Close #1847: Upgraded libsrtp version to 1.5.4 and added support for AES-CM-256 crypto.

git-svn-id: http://svn.pjsip.org/repos/pjproject/trunk@5261 74dad513-b988-da41-8d7b-12977e46ad98
author: Nanang Izzuddin <nanang@teluu.com> 2016-03-15 03:57:39 +0000
committer: Nanang Izzuddin <nanang@teluu.com> 2016-03-15 03:57:39 +0000
commit: 26d978a556ae9099f6610ace9834991636e4a71b (patch)
tree: d8789c5afbe3920f3f7ef46ad73aa34f48173591 /third_party/srtp/include
parent: 8b9358503884ec1901d807ff56c2fc588be896a2 (diff)
4 files changed, 603 insertions, 43 deletions
diff --git a/third_party/srtp/include/ekt.h b/third_party/srtp/include/ekt.h
new file mode 100644
index 00000000..b0d888ba
--- /dev/null
+++ b/third_party/srtp/include/ekt.h
@@ -0,0 +1,201 @@
+/*
+ * ekt.h
+ *
+ * interface to Encrypted Key Transport for SRTP
+ *
+ * David McGrew
+ * Cisco Systems, Inc.
+ */
+/*
+ *	
+ * Copyright (c) 2001-2005 Cisco Systems, Inc.
+ * All rights reserved.
+ * 
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 
+ *   Redistributions of source code must retain the above copyright
+ *   notice, this list of conditions and the following disclaimer.
+ * 
+ *   Redistributions in binary form must reproduce the above
+ *   copyright notice, this list of conditions and the following
+ *   disclaimer in the documentation and/or other materials provided
+ *   with the distribution.
+ * 
+ *   Neither the name of the Cisco Systems, Inc. nor the names of its
+ *   contributors may be used to endorse or promote products derived
+ *   from this software without specific prior written permission.
+ * 
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
+ * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
+ * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ *
+ */
+
+
+
+/*
+ * EKT implementation strategy 
+ * 
+ * use stream_template approach
+ *
+ * in srtp_unprotect, when a new stream appears, check if template has
+ * EKT defined, and if it does, then apply EKT processing 
+ *
+ * question: will we want to allow key-sharing templates in addition
+ * to EKT templates?  could define a new ssrc_type_t that's associated
+ * with an EKT, e.g.  ssrc_any_ekt.
+ *
+ *
+ */
+
+#ifndef EKT_H
+#define EKT_H
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#include "srtp_priv.h"
+
+#define EKT_CIPHER_DEFAULT           1
+#define EKT_CIPHER_AES_128_ECB       1
+#define EKT_CIPHER_AES_192_KEY_WRAP  2
+#define EKT_CIPHER_AES_256_KEY_WRAP  3
+
+typedef uint16_t ekt_spi_t;
+
+
+unsigned
+ekt_octets_after_base_tag(ekt_stream_t ekt);
+
+/*
+ * an srtp_policy_t structure can contain a pointer to an
+ * ekt_policy_t structure
+ *
+ * this structure holds all of the high level EKT information, and it
+ * is passed into libsrtp to indicate what policy should be in effect
+ */
+
+typedef struct ekt_policy_ctx_t {
+  ekt_spi_t  spi;     /* security parameter index */
+  uint8_t    ekt_cipher_type;
+  uint8_t   *ekt_key;
+  struct ekt_policy_ctx_t *next_ekt_policy;
+} ekt_policy_ctx_t;
+
+
+/*
+ * an ekt_data_t structure holds the data corresponding to an ekt key,
+ * spi, and so on
+ */
+
+typedef struct ekt_data_t {
+  ekt_spi_t spi;
+  uint8_t ekt_cipher_type;
+  aes_expanded_key_t ekt_enc_key;
+  aes_expanded_key_t ekt_dec_key;
+  struct ekt_data_t *next_ekt_data;
+} ekt_data_t;
+
+/*
+ * an srtp_stream_ctx_t can contain an ekt_stream_ctx_t
+ *
+ * an ekt_stream_ctx_t structure holds all of the EKT information for
+ * a specific SRTP stream
+ */
+
+typedef struct ekt_stream_ctx_t {
+  ekt_data_t *data;    
+  uint16_t    isn;     /* initial sequence number  */
+  uint8_t     encrypted_master_key[SRTP_MAX_KEY_LEN];
+} ekt_stream_ctx_t;
+
+
+
+err_status_t 
+ekt_alloc(ekt_stream_t *stream_data, ekt_policy_t policy);
+
+err_status_t
+ekt_stream_init(ekt_stream_t e, 
+		ekt_spi_t spi,
+		void *ekt_key,
+		unsigned ekt_cipher_type);
+
+err_status_t
+ekt_stream_init_from_policy(ekt_stream_t e, ekt_policy_t p);
+  
+
+
+err_status_t
+srtp_stream_init_from_ekt(srtp_stream_t stream,			  
+			  const void *srtcp_hdr,
+			  unsigned pkt_octet_len);
+		
+
+void
+ekt_write_data(ekt_stream_t ekt,
+	       uint8_t *base_tag, 
+	       unsigned base_tag_len, 
+	       int *packet_len,
+	       xtd_seq_num_t pkt_index);		
+
+/*
+ * We handle EKT by performing some additional steps before
+ * authentication (copying the auth tag into a temporary location,
+ * zeroizing the "base tag" field in the packet)
+ *
+ * With EKT, the tag_len parameter is actually the base tag
+ * length
+ */
+
+err_status_t
+ekt_tag_verification_preproces(uint8_t *pkt_tag, 
+			       uint8_t *pkt_tag_copy, 
+			       unsigned tag_len);
+
+err_status_t
+ekt_tag_verification_postproces(uint8_t *pkt_tag,
+				uint8_t *pkt_tag_copy,
+				unsigned tag_len);
+
+
+/*
+ * @brief EKT pre-processing for srtcp tag generation
+ *
+ * This function does the pre-processing of the SRTCP authentication
+ * tag format.  When EKT is used, it consists of writing the Encrypted
+ * Master Key, the SRTP ROC, the Initial Sequence Number, and SPI
+ * fields.  The Base Authentication Tag field is set to the all-zero
+ * value
+ * 
+ * When EKT is not used, this function is a no-op.
+ * 
+ */
+
+err_status_t
+srtp_stream_srtcp_auth_tag_generation_preprocess(const srtp_stream_t *s,
+						 uint8_t *pkt_tag,
+						 unsigned pkt_octet_len);
+
+/* it's not clear that a tag_generation_postprocess function is needed */
+
+err_status_t
+srtcp_auth_tag_generation_postprocess(void);
+
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif /* EKT_H */
diff --git a/third_party/srtp/include/rtp.h b/third_party/srtp/include/rtp.h
index 94279f56..0e0119cf 100644
--- a/third_party/srtp/include/rtp.h
+++ b/third_party/srtp/include/rtp.h
@@ -66,18 +66,18 @@ typedef struct rtp_sender_ctx_t *rtp_sender_t;
 
 typedef struct rtp_receiver_ctx_t *rtp_receiver_t;
 
-unsigned int
+int
 rtp_sendto(rtp_sender_t sender, const void* msg, int len);
 
-unsigned int
+int
 rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len);
 
 int
-rtp_receiver_init(rtp_receiver_t rcvr, int socket, 
+rtp_receiver_init(rtp_receiver_t rcvr, int sock, 
 		  struct sockaddr_in addr, unsigned int ssrc);
 
 int
-rtp_sender_init(rtp_sender_t sender, int socket, 
+rtp_sender_init(rtp_sender_t sender, int sock, 
 		struct sockaddr_in addr, unsigned int ssrc);
 
 /*
@@ -103,14 +103,26 @@ int
 rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy);
 
 int
+rtp_sender_deinit_srtp(rtp_sender_t sender);
+
+int
 rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy);
 
+int
+rtp_receiver_deinit_srtp(rtp_receiver_t sender);
+
 
 rtp_sender_t 
-rtp_sender_alloc();
+rtp_sender_alloc(void);
+
+void
+rtp_sender_dealloc(rtp_sender_t rtp_ctx);
 
 rtp_receiver_t 
-rtp_receiver_alloc();
+rtp_receiver_alloc(void);
+
+void
+rtp_receiver_dealloc(rtp_receiver_t rtp_ctx);
 
 
 /*
diff --git a/third_party/srtp/include/srtp.h b/third_party/srtp/include/srtp.h
index 21d8531a..81af5198 100644
--- a/third_party/srtp/include/srtp.h
+++ b/third_party/srtp/include/srtp.h
@@ -50,15 +50,10 @@
 extern "C" {
 #endif
 
-#ifdef _MSC_VER
-#   ifdef WIN64
-#	pragma pack(8)
-#   else
-#	pragma pack(4)
-#   endif
-#endif
-
-#include "crypto_kernel.h"
+#include <stdint.h>
+#include "crypto.h" 
+#include "crypto_types.h"
+#include "err.h"
 
 /**
  * @defgroup SRTP Secure RTP
@@ -84,7 +79,7 @@ extern "C" {
  * SRTP_MAX_TAG_LEN is the maximum tag length supported by libSRTP
  */
 
-#define SRTP_MAX_TAG_LEN 12 
+#define SRTP_MAX_TAG_LEN 16 
 
 /**
  * SRTP_MAX_TRAILER_LEN is the maximum length of the SRTP trailer
@@ -96,6 +91,18 @@ extern "C" {
  */
 #define SRTP_MAX_TRAILER_LEN SRTP_MAX_TAG_LEN 
 
+/*
+ * SRTP_AEAD_SALT_LEN is the length of the SALT values used with 
+ * GCM mode.  GCM mode requires an IV.  The SALT value is used
+ * as part of the IV formation logic applied to each RTP packet.
+ */
+#define SRTP_AEAD_SALT_LEN	12
+#define AES_128_GCM_KEYSIZE_WSALT   SRTP_AEAD_SALT_LEN + 16
+#define AES_192_GCM_KEYSIZE_WSALT   SRTP_AEAD_SALT_LEN + 24
+#define AES_256_GCM_KEYSIZE_WSALT   SRTP_AEAD_SALT_LEN + 32
+
+
+
 /* 
  * nota bene: since libSRTP doesn't support the use of the MKI, the
  * SRTP_MAX_TRAILER_LEN value is just the maximum tag length
@@ -176,6 +183,18 @@ typedef struct {
 } ssrc_t;
 
 
+/**
+ * @brief points to an EKT policy
+ */
+typedef struct ekt_policy_ctx_t *ekt_policy_t;
+
+
+/**
+ * @brief points to EKT stream data
+ */
+typedef struct ekt_stream_ctx_t *ekt_stream_t;
+
+
 /** 
  * @brief represents the policy for an SRTP session.  
  *
@@ -213,6 +232,16 @@ typedef struct srtp_policy_t {
   crypto_policy_t rtcp;        /**< SRTCP crypto policy.                 */
   unsigned char *key;          /**< Pointer to the SRTP master key for
 				*    this stream.                        */
+  ekt_policy_t ekt;            /**< Pointer to the EKT policy structure
+                                *   for this stream (if any)             */ 
+  unsigned long window_size;   /**< The window size to use for replay
+				*   protection. */
+  int        allow_repeat_tx;  /**< Whether retransmissions of
+				*   packets with the same sequence number
+				*   are allowed.  (Note that such repeated
+				*   transmissions must have the same RTP
+				*   payload, or a severe security weakness
+				*   is introduced!)                      */
   struct srtp_policy_t *next;  /**< Pointer to next stream policy.       */
 } srtp_policy_t;
 
@@ -262,14 +291,13 @@ err_status_t
 srtp_init(void);
 
 /**
- * @brief srtp_deinit() deinitializes the srtp library.  
+ * @brief srtp_shutdown() de-initializes the srtp library.
  *
- * @warning This function @b must be called on quitting application or
- * after srtp is no longer used.
+ * @warning No srtp functions may be called after calling this function.
  */
 
 err_status_t
-srtp_deinit(void);
+srtp_shutdown(void);
 
 /**
  * @brief srtp_protect() is the Secure RTP sender-side packet processing
@@ -291,6 +319,11 @@ srtp_deinit(void);
  * packet, and assumes that the RTP packet is aligned on a 32-bit
  * boundary.
  *
+ * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN 
+ * into the location in memory immediately following the RTP packet.   
+ * Callers MUST ensure that this much writable memory is available in 
+ * the buffer that holds the RTP packet.
+ * 
  * @param ctx is the SRTP context to use in processing the packet.
  *
  * @param rtp_hdr is a pointer to the RTP packet (before the call); after
@@ -329,8 +362,7 @@ srtp_protect(srtp_t ctx, void *rtp_hdr, int *len_ptr);
  * @warning This function assumes that the SRTP packet is aligned on a
  * 32-bit boundary.
  *
- * @param ctx is a pointer to the srtp_t which applies to the
- * particular packet.
+ * @param ctx is the SRTP session which applies to the particular packet.
  *
  * @param srtp_hdr is a pointer to the header of the SRTP packet
  * (before the call).  after the function returns, it points to the
@@ -363,7 +395,8 @@ srtp_unprotect(srtp_t ctx, void *srtp_hdr, int *len_ptr);
  * initializes an SRTP session context, applying the given policy and
  * key.
  *
- * @param session is the SRTP session to which the policy is to be added.
+ * @param session is a pointer to the SRTP session to which the policy is
+ * to be added.
  * 
  * @param policy is the srtp_policy_t struct that describes the policy
  * for the session.  The struct may be a single element, or it may be
@@ -478,8 +511,8 @@ crypto_policy_set_rtcp_default(crypto_policy_t *p);
  * 
  * The function crypto_policy_set_aes_cm_128_hmac_sha1_80() is a
  * synonym for crypto_policy_set_rtp_default().  It conforms to the
- * naming convention used in
- * http://www.ietf.org/internet-drafts/draft-ietf-mmusic-sdescriptions-12.txt
+ * naming convention used in RFC 4568 (SDP Security Descriptions for
+ * Media Streams).
  * 
  * @return void.
  * 
@@ -496,8 +529,8 @@ crypto_policy_set_rtcp_default(crypto_policy_t *p);
  * 
  * The function call crypto_policy_set_aes_cm_128_hmac_sha1_32(&p)
  * sets the crypto_policy_t at location p to use policy
- * AES_CM_128_HMAC_SHA1_32 as defined in
- * draft-ietf-mmusic-sdescriptions-12.txt.  This policy uses AES-128
+ * AES_CM_128_HMAC_SHA1_32 as defined in RFC 4568.
+ * This policy uses AES-128
  * Counter Mode encryption and HMAC-SHA1 authentication, with an
  * authentication tag that is only 32 bits long.  This length is
  * considered adequate only for protecting audio and video media that
@@ -582,6 +615,242 @@ crypto_policy_set_aes_cm_128_null_auth(crypto_policy_t *p);
 void
 crypto_policy_set_null_cipher_hmac_sha1_80(crypto_policy_t *p);
 
+
+/**
+ * @brief crypto_policy_set_aes_cm_256_hmac_sha1_80() sets a crypto
+ * policy structure to a encryption and authentication policy using AES-256 
+ * for RTP protection.
+ *
+ * @param p is a pointer to the policy structure to be set 
+ * 
+ * The function call crypto_policy_set_aes_cm_256_hmac_sha1_80(&p)
+ * sets the crypto_policy_t at location p to use policy
+ * AES_CM_256_HMAC_SHA1_80 as defined in
+ * draft-ietf-avt-srtp-big-aes-03.txt.  This policy uses AES-256
+ * Counter Mode encryption and HMAC-SHA1 authentication, with an 80 bit
+ * authentication tag.
+ * 
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure.  You are encouraged to initialize
+ * policy elements with this function call.  Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @return void.
+ * 
+ */
+
+void crypto_policy_set_aes_cm_256_hmac_sha1_80(crypto_policy_t *p);
+
+
+/**
+ * @brief crypto_policy_set_aes_cm_256_hmac_sha1_32() sets a crypto
+ * policy structure to a short-authentication tag policy using AES-256
+ * encryption.
+ *
+ * @param p is a pointer to the policy structure to be set 
+ * 
+ * The function call crypto_policy_set_aes_cm_256_hmac_sha1_32(&p)
+ * sets the crypto_policy_t at location p to use policy
+ * AES_CM_256_HMAC_SHA1_32 as defined in
+ * draft-ietf-avt-srtp-big-aes-03.txt.  This policy uses AES-256
+ * Counter Mode encryption and HMAC-SHA1 authentication, with an
+ * authentication tag that is only 32 bits long.  This length is
+ * considered adequate only for protecting audio and video media that
+ * use a stateless playback function.  See Section 7.5 of RFC 3711
+ * (http://www.ietf.org/rfc/rfc3711.txt).
+ * 
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure.  You are encouraged to initialize
+ * policy elements with this function call.  Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @warning This crypto policy is intended for use in SRTP, but not in
+ * SRTCP.  It is recommended that a policy that uses longer
+ * authentication tags be used for SRTCP.  See Section 7.5 of RFC 3711
+ * (http://www.ietf.org/rfc/rfc3711.txt).
+ *
+ * @return void.
+ * 
+ */
+
+void
+crypto_policy_set_aes_cm_256_hmac_sha1_32(crypto_policy_t *p);
+
+/**
+ * @brief crypto_policy_set_aes_cm_256_null_auth() sets a crypto
+ * policy structure to an encryption-only policy
+ *
+ * @param p is a pointer to the policy structure to be set
+ *
+ * The function call crypto_policy_set_aes_cm_256_null_auth(&p) sets
+ * the crypto_policy_t at location p to use the SRTP default cipher
+ * (AES-256 Counter Mode), but to use no authentication method.  This
+ * policy is NOT RECOMMENDED unless it is unavoidable; see Section 7.5
+ * of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt).
+ *
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure.  You are encouraged to initialize
+ * policy elements with this function call.  Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @warning This policy is NOT RECOMMENDED for SRTP unless it is
+ * unavoidable, and it is NOT RECOMMENDED at all for SRTCP; see
+ * Section 7.5 of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt).
+ *
+ * @return void.
+ *
+ */
+void
+crypto_policy_set_aes_cm_256_null_auth(crypto_policy_t *p);
+
+/**
+ * @brief crypto_policy_set_aes_gcm_128_8_auth() sets a crypto
+ * policy structure to an AEAD encryption policy.
+ *
+ * @param p is a pointer to the policy structure to be set 
+ * 
+ * The function call crypto_policy_set_aes_gcm_128_8_auth(&p) sets
+ * the crypto_policy_t at location p to use the SRTP default cipher
+ * (AES-128 Galois Counter Mode) with 8 octet auth tag.  This
+ * policy applies confidentiality and authentication to both the
+ * RTP and RTCP packets.
+ * 
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure.  You are encouraged to initialize
+ * policy elements with this function call.  Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @return void.
+ * 
+ */
+void
+crypto_policy_set_aes_gcm_128_8_auth(crypto_policy_t *p);
+
+/**
+ * @brief crypto_policy_set_aes_gcm_256_8_auth() sets a crypto
+ * policy structure to an AEAD encryption policy
+ *
+ * @param p is a pointer to the policy structure to be set 
+ * 
+ * The function call crypto_policy_set_aes_gcm_256_8_auth(&p) sets
+ * the crypto_policy_t at location p to use the SRTP default cipher
+ * (AES-256 Galois Counter Mode) with 8 octet auth tag.  This 
+ * policy applies confidentiality and authentication to both the
+ * RTP and RTCP packets.
+ * 
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure.  You are encouraged to initialize
+ * policy elements with this function call.  Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @return void.
+ * 
+ */
+void
+crypto_policy_set_aes_gcm_256_8_auth(crypto_policy_t *p);
+
+/**
+ * @brief crypto_policy_set_aes_gcm_128_8_only_auth() sets a crypto
+ * policy structure to an AEAD authentication-only policy
+ *
+ * @param p is a pointer to the policy structure to be set 
+ * 
+ * The function call crypto_policy_set_aes_gcm_128_8_only_auth(&p) sets
+ * the crypto_policy_t at location p to use the SRTP default cipher
+ * (AES-128 Galois Counter Mode) with 8 octet auth tag.  This policy 
+ * applies confidentiality and authentication to the RTP packets, 
+ * but only authentication to the RTCP packets.
+ * 
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure.  You are encouraged to initialize
+ * policy elements with this function call.  Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @return void.
+ * 
+ */
+void
+crypto_policy_set_aes_gcm_128_8_only_auth(crypto_policy_t *p);
+
+/**
+ * @brief crypto_policy_set_aes_gcm_256_8_only_auth() sets a crypto
+ * policy structure to an AEAD authentication-only policy
+ *
+ * @param p is a pointer to the policy structure to be set 
+ * 
+ * The function call crypto_policy_set_aes_gcm_256_8_only_auth(&p) sets
+ * the crypto_policy_t at location p to use the SRTP default cipher
+ * (AES-256 Galois Counter Mode) with 8 octet auth tag.  This policy 
+ * applies confidentiality and authentication to the RTP packets, 
+ * but only authentication to the RTCP packets.
+ * 
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure.  You are encouraged to initialize
+ * policy elements with this function call.  Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @return void.
+ * 
+ */
+void
+crypto_policy_set_aes_gcm_256_8_only_auth(crypto_policy_t *p);
+
+/**
+ * @brief crypto_policy_set_aes_gcm_128_16_auth() sets a crypto
+ * policy structure to an AEAD encryption policy.
+ *
+ * @param p is a pointer to the policy structure to be set 
+ * 
+ * The function call crypto_policy_set_aes_gcm_128_16_auth(&p) sets
+ * the crypto_policy_t at location p to use the SRTP default cipher
+ * (AES-128 Galois Counter Mode) with 16 octet auth tag.  This
+ * policy applies confidentiality and authentication to both the
+ * RTP and RTCP packets.
+ * 
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure.  You are encouraged to initialize
+ * policy elements with this function call.  Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @return void.
+ * 
+ */
+void
+crypto_policy_set_aes_gcm_128_16_auth(crypto_policy_t *p);
+
+/**
+ * @brief crypto_policy_set_aes_gcm_256_16_auth() sets a crypto
+ * policy structure to an AEAD encryption policy
+ *
+ * @param p is a pointer to the policy structure to be set 
+ * 
+ * The function call crypto_policy_set_aes_gcm_256_16_auth(&p) sets
+ * the crypto_policy_t at location p to use the SRTP default cipher
+ * (AES-256 Galois Counter Mode) with 16 octet auth tag.  This 
+ * policy applies confidentiality and authentication to both the
+ * RTP and RTCP packets.
+ * 
+ * This function is a convenience that helps to avoid dealing directly
+ * with the policy data structure.  You are encouraged to initialize
+ * policy elements with this function call.  Doing so may allow your
+ * code to be forward compatible with later versions of libSRTP that
+ * include more elements in the crypto_policy_t datatype.
+ *
+ * @return void.
+ * 
+ */
+void
+crypto_policy_set_aes_gcm_256_16_auth(crypto_policy_t *p);
+
+
 /**
  * @brief srtp_dealloc() deallocates storage for an SRTP session
  * context.
@@ -746,6 +1015,11 @@ append_salt_to_key(unsigned char *key, unsigned int bytes_in_key,
  * packet, and assumes that the RTCP packet is aligned on a 32-bit
  * boundary.
  *
+ * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN+4 
+ * into the location in memory immediately following the RTCP packet.   
+ * Callers MUST ensure that this much writable memory is available in 
+ * the buffer that holds the RTCP packet.
+ * 
  * @param ctx is the SRTP context to use in processing the packet.
  *
  * @param rtcp_hdr is a pointer to the RTCP packet (before the call); after
@@ -813,6 +1087,57 @@ srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len);
  * @}
  */
 
+
+/**
+ * @defgroup User data associated to a SRTP session.
+ * @ingroup  SRTP
+ *
+ * @brief Store custom user data within a SRTP session.
+ *
+ * @{
+ */
+
+/**
+ * @brief srtp_set_user_data() stores the given pointer into the SRTP
+ * session for later retrieval.
+ *
+ * @param ctx is the srtp_t context in which the given data pointer is
+ * stored.
+ *
+ * @param data is a pointer to the custom information (struct, function,
+ * etc) associated with the SRTP session.
+ *
+ * @return void.
+ *
+ */
+
+void
+srtp_set_user_data(srtp_t ctx, void *data);
+
+/**
+ * @brief srtp_get_user_data() retrieves the pointer to the custom data
+ * previously stored with srtp_set_user_data().
+ *
+ * This function is mostly useful for retrieving data associated to a
+ * SRTP session when an event fires. The user can then get such a custom
+ * data by calling this function with the session field of the
+ * srtp_event_data_t struct as argument.
+ *
+ * @param ctx is the srtp_t context in which the given data pointer was
+ * stored.
+ *
+ * @return void* pointer to the user data.
+ *
+ */
+
+void*
+srtp_get_user_data(srtp_t ctx);
+
+/**
+ * @}
+ */
+
+
 /**
  * @defgroup SRTPevents SRTP events and callbacks
  * @ingroup  SRTP
@@ -914,6 +1239,18 @@ err_status_t
 srtp_install_event_handler(srtp_event_handler_func_t func);
 
 /**
+ * @brief Returns the version string of the library. 
+ * 
+ */
+const char *srtp_get_version_string(void);
+
+/**
+ * @brief Returns the numeric representation of the library version. 
+ * 
+ */
+unsigned int srtp_get_version(void);
+
+/**
  * @}
  */
 /* in host order, so outside the #if */
@@ -922,10 +1259,6 @@ srtp_install_event_handler(srtp_event_handler_func_t func);
 #define SRTCP_E_BYTE_BIT 0x80
 #define SRTCP_INDEX_MASK 0x7fffffff
 
-#ifdef _MSC_VER
-#pragma pack()
-#endif
-
 #ifdef __cplusplus
 }
 #endif
diff --git a/third_party/srtp/include/srtp_priv.h b/third_party/srtp/include/srtp_priv.h
index 9214a650..170df5b1 100644
--- a/third_party/srtp/include/srtp_priv.h
+++ b/third_party/srtp/include/srtp_priv.h
@@ -45,10 +45,20 @@
 #ifndef SRTP_PRIV_H
 #define SRTP_PRIV_H
 
+#include "config.h"
 #include "srtp.h"
 #include "rdbx.h"
 #include "rdb.h"
 #include "integers.h"
+#include "crypto.h"
+#include "cipher.h"
+#include "auth.h"
+#include "aes.h"
+#include "key.h"
+#include "crypto_kernel.h"
+
+#define SRTP_VER_STRING	    PACKAGE_STRING
+#define SRTP_VERSION        PACKAGE_VERSION
 
 /*
  * an srtp_hdr_t represents the srtp header
@@ -59,11 +69,6 @@
  * is not identical)
  */
  
-#ifdef _MSC_VER
-#   pragma warning(push)
-#   pragma warning(disable:4214) // bit field types other than int
-#endif
-
 #ifndef WORDS_BIGENDIAN
 
 /*
@@ -72,6 +77,7 @@
  * "unsigned char", but doing so causes the MS compiler to not
  * fully pack the bit fields.
  */
+
 typedef struct {
   unsigned char cc:4;	/* CSRC count             */
   unsigned char x:1;	/* header extension flag  */
@@ -92,14 +98,13 @@ typedef struct {
   unsigned char x:1;	/* header extension flag  */
   unsigned char cc:4;	/* CSRC count             */
   unsigned char m:1;	/* marker bit             */
-  unsigned pt:7;	/* payload type           */
+  unsigned char pt:7;	/* payload type           */
   uint16_t seq;		/* sequence number        */
   uint32_t ts;		/* timestamp              */
   uint32_t ssrc;	/* synchronization source */
 } srtp_hdr_t;
 
 #endif
-
 
 typedef struct {
   uint16_t profile_specific;    /* profile-specific info               */
@@ -162,11 +167,6 @@ typedef struct {
 #endif
 
 
-#ifdef _MSC_VER
-#   pragma warning( pop ) 
-#endif
-
-
 /*
  * the following declarations are libSRTP internal functions 
  */
@@ -190,6 +190,15 @@ err_status_t
 srtp_stream_init_keys(srtp_stream_t srtp, const void *key);
 
 /*
+ * srtp_stream_init(s, p) initializes the srtp_stream_t s to 
+ * use the policy at the location p
+ */
+err_status_t
+srtp_stream_init(srtp_stream_t srtp, 
+		 const srtp_policy_t *p);
+
+
+/*
  * libsrtp internal datatypes 
  */
 
@@ -219,6 +228,10 @@ typedef struct srtp_stream_ctx_t {
   sec_serv_t rtcp_services;
   key_limit_ctx_t *limit;
   direction_t direction;
+  int        allow_repeat_tx;
+  ekt_stream_t ekt; 
+  uint8_t    salt[SRTP_AEAD_SALT_LEN];   /* used with GCM mode for SRTP */
+  uint8_t    c_salt[SRTP_AEAD_SALT_LEN]; /* used with GCM mode for SRTCP */
   struct srtp_stream_ctx_t *next;   /* linked list of streams */
 } srtp_stream_ctx_t;
 
@@ -230,6 +243,7 @@ typedef struct srtp_stream_ctx_t {
 typedef struct srtp_ctx_t {
   srtp_stream_ctx_t *stream_list;     /* linked list of streams            */
   srtp_stream_ctx_t *stream_template; /* act as template for other streams */
+  void *user_data;                    /* user custom data */
 } srtp_ctx_t;
author	Nanang Izzuddin <nanang@teluu.com>	2016-03-15 03:57:39 +0000
committer	Nanang Izzuddin <nanang@teluu.com>	2016-03-15 03:57:39 +0000
commit	26d978a556ae9099f6610ace9834991636e4a71b (patch)
tree	d8789c5afbe3920f3f7ef46ad73aa34f48173591 /third_party/srtp/include
parent	8b9358503884ec1901d807ff56c2fc588be896a2 (diff)