reporting_level_t; - -#endif - -/* - * err_reporting_init prepares the error system. If - * ERR_REPORTING_SYSLOG is defined, it will open syslog. - * - * The ident argument is a string that will be prepended to - * all syslog messages. It is conventionally argv[0]. - */ - -err_status_t -err_reporting_init(char *ident); - -/* - * keydaemon_report_error reports a 'printf' formatted error - * string, followed by a an arg list. The priority argument - * is equivalent to that defined for syslog. - * - * Errors will be reported to ERR_REPORTING_FILE, if defined, and to - * syslog, if ERR_REPORTING_SYSLOG is defined. - * - */ - -void -err_report(int priority, char *format, ...); - - -/* - * debug_module_t defines a debug module - */ - -typedef struct { - unsigned int on; /* 1 if debugging is on, 0 if it is off */ - unsigned char *name; /* printable name for debug module */ -} debug_module_t; - -#if ENABLE_DEBUGGING - -#define debug_on(mod) (mod).on = 1 - -#define debug_off(mod) (mod).on = 0 - -/* use err_report() to report debug message */ -#define debug_print(mod, format, arg) \ - if (mod.on) err_report(err_level_debug, ("%s: " format), mod.name, arg) - -#else - -/* define macros to do nothing */ -#define debug_print(mod, format, arg) - -#define debug_on(mod) - -#define debug_off(mod) - -#endif - -#endif /* ERR_H */ diff --git a/include/stat.h b/include/getopt_s.h index 6d5e4a4..53fb25b 100644 --- a/include/stat.h +++ b/include/getopt_s.h @@ -1,33 +1,32 @@ /* - * stats.h - * - * interface to statistical test functions + * getopt.h + * + * interface to a minimal implementation of the getopt() function, + * written so that test applications that use that function can run on + * non-POSIX platforms * - * David A. McGrew - * Cisco Systems, Inc. */ - /* - * - * Copyright(c) 2001-2005, Cisco Systems, Inc. + * + * Copyright (c) 2001-2017 Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -43,24 +42,26 @@ * */ +#ifndef GETOPT_S_H +#define GETOPT_S_H -#ifndef STAT_H -#define STAT_H +#ifdef __cplusplus +extern "C" { +#endif -#include "datatypes.h" /* for octet_t */ -#include "err.h" /* for err_status_t */ -#include "rand_source.h" /* for rand_source_func_t definition */ +/* + * getopt_s(), optarg_s, and optind_s are small, locally defined + * versions of the POSIX standard getopt() interface. + */ -err_status_t -stat_test_monobit(octet_t *data); +int getopt_s(int argc, char *const argv[], const char *optstring); -err_status_t -stat_test_poker(octet_t *data); +extern char *optarg_s; /* defined in getopt.c */ -err_status_t -stat_test_runs(octet_t *data); +extern int optind_s; /* defined in getopt.c */ -err_status_t -stat_test_rand_source(rand_source_func_t rs); +#ifdef __cplusplus +} +#endif -#endif /* STAT_H */ +#endif /* GETOPT_S_H */ diff --git a/include/rdb.h b/include/rdb.h deleted file mode 100644 index 5a26c5e..0000000 --- a/include/rdb.h +++ /dev/null @@ -1,94 +0,0 @@ -/* - * replay-database.h - * - * interface for a replay database for packet security - * - * David A. McGrew - * Cisco Systems, Inc. - */ - - -#ifndef REPLAY_DB_H -#define REPLAY_DB_H - -#include "integers.h" /* for uint32_t */ -#include "datatypes.h" /* for v128_t */ -#include "err.h" /* for err_status_t */ - -/* - * if the ith least significant bit is one, then the packet index - * window_end-i is in the database - */ - -typedef struct { - uint32_t window_start; /* packet index of the first bit in bitmask */ - v128_t bitmask; -} rdb_t; - -#define rdb_bits_in_bitmask (8*sizeof(v128_t)) - -/* - * rdb init - * - * initalizes rdb - * - * returns err_status_ok on success, err_status_t_fail otherwise - */ - -err_status_t -rdb_init(rdb_t *rdb); - - -/* - * rdb_check - * - * checks to see if index appears in rdb - * - * returns err_status_fail if the index already appears in rdb, - * returns err_status_ok otherwise - */ - -err_status_t -rdb_check(const rdb_t *rdb, uint32_t index); - -/* - * rdb_add_index - * - * adds index to rdb_t (and does *not* check if index appears in db) - * - * returns err_status_ok on success, err_status_fail otherwise - * - */ - -err_status_t -rdb_add_index(rdb_t *rdb, uint32_t index); - -/* - * the functions rdb_increment() and rdb_get_value() are for use by - * senders, not receivers - DO NOT use these functions on the same - * rdb_t upon which rdb_add_index is used! - */ - - -/* - * rdb_increment(db) increments the sequence number in db, if it is - * not too high - * - * return values: - * - * err_status_ok no problem - * err_status_key_expired sequence number too high - * - */ -err_status_t -rdb_increment(rdb_t *rdb); - -/* - * rdb_get_value(db) returns the current sequence number of db - */ - -uint32_t -rdb_get_value(const rdb_t *rdb); - - -#endif /* REPLAY_DB_H */ diff --git a/include/rdbx.h b/include/rdbx.h deleted file mode 100644 index bf0b655..0000000 --- a/include/rdbx.h +++ /dev/null @@ -1,146 +0,0 @@ -/* - * rdbx.h - * - * replay database with extended packet indices, using a rollover counter - * - * David A. McGrew - * Cisco Systems, Inc. - * - */ - -#ifndef RDBX_H -#define RDBX_H - -#include "datatypes.h" -#include "err.h" - -/* #define ROC_TEST */ - -#ifndef ROC_TEST - -typedef unsigned short int sequence_number_t; /* 16 bit sequence number */ -typedef unsigned long int rollover_counter_t; /* 32 bit rollover counter */ - -#else /* use small seq_num and roc datatypes for testing purposes */ - -typedef unsigned char sequence_number_t; /* 8 bit sequence number */ -typedef unsigned short int rollover_counter_t; /* 16 bit rollover counter */ - -#endif - -#define seq_num_median (1 << (8*sizeof(sequence_number_t) - 1)) -#define seq_num_max (1 << (8*sizeof(sequence_number_t))) - -/* - * An xtd_seq_num_t is a 64-bit unsigned integer used as an 'extended' - * sequence number. - */ - -typedef uint64_t xtd_seq_num_t; - - -/* - * An rdbx_t is a replay database with extended range; it uses an - * xtd_seq_num_t and a bitmask of recently received indices. - */ - -typedef struct { - xtd_seq_num_t index; - v128_t bitmask; -} rdbx_t; - - -/* - * rdbx_init(rdbx_ptr) - * - * initializes the rdbx pointed to by its argument, setting the - * rollover counter and sequence number to zero - */ - -err_status_t -rdbx_init(rdbx_t *rdbx); - - -/* - * rdbx_estimate_index(rdbx, guess, s) - * - * given an rdbx and a sequence number s (from a newly arrived packet), - * sets the contents of *guess to contain the best guess of the packet - * index to which s corresponds, and returns the difference between - * *guess and the locally stored synch info - */ - -inline int -rdbx_estimate_index(const rdbx_t *rdbx, - xtd_seq_num_t *guess, - sequence_number_t s); - -/* - * rdbx_check(rdbx, delta); - * - * rdbx_check(&r, delta) checks to see if the xtd_seq_num_t - * which is at rdbx->window_start + delta is in the rdb - * - */ - -inline err_status_t -rdbx_check(const rdbx_t *rdbx, int difference); - -/* - * replay_add_index(rdbx, delta) - * - * adds the xtd_seq_num_t at rdbx->window_start + delta to replay_db - * (and does *not* check if that xtd_seq_num_t appears in db) - * - * this function should be called *only* after replay_check has - * indicated that the index does not appear in the rdbx, and a mutex - * should protect the rdbx between these calls if necessary. - */ - -inline err_status_t -rdbx_add_index(rdbx_t *rdbx, int delta); - -/* - * xtd_seq_num_t functions - these are *internal* functions of rdbx, and - * shouldn't be used to manipulate rdbx internal values. use the rdbx - * api instead! - */ - - -/* index_init(&pi) initializes a packet index pi (sets it to zero) */ - -void -index_init(xtd_seq_num_t *pi); - -/* index_advance(&pi, s) advances a xtd_seq_num_t forward by s */ - -void -index_advance(xtd_seq_num_t *pi, sequence_number_t s); - - -/* - * index_guess(local, guess, s) - * - * given a xtd_seq_num_t local (which represents the highest - * known-to-be-good index) and a sequence number s (from a newly - * arrived packet), sets the contents of *guess to contain the best - * guess of the packet index to which s corresponds, and returns the - * difference between *guess and *local - */ - -int -index_guess(const xtd_seq_num_t *local, - xtd_seq_num_t *guess, - sequence_number_t s); - - -#endif /* RDBX_H */ - - - - - - - - - diff --git a/include/rtp.h b/include/rtp.h deleted file mode 100644 index 78ed3d6..0000000 --- a/include/rtp.h +++ /dev/null @@ -1,119 +0,0 @@ -/* - * rtp.h - * - * rtp interface for srtp reference implementation - * - * David A. McGrew - * Cisco Systems, Inc. - * - * data types: - * - * rtp_msg_t an rtp message (the data that goes on the wire) - * rtp_sender_t sender side socket and rtp info - * rtp_receiver_t receiver side socket and rtp info - * - */ - -/* - * - * Copyright (c) 2001-2005, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef RTP_H -#define RTP_H - -#include "srtp.h" - -#define rtp_header_len 12 - -typedef srtp_hdr_t rtp_hdr_t; - -#define RTP_MAX_BUF_LEN 16384 - -typedef struct { - srtp_hdr_t header; - char body[RTP_MAX_BUF_LEN]; -} rtp_msg_t; - -typedef struct { - rtp_msg_t message; - int socket; - srtp_ctx_t *srtp_ctx; - struct sockaddr_in addr; /* reciever's address */ -} rtp_sender_t; - -typedef struct { - rtp_msg_t message; - int socket; - srtp_ctx_t *srtp_ctx; - struct sockaddr_in addr; /* receiver's address */ -} rtp_receiver_t; - - -ssize_t -rtp_sendto(rtp_sender_t *sender, const void* msg, int len); - -ssize_t -rtp_recvfrom(rtp_receiver_t *receiver, void *msg, int *len); - -int -rtp_receiver_init(rtp_receiver_t *rcvr, int socket, - struct sockaddr_in addr, uint32_t ssrc); - -int -rtp_sender_init(rtp_sender_t *sender, int socket, - struct sockaddr_in addr, uint32_t ssrc); - -/* - * srtp_sender_init(...) initializes an rtp_sender_t - * - */ - -int -srtp_sender_init(rtp_sender_t *rtp_ctx, /* structure to be init'ed */ - struct sockaddr_in name, /* socket name */ - sec_serv_t security_services, /* sec. servs. to be used */ - unsigned char *input_key /* master key/salt in hex */ - ); - -int -srtp_receiver_init(rtp_receiver_t *rtp_ctx, /* structure to be init'ed */ - struct sockaddr_in name, /* socket name */ - sec_serv_t security_services, /* sec. servs. to be used */ - unsigned char *input_key /* master key/salt in hex */ - ); - - -#endif /* RTP_H */ diff --git a/include/srtp.h b/include/srtp.h index 2ccb553..c86b9ee 100644 --- a/include/srtp.h +++ b/include/srtp.h @@ -7,26 +7,26 @@ * Cisco Systems, Inc. */ /* - * - * Copyright (c) 2001-2005, Cisco Systems, Inc. + * + * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -42,14 +42,14 @@ * */ +#ifndef SRTP_SRTP_H +#define SRTP_SRTP_H -#ifndef SRTP_H -#define SRTP_H +#include <stdint.h> -#include "crypto_kernel.h" -#include "rdbx.h" -#include "rdb.h" -#include "integers.h" +#ifdef __cplusplus +extern "C" { +#endif /** * @defgroup SRTP Secure RTP @@ -69,106 +69,231 @@ /* * SRTP_MAX_KEY_LEN is the maximum key length supported by libSRTP */ -#define SRTP_MAX_KEY_LEN 64 +#define SRTP_MAX_KEY_LEN 64 /* * SRTP_MAX_TAG_LEN is the maximum tag length supported by libSRTP */ -#define SRTP_MAX_TAG_LEN 12 +#define SRTP_MAX_TAG_LEN 16 + +/** + * SRTP_MAX_MKI_LEN is the maximum size the MKI could be which is + * 128 bytes + */ +#define SRTP_MAX_MKI_LEN 128 /** * SRTP_MAX_TRAILER_LEN is the maximum length of the SRTP trailer * (authentication tag and MKI) supported by libSRTP. This value is - * the maximum number of octets that will be added to an RTP packet by + * the maixmum number of octets that will be added to an RTP packet by * srtp_protect(). * * @brief the maximum number of octets added by srtp_protect(). */ -#define SRTP_MAX_TRAILER_LEN SRTP_MAX_TAG_LEN +#define SRTP_MAX_TRAILER_LEN (SRTP_MAX_TAG_LEN + SRTP_MAX_MKI_LEN) + +/** + * SRTP_MAX_NUM_MASTER_KEYS is the maximum number of Master keys for + * MKI supported by libSRTP. + * + */ +#define SRTP_MAX_NUM_MASTER_KEYS 16 + +#define SRTP_SALT_LEN 14 + +/* + * SRTP_AEAD_SALT_LEN is the length of the SALT values used with + * GCM mode. GCM mode requires an IV. The SALT value is used + * as part of the IV formation logic applied to each RTP packet. + */ +#define SRTP_AEAD_SALT_LEN 12 + +#define SRTP_AES_128_KEY_LEN 16 +#define SRTP_AES_192_KEY_LEN 24 +#define SRTP_AES_256_KEY_LEN 32 + +#define SRTP_AES_ICM_128_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_128_KEY_LEN) +#define SRTP_AES_ICM_192_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_192_KEY_LEN) +#define SRTP_AES_ICM_256_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_256_KEY_LEN) -/* - * nota bene: since libSRTP doesn't support the use of the MKI, the - * SRTP_MAX_TRAILER_LEN value is just the maximum tag length +#define SRTP_AES_GCM_128_KEY_LEN_WSALT \ + (SRTP_AEAD_SALT_LEN + SRTP_AES_128_KEY_LEN) +#define SRTP_AES_GCM_192_KEY_LEN_WSALT \ + (SRTP_AEAD_SALT_LEN + SRTP_AES_192_KEY_LEN) +#define SRTP_AES_GCM_256_KEY_LEN_WSALT \ + (SRTP_AEAD_SALT_LEN + SRTP_AES_256_KEY_LEN) + +/** + * @brief A srtp_cipher_type_id_t is an identifier for a particular cipher + * type. + * + * A srtp_cipher_type_id_t is an integer that represents a particular + * cipher type, e.g. the Advanced Encryption Standard (AES). A + * SRTP_NULL_CIPHER is avaliable; this cipher leaves the data unchanged, + * and can be selected to indicate that no encryption is to take + * place. + * + * @ingroup Ciphers */ +typedef uint32_t srtp_cipher_type_id_t; /** - * @brief sec_serv_t describes a set of security services. + * @brief An srtp_auth_type_id_t is an identifier for a particular + * authentication + * function. * - * A sec_serv_t enumeration is used to describe the particular - * security services that will be applied by a particular crypto - * policy (or other mechanism). + * An srtp_auth_type_id_t is an integer that represents a particular + * authentication function type, e.g. HMAC-SHA1. A SRTP_NULL_AUTH is + * avaliable; this authentication function performs no computation, + * and can be selected to indicate that no authentication is to take + * place. + * + * @ingroup Authentication */ +typedef uint32_t srtp_auth_type_id_t; +/** + * @brief srtp_err_status_t defines error codes. + * + * The enumeration srtp_err_status_t defines error codes. Note that the + * value of srtp_err_status_ok is equal to zero, which can simplify error + * checking somewhat. + * + */ +typedef enum { + srtp_err_status_ok = 0, /**< nothing to report */ + srtp_err_status_fail = 1, /**< unspecified failure */ + srtp_err_status_bad_param = 2, /**< unsupported parameter */ + srtp_err_status_alloc_fail = 3, /**< couldn't allocate memory */ + srtp_err_status_dealloc_fail = 4, /**< couldn't deallocate properly */ + srtp_err_status_init_fail = 5, /**< couldn't initialize */ + srtp_err_status_terminus = 6, /**< can't process as much data as */ + /**< requested */ + srtp_err_status_auth_fail = 7, /**< authentication failure */ + srtp_err_status_cipher_fail = 8, /**< cipher failure */ + srtp_err_status_replay_fail = 9, /**< replay check failed (bad index) */ + srtp_err_status_replay_old = 10, /**< replay check failed (index too */ + /**< old) */ + srtp_err_status_algo_fail = 11, /**< algorithm failed test routine */ + srtp_err_status_no_such_op = 12, /**< unsupported operation */ + srtp_err_status_no_ctx = 13, /**< no appropriate context found */ + srtp_err_status_cant_check = 14, /**< unable to perform desired */ + /**< validation */ + srtp_err_status_key_expired = 15, /**< can't use key any more */ + srtp_err_status_socket_err = 16, /**< error in use of socket */ + srtp_err_status_signal_err = 17, /**< error in use POSIX signals */ + srtp_err_status_nonce_bad = 18, /**< nonce check failed */ + srtp_err_status_read_fail = 19, /**< couldn't read data */ + srtp_err_status_write_fail = 20, /**< couldn't write data */ + srtp_err_status_parse_err = 21, /**< error parsing data */ + srtp_err_status_encode_err = 22, /**< error encoding data */ + srtp_err_status_semaphore_err = 23, /**< error while using semaphores */ + srtp_err_status_pfkey_err = 24, /**< error while using pfkey */ + srtp_err_status_bad_mki = 25, /**< error MKI present in packet is */ + /**< invalid */ + srtp_err_status_pkt_idx_old = 26, /**< packet index is too old to */ + /**< consider */ + srtp_err_status_pkt_idx_adv = 27 /**< packet index advanced, reset */ + /**< needed */ +} srtp_err_status_t; + +typedef struct srtp_ctx_t_ srtp_ctx_t; + +/** + * @brief srtp_sec_serv_t describes a set of security services. + * + * A srtp_sec_serv_t enumeration is used to describe the particular + * security services that will be applied by a particular crypto + * policy (or other mechanism). + */ typedef enum { - sec_serv_none = 0, /**< no services */ - sec_serv_conf = 1, /**< confidentiality */ - sec_serv_auth = 2, /**< authentication */ - sec_serv_conf_and_auth = 3 /**< confidentiality and authentication */ -} sec_serv_t; - -/** - * @brief crypto_policy_t describes a particular crypto policy that + sec_serv_none = 0, /**< no services */ + sec_serv_conf = 1, /**< confidentiality */ + sec_serv_auth = 2, /**< authentication */ + sec_serv_conf_and_auth = 3 /**< confidentiality and authentication */ +} srtp_sec_serv_t; + +/** + * @brief srtp_crypto_policy_t describes a particular crypto policy that * can be applied to an SRTP stream. * - * A crypto_policy_t describes a particular cryptographic policy that + * A srtp_crypto_policy_t describes a particular cryptographic policy that * can be applied to an SRTP or SRTCP stream. An SRTP session policy - * consists of a list of these policies, one for each SRTP stream + * consists of a list of these policies, one for each SRTP stream * in the session. */ +typedef struct srtp_crypto_policy_t { + srtp_cipher_type_id_t cipher_type; /**< An integer representing */ + /**< the type of cipher. */ + int cipher_key_len; /**< The length of the cipher key */ + /**< in octets. */ + srtp_auth_type_id_t auth_type; /**< An integer representing the */ + /**< authentication function. */ + int auth_key_len; /**< The length of the authentication */ + /**< function key in octets. */ + int auth_tag_len; /**< The length of the authentication */ + /**< tag in octets. */ + srtp_sec_serv_t sec_serv; /**< The flag indicating the security */ + /**< services to be applied. */ +} srtp_crypto_policy_t; -typedef struct crypto_policy_t { - cipher_type_id_t cipher_type; /**< An integer representing - * the type of cipher. */ - int cipher_key_len; /**< The length of the cipher key - * in octets. */ - auth_type_id_t auth_type; /**< An integer representing the - * authentication function. */ - int auth_key_len; /**< The length of the authentication - * function key in octets. */ - int auth_tag_len; /**< The length of the authentication - * tag in octets. */ - sec_serv_t sec_serv; /**< The flag indicating the security - * services to be applied. */ -} crypto_policy_t; - - -/** - * @brief ssrc_type_t describes the type of an SSRC. - * - * An ssrc_type_t enumeration is used to indicate a type of SSRC. See +/** + * @brief srtp_ssrc_type_t describes the type of an SSRC. + * + * An srtp_ssrc_type_t enumeration is used to indicate a type of SSRC. See * @ref srtp_policy_t for more informataion. */ - -typedef enum { - ssrc_undefined = 0, /**< Indicates an undefined SSRC type. */ - ssrc_specific = 1, /**< Indicates a specific SSRC value */ - ssrc_any_inbound = 2, /**< Indicates any inbound SSRC value - (i.e. a value that is used in the - function srtp_unprotect()) */ - ssrc_any_outbound = 3 /**< Indicates any outbound SSRC value - (i.e. a value that is used in the - function srtp_protect()) */ -} ssrc_type_t; +typedef enum { + ssrc_undefined = 0, /**< Indicates an undefined SSRC type. */ + ssrc_specific = 1, /**< Indicates a specific SSRC value */ + ssrc_any_inbound = 2, /**< Indicates any inbound SSRC value */ + /**< (i.e. a value that is used in the */ + /**< function srtp_unprotect()) */ + ssrc_any_outbound = 3 /**< Indicates any outbound SSRC value */ + /**< (i.e. a value that is used in the */ + /**< function srtp_protect()) */ +} srtp_ssrc_type_t; /** - * @brief An ssrc_t represents a particular SSRC value, or a `wildcard' SSRC. - * - * An ssrc_t represents a particular SSRC value (if its type is + * @brief An srtp_ssrc_t represents a particular SSRC value, or a `wildcard' + * SSRC. + * + * An srtp_ssrc_t represents a particular SSRC value (if its type is * ssrc_specific), or a wildcard SSRC value that will match all * outbound SSRCs (if its type is ssrc_any_outbound) or all inbound - * SSRCs (if its type is ssrc_any_inbound). - * + * SSRCs (if its type is ssrc_any_inbound). + */ +typedef struct { + srtp_ssrc_type_t type; /**< The type of this particular SSRC */ + unsigned int value; /**< The value of this SSRC, if it is not a */ + /**< wildcard */ +} srtp_ssrc_t; + +/** + * @brief points to an EKT policy */ +typedef struct srtp_ekt_policy_ctx_t *srtp_ekt_policy_t; -typedef struct { - ssrc_type_t type; /**< The type of this particular SSRC */ - uint32_t value; /**< The value of this SSRC, if it is not a wildcard */ -} ssrc_t; +/** + * @brief points to EKT stream data + */ +typedef struct srtp_ekt_stream_ctx_t *srtp_ekt_stream_t; +/** + * @brief srtp_master_key_t represents a master key. There will + * be a Master Key Index and the Master Key associated with the + * Master Key Index. Need to also keep track of the Master Key + * Index Size to correctly read it from a packet. + */ +typedef struct srtp_master_key_t { + unsigned char *key; + unsigned char *mki_id; + unsigned int mki_size; +} srtp_master_key_t; -/** - * @brief represents the policy for an SRTP session. +/** + * @brief represents the policy for an SRTP session. * * A single srtp_policy_t struct represents the policy for a single * SRTP stream, and a linked list of these elements represents the @@ -177,7 +302,7 @@ typedef struct { * master key for that stream, the SSRC describing that stream, or a * flag indicating a `wildcard' SSRC value, and a `next' field that * holds a pointer to the next element in the list of policy elements, - * or NULL if it is the last element. + * or NULL if it is the last element. * * The wildcard value SSRC_ANY_INBOUND matches any SSRC from an * inbound stream that for which there is no explicit SSRC entry in @@ -188,33 +313,44 @@ typedef struct { * is intentional, and it allows libSRTP to ensure that no security * lapses result from accidental re-use of SSRC values during key * sharing. - * - * + * * @warning The final element of the list @b must have its `next' pointer * set to NULL. */ typedef struct srtp_policy_t { - ssrc_t ssrc; /**< The SSRC value of stream, or the - * flags SSRC_ANY_INBOUND or - * SSRC_ANY_OUTBOUND if key sharing - * is used for this policy element. - */ - crypto_policy_t rtp; /**< SRTP crypto policy. */ - crypto_policy_t rtcp; /**< SRTCP crypto policy. */ - octet_t *key; /**< Pointer to the SRTP master key for - * this stream. */ - struct srtp_policy_t *next; /**< Pointer to next stream policy. */ + srtp_ssrc_t ssrc; /**< The SSRC value of stream, or the */ + /**< flags SSRC_ANY_INBOUND or */ + /**< SSRC_ANY_OUTBOUND if key sharing */ + /**< is used for this policy element. */ + srtp_crypto_policy_t rtp; /**< SRTP crypto policy. */ + srtp_crypto_policy_t rtcp; /**< SRTCP crypto policy. */ + unsigned char *key; /**< Pointer to the SRTP master key for */ + /**< this stream. */ + srtp_master_key_t **keys; /** Array of Master Key structures */ + unsigned long num_master_keys; /** Number of master keys */ + srtp_ekt_policy_t ekt; /**< Pointer to the EKT policy structure */ + /**< for this stream (if any) */ + unsigned long window_size; /**< The window size to use for replay */ + /**< protection. */ + int allow_repeat_tx; /**< Whether retransmissions of */ + /**< packets with the same sequence */ + /**< number are allowed. */ + /**< (Note that such repeated */ + /**< transmissions must have the same */ + /**< RTP payload, or a severe security */ + /**< weakness is introduced!) */ + int *enc_xtn_hdr; /**< List of header ids to encrypt. */ + int enc_xtn_hdr_count; /**< Number of entries in list of header */ + /**< ids. */ + struct srtp_policy_t *next; /**< Pointer to next stream policy. */ } srtp_policy_t; - - - /** * @brief An srtp_t points to an SRTP session structure. * * The typedef srtp_t is a pointer to a structure that represents - * an SRTP session. This datatype is intentially opaque in + * an SRTP session. This datatype is intentially opaque in * order to separate the interface from the implementation. * * An SRTP session consists of all of the traffic sent to the RTP and @@ -222,47 +358,34 @@ typedef struct srtp_policy_t { * Audio/Video Profile). A session can be viewed as a set of SRTP * streams, each of which originates with a different participant. */ - -typedef struct srtp_ctx_t *srtp_t; - +typedef srtp_ctx_t *srtp_t; /** - * @brief An srtp_stream_t points to an SRTP stream structure. - * - * The typedef srtp_stream_t is a pointer to a structure that - * represents an SRTP stream. This datatype is intentionally - * opaque in order to separate the interface from the implementation. - * - * An SRTP stream consists of all of the traffic sent to an SRTP - * session by a single participant. A session can be viewed as - * a set of streams. + * @brief srtp_init() initializes the srtp library. * + * @warning This function @b must be called before any other srtp + * functions. */ -typedef struct srtp_stream_ctx_t *srtp_stream_t; - - +srtp_err_status_t srtp_init(void); /** - * @brief srtp_init() initializes the srtp library. + * @brief srtp_shutdown() de-initializes the srtp library. * - * @warning This function @b must be called before any other srtp - * functions. + * @warning No srtp functions may be called after calling this function. */ - -err_status_t -srtp_init(); +srtp_err_status_t srtp_shutdown(void); /** * @brief srtp_protect() is the Secure RTP sender-side packet processing * function. - * + * * The function call srtp_protect(ctx, rtp_hdr, len_ptr) applies SRTP * protection to the RTP packet rtp_hdr (which has length *len_ptr) using - * the SRTP context ctx. If err_status_ok is returned, then rtp_hdr + * the SRTP context ctx. If srtp_err_status_ok is returned, then rtp_hdr * points to the resulting SRTP packet and *len_ptr is the number of * octets in that packet; otherwise, no assumptions should be made * about the value of either data elements. - * + * * The sequence numbers of the RTP packets presented to this function * need not be consecutive, but they @b must be out of order by less * than 2^15 = 32,768 packets. @@ -272,6 +395,11 @@ srtp_init(); * packet, and assumes that the RTP packet is aligned on a 32-bit * boundary. * + * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN + * into the location in memory immediately following the RTP packet. + * Callers MUST ensure that this much writable memory is available in + * the buffer that holds the RTP packet. + * * @param ctx is the SRTP context to use in processing the packet. * * @param rtp_hdr is a pointer to the RTP packet (before the call); after @@ -279,18 +407,70 @@ srtp_init(); * * @param len_ptr is a pointer to the length in octets of the complete * RTP packet (header and body) before the function call, and of the - * complete SRTP packet after the call, if err_status_ok was returned. + * complete SRTP packet after the call, if srtp_err_status_ok was returned. + * Otherwise, the value of the data to which it points is undefined. + * + * @return + * - srtp_err_status_ok no problems + * - srtp_err_status_replay_fail rtp sequence number was non-increasing + * - @e other failure in cryptographic mechanisms + */ +srtp_err_status_t srtp_protect(srtp_t ctx, void *rtp_hdr, int *len_ptr); + +/** + * @brief srtp_protect_mki() is the Secure RTP sender-side packet processing + * function that can utilize MKI. + * + * The function call srtp_protect(ctx, rtp_hdr, len_ptr) applies SRTP + * protection to the RTP packet rtp_hdr (which has length *len_ptr) using + * the SRTP context ctx. If srtp_err_status_ok is returned, then rtp_hdr + * points to the resulting SRTP packet and *len_ptr is the number of + * octets in that packet; otherwise, no assumptions should be made + * about the value of either data elements. + * + * The sequence numbers of the RTP packets presented to this function + * need not be consecutive, but they @b must be out of order by less + * than 2^15 = 32,768 packets. + * + * @warning This function assumes that it can write the authentication + * tag into the location in memory immediately following the RTP + * packet, and assumes that the RTP packet is aligned on a 32-bit + * boundary. + * + * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN + * into the location in memory immediately following the RTP packet. + * Callers MUST ensure that this much writable memory is available in + * the buffer that holds the RTP packet. + * + * @param ctx is the SRTP context to use in processing the packet. + * + * @param rtp_hdr is a pointer to the RTP packet (before the call); after + * the function returns, it points to the srtp packet. + * + * @param pkt_octet_len is a pointer to the length in octets of the complete + * RTP packet (header and body) before the function call, and of the + * complete SRTP packet after the call, if srtp_err_status_ok was returned. * Otherwise, the value of the data to which it points is undefined. * - * @return - * - err_status_ok no problems - * - err_status_replay_fail rtp sequence number was non-increasing + * @param use_mki is a boolean to tell the system if mki is being used. If + * set to false then will use the first set of session keys. If set to true + * will + * use the session keys identified by the mki_index + * + * @param mki_index integer value specifying which set of session keys should be + * used if use_mki is set to true. + * + * @return + * - srtp_err_status_ok no problems + * - srtp_err_status_replay_fail rtp sequence number was non-increasing * - @e other failure in cryptographic mechanisms */ +srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, + void *rtp_hdr, + int *pkt_octet_len, + unsigned int use_mki, + unsigned int mki_index); -err_status_t -srtp_protect(srtp_t ctx, void *rtp_hdr, int *len_ptr); - /** * @brief srtp_unprotect() is the Secure RTP receiver-side packet * processing function. @@ -298,93 +478,134 @@ srtp_protect(srtp_t ctx, void *rtp_hdr, int *len_ptr); * The function call srtp_unprotect(ctx, srtp_hdr, len_ptr) verifies * the Secure RTP protection of the SRTP packet pointed to by srtp_hdr * (which has length *len_ptr), using the SRTP context ctx. If - * err_status_ok is returned, then srtp_hdr points to the resulting + * srtp_err_status_ok is returned, then srtp_hdr points to the resulting * RTP packet and *len_ptr is the number of octets in that packet; * otherwise, no assumptions should be made about the value of either - * data elements. - * + * data elements. + * * The sequence numbers of the RTP packets presented to this function * need not be consecutive, but they @b must be out of order by less * than 2^15 = 32,768 packets. - * + * * @warning This function assumes that the SRTP packet is aligned on a * 32-bit boundary. * - * @param ctx is a pointer to the srtp_t which applies to the - * particular packet. + * @param ctx is the SRTP session which applies to the particular packet. * * @param srtp_hdr is a pointer to the header of the SRTP packet * (before the call). after the function returns, it points to the - * rtp packet if err_status_ok was returned; otherwise, the value of + * rtp packet if srtp_err_status_ok was returned; otherwise, the value of * the data to which it points is undefined. * * @param len_ptr is a pointer to the length in octets of the complete * srtp packet (header and body) before the function call, and of the - * complete rtp packet after the call, if err_status_ok was returned. + * complete rtp packet after the call, if srtp_err_status_ok was returned. * Otherwise, the value of the data to which it points is undefined. * - * @return - * - err_status_ok if the RTP packet is valid. - * - err_status_auth_fail if the SRTP packet failed the message - * authentication check. - * - err_status_replay_fail if the SRTP packet is a replay (e.g. packet has - * already been processed and accepted). + * @return + * - srtp_err_status_ok if the RTP packet is valid. + * - srtp_err_status_auth_fail if the SRTP packet failed the message + * authentication check. + * - srtp_err_status_replay_fail if the SRTP packet is a replay (e.g. packet + * has already been processed and accepted). * - [other] if there has been an error in the cryptographic mechanisms. * */ +srtp_err_status_t srtp_unprotect(srtp_t ctx, void *srtp_hdr, int *len_ptr); -err_status_t -srtp_unprotect(srtp_t ctx, void *srtp_hdr, int *len_ptr); - +/** + * @brief srtp_unprotect_mki() is the Secure RTP receiver-side packet + * processing function that checks for MKI. + * + * The function call srtp_unprotect(ctx, srtp_hdr, len_ptr) verifies + * the Secure RTP protection of the SRTP packet pointed to by srtp_hdr + * (which has length *len_ptr), using the SRTP context ctx. If + * srtp_err_status_ok is returned, then srtp_hdr points to the resulting + * RTP packet and *len_ptr is the number of octets in that packet; + * otherwise, no assumptions should be made about the value of either + * data elements. + * + * The sequence numbers of the RTP packets presented to this function + * need not be consecutive, but they @b must be out of order by less + * than 2^15 = 32,768 packets. + * + * @warning This function assumes that the SRTP packet is aligned on a + * 32-bit boundary. + * + * @param ctx is the SRTP session which applies to the particular packet. + * + * @param srtp_hdr is a pointer to the header of the SRTP packet + * (before the call). after the function returns, it points to the + * rtp packet if srtp_err_status_ok was returned; otherwise, the value of + * the data to which it points is undefined. + * + * @param len_ptr is a pointer to the length in octets of the complete + * srtp packet (header and body) before the function call, and of the + * complete rtp packet after the call, if srtp_err_status_ok was returned. + * Otherwise, the value of the data to which it points is undefined. + * + * @param use_mki is a boolean to tell the system if mki is being used. If + * set to false then will use the first set of session keys. If set to true + * will + * use the session keys identified by the mki_index + * + * @return + * - srtp_err_status_ok if the RTP packet is valid. + * - srtp_err_status_auth_fail if the SRTP packet failed the message + * authentication check. + * - srtp_err_status_replay_fail if the SRTP packet is a replay (e.g. packet + * has already been processed and accepted). + * - srtp_err_status_bad_mki if the MKI in the packet is not a known MKI id + * - [other] if there has been an error in the cryptographic mechanisms. + * + */ +srtp_err_status_t srtp_unprotect_mki(srtp_t ctx, + void *srtp_hdr, + int *len_ptr, + unsigned int use_mki); /** * @brief srtp_create() allocates and initializes an SRTP session. - * The function call srtp_create(session, policy, key) allocates and - * initializes an SRTP session context, applying the given policy and - * key. + * The function call srtp_create(session, policy) allocates and + * initializes an SRTP session context, applying the given policy. + * + * @param session is a pointer to the SRTP session to which the policy is + * to be added. * - * @param session is the SRTP session to which the policy is to be added. - * * @param policy is the srtp_policy_t struct that describes the policy * for the session. The struct may be a single element, or it may be * the head of a list, in which case each element of the list is - * processed. The final element of the list @b must have its `next' - * field set to zero. - * + * processed. It may also be NULL, in which case streams should be added + * later using srtp_add_stream(). The final element of the list @b must + * have its `next' field set to NULL. + * * @return - * - err_status_ok if creation succeded. - * - err_status_alloc_fail if allocation failed. - * - err_status_init_fail if initialization failed. + * - srtp_err_status_ok if creation succeded. + * - srtp_err_status_alloc_fail if allocation failed. + * - srtp_err_status_init_fail if initialization failed. */ - -err_status_t -srtp_create(srtp_t *session, const srtp_policy_t *policy); - +srtp_err_status_t srtp_create(srtp_t *session, const srtp_policy_t *policy); /** * @brief srtp_add_stream() allocates and initializes an SRTP stream * within a given SRTP session. - * + * * The function call srtp_add_stream(session, policy) allocates and * initializes a new SRTP stream within a given, previously created * session, applying the policy given as the other argument to that * stream. * * @return values: - * - err_status_ok if stream creation succeded. - * - err_status_alloc_fail if stream allocation failed - * - err_status_init_fail if stream initialization failed. + * - srtp_err_status_ok if stream creation succeded. + * - srtp_err_status_alloc_fail if stream allocation failed + * - srtp_err_status_init_fail if stream initialization failed. */ - -err_status_t -srtp_add_stream(srtp_t session, - const srtp_policy_t *policy); - +srtp_err_status_t srtp_add_stream(srtp_t session, const srtp_policy_t *policy); /** * @brief srtp_remove_stream() deallocates an SRTP stream. - * + * * The function call srtp_remove_stream(session, ssrc) removes * the SRTP stream with the SSRC value ssrc from the SRTP session * context given by the argument session. @@ -392,143 +613,662 @@ srtp_add_stream(srtp_t session, * @param session is the SRTP session from which the stream * will be removed. * - * @param ssrc is the SSRC value of the stream to be removed. + * @param ssrc is the SSRC value of the stream to be removed + * in network byte order. * * @warning Wildcard SSRC values cannot be removed from a * session. - * + * * @return - * - err_status_ok if the stream deallocation succeded. + * - srtp_err_status_ok if the stream deallocation succeded. * - [other] otherwise. * */ +srtp_err_status_t srtp_remove_stream(srtp_t session, unsigned int ssrc); + +/** + * @brief srtp_update() udpates all streams in the session. + * + * The function call srtp_update(session, policy) updates + * all the streams in the session applying the given policy + * and key. The exsisting ROC value of all streams will be + * preserved. + * + * @param session is the SRTP session that contains the streams + * to be updated. + * + * @param policy is the srtp_policy_t struct that describes the policy + * for the session. The struct may be a single element, or it may be + * the head of a list, in which case each element of the list is + * processed. The final element of the list @b must + * have its `next' field set to NULL. + * + * @return + * - srtp_err_status_ok if stream creation succeded. + * - srtp_err_status_alloc_fail if stream allocation failed + * - srtp_err_status_init_fail if stream initialization failed. + * - [other] otherwise. + * + */ +srtp_err_status_t srtp_update(srtp_t session, const srtp_policy_t *policy); -err_status_t -srtp_remove_stream(srtp_t session, uint32_t ssrc); +/** + * @brief srtp_update_stream() udpates a SRTP stream. + * + * The function call srtp_update_stream(session, policy) updates + * the stream(s) in the session that match applying the given + * policy and key. The exsisting ROC value of all stream(s) will + * be preserved. + * + * @param session is the SRTP session that contains the streams + * to be updated. + * + * @param policy is the srtp_policy_t struct that describes the policy + * for the session. + * + * @return + * - srtp_err_status_ok if stream creation succeded. + * - srtp_err_status_alloc_fail if stream allocation failed + * - srtp_err_status_init_fail if stream initialization failed. + * - [other] otherwise. + * + */ +srtp_err_status_t srtp_update_stream(srtp_t session, + const srtp_policy_t *policy); /** - * @brief crypto_policy_set_rtp_default() sets a crypto policy + * @brief srtp_crypto_policy_set_rtp_default() sets a crypto policy * structure to the SRTP default policy for RTP protection. * - * @param p is a pointer to the policy strucutre to be set to the - * default policy. - * - * The function call crypto_policy_set_rtp_default(&p) sets the - * crypto_policy_t at location p to the SRTP default policy for RTP + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_rtp_default(&p) sets the + * srtp_crypto_policy_t at location p to the SRTP default policy for RTP * protection, as defined in the specification. This function is a * convenience that helps to avoid dealing directly with the policy * data structure. You are encouraged to initialize policy elements * with this function call. Doing so may allow your code to be * forward compatible with later versions of libSRTP that include more - * elements in the crypto_policy_t datatype. - * + * elements in the srtp_crypto_policy_t datatype. + * * @return void. - * + * */ - -void -crypto_policy_set_rtp_default(crypto_policy_t *p); +void srtp_crypto_policy_set_rtp_default(srtp_crypto_policy_t *p); /** - * @brief crypto_policy_set_rtcp_default() sets a crypto policy + * @brief srtp_crypto_policy_set_rtcp_default() sets a crypto policy * structure to the SRTP default policy for RTCP protection. * - * @param p is a pointer to the policy strucutre to be set to the - * default policy. - * - * The function call crypto_policy_set_rtcp_default(&p) sets the - * crypto_policy_t at location p to the SRTP default policy for RTCP + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_rtcp_default(&p) sets the + * srtp_crypto_policy_t at location p to the SRTP default policy for RTCP * protection, as defined in the specification. This function is a * convenience that helps to avoid dealing directly with the policy * data structure. You are encouraged to initialize policy elements * with this function call. Doing so may allow your code to be * forward compatible with later versions of libSRTP that include more - * elements in the crypto_policy_t datatype. - * + * elements in the srtp_crypto_policy_t datatype. + * * @return void. - * + * */ +void srtp_crypto_policy_set_rtcp_default(srtp_crypto_policy_t *p); -void -crypto_policy_set_rtcp_default(crypto_policy_t *p); +/** + * @brief srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80() sets a crypto + * policy structure to the SRTP default policy for RTP protection. + * + * @param p is a pointer to the policy structure to be set + * + * The function srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80() is a + * synonym for srtp_crypto_policy_set_rtp_default(). It conforms to the + * naming convention used in RFC 4568 (SDP Security Descriptions for + * Media Streams). + * + * @return void. + * + */ +#define srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(p) \ + srtp_crypto_policy_set_rtp_default(p) /** - * @brief srtp_dealloc() deallocates storage for an SRTP session - * context. - * - * The function call srtp_dealloc(s) deallocates storage for the - * SRTP session context s. This function should be called no more - * than one time for each of the contexts allocated by the function - * srtp_create(). + * @brief srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32() sets a crypto + * policy structure to a short-authentication tag policy * - * @param s is the srtp_t for the session to be deallocated. + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(&p) + * sets the srtp_crypto_policy_t at location p to use policy + * AES_CM_128_HMAC_SHA1_32 as defined in RFC 4568. + * This policy uses AES-128 + * Counter Mode encryption and HMAC-SHA1 authentication, with an + * authentication tag that is only 32 bits long. This length is + * considered adequate only for protecting audio and video media that + * use a stateless playback function. See Section 7.5 of RFC 3711 + * (http://www.ietf.org/rfc/rfc3711.txt). + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @warning This crypto policy is intended for use in SRTP, but not in + * SRTCP. It is recommended that a policy that uses longer + * authentication tags be used for SRTCP. See Section 7.5 of RFC 3711 + * (http://www.ietf.org/rfc/rfc3711.txt). + * + * @return void. * - * @return - * - err_status_ok if there no problems. - * - err_status_dealloc_fail a memory deallocation failure occured. */ +void srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(srtp_crypto_policy_t *p); -err_status_t -srtp_dealloc(srtp_t s); +/** + * @brief srtp_crypto_policy_set_aes_cm_128_null_auth() sets a crypto + * policy structure to an encryption-only policy + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_cm_128_null_auth(&p) sets + * the srtp_crypto_policy_t at location p to use the SRTP default cipher + * (AES-128 Counter Mode), but to use no authentication method. This + * policy is NOT RECOMMENDED unless it is unavoidable; see Section 7.5 + * of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @warning This policy is NOT RECOMMENDED for SRTP unless it is + * unavoidable, and it is NOT RECOMMENDED at all for SRTCP; see + * Section 7.5 of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). + * + * @return void. + * + */ +void srtp_crypto_policy_set_aes_cm_128_null_auth(srtp_crypto_policy_t *p); +/** + * @brief srtp_crypto_policy_set_null_cipher_hmac_sha1_80() sets a crypto + * policy structure to an authentication-only policy + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&p) + * sets the srtp_crypto_policy_t at location p to use HMAC-SHA1 with an 80 + * bit authentication tag to provide message authentication, but to + * use no encryption. This policy is NOT RECOMMENDED for SRTP unless + * there is a requirement to forego encryption. + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @warning This policy is NOT RECOMMENDED for SRTP unless there is a + * requirement to forego encryption. + * + * @return void. + * + */ +void srtp_crypto_policy_set_null_cipher_hmac_sha1_80(srtp_crypto_policy_t *p); +/** + * @brief srtp_crypto_policy_set_null_cipher_hmac_null() sets a crypto + * policy structure to use no encryption or authentication. + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_null_cipher_hmac_null(&p) + * sets the srtp_crypto_policy_t at location p to use no encryption and + * no authentication. This policy should only be used for testing and + * troubleshootingl. + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @warning This policy is NOT RECOMMENDED for SRTP unless there is a + * requirement to forego encryption and authentication. + * + * @return void. + * + */ +void srtp_crypto_policy_set_null_cipher_hmac_null(srtp_crypto_policy_t *p); /** - * @} + * @brief srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80() sets a crypto + * policy structure to a encryption and authentication policy using AES-256 + * for RTP protection. + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&p) + * sets the srtp_crypto_policy_t at location p to use policy + * AES_CM_256_HMAC_SHA1_80 as defined in RFC 6188. This policy uses AES-256 + * Counter Mode encryption and HMAC-SHA1 authentication, with an 80 bit + * authentication tag. + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @return void. + * */ +void srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(srtp_crypto_policy_t *p); +/** + * @brief srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32() sets a crypto + * policy structure to a short-authentication tag policy using AES-256 + * encryption. + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32(&p) + * sets the srtp_crypto_policy_t at location p to use policy + * AES_CM_256_HMAC_SHA1_32 as defined in RFC 6188. This policy uses AES-256 + * Counter Mode encryption and HMAC-SHA1 authentication, with an + * authentication tag that is only 32 bits long. This length is + * considered adequate only for protecting audio and video media that + * use a stateless playback function. See Section 7.5 of RFC 3711 + * (http://www.ietf.org/rfc/rfc3711.txt). + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @warning This crypto policy is intended for use in SRTP, but not in + * SRTCP. It is recommended that a policy that uses longer + * authentication tags be used for SRTCP. See Section 7.5 of RFC 3711 + * (http://www.ietf.org/rfc/rfc3711.txt). + * + * @return void. + * + */ +void srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32(srtp_crypto_policy_t *p); +/** + * @brief srtp_crypto_policy_set_aes_cm_256_null_auth() sets a crypto + * policy structure to an encryption-only policy + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_cm_256_null_auth(&p) sets + * the srtp_crypto_policy_t at location p to use the SRTP default cipher + * (AES-256 Counter Mode), but to use no authentication method. This + * policy is NOT RECOMMENDED unless it is unavoidable; see Section 7.5 + * of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @warning This policy is NOT RECOMMENDED for SRTP unless it is + * unavoidable, and it is NOT RECOMMENDED at all for SRTCP; see + * Section 7.5 of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). + * + * @return void. + * + */ +void srtp_crypto_policy_set_aes_cm_256_null_auth(srtp_crypto_policy_t *p); +/** + * @brief srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80() sets a crypto + * policy structure to a encryption and authentication policy using AES-192 + * for RTP protection. + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80(&p) + * sets the srtp_crypto_policy_t at location p to use policy + * AES_CM_192_HMAC_SHA1_80 as defined in RFC 6188. This policy uses AES-192 + * Counter Mode encryption and HMAC-SHA1 authentication, with an 80 bit + * authentication tag. + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @return void. + * + */ +void srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80(srtp_crypto_policy_t *p); +/** + * @brief srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32() sets a crypto + * policy structure to a short-authentication tag policy using AES-192 + * encryption. + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32(&p) + * sets the srtp_crypto_policy_t at location p to use policy + * AES_CM_192_HMAC_SHA1_32 as defined in RFC 6188. This policy uses AES-192 + * Counter Mode encryption and HMAC-SHA1 authentication, with an + * authentication tag that is only 32 bits long. This length is + * considered adequate only for protecting audio and video media that + * use a stateless playback function. See Section 7.5 of RFC 3711 + * (http://www.ietf.org/rfc/rfc3711.txt). + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @warning This crypto policy is intended for use in SRTP, but not in + * SRTCP. It is recommended that a policy that uses longer + * authentication tags be used for SRTCP. See Section 7.5 of RFC 3711 + * (http://www.ietf.org/rfc/rfc3711.txt). + * + * @return void. + * + */ +void srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32(srtp_crypto_policy_t *p); -/* - * libsrtp internal datatypes - */ - -typedef enum direction_t { - dir_unknown = 0, - dir_srtp_sender = 1, - dir_srtp_receiver = 2 -} direction_t; - -/* - * an srtp_stream_t has its own SSRC, encryption key, authentication - * key, sequence number, and replay database - * - * note that the keys might not actually be unique, in which case the - * cipher_t and auth_t pointers will point to the same structures - */ - -typedef struct srtp_stream_ctx_t { - uint32_t ssrc; - cipher_t *rtp_cipher; - auth_t *rtp_auth; - rdbx_t rtp_rdbx; - sec_serv_t rtp_services; - cipher_t *rtcp_cipher; - auth_t *rtcp_auth; - rdb_t rtcp_rdb; - sec_serv_t rtcp_services; - key_limit_ctx_t *limit; - direction_t direction; - struct srtp_stream_ctx_t *next; /* linked list of streams */ -} srtp_stream_ctx_t; +/** + * @brief srtp_crypto_policy_set_aes_cm_192_null_auth() sets a crypto + * policy structure to an encryption-only policy + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_cm_192_null_auth(&p) sets + * the srtp_crypto_policy_t at location p to use the SRTP default cipher + * (AES-192 Counter Mode), but to use no authentication method. This + * policy is NOT RECOMMENDED unless it is unavoidable; see Section 7.5 + * of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @warning This policy is NOT RECOMMENDED for SRTP unless it is + * unavoidable, and it is NOT RECOMMENDED at all for SRTCP; see + * Section 7.5 of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). + * + * @return void. + * + */ +void srtp_crypto_policy_set_aes_cm_192_null_auth(srtp_crypto_policy_t *p); + +/** + * @brief srtp_crypto_policy_set_aes_gcm_128_8_auth() sets a crypto + * policy structure to an AEAD encryption policy. + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_gcm_128_8_auth(&p) sets + * the srtp_crypto_policy_t at location p to use the SRTP default cipher + * (AES-128 Galois Counter Mode) with 8 octet auth tag. This + * policy applies confidentiality and authentication to both the + * RTP and RTCP packets. + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @return void. + * + */ +void srtp_crypto_policy_set_aes_gcm_128_8_auth(srtp_crypto_policy_t *p); + +/** + * @brief srtp_crypto_policy_set_aes_gcm_256_8_auth() sets a crypto + * policy structure to an AEAD encryption policy + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_gcm_256_8_auth(&p) sets + * the srtp_crypto_policy_t at location p to use the SRTP default cipher + * (AES-256 Galois Counter Mode) with 8 octet auth tag. This + * policy applies confidentiality and authentication to both the + * RTP and RTCP packets. + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @return void. + * + */ +void srtp_crypto_policy_set_aes_gcm_256_8_auth(srtp_crypto_policy_t *p); + +/** + * @brief srtp_crypto_policy_set_aes_gcm_128_8_only_auth() sets a crypto + * policy structure to an AEAD authentication-only policy + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&p) sets + * the srtp_crypto_policy_t at location p to use the SRTP default cipher + * (AES-128 Galois Counter Mode) with 8 octet auth tag. This policy + * applies confidentiality and authentication to the RTP packets, + * but only authentication to the RTCP packets. + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @return void. + * + */ +void srtp_crypto_policy_set_aes_gcm_128_8_only_auth(srtp_crypto_policy_t *p); + +/** + * @brief srtp_crypto_policy_set_aes_gcm_256_8_only_auth() sets a crypto + * policy structure to an AEAD authentication-only policy + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&p) sets + * the srtp_crypto_policy_t at location p to use the SRTP default cipher + * (AES-256 Galois Counter Mode) with 8 octet auth tag. This policy + * applies confidentiality and authentication to the RTP packets, + * but only authentication to the RTCP packets. + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @return void. + * + */ +void srtp_crypto_policy_set_aes_gcm_256_8_only_auth(srtp_crypto_policy_t *p); + +/** + * @brief srtp_crypto_policy_set_aes_gcm_128_16_auth() sets a crypto + * policy structure to an AEAD encryption policy. + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_gcm_128_16_auth(&p) sets + * the srtp_crypto_policy_t at location p to use the SRTP default cipher + * (AES-128 Galois Counter Mode) with 16 octet auth tag. This + * policy applies confidentiality and authentication to both the + * RTP and RTCP packets. + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @return void. + * + */ +void srtp_crypto_policy_set_aes_gcm_128_16_auth(srtp_crypto_policy_t *p); + +/** + * @brief srtp_crypto_policy_set_aes_gcm_256_16_auth() sets a crypto + * policy structure to an AEAD encryption policy + * + * @param p is a pointer to the policy structure to be set + * + * The function call srtp_crypto_policy_set_aes_gcm_256_16_auth(&p) sets + * the srtp_crypto_policy_t at location p to use the SRTP default cipher + * (AES-256 Galois Counter Mode) with 16 octet auth tag. This + * policy applies confidentiality and authentication to both the + * RTP and RTCP packets. + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @return void. + * + */ +void srtp_crypto_policy_set_aes_gcm_256_16_auth(srtp_crypto_policy_t *p); +/** + * @brief srtp_dealloc() deallocates storage for an SRTP session + * context. + * + * The function call srtp_dealloc(s) deallocates storage for the + * SRTP session context s. This function should be called no more + * than one time for each of the contexts allocated by the function + * srtp_create(). + * + * @param s is the srtp_t for the session to be deallocated. + * + * @return + * - srtp_err_status_ok if there no problems. + * - srtp_err_status_dealloc_fail a memory deallocation failure occured. + */ +srtp_err_status_t srtp_dealloc(srtp_t s); /* - * an srtp_ctx_t holds a stream list and a service description + * @brief identifies a particular SRTP profile + * + * An srtp_profile_t enumeration is used to identify a particular SRTP + * profile (that is, a set of algorithms and parameters). These profiles + * are defined for DTLS-SRTP: + * https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml + */ +typedef enum { + srtp_profile_reserved = 0, + srtp_profile_aes128_cm_sha1_80 = 1, + srtp_profile_aes128_cm_sha1_32 = 2, + srtp_profile_null_sha1_80 = 5, + srtp_profile_null_sha1_32 = 6, + srtp_profile_aead_aes_128_gcm = 7, + srtp_profile_aead_aes_256_gcm = 8, +} srtp_profile_t; + +/** + * @brief srtp_crypto_policy_set_from_profile_for_rtp() sets a crypto policy + * structure to the appropriate value for RTP based on an srtp_profile_t + * + * @param policy is a pointer to the policy structure to be set + * + * @param profile is an enumeration for the policy to be set + * + * The function call srtp_crypto_policy_set_rtp_default(&policy, profile) + * sets the srtp_crypto_policy_t at location policy to the policy for RTP + * protection, as defined by the srtp_profile_t profile. + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @return values + * - srtp_err_status_ok no problems were encountered + * - srtp_err_status_bad_param the profile is not supported + * + */ +srtp_err_status_t srtp_crypto_policy_set_from_profile_for_rtp( + srtp_crypto_policy_t *policy, + srtp_profile_t profile); + +/** + * @brief srtp_crypto_policy_set_from_profile_for_rtcp() sets a crypto policy + * structure to the appropriate value for RTCP based on an srtp_profile_t + * + * @param policy is a pointer to the policy structure to be set + * + * @param profile is an enumeration for the policy to be set + * + * The function call srtp_crypto_policy_set_rtcp_default(&policy, profile) + * sets the srtp_crypto_policy_t at location policy to the policy for RTCP + * protection, as defined by the srtp_profile_t profile. + * + * This function is a convenience that helps to avoid dealing directly + * with the policy data structure. You are encouraged to initialize + * policy elements with this function call. Doing so may allow your + * code to be forward compatible with later versions of libSRTP that + * include more elements in the srtp_crypto_policy_t datatype. + * + * @return values + * - srtp_err_status_ok no problems were encountered + * - srtp_err_status_bad_param the profile is not supported + * */ +srtp_err_status_t srtp_crypto_policy_set_from_profile_for_rtcp( + srtp_crypto_policy_t *policy, + srtp_profile_t profile); -typedef struct srtp_ctx_t { - srtp_stream_ctx_t *stream_list; /* linked list of streams */ - srtp_stream_ctx_t *stream_template; /* act as template for other streams */ -} srtp_ctx_t; +/** + * @brief returns the master key length for a given SRTP profile + */ +unsigned int srtp_profile_get_master_key_length(srtp_profile_t profile); +/** + * @brief returns the master salt length for a given SRTP profile + */ +unsigned int srtp_profile_get_master_salt_length(srtp_profile_t profile); + +/** + * @brief appends the salt to the key + * + * The function call srtp_append_salt_to_key(k, klen, s, slen) + * copies the string s to the location at klen bytes following + * the location k. + * + * @warning There must be at least bytes_in_salt + bytes_in_key bytes + * available at the location pointed to by key. + * + */ +void srtp_append_salt_to_key(unsigned char *key, + unsigned int bytes_in_key, + unsigned char *salt, + unsigned int bytes_in_salt); +/** + * @} + */ /** * @defgroup SRTCP Secure RTCP - * @ingroup SRTP + * @ingroup SRTP * * @brief Secure RTCP functions are used to protect RTCP traffic. * @@ -536,31 +1276,36 @@ typedef struct srtp_ctx_t { * traffic in much the same way as it does RTP traffic. The function * srtp_protect_rtcp() applies cryptographic protections to outbound * RTCP packets, and srtp_unprotect_rtcp() verifies the protections on - * inbound RTCP packets. + * inbound RTCP packets. * * A note on the naming convention: srtp_protect_rtcp() has an srtp_t * as its first argument, and thus has `srtp_' as its prefix. The - * trailing `_rtcp' indicates the protocol on which it acts. - * + * trailing `_rtcp' indicates the protocol on which it acts. + * * @{ */ /** * @brief srtp_protect_rtcp() is the Secure RTCP sender-side packet * processing function. - * + * * The function call srtp_protect_rtcp(ctx, rtp_hdr, len_ptr) applies * SRTCP protection to the RTCP packet rtcp_hdr (which has length - * *len_ptr) using the SRTP session context ctx. If err_status_ok is + * *len_ptr) using the SRTP session context ctx. If srtp_err_status_ok is * returned, then rtp_hdr points to the resulting SRTCP packet and * *len_ptr is the number of octets in that packet; otherwise, no * assumptions should be made about the value of either data elements. - * + * * @warning This function assumes that it can write the authentication * tag into the location in memory immediately following the RTCP * packet, and assumes that the RTCP packet is aligned on a 32-bit * boundary. * + * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN+4 + * into the location in memory immediately following the RTCP packet. + * Callers MUST ensure that this much writable memory is available in + * the buffer that holds the RTCP packet. + * * @param ctx is the SRTP context to use in processing the packet. * * @param rtcp_hdr is a pointer to the RTCP packet (before the call); after @@ -568,19 +1313,69 @@ typedef struct srtp_ctx_t { * * @param pkt_octet_len is a pointer to the length in octets of the * complete RTCP packet (header and body) before the function call, - * and of the complete SRTCP packet after the call, if err_status_ok + * and of the complete SRTCP packet after the call, if srtp_err_status_ok * was returned. Otherwise, the value of the data to which it points * is undefined. * - * @return - * - err_status_ok if there were no problems. - * - [other] if there was a failure in + * @return + * - srtp_err_status_ok if there were no problems. + * - [other] if there was a failure in * the cryptographic mechanisms. */ - +srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, + void *rtcp_hdr, + int *pkt_octet_len); -err_status_t -srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len); +/** + * @brief srtp_protect_rtcp_mki() is the Secure RTCP sender-side packet + * processing function that can utilize mki. + * + * The function call srtp_protect_rtcp(ctx, rtp_hdr, len_ptr) applies + * SRTCP protection to the RTCP packet rtcp_hdr (which has length + * *len_ptr) using the SRTP session context ctx. If srtp_err_status_ok is + * returned, then rtp_hdr points to the resulting SRTCP packet and + * *len_ptr is the number of octets in that packet; otherwise, no + * assumptions should be made about the value of either data elements. + * + * @warning This function assumes that it can write the authentication + * tag into the location in memory immediately following the RTCP + * packet, and assumes that the RTCP packet is aligned on a 32-bit + * boundary. + * + * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN+4 + * into the location in memory immediately following the RTCP packet. + * Callers MUST ensure that this much writable memory is available in + * the buffer that holds the RTCP packet. + * + * @param ctx is the SRTP context to use in processing the packet. + * + * @param rtcp_hdr is a pointer to the RTCP packet (before the call); after + * the function returns, it points to the srtp packet. + * + * @param pkt_octet_len is a pointer to the length in octets of the + * complete RTCP packet (header and body) before the function call, + * and of the complete SRTCP packet after the call, if srtp_err_status_ok + * was returned. Otherwise, the value of the data to which it points + * is undefined. + * + * @param use_mki is a boolean to tell the system if mki is being used. If + * set to false then will use the first set of session keys. If set to true + * will + * use the session keys identified by the mki_index + * + * @param mki_index integer value specifying which set of session kesy should be + * used if use_mki is set to true. + * + * @return + * - srtp_err_status_ok if there were no problems. + * - [other] if there was a failure in + * the cryptographic mechanisms. + */ +srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, + void *rtcp_hdr, + int *pkt_octet_len, + unsigned int use_mki, + unsigned int mki_index); /** * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet @@ -589,11 +1384,11 @@ srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len); * The function call srtp_unprotect_rtcp(ctx, srtp_hdr, len_ptr) * verifies the Secure RTCP protection of the SRTCP packet pointed to * by srtcp_hdr (which has length *len_ptr), using the SRTP session - * context ctx. If err_status_ok is returned, then srtcp_hdr points + * context ctx. If srtp_err_status_ok is returned, then srtcp_hdr points * to the resulting RTCP packet and *len_ptr is the number of octets * in that packet; otherwise, no assumptions should be made about the * value of either data elements. - * + * * @warning This function assumes that the SRTCP packet is aligned on a * 32-bit boundary. * @@ -602,27 +1397,122 @@ srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len); * * @param srtcp_hdr is a pointer to the header of the SRTCP packet * (before the call). After the function returns, it points to the - * rtp packet if err_status_ok was returned; otherwise, the value of + * rtp packet if srtp_err_status_ok was returned; otherwise, the value of * the data to which it points is undefined. * * @param pkt_octet_len is a pointer to the length in octets of the * complete SRTCP packet (header and body) before the function call, - * and of the complete rtp packet after the call, if err_status_ok was + * and of the complete rtp packet after the call, if srtp_err_status_ok was * returned. Otherwise, the value of the data to which it points is * undefined. * - * @return - * - err_status_ok if the RTCP packet is valid. - * - err_status_auth_fail if the SRTCP packet failed the message + * @return + * - srtp_err_status_ok if the RTCP packet is valid. + * - srtp_err_status_auth_fail if the SRTCP packet failed the message * authentication check. - * - err_status_replay_fail if the SRTCP packet is a replay (e.g. has + * - srtp_err_status_replay_fail if the SRTCP packet is a replay (e.g. has * already been processed and accepted). * - [other] if there has been an error in the cryptographic mechanisms. * */ +srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, + void *srtcp_hdr, + int *pkt_octet_len); + +/** + * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet + * processing function. + * + * The function call srtp_unprotect_rtcp(ctx, srtp_hdr, len_ptr) + * verifies the Secure RTCP protection of the SRTCP packet pointed to + * by srtcp_hdr (which has length *len_ptr), using the SRTP session + * context ctx. If srtp_err_status_ok is returned, then srtcp_hdr points + * to the resulting RTCP packet and *len_ptr is the number of octets + * in that packet; otherwise, no assumptions should be made about the + * value of either data elements. + * + * @warning This function assumes that the SRTCP packet is aligned on a + * 32-bit boundary. + * + * @param ctx is a pointer to the srtp_t which applies to the + * particular packet. + * + * @param srtcp_hdr is a pointer to the header of the SRTCP packet + * (before the call). After the function returns, it points to the + * rtp packet if srtp_err_status_ok was returned; otherwise, the value of + * the data to which it points is undefined. + * + * @param pkt_octet_len is a pointer to the length in octets of the + * complete SRTCP packet (header and body) before the function call, + * and of the complete rtp packet after the call, if srtp_err_status_ok was + * returned. Otherwise, the value of the data to which it points is + * undefined. + * + * @param use_mki is a boolean to tell the system if mki is being used. If + * set to false then will use the first set of session keys. If set to true + * will use the session keys identified by the mki_index + * + * @return + * - srtp_err_status_ok if the RTCP packet is valid. + * - srtp_err_status_auth_fail if the SRTCP packet failed the message + * authentication check. + * - srtp_err_status_replay_fail if the SRTCP packet is a replay (e.g. has + * already been processed and accepted). + * - srtp_err_status_bad_mki if the MKI in the packet is not a known MKI + * id + * - [other] if there has been an error in the + * cryptographic mechanisms. + * + */ +srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, + void *srtcp_hdr, + int *pkt_octet_len, + unsigned int use_mki); + +/** + * @} + */ + +/** + * @defgroup User data associated to a SRTP session. + * @ingroup SRTP + * + * @brief Store custom user data within a SRTP session. + * + * @{ + */ + +/** + * @brief srtp_set_user_data() stores the given pointer into the SRTP + * session for later retrieval. + * + * @param ctx is the srtp_t context in which the given data pointer is + * stored. + * + * @param data is a pointer to the custom information (struct, function, + * etc) associated with the SRTP session. + * + * @return void. + * + */ +void srtp_set_user_data(srtp_t ctx, void *data); -err_status_t -srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len); +/** + * @brief srtp_get_user_data() retrieves the pointer to the custom data + * previously stored with srtp_set_user_data(). + * + * This function is mostly useful for retrieving data associated to a + * SRTP session when an event fires. The user can then get such a custom + * data by calling this function with the session field of the + * srtp_event_data_t struct as argument. + * + * @param ctx is the srtp_t context in which the given data pointer was + * stored. + * + * @return void* pointer to the user data. + * + */ +void *srtp_get_user_data(srtp_t ctx); /** * @} @@ -632,10 +1522,10 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len); * @defgroup SRTPevents SRTP events and callbacks * @ingroup SRTP * - * @brief libSRTP can use a user-provided callback function to + * @brief libSRTP can use a user-provided callback function to * handle events. * - * + * * libSRTP allows a user to provide a callback function to handle * events that need to be dealt with outside of the data plane (see * the enum srtp_event_t for a description of these events). Dealing @@ -656,47 +1546,41 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len); * @brief srtp_event_t defines events that need to be handled * * The enum srtp_event_t defines events that need to be handled - * outside the `data plane', such as SSRC collisions and - * key expirations. + * outside the `data plane', such as SSRC collisions and + * key expirations. * * When a key expires or the maximum number of packets has been * reached, an SRTP stream will enter an `expired' state in which no * more packets can be protected or unprotected. When this happens, * it is likely that you will want to either deallocate the stream - * (using srtp_stream_dealloc()), and possibly allocate a new one. + * (using srtp_remove_stream()), and possibly allocate a new one. * * When an SRTP stream expires, the other streams in the same session * are unaffected, unless key sharing is used by that stream. In the * latter case, all of the streams in the session will expire. */ - -typedef enum { - event_ssrc_collision, /**< - * An SSRC collision occured. - */ - event_key_soft_limit, /**< An SRTP stream reached the soft key - * usage limit and will expire soon. - */ - event_key_hard_limit, /**< An SRTP stream reached the hard - * key usage limit and has expired. - */ - event_packet_index_limit /**< An SRTP stream reached the hard - * packet limit (2^48 packets). - */ +typedef enum { + event_ssrc_collision, /**< An SSRC collision occured. */ + event_key_soft_limit, /**< An SRTP stream reached the soft key */ + /**< usage limit and will expire soon. */ + event_key_hard_limit, /**< An SRTP stream reached the hard */ + /**< key usage limit and has expired. */ + event_packet_index_limit /**< An SRTP stream reached the hard */ + /**< packet limit (2^48 packets). */ } srtp_event_t; /** - * @brief srtp_event_data_t is the structure passed as a callback to + * @brief srtp_event_data_t is the structure passed as a callback to * the event handler function * * The struct srtp_event_data_t holds the data passed to the event - * handler function. + * handler function. */ - typedef struct srtp_event_data_t { - srtp_t session; /**< The session in which the event happend. */ - srtp_stream_t stream; /**< The stream in which the event happend. */ - srtp_event_t event; /**< An enum indicating the type of event. */ + srtp_t session; /**< The session in which the event happend. */ + uint32_t ssrc; /**< The ssrc in host order of the stream in which */ + /**< the event happend */ + srtp_event_t event; /**< An enum indicating the type of event. */ } srtp_event_data_t; /** @@ -709,12 +1593,11 @@ typedef struct srtp_event_data_t { * There can only be a single, global handler for all events in * libSRTP. */ - -typedef void (srtp_event_handler_func_t)(srtp_event_data_t *data); +typedef void(srtp_event_handler_func_t)(srtp_event_data_t *data); /** * @brief sets the event handler to the function supplied by the caller. - * + * * The function call srtp_install_event_handler(func) sets the event * handler function to the value func. The value NULL is acceptable * as an argument; in this case, events will be ignored rather than @@ -724,134 +1607,153 @@ typedef void (srtp_event_handler_func_t)(srtp_event_data_t *data); * pointer as an argument and returns void. This function * will be used by libSRTP to handle events. */ - -err_status_t -srtp_install_event_handler(srtp_event_handler_func_t func); +srtp_err_status_t srtp_install_event_handler(srtp_event_handler_func_t func); /** - * @} + * @brief Returns the version string of the library. + * */ +const char *srtp_get_version_string(void); -/* - * srtp_handle_event(srtp, srtm, evnt) calls the event handling - * function, if there is one. +/** + * @brief Returns the numeric representation of the library version. * - * This macro is not included in the documentation as it is - * an internal-only function. */ +unsigned int srtp_get_version(void); -#define srtp_handle_event(srtp, strm, evnt) \ - if(srtp_event_handler) { \ - srtp_event_data_t data; \ - data.session = srtp; \ - data.stream = strm; \ - data.event = evnt; \ - srtp_event_handler(&data); \ -} - -/* - * an srtp_hdr_t represents the srtp header +/** + * @brief srtp_set_debug_module(mod_name, v) * - * in this implementation, an srtp_hdr_t is assumed to be 32-bit aligned - * - * (note that this definition follows that of RFC 1889 Appendix A, but - * is not identical) + * sets dynamic debugging to the value v (0 for off, 1 for on) for the + * debug module with the name mod_name + * + * returns err_status_ok on success, err_status_fail otherwise */ - -#if (WORDS_BIGENDIAN == 0) /* assume LITTLE_ENDIAN */ - -typedef struct { - unsigned char cc:4; /* CSRC count */ - unsigned char x:1; /* header extension flag */ - unsigned char p:1; /* padding flag */ - unsigned char version:2; /* protocol version */ - unsigned char pt:7; /* payload type */ - unsigned char m:1; /* marker bit */ - uint16_t seq; /* sequence number */ - uint32_t ts; /* timestamp */ - uint32_t ssrc; /* synchronization source */ -} srtp_hdr_t; - -#else /* BIG_ENDIAN */ - -typedef struct { - unsigned char version:2; /* protocol version */ - unsigned char p:1; /* padding flag */ - unsigned char x:1; /* header extension flag */ - unsigned char cc:4; /* CSRC count */ - unsigned char m:1; /* marker bit */ - unsigned char pt:7; /* payload type */ - uint16_t seq; /* sequence number */ - uint32_t ts; /* timestamp */ - uint32_t ssrc; /* synchronization source */ -} srtp_hdr_t; - -#endif - -typedef struct { - uint16_t profile_specific; /* profile-specific info */ - uint16_t length; /* number of 32-bit words in extension */ -} srtp_hdr_xtnd_t; - +srtp_err_status_t srtp_set_debug_module(const char *mod_name, int v); -/* - * srtcp_hdr_t represents a secure rtcp header +/** + * @brief srtp_list_debug_modules() outputs a list of debugging modules * - * in this implementation, an srtcp header is assumed to be 32-bit - * alinged */ +srtp_err_status_t srtp_list_debug_modules(void); -#if (WORDS_BIGENDIAN == 0) /* assume LITTLE_ENDIAN */ - -typedef struct { - unsigned char rc:5; /* reception report count */ - unsigned char p:1; /* padding flag */ - unsigned char version:2; /* protocol version */ - unsigned char pt:8; /* payload type */ - uint16_t len; /* length */ - uint32_t ssrc; /* synchronization source */ -} srtcp_hdr_t; +/** + * @brief srtp_log_level_t defines log levels. + * + * The enumeration srtp_log_level_t defines log levels reported + * in the srtp_log_handler_func_t. + * + */ +typedef enum { + srtp_log_level_error, /**< log level is reporting an error message */ + srtp_log_level_warning, /**< log level is reporting a warning message */ + srtp_log_level_info, /**< log level is reporting an info message */ + srtp_log_level_debug /**< log level is reporting a debug message */ +} srtp_log_level_t; -typedef struct { - unsigned int index:31; /* srtcp packet index in network order! */ - unsigned int e:1; /* encrypted? 1=yes */ - /* optional mikey/etc go here */ - /* and then the variable-length auth tag */ -} srtcp_trailer_t; +/** + * @brief srtp_log_handler_func_t is the function prototype for + * the log handler. + * + * The typedef srtp_event_handler_func_t is the prototype for the + * event handler function. It has as srtp_log_level_t, log + * message and data as arguments. + * There can only be a single, global handler for all log messages in + * libSRTP. + */ +typedef void(srtp_log_handler_func_t)(srtp_log_level_t level, + const char *msg, + void *data); +/** + * @brief sets the log handler to the function supplied by the caller. + * + * The function call srtp_install_log_handler(func) sets the log + * handler function to the value func. The value NULL is acceptable + * as an argument; in this case, log messages will be ignored. + * This function can be called before srtp_init() inorder to capture + * any logging during start up. + * + * @param func is a pointer to a fuction of type srtp_log_handler_func_t. + * This function will be used by libSRTP to output log messages. + * @param data is a user pointer that will be returned as the data argument in + * func. + */ +srtp_err_status_t srtp_install_log_handler(srtp_log_handler_func_t func, + void *data); -#else /* BIG_ENDIAN */ +/** + * @brief srtp_get_protect_trailer_length(session, use_mki, mki_index, length) + * + * Determines the length of the amount of data Lib SRTP will add to the + * packet during the protect process. The length is returned in the length + * parameter + * + * returns err_status_ok on success, err_status_bad_mki if the MKI index is + * invalid + * + */ +srtp_err_status_t srtp_get_protect_trailer_length(srtp_t session, + uint32_t use_mki, + uint32_t mki_index, + uint32_t *length); -typedef struct { - unsigned char version:2; /* protocol version */ - unsigned char p:1; /* padding flag */ - unsigned char rc:5; /* reception report count */ - unsigned char pt:8; /* payload type */ - uint16_t len; /* length */ - uint32_t ssrc; /* synchronization source */ -} srtcp_hdr_t; +/** + * @brief srtp_get_protect_rtcp_trailer_length(session, use_mki, mki_index, + * length) + * + * Determines the length of the amount of data Lib SRTP will add to the + * packet during the protect process. The length is returned in the length + * parameter + * + * returns err_status_ok on success, err_status_bad_mki if the MKI index is + * invalid + * + */ +srtp_err_status_t srtp_get_protect_rtcp_trailer_length(srtp_t session, + uint32_t use_mki, + uint32_t mki_index, + uint32_t *length); -typedef struct { - unsigned int version:2; /* protocol version */ - unsigned int p:1; /* padding flag */ - unsigned int count:5; /* varies by packet type */ - unsigned int pt:8; /* payload type */ - uint16_t length; /* len of uint32s of packet less header */ -} rtcp_common_t; +/** + * @brief srtp_set_stream_roc(session, ssrc, roc) + * + * Set the roll-over-counter on a session for a given SSRC + * + * returns err_status_ok on success, srtp_err_status_bad_param if there is no + * stream found + * + */ +srtp_err_status_t srtp_set_stream_roc(srtp_t session, + uint32_t ssrc, + uint32_t roc); -typedef struct { - unsigned int e:1; /* encrypted? 1=yes */ - unsigned int index:31; /* srtcp packet index */ - /* optional mikey/etc go here */ - /* and then the variable-length auth tag */ -} srtcp_trailer_t; +/** + * @brief srtp_get_stream_roc(session, ssrc, roc) + * + * Get the roll-over-counter on a session for a given SSRC + * + * returns err_status_ok on success, srtp_err_status_bad_param if there is no + * stream found + * + */ +srtp_err_status_t srtp_get_stream_roc(srtp_t session, + uint32_t ssrc, + uint32_t *roc); -#endif +/** + * @} + */ /* in host order, so outside the #if */ -#define SRTCP_E_BIT 0x80000000 +#define SRTCP_E_BIT 0x80000000 + /* for byte-access */ #define SRTCP_E_BYTE_BIT 0x80 #define SRTCP_INDEX_MASK 0x7fffffff -#endif /* SRTP_H */ +#ifdef __cplusplus +} +#endif + +#endif /* SRTP_SRTP_H */ diff --git a/include/srtp_priv.h b/include/srtp_priv.h new file mode 100644 index 0000000..988efc4 --- /dev/null +++ b/include/srtp_priv.h @@ -0,0 +1,280 @@ +/* + * srtp_priv.h + * + * private internal data structures and functions for libSRTP + * + * David A. McGrew + * Cisco Systems, Inc. + */ +/* + * + * Copyright (c) 2001-2017 Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef SRTP_PRIV_H +#define SRTP_PRIV_H + +// Leave this as the top level import. Ensures the existence of defines +#include "config.h" + +#include "srtp.h" +#include "rdbx.h" +#include "rdb.h" +#include "integers.h" +#include "cipher.h" +#include "auth.h" +#include "aes.h" +#include "key.h" +#include "crypto_kernel.h" + +#ifdef __cplusplus +extern "C" { +#endif + +#define SRTP_VER_STRING PACKAGE_STRING +#define SRTP_VERSION PACKAGE_VERSION + +typedef struct srtp_stream_ctx_t_ srtp_stream_ctx_t; +typedef srtp_stream_ctx_t *srtp_stream_t; + +/* + * the following declarations are libSRTP internal functions + */ + +/* + * srtp_get_stream(ssrc) returns a pointer to the stream corresponding + * to ssrc, or NULL if no stream exists for that ssrc + */ +srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc); + +/* + * srtp_stream_init_keys(s, k) (re)initializes the srtp_stream_t s by + * deriving all of the needed keys using the KDF and the key k. + */ +srtp_err_status_t srtp_stream_init_keys(srtp_stream_ctx_t *srtp, + srtp_master_key_t *master_key, + const unsigned int current_mki_index); + +/* + * srtp_stream_init_all_master_keys(s, k, m) (re)initializes the srtp_stream_t s + * by deriving all of the needed keys for all the master keys using the KDF and + * the keys from k. + */ +srtp_err_status_t srtp_steam_init_all_master_keys( + srtp_stream_ctx_t *srtp, + unsigned char *key, + srtp_master_key_t **keys, + const unsigned int max_master_keys); + +/* + * srtp_stream_init(s, p) initializes the srtp_stream_t s to + * use the policy at the location p + */ +srtp_err_status_t srtp_stream_init(srtp_stream_t srtp, const srtp_policy_t *p); + +/* + * libsrtp internal datatypes + */ +typedef enum direction_t { + dir_unknown = 0, + dir_srtp_sender = 1, + dir_srtp_receiver = 2 +} direction_t; + +/* + * srtp_session_keys_t will contain the encryption, hmac, salt keys + * for both SRTP and SRTCP. The session keys will also contain the + * MKI ID which is used to identify the session keys. + */ +typedef struct srtp_session_keys_t { + srtp_cipher_t *rtp_cipher; + srtp_cipher_t *rtp_xtn_hdr_cipher; + srtp_auth_t *rtp_auth; + srtp_cipher_t *rtcp_cipher; + srtp_auth_t *rtcp_auth; + uint8_t salt[SRTP_AEAD_SALT_LEN]; + uint8_t c_salt[SRTP_AEAD_SALT_LEN]; + uint8_t *mki_id; + unsigned int mki_size; + srtp_key_limit_ctx_t *limit; +} srtp_session_keys_t; + +/* + * an srtp_stream_t has its own SSRC, encryption key, authentication + * key, sequence number, and replay database + * + * note that the keys might not actually be unique, in which case the + * srtp_cipher_t and srtp_auth_t pointers will point to the same structures + */ +typedef struct srtp_stream_ctx_t_ { + uint32_t ssrc; + srtp_session_keys_t *session_keys; + unsigned int num_master_keys; + srtp_rdbx_t rtp_rdbx; + srtp_sec_serv_t rtp_services; + srtp_rdb_t rtcp_rdb; + srtp_sec_serv_t rtcp_services; + direction_t direction; + int allow_repeat_tx; + srtp_ekt_stream_t ekt; + int *enc_xtn_hdr; + int enc_xtn_hdr_count; + uint32_t pending_roc; + struct srtp_stream_ctx_t_ *next; /* linked list of streams */ +} strp_stream_ctx_t_; + +/* + * an srtp_ctx_t holds a stream list and a service description + */ +typedef struct srtp_ctx_t_ { + struct srtp_stream_ctx_t_ *stream_list; /* linked list of streams */ + struct srtp_stream_ctx_t_ *stream_template; /* act as template for other */ + /* streams */ + void *user_data; /* user custom data */ +} srtp_ctx_t_; + +/* + * srtp_hdr_t represents an RTP or SRTP header. The bit-fields in + * this structure should be declared "unsigned int" instead of + * "unsigned char", but doing so causes the MS compiler to not + * fully pack the bit fields. + * + * In this implementation, an srtp_hdr_t is assumed to be 32-bit aligned + * + * (note that this definition follows that of RFC 1889 Appendix A, but + * is not identical) + */ + +#ifndef WORDS_BIGENDIAN + +typedef struct { + unsigned char cc : 4; /* CSRC count */ + unsigned char x : 1; /* header extension flag */ + unsigned char p : 1; /* padding flag */ + unsigned char version : 2; /* protocol version */ + unsigned char pt : 7; /* payload type */ + unsigned char m : 1; /* marker bit */ + uint16_t seq; /* sequence number */ + uint32_t ts; /* timestamp */ + uint32_t ssrc; /* synchronization source */ +} srtp_hdr_t; + +#else /* BIG_ENDIAN */ + +typedef struct { + unsigned char version : 2; /* protocol version */ + unsigned char p : 1; /* padding flag */ + unsigned char x : 1; /* header extension flag */ + unsigned char cc : 4; /* CSRC count */ + unsigned char m : 1; /* marker bit */ + unsigned char pt : 7; /* payload type */ + uint16_t seq; /* sequence number */ + uint32_t ts; /* timestamp */ + uint32_t ssrc; /* synchronization source */ +} srtp_hdr_t; + +#endif + +typedef struct { + uint16_t profile_specific; /* profile-specific info */ + uint16_t length; /* number of 32-bit words in extension */ +} srtp_hdr_xtnd_t; + +/* + * srtcp_hdr_t represents a secure rtcp header + * + * in this implementation, an srtcp header is assumed to be 32-bit + * alinged + */ + +#ifndef WORDS_BIGENDIAN + +typedef struct { + unsigned char rc : 5; /* reception report count */ + unsigned char p : 1; /* padding flag */ + unsigned char version : 2; /* protocol version */ + unsigned char pt : 8; /* payload type */ + uint16_t len; /* length */ + uint32_t ssrc; /* synchronization source */ +} srtcp_hdr_t; + +typedef struct { + unsigned int index : 31; /* srtcp packet index in network order! */ + unsigned int e : 1; /* encrypted? 1=yes */ + /* optional mikey/etc go here */ + /* and then the variable-length auth tag */ +} srtcp_trailer_t; + +#else /* BIG_ENDIAN */ + +typedef struct { + unsigned char version : 2; /* protocol version */ + unsigned char p : 1; /* padding flag */ + unsigned char rc : 5; /* reception report count */ + unsigned char pt : 8; /* payload type */ + uint16_t len; /* length */ + uint32_t ssrc; /* synchronization source */ +} srtcp_hdr_t; + +typedef struct { + unsigned int e : 1; /* encrypted? 1=yes */ + unsigned int index : 31; /* srtcp packet index */ + /* optional mikey/etc go here */ + /* and then the variable-length auth tag */ +} srtcp_trailer_t; + +#endif + +/* + * srtp_handle_event(srtp, srtm, evnt) calls the event handling + * function, if there is one. + * + * This macro is not included in the documentation as it is + * an internal-only function. + */ + +#define srtp_handle_event(srtp, strm, evnt) \ + if (srtp_event_handler) { \ + srtp_event_data_t data; \ + data.session = srtp; \ + data.ssrc = ntohl(strm->ssrc); \ + data.event = evnt; \ + srtp_event_handler(&data); \ + } + +#ifdef __cplusplus +} +#endif + +#endif /* SRTP_PRIV_H */ diff --git a/include/srtp_ust.h b/include/srtp_ust.h deleted file mode 100644 index fc92183..0000000 --- a/include/srtp_ust.h +++ /dev/null @@ -1,293 +0,0 @@ -/* - * srtp.h - * - * interface to libsrtp - * - * David A. McGrew - * Cisco Systems, Inc. - */ - -/* - * - * Copyright (c) 2001-2005, Cisco Systems, Inc. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * - * Redistributions of source code must retain the above copyright - * notice, this list of conditions and the following disclaimer. - * - * Redistributions in binary form must reproduce the above - * copyright notice, this list of conditions and the following - * disclaimer in the documentation and/or other materials provided - * with the distribution. - * - * Neither the name of the Cisco Systems, Inc. nor the names of its - * contributors may be used to endorse or promote products derived - * from this software without specific prior written permission. - * - * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS - * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT - * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS - * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE - * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - * - */ - - -#ifndef SRTP_H -#define SRTP_H - -#include "crypto_kernel.h" -#include "rdbx.h" -#include "integers.h" - -/* a sec_serv_t describes a set of security services */ - -typedef enum { - sec_serv_none = 0, - sec_serv_conf = 1, - sec_serv_auth = 2, - sec_serv_conf_and_auth = 3 -} sec_serv_t; - -/* srtp_ctx_t stores all of the state needed for an srtp session */ - -#include "ust.h" - -typedef struct { - ust_ctx_t ust; - sec_serv_t services; - uint32_t ssrc; -} srtp_ctx_t; - - -/* - * an srtp_hdr_t represents the srtp header - * - * in this implementation, an srtp_hdr_t is assumed to be 32-bit aligned - * - * (note that this definition follows that of RFC 1889 Appendix A, but - * is not identical) - */ - -#if (WORDS_BIGENDIAN == 0) /* assume LITTLE_ENDIAN */ - -typedef struct { - unsigned char cc:4; /* CSRC count */ - unsigned char x:1; /* header extension flag */ - unsigned char p:1; /* padding flag */ - unsigned char version:2; /* protocol version */ - unsigned char pt:7; /* payload type */ - unsigned char m:1; /* marker bit */ - uint16_t seq; /* sequence number */ - uint32_t ts; /* timestamp */ - uint32_t ssrc; /* synchronization source */ -} srtp_hdr_t; - -#else /* BIG_ENDIAN */ - -typedef struct { - unsigned char version:2; /* protocol version */ - unsigned char p:1; /* padding flag */ - unsigned char x:1; /* header extension flag */ - unsigned char cc:4; /* CSRC count */ - unsigned char m:1; /* marker bit */ - unsigned char pt:7; /* payload type */ - uint16_t seq; /* sequence number */ - uint32_t ts; /* timestamp */ - uint32_t ssrc; /* synchronization source */ -} srtp_hdr_t; - -#endif - -typedef struct { - uint16_t profile_specific; /* profile-specific info */ - uint16_t length; /* number of 32-bit words in extension */ -} srtp_hdr_xtnd_t; - - - -/* - * an srtp_t is a pointer to an srtp_ctx_t - we define this to - * improve encapsualtion - * - */ - -typedef srtp_ctx_t *srtp_t; - - -/* - * srtp_protect(ctx, pkt, len) applies secure rtp protection to the - * packet pkt (which has length *len) using the srtp context ctx. this - * is the srtp sender-side packet processing function. - * - * nota bene: this function assumes that it can write the auth tag - * to the end of the packet - * - * ctx is a pointer to the srtp_ctx_t which applies to - * the particular packet - * - * pkt is a pointer to the rtp packet (before the call); after - * the function returns, it points to the srtp packet - * - * pkt_octet_len is a pointer to the length in octets of the complete - * RTP packet (header and body) before the function call, and of the - * complete SRTP packet after the call - * - * return values: - * - * err_status_ok no problems - * err_status_replay_fail rtp sequence number was non-increasing - * <other> failure in cryptographic mechanisms - */ - -err_status_t -srtp_protect(srtp_t ctx, srtp_hdr_t *pkt, int *pkt_octet_len); - -/* - * srtp_unprotect(ctx, pkt, len) applies secure rtp protection to the - * srtp packet pointed to by pkt (which has length *len), using the - * srtp contet pointed to by ctx. this is the secure rtp receiver-side - * packet processing function. - * - * ctx is a pointer to the srtp_ctx_t which applies to - * the particular packet - * - * pkt is a pointer to the srtp packet (before the call). after the - * function returns, it points to the rtp packet if err_status_ok was - * returned; otherwise, the value of the data to which it points is - * undefined. - * - * pkt_octet_len is a pointer to the length in octets of the complete - * srtp packet (header and body) before the function call, and of the - * complete rtp packet after the call, if err_status_ok was returned. - * otherwise, the value of the data to which it points is undefined. - * - * return values: - * - * err_status_ok the rtp packet is valid - * err_status_auth_fail the srtp packet failed message authentication - * err_status_replay_fail the srtp packet is a replay (this packet has - * already been processed) - * <other> failure in cryptographic mechanisms - * - * if err_status_ok is returned, then pkt points to the RTP packet - * and pkt_octet_len is the number of octets in that packet; otherwise, - * no assumptions should be made about either data elements. - */ - -err_status_t -srtp_unprotect(srtp_t ctx, srtp_hdr_t *pkt, int *pkt_octet_len); - -/* - * srtp_alloc(ctx, ...) allocates a secure rtp context (srtp_ctx_t) and - * sets ctx to point to that value.. the other arguments are the parameter - * values for the srtp context; see the comments in the declaration. - * - * after an srtp_ctx_t is allocated, it must be initialized by calling - * the srtp_init_aes_128_prf(...) function (see below). an - * alternative but unrecommended method is to initialize the cipher_t - * and auth_t using the cipher and auth apis. - * - * return values: - * - * err_status_ok no problems - * err_status_alloc_fail a memory allocation failure occured - */ - -err_status_t -srtp_alloc(srtp_t *ctx, /* srtp context */ - cipher_type_id_t c_id, /* cipher type */ - int cipher_key_len, /* cipher key length in octets */ - auth_type_id_t a_id, /* authentication func type */ - int auth_key_len, /* auth key length in octets */ - int auth_tag_len, /* auth tag length in octets */ - sec_serv_t sec_serv /* security services flag */ - ); - - -/* - * srtp_dealloc(ctx) deallocates storage for an srtp_ctx_t. this - * function should be called exactly once to deallocate the storage - * allocated by the function call srtp_alloc(ctx). - * - * return values: - * - * err_status_ok no problems - * err_status_dealloc_fail a memory deallocation failure occured - */ - -err_status_t -srtp_dealloc(srtp_t ctx); - -/* - * srtp_init_aes_128_prf(ctx, key, salt) initializes an srtp_ctx_t - * with a given master key and master salt. - * - * the key MUST be sixteen octets long - * - * the salt MUST be fourteen octets long - * - * The PRF used for key derivation here is that defined in the secure - * rtp specification, though in theory other PRFs can be used. The - * cipher is hardwired to AES-128 Counter Mode with 112 bits of salt. - * - */ - -err_status_t -srtp_init_aes_128_prf(srtp_t srtp, const octet_t key[16]); - - - -/* - * srtp_get_trailer_length(&a) returns the number of octets that will - * be added to an RTP packet by the SRTP processing. This value - * is constant for a given srtp_ctx_t (i.e. between initializations). - */ - -int -srtp_get_trailer_length(const srtp_t a); - - -/* - * functions below are internal to libsrtp, and are not part of the - * documented external api - caveat emptor! - */ - -/* for debugging only - srtp_print_packet dumps lots of info to stdout */ - -void -srtp_print_packet(srtp_hdr_t *hdr, int pkt_octet_len); - - -/* - * srtp_set_rollover_counter(ctx, r) - * - * sets the rollover_counter in ctx to r. fails and returns - * err_status_err if r is less than the current rollover - * counter value; otherwise, returns err_status_ok - * - * this function should *only* be called if trustworthy external - * information is available, e.g. from RTCP - * - * future versions of this implementation may get rid of this function - * and instead read the correct rollover counter value directly from - * the rtcp packets immediately after they have been authenticated - * - */ - -err_status_t -srtp_set_rollover_counter(srtp_t ctx, rollover_counter_t r); - - -#endif /* SRTP_H */ diff --git a/include/ut_sim.h b/include/ut_sim.h index 40dc4e2..e678b5f 100644 --- a/include/ut_sim.h +++ b/include/ut_sim.h @@ -9,26 +9,26 @@ */ /* - * - * Copyright (c) 2001-2005, Cisco Systems, Inc. + * + * Copyright (c) 2001-2017, Cisco Systems, Inc. * All rights reserved. - * + * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions * are met: - * + * * Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. - * + * * Redistributions in binary form must reproduce the above * copyright notice, this list of conditions and the following * disclaimer in the documentation and/or other materials provided * with the distribution. - * + * * Neither the name of the Cisco Systems, Inc. nor the names of its * contributors may be used to endorse or promote products derived * from this software without specific prior written permission. - * + * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS @@ -44,38 +44,40 @@ * */ - - #ifndef UT_SIM_H #define UT_SIM_H -#include "integers.h" /* for uint32_t */ -#include <stdlib.h> /* for random() */ +#include "integers.h" /* for uint32_t */ + +#ifdef __cplusplus +extern "C" { +#endif -#define UT_BUF 4 /* maximum amount of packet reorder */ +#define UT_BUF 160 /* maximum amount of packet reorder */ typedef struct { - uint32_t index; - uint32_t buffer[UT_BUF]; + uint32_t index; + uint32_t buffer[UT_BUF]; } ut_connection; /* - * ut_init(&u) initializes the ut_connection + * ut_init(&u) initializes the ut_connection * * this function should always be the first one called on a new * ut_connection */ -void -ut_init(ut_connection *utc); +void ut_init(ut_connection *utc); /* * ut_next_index(&u) returns the next index from the simulated * unreliable connection */ -uint32_t -ut_next_index(ut_connection *utc); +uint32_t ut_next_index(ut_connection *utc); +#ifdef __cplusplus +} +#endif #endif /* UT_SIM_H */ |