diff options
Diffstat (limited to 'third_party/srtp/crypto/include')
21 files changed, 770 insertions, 98 deletions
diff --git a/third_party/srtp/crypto/include/aes.h b/third_party/srtp/crypto/include/aes.h index 20d28047..d88ce403 100644 --- a/third_party/srtp/crypto/include/aes.h +++ b/third_party/srtp/crypto/include/aes.h @@ -46,28 +46,32 @@ #ifndef _AES_H #define _AES_H -#include "srtp_config.h" - #include "datatypes.h" #include "gf2_8.h" +#include "err.h" /* aes internals */ -typedef v128_t aes_expanded_key_t[11]; +typedef struct { + v128_t round[15]; + int num_rounds; +} aes_expanded_key_t; -void -aes_expand_encryption_key(const v128_t *key, - aes_expanded_key_t expanded_key); +err_status_t +aes_expand_encryption_key(const uint8_t *key, + int key_len, + aes_expanded_key_t *expanded_key); -void -aes_expand_decryption_key(const v128_t *key, - aes_expanded_key_t expanded_key); +err_status_t +aes_expand_decryption_key(const uint8_t *key, + int key_len, + aes_expanded_key_t *expanded_key); void -aes_encrypt(v128_t *plaintext, const aes_expanded_key_t exp_key); +aes_encrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key); void -aes_decrypt(v128_t *plaintext, const aes_expanded_key_t exp_key); +aes_decrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key); #if 0 /* diff --git a/third_party/srtp/crypto/include/aes_cbc.h b/third_party/srtp/crypto/include/aes_cbc.h index 9fb6682b..4fda3903 100644 --- a/third_party/srtp/crypto/include/aes_cbc.h +++ b/third_party/srtp/crypto/include/aes_cbc.h @@ -8,6 +8,42 @@ * */ +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + #ifndef AES_CBC_H #define AES_CBC_H @@ -17,6 +53,8 @@ typedef struct { v128_t state; /* cipher chaining state */ v128_t previous; /* previous ciphertext block */ + uint8_t key[32]; + int key_len; aes_expanded_key_t expanded_key; /* the cipher key */ } aes_cbc_ctx_t; @@ -31,10 +69,10 @@ aes_cbc_encrypt(aes_cbc_ctx_t *c, err_status_t aes_cbc_context_init(aes_cbc_ctx_t *c, const uint8_t *key, - cipher_direction_t dir); + int key_len); err_status_t -aes_cbc_set_iv(aes_cbc_ctx_t *c, void *iv); +aes_cbc_set_iv(aes_cbc_ctx_t *c, void *iv, int direction); err_status_t aes_cbc_nist_encrypt(aes_cbc_ctx_t *c, diff --git a/third_party/srtp/crypto/include/aes_gcm_ossl.h b/third_party/srtp/crypto/include/aes_gcm_ossl.h new file mode 100644 index 00000000..8e7711dc --- /dev/null +++ b/third_party/srtp/crypto/include/aes_gcm_ossl.h @@ -0,0 +1,63 @@ +/* + * aes_gcm_ossl.h + * + * Header for AES Galois Counter Mode. + * + * John A. Foley + * Cisco Systems, Inc. + * + */ +/* + * + * Copyright (c) 2013, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef AES_GCM_OSSL_H +#define AES_GCM_OSSL_H + +#include "cipher.h" +#include "srtp.h" +#include <openssl/evp.h> +#include <openssl/aes.h> + +typedef struct { + v256_t key; + int key_size; + int tag_len; + EVP_CIPHER_CTX ctx; + cipher_direction_t dir; +} aes_gcm_ctx_t; + +#endif /* AES_GCM_OSSL_H */ + diff --git a/third_party/srtp/crypto/include/aes_icm.h b/third_party/srtp/crypto/include/aes_icm.h index 17a1ddba..1a2fd82c 100644 --- a/third_party/srtp/crypto/include/aes_icm.h +++ b/third_party/srtp/crypto/include/aes_icm.h @@ -8,6 +8,42 @@ * */ +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + #ifndef AES_ICM_H #define AES_ICM_H @@ -25,10 +61,11 @@ typedef struct { err_status_t aes_icm_context_init(aes_icm_ctx_t *c, - const unsigned char *key); + const unsigned char *key, + int key_len); err_status_t -aes_icm_set_iv(aes_icm_ctx_t *c, void *iv); +aes_icm_set_iv(aes_icm_ctx_t *c, void *iv, int direction); err_status_t aes_icm_encrypt(aes_icm_ctx_t *c, @@ -36,7 +73,7 @@ aes_icm_encrypt(aes_icm_ctx_t *c, err_status_t aes_icm_output(aes_icm_ctx_t *c, - unsigned char *buf, int bytes_to_output); + unsigned char *buf, unsigned int bytes_to_output); err_status_t aes_icm_dealloc(cipher_t *c); @@ -52,5 +89,8 @@ aes_icm_alloc_ismacryp(cipher_t **c, int key_len, int forIsmacryp); +uint16_t +aes_icm_bytes_encrypted(aes_icm_ctx_t *c); + #endif /* AES_ICM_H */ diff --git a/third_party/srtp/crypto/include/aes_icm_ossl.h b/third_party/srtp/crypto/include/aes_icm_ossl.h new file mode 100644 index 00000000..b4ec40a4 --- /dev/null +++ b/third_party/srtp/crypto/include/aes_icm_ossl.h @@ -0,0 +1,85 @@ +/* + * aes_icm.h + * + * Header for AES Integer Counter Mode. + * + * David A. McGrew + * Cisco Systems, Inc. + * + */ +/* + * + * Copyright (c) 2001-2005,2012, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + +#ifndef AES_ICM_H +#define AES_ICM_H + +#include "cipher.h" +#include <openssl/evp.h> +#include <openssl/aes.h> + +#ifdef OPENSSL_IS_BORINGSSL +// BoringSSL doesn't support AES-192, cipher will be disabled +#define SRTP_NO_AES192 +#endif + +#define SALT_SIZE 14 +#define AES_128_KEYSIZE AES_BLOCK_SIZE +#ifndef SRTP_NO_AES192 +#define AES_192_KEYSIZE AES_BLOCK_SIZE + AES_BLOCK_SIZE / 2 +#endif +#define AES_256_KEYSIZE AES_BLOCK_SIZE * 2 +#define AES_128_KEYSIZE_WSALT AES_128_KEYSIZE + SALT_SIZE +#ifndef SRTP_NO_AES192 +#define AES_192_KEYSIZE_WSALT AES_192_KEYSIZE + SALT_SIZE +#endif +#define AES_256_KEYSIZE_WSALT AES_256_KEYSIZE + SALT_SIZE + +typedef struct { + v128_t counter; /* holds the counter value */ + v128_t offset; /* initial offset value */ + v256_t key; + int key_size; + EVP_CIPHER_CTX ctx; +} aes_icm_ctx_t; + +err_status_t aes_icm_openssl_set_iv(aes_icm_ctx_t *c, void *iv, int dir); +err_status_t aes_icm_openssl_context_init(aes_icm_ctx_t *c, const uint8_t *key, int len); +err_status_t aes_icm_output(aes_icm_ctx_t *c, uint8_t *buffer, int num_octets_to_output); +uint16_t aes_icm_bytes_encrypted(aes_icm_ctx_t *c); + + +#endif /* AES_ICM_H */ + diff --git a/third_party/srtp/crypto/include/auth.h b/third_party/srtp/crypto/include/auth.h index 295b5f6f..5b5e4b21 100644 --- a/third_party/srtp/crypto/include/auth.h +++ b/third_party/srtp/crypto/include/auth.h @@ -48,6 +48,8 @@ #include "datatypes.h" #include "err.h" /* error codes */ +#include "crypto.h" /* for auth_type_id_t */ +#include "crypto_types.h" /* for values of auth_type_id_t */ typedef struct auth_type_t *auth_type_pointer; typedef struct auth_t *auth_pointer_t; @@ -129,6 +131,7 @@ typedef struct auth_type_t { int ref_count; auth_test_case_t *test_data; debug_module_t *debug; + auth_type_id_t id; } auth_type_t; typedef struct auth_t { @@ -148,6 +151,15 @@ typedef struct auth_t { err_status_t auth_type_self_test(const auth_type_t *at); +/* + * auth_type_test() tests an auth_type against external test cases + * provided in an array of values of key/message/tag that is known to + * be good + */ + +err_status_t +auth_type_test(const auth_type_t *at, const auth_test_case_t *test_data); + /* * auth_type_get_ref_count(at) returns the reference count (the number * of instantiations) of the auth_type_t at diff --git a/third_party/srtp/crypto/include/cipher.h b/third_party/srtp/crypto/include/cipher.h index f485660c..d0d6b57f 100644 --- a/third_party/srtp/crypto/include/cipher.h +++ b/third_party/srtp/crypto/include/cipher.h @@ -8,7 +8,7 @@ */ /* * - * Copyright (c) 2001-2006, Cisco Systems, Inc. + * Copyright (c) 2001-2006,2013 Cisco Systems, Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -49,6 +49,8 @@ #include "datatypes.h" #include "rdbx.h" /* for xtd_seq_num_t */ #include "err.h" /* for error codes */ +#include "crypto.h" /* for cipher_type_id_t */ +#include "crypto_types.h" /* for values of cipher_type_id_t */ /** @@ -78,15 +80,14 @@ typedef struct cipher_t *cipher_pointer_t; */ typedef err_status_t (*cipher_alloc_func_t) - (cipher_pointer_t *cp, int key_len); + (cipher_pointer_t *cp, int key_len, int tag_len); /* * a cipher_init_func_t [re-]initializes a cipher_t with a given key - * and direction (i.e., encrypt or decrypt) */ typedef err_status_t (*cipher_init_func_t) - (void *state, const uint8_t *key, cipher_direction_t dir); +(void *state, const uint8_t *key, int key_len); /* a cipher_dealloc_func_t de-allocates a cipher_t */ @@ -97,6 +98,13 @@ typedef err_status_t (*cipher_dealloc_func_t)(cipher_pointer_t cp); typedef err_status_t (*cipher_set_segment_func_t) (void *state, xtd_seq_num_t idx); +/* + * a cipher_set_aad_func_t processes the AAD data for AEAD ciphers + */ +typedef err_status_t (*cipher_set_aad_func_t) + (void *state, uint8_t *aad, unsigned int aad_len); + + /* a cipher_encrypt_func_t encrypts data in-place */ typedef err_status_t (*cipher_encrypt_func_t) @@ -108,12 +116,19 @@ typedef err_status_t (*cipher_decrypt_func_t) (void *state, uint8_t *buffer, unsigned int *octets_to_decrypt); /* - * a cipher_set_nonce_seq_func_t function sets both the nonce - * and the extended sequence number + * a cipher_set_iv_func_t function sets the current initialization vector */ typedef err_status_t (*cipher_set_iv_func_t) - (cipher_pointer_t cp, void *iv); + (cipher_pointer_t cp, void *iv, cipher_direction_t direction); + +/* + * a cipher_get_tag_funct_t function is used to get the authentication + * tag that was calculated by an AEAD cipher. + */ +typedef err_status_t (*cipher_get_tag_func_t) + (void *state, void *tag, int *len); + /* * cipher_test_case_t is a (list of) key, salt, xtd_seq_num_t, @@ -127,10 +142,13 @@ typedef struct cipher_test_case_t { int key_length_octets; /* octets in key */ uint8_t *key; /* key */ uint8_t *idx; /* packet index */ - unsigned int plaintext_length_octets; /* octets in plaintext */ + int plaintext_length_octets; /* octets in plaintext */ uint8_t *plaintext; /* plaintext */ - unsigned int ciphertext_length_octets; /* octets in plaintext */ + int ciphertext_length_octets; /* octets in plaintext */ uint8_t *ciphertext; /* ciphertext */ + int aad_length_octets; /* octets in AAD */ + uint8_t *aad; /* AAD */ + int tag_length_octets; /* Length of AEAD tag */ struct cipher_test_case_t *next_test_case; /* pointer to next testcase */ } cipher_test_case_t; @@ -140,13 +158,16 @@ typedef struct cipher_type_t { cipher_alloc_func_t alloc; cipher_dealloc_func_t dealloc; cipher_init_func_t init; + cipher_set_aad_func_t set_aad; cipher_encrypt_func_t encrypt; cipher_encrypt_func_t decrypt; cipher_set_iv_func_t set_iv; + cipher_get_tag_func_t get_tag; char *description; int ref_count; cipher_test_case_t *test_data; debug_module_t *debug; + cipher_type_id_t id; } cipher_type_t; /* @@ -158,27 +179,32 @@ typedef struct cipher_t { cipher_type_t *type; void *state; int key_len; -#ifdef FORCE_64BIT_ALIGN - int pad; -#endif + int algorithm; } cipher_t; /* some syntactic sugar on these function types */ -#define cipher_type_alloc(ct, c, klen) ((ct)->alloc((c), (klen))) +#define cipher_type_alloc(ct, c, klen, tlen) ((ct)->alloc((c), (klen), (tlen))) #define cipher_dealloc(c) (((c)->type)->dealloc(c)) -#define cipher_init(c, k, dir) (((c)->type)->init(((c)->state), (k), (dir))) +#define cipher_init(c, k) (((c)->type)->init(((c)->state), (k), ((c)->key_len))) #define cipher_encrypt(c, buf, len) \ (((c)->type)->encrypt(((c)->state), (buf), (len))) +#define cipher_get_tag(c, buf, len) \ + (((c)->type)->get_tag(((c)->state), (buf), (len))) + #define cipher_decrypt(c, buf, len) \ (((c)->type)->decrypt(((c)->state), (buf), (len))) -#define cipher_set_iv(c, n) \ - ((c) ? (((c)->type)->set_iv(((cipher_pointer_t)(c)->state), (n))) : \ +#define cipher_set_iv(c, n, dir) \ + ((c) ? (((c)->type)->set_iv(((cipher_pointer_t)(c)->state), (n), (dir))) : \ + err_status_no_such_op) +#define cipher_set_aad(c, a, l) \ + (((c) && (((c)->type)->set_aad)) ? \ + (((c)->type)->set_aad(((c)->state), (a), (l))) : \ err_status_no_such_op) err_status_t @@ -201,6 +227,16 @@ err_status_t cipher_type_self_test(const cipher_type_t *ct); +/* + * cipher_type_test() tests a cipher against external test cases provided in + * an array of values of key/xtd_seq_num_t/plaintext/ciphertext + * that is known to be good + */ + +err_status_t +cipher_type_test(const cipher_type_t *ct, const cipher_test_case_t *test_data); + + /* * cipher_bits_per_second(c, l, t) computes (and estimate of) the * number of bits that a cipher implementation can encrypt in a second diff --git a/third_party/srtp/crypto/include/crypto.h b/third_party/srtp/crypto/include/crypto.h index 0e9667da..ab6f6bef 100644 --- a/third_party/srtp/crypto/include/crypto.h +++ b/third_party/srtp/crypto/include/crypto.h @@ -7,6 +7,42 @@ * Cisco Systems, Inc. */ +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + #ifndef CRYPTO_H #define CRYPTO_H diff --git a/third_party/srtp/crypto/include/crypto_kernel.h b/third_party/srtp/crypto/include/crypto_kernel.h index b8cd9be1..caccfa03 100644 --- a/third_party/srtp/crypto/include/crypto_kernel.h +++ b/third_party/srtp/crypto/include/crypto_kernel.h @@ -182,6 +182,28 @@ crypto_kernel_load_cipher_type(cipher_type_t *ct, cipher_type_id_t id); err_status_t crypto_kernel_load_auth_type(auth_type_t *ct, auth_type_id_t id); +/* + * crypto_kernel_replace_cipher_type(ct, id) + * + * replaces the crypto kernel's existing cipher for the cipher_type id + * with a new one passed in externally. The new cipher must pass all the + * existing cipher_type's self tests as well as its own. + */ +err_status_t +crypto_kernel_replace_cipher_type(cipher_type_t *ct, cipher_type_id_t id); + + +/* + * crypto_kernel_replace_auth_type(ct, id) + * + * replaces the crypto kernel's existing cipher for the auth_type id + * with a new one passed in externally. The new auth type must pass all the + * existing auth_type's self tests as well as its own. + */ +err_status_t +crypto_kernel_replace_auth_type(auth_type_t *ct, auth_type_id_t id); + + err_status_t crypto_kernel_load_debug_module(debug_module_t *new_dm); @@ -199,7 +221,8 @@ crypto_kernel_load_debug_module(debug_module_t *new_dm); err_status_t crypto_kernel_alloc_cipher(cipher_type_id_t id, cipher_pointer_t *cp, - int key_len); + int key_len, + int tag_len); /* * crypto_kernel_alloc_auth(id, ap, key_len, tag_len); diff --git a/third_party/srtp/crypto/include/crypto_math.h b/third_party/srtp/crypto/include/crypto_math.h index c3e7b76b..52f08372 100644 --- a/third_party/srtp/crypto/include/crypto_math.h +++ b/third_party/srtp/crypto/include/crypto_math.h @@ -233,40 +233,6 @@ void octet_string_set_to_zero(uint8_t *s, int len); -/* - * functions manipulating bit_vector_t - * - * A bitvector_t consists of an array of words and an integer - * representing the number of significant bits stored in the array. - * The bits are packed as follows: the least significant bit is that - * of word[0], while the most significant bit is the nth most - * significant bit of word[m], where length = bits_per_word * m + n. - * - */ - -#define bits_per_word 32 -#define bytes_per_word 4 - -typedef struct { - uint32_t length; - uint32_t *word; -} bitvector_t; - -int -bitvector_alloc(bitvector_t *v, unsigned long length); - -void -bitvector_set_bit(bitvector_t *v, int bit_index); - -int -bitvector_get_bit(const bitvector_t *v, int bit_index); - -int -bitvector_print_hex(const bitvector_t *v, FILE *stream); - -int -bitvector_set_from_hex(bitvector_t *v, char *string); - #endif /* MATH_H */ diff --git a/third_party/srtp/crypto/include/crypto_types.h b/third_party/srtp/crypto/include/crypto_types.h index 0ce50f4b..dbb50c37 100644 --- a/third_party/srtp/crypto/include/crypto_types.h +++ b/third_party/srtp/crypto/include/crypto_types.h @@ -8,7 +8,7 @@ */ /* * - * Copyright(c) 2001-2006 Cisco Systems, Inc. + * Copyright(c) 2001-2006,2013 Cisco Systems, Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -97,12 +97,19 @@ #define NULL_CIPHER 0 /** - * @brief AES-128 Integer Counter Mode (AES ICM) + * @brief AES Integer Counter Mode (AES ICM) * - * AES-128 ICM is the variant of counter mode that is used by Secure RTP. - * This cipher uses a 16-octet key and a 30-octet offset (or salt) value. + * AES ICM is the variant of counter mode that is used by Secure RTP. + * This cipher uses a 16-, 24-, or 32-octet key concatenated with a + * 14-octet offset (or salt) value. + */ +#define AES_ICM 1 + +/** + * @brief AES-128 Integer Counter Mode (AES ICM) + * AES-128 ICM is a deprecated alternate name for AES ICM. */ -#define AES_128_ICM 1 +#define AES_128_ICM AES_ICM /** * @brief SEAL 3.0 @@ -113,19 +120,54 @@ #define SEAL 2 /** - * @brief AES-128 Integer Counter Mode (AES ICM) + * @brief AES Cipher Block Chaining mode (AES CBC) * - * AES-128 ICM is the variant of counter mode that is used by Secure RTP. - * This cipher uses a 16-octet key and a 30-octet offset (or salt) value. + * AES CBC is the AES Cipher Block Chaining mode. + * This cipher uses a 16-, 24-, or 32-octet key. */ -#define AES_128_CBC 3 +#define AES_CBC 3 + +/** + * @brief AES-128 Cipher Block Chaining mode (AES CBC) + * + * AES-128 CBC is a deprecated alternate name for AES CBC. + */ +#define AES_128_CBC AES_CBC /** * @brief Strongest available cipher. * * This identifier resolves to the strongest cipher type available. */ -#define STRONGHOLD_CIPHER AES_128_ICM +#define STRONGHOLD_CIPHER AES_ICM + +/** + * @brief AES-192 Integer Counter Mode (AES ICM) + * AES-192 ICM is a deprecated alternate name for AES ICM. + */ +#define AES_192_ICM 4 + +/** + * @brief AES-256 Integer Counter Mode (AES ICM) + * AES-256 ICM is a deprecated alternate name for AES ICM. + */ +#define AES_256_ICM 5 + +/** + * @brief AES-128_GCM Galois Counter Mode (AES GCM) + * + * AES-128 GCM is the variant of galois counter mode that is used by + * Secure RTP. This cipher uses a 16-octet key. + */ +#define AES_128_GCM 6 + +/** + * @brief AES-256_GCM Galois Counter Mode (AES GCM) + * + * AES-256 GCM is the variant of galois counter mode that is used by + * Secure RTP. This cipher uses a 32-octet key. + */ +#define AES_256_GCM 7 /** * @} diff --git a/third_party/srtp/crypto/include/datatypes.h b/third_party/srtp/crypto/include/datatypes.h index 4f86b556..b18435f0 100644 --- a/third_party/srtp/crypto/include/datatypes.h +++ b/third_party/srtp/crypto/include/datatypes.h @@ -92,6 +92,12 @@ typedef union { uint64_t v64[2]; } v128_t; +typedef union { + uint8_t v8[32]; + uint16_t v16[16]; + uint32_t v32[8]; + uint64_t v64[4]; +} v256_t; /* some useful and simple math functions */ @@ -155,10 +161,10 @@ void v128_copy_octet_string(v128_t *x, const uint8_t s[16]); void -v128_left_shift(v128_t *x, int index); +v128_left_shift(v128_t *x, int shift_index); void -v128_right_shift(v128_t *x, int index); +v128_right_shift(v128_t *x, int shift_index); /* * the following macros define the data manipulation functions @@ -377,7 +383,7 @@ void octet_string_set_to_zero(uint8_t *s, int len); -#ifndef SRTP_KERNEL_LINUX +#if !defined(SRTP_KERNEL_LINUX) && defined(HAVE_CONFIG_H) /* * Convert big endian integers to CPU byte order. @@ -424,4 +430,87 @@ static inline uint64_t be64_to_cpu(uint64_t v) { #endif /* WORDS_BIGENDIAN */ +/* + * functions manipulating bitvector_t + * + * A bitvector_t consists of an array of words and an integer + * representing the number of significant bits stored in the array. + * The bits are packed as follows: the least significant bit is that + * of word[0], while the most significant bit is the nth most + * significant bit of word[m], where length = bits_per_word * m + n. + * + */ + +#define bits_per_word 32 +#define bytes_per_word 4 + +typedef struct { + uint32_t length; + uint32_t *word; +} bitvector_t; + + +#define _bitvector_get_bit(v, bit_index) \ +( \ + ((((v)->word[((bit_index) >> 5)]) >> ((bit_index) & 31)) & 1) \ +) + + +#define _bitvector_set_bit(v, bit_index) \ +( \ + (((v)->word[((bit_index) >> 5)] |= ((uint32_t)1 << ((bit_index) & 31)))) \ +) + +#define _bitvector_clear_bit(v, bit_index) \ +( \ + (((v)->word[((bit_index) >> 5)] &= ~((uint32_t)1 << ((bit_index) & 31)))) \ +) + +#define _bitvector_get_length(v) \ +( \ + ((v)->length) \ +) + +#ifdef DATATYPES_USE_MACROS /* little functions are really macros */ + +#define bitvector_get_bit(v, bit_index) _bitvector_get_bit(v, bit_index) +#define bitvector_set_bit(v, bit_index) _bitvector_set_bit(v, bit_index) +#define bitvector_clear_bit(v, bit_index) _bitvector_clear_bit(v, bit_index) +#define bitvector_get_length(v) _bitvector_get_length(v) + +#else + +int +bitvector_get_bit(const bitvector_t *v, int bit_index); + +void +bitvector_set_bit(bitvector_t *v, int bit_index); + +void +bitvector_clear_bit(bitvector_t *v, int bit_index); + +unsigned long +bitvector_get_length(const bitvector_t *v); + +#endif + +int +bitvector_alloc(bitvector_t *v, unsigned long length); + +void +bitvector_dealloc(bitvector_t *v); + +void +bitvector_set_to_zero(bitvector_t *x); + +void +bitvector_left_shift(bitvector_t *x, int index); + +char * +bitvector_bit_string(bitvector_t *x, char* buf, int len); + +#ifdef TESTAPP_SOURCE +int base64_string_to_octet_string(char *raw, int *pad, char *base64, int len); +#endif + #endif /* _DATATYPES_H */ diff --git a/third_party/srtp/crypto/include/err.h b/third_party/srtp/crypto/include/err.h index 1a6e1701..4f401a6d 100644 --- a/third_party/srtp/crypto/include/err.h +++ b/third_party/srtp/crypto/include/err.h @@ -46,7 +46,8 @@ #ifndef ERR_H #define ERR_H -#include "datatypes.h" +#include <stdio.h> +#include <stdarg.h> /** * @defgroup Error Error Codes @@ -87,7 +88,7 @@ typedef enum { err_status_nonce_bad = 18, /**< nonce check failed */ err_status_read_fail = 19, /**< couldn't read data */ err_status_write_fail = 20, /**< couldn't write data */ - err_status_parse_err = 21, /**< error pasring data */ + err_status_parse_err = 21, /**< error parsing data */ err_status_encode_err = 22, /**< error encoding data */ err_status_semaphore_err = 23,/**< error while using semaphores */ err_status_pfkey_err = 24 /**< error while using pfkey */ @@ -118,7 +119,7 @@ typedef enum { */ err_status_t -err_reporting_init(char *ident); +err_reporting_init(const char *ident); #ifdef SRTP_KERNEL_LINUX extern err_reporting_level_t err_level; @@ -135,7 +136,7 @@ extern err_reporting_level_t err_level; */ void -err_report(int priority, char *format, ...); +err_report(int priority, const char *format, ...); #endif /* ! SRTP_KERNEL_LINUX */ @@ -145,7 +146,7 @@ err_report(int priority, char *format, ...); typedef struct { int on; /* 1 if debugging is on, 0 if it is off */ - char *name; /* printable name for debug module */ + const char *name; /* printable name for debug module */ } debug_module_t; #ifdef ENABLE_DEBUGGING diff --git a/third_party/srtp/crypto/include/hmac.h b/third_party/srtp/crypto/include/hmac.h index 262c0e2d..875f45c6 100644 --- a/third_party/srtp/crypto/include/hmac.h +++ b/third_party/srtp/crypto/include/hmac.h @@ -9,7 +9,7 @@ */ /* * - * Copyright (c) 2001-2006, Cisco Systems, Inc. + * Copyright (c) 2001-2006,2013, Cisco Systems, Inc. * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -53,6 +53,10 @@ typedef struct { uint8_t opad[64]; sha1_ctx_t ctx; sha1_ctx_t init_ctx; +#ifdef OPENSSL + int ctx_initialized; + int init_ctx_initialized; +#endif } hmac_ctx_t; err_status_t diff --git a/third_party/srtp/crypto/include/integers.h b/third_party/srtp/crypto/include/integers.h index 138ea9c5..179ec39f 100644 --- a/third_party/srtp/crypto/include/integers.h +++ b/third_party/srtp/crypto/include/integers.h @@ -47,7 +47,7 @@ #ifndef INTEGERS_H #define INTEGERS_H -#include "srtp_config.h" /* configuration file, using autoconf */ +#include "config.h" #ifdef SRTP_KERNEL @@ -76,7 +76,7 @@ #endif /* Can we do 64 bit integers? */ -#ifndef HAVE_UINT64_T +#if !defined(HAVE_UINT64_T) # if SIZEOF_UNSIGNED_LONG == 8 typedef unsigned long uint64_t; # elif SIZEOF_UNSIGNED_LONG_LONG == 8 @@ -99,7 +99,7 @@ typedef unsigned int uint32_t; #endif -#ifdef NO_64BIT_MATH +#if defined(NO_64BIT_MATH) && defined(HAVE_CONFIG_H) typedef double uint64_t; /* assert that sizeof(double) == 8 */ extern uint64_t make64(uint32_t high, uint32_t low); diff --git a/third_party/srtp/crypto/include/null_cipher.h b/third_party/srtp/crypto/include/null_cipher.h index 7d6bbdd6..39da59a8 100644 --- a/third_party/srtp/crypto/include/null_cipher.h +++ b/third_party/srtp/crypto/include/null_cipher.h @@ -62,11 +62,11 @@ typedef struct { */ err_status_t -null_cipher_init(null_cipher_ctx_t *c, const uint8_t *key); +null_cipher_init(null_cipher_ctx_t *c, const uint8_t *key, int key_len); err_status_t null_cipher_set_segment(null_cipher_ctx_t *c, - unsigned long index); + unsigned long segment_index); err_status_t null_cipher_encrypt(null_cipher_ctx_t *c, diff --git a/third_party/srtp/crypto/include/prng.h b/third_party/srtp/crypto/include/prng.h index fb96b5eb..c5ec2306 100644 --- a/third_party/srtp/crypto/include/prng.h +++ b/third_party/srtp/crypto/include/prng.h @@ -7,12 +7,53 @@ * Cisco Systems, Inc. */ +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + #ifndef PRNG_H #define PRNG_H #include "rand_source.h" /* for rand_source_func_t definition */ #include "aes.h" /* for aes */ +//FIXME: this is temporary until we pull in the code to use OpenSSL for RNG +#ifdef OPENSSL +#include "aes_icm_ossl.h" /* for aes ctr */ +#else #include "aes_icm.h" /* for aes ctr */ +#endif #define MAX_PRNG_OUT_LEN 0xffffffffU diff --git a/third_party/srtp/crypto/include/rdb.h b/third_party/srtp/crypto/include/rdb.h index 5a26c5e3..300c569f 100644 --- a/third_party/srtp/crypto/include/rdb.h +++ b/third_party/srtp/crypto/include/rdb.h @@ -8,6 +8,42 @@ */ +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + #ifndef REPLAY_DB_H #define REPLAY_DB_H @@ -49,7 +85,7 @@ rdb_init(rdb_t *rdb); */ err_status_t -rdb_check(const rdb_t *rdb, uint32_t index); +rdb_check(const rdb_t *rdb, uint32_t rdb_index); /* * rdb_add_index @@ -61,7 +97,7 @@ rdb_check(const rdb_t *rdb, uint32_t index); */ err_status_t -rdb_add_index(rdb_t *rdb, uint32_t index); +rdb_add_index(rdb_t *rdb, uint32_t rdb_index); /* * the functions rdb_increment() and rdb_get_value() are for use by diff --git a/third_party/srtp/crypto/include/rdbx.h b/third_party/srtp/crypto/include/rdbx.h index ce9ecf6f..4b8dd229 100644 --- a/third_party/srtp/crypto/include/rdbx.h +++ b/third_party/srtp/crypto/include/rdbx.h @@ -8,6 +8,42 @@ * */ +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + #ifndef RDBX_H #define RDBX_H @@ -46,19 +82,29 @@ typedef uint64_t xtd_seq_num_t; typedef struct { xtd_seq_num_t index; - v128_t bitmask; + bitvector_t bitmask; } rdbx_t; /* - * rdbx_init(rdbx_ptr) + * rdbx_init(rdbx_ptr, ws) * - * initializes the rdbx pointed to by its argument, setting the - * rollover counter and sequence number to zero + * initializes the rdbx pointed to by its argument with the window size ws, + * setting the rollover counter and sequence number to zero */ err_status_t -rdbx_init(rdbx_t *rdbx); +rdbx_init(rdbx_t *rdbx, unsigned long ws); + + +/* + * rdbx_dealloc(rdbx_ptr) + * + * frees memory associated with the rdbx + */ + +err_status_t +rdbx_dealloc(rdbx_t *rdbx); /* @@ -100,12 +146,42 @@ rdbx_check(const rdbx_t *rdbx, int difference); err_status_t rdbx_add_index(rdbx_t *rdbx, int delta); + +/* + * rdbx_set_roc(rdbx, roc) initalizes the rdbx_t at the location rdbx + * to have the rollover counter value roc. If that value is less than + * the current rollover counter value, then the function returns + * err_status_replay_old; otherwise, err_status_ok is returned. + * + */ + +err_status_t +rdbx_set_roc(rdbx_t *rdbx, uint32_t roc); + +/* + * rdbx_get_roc(rdbx) returns the value of the rollover counter for + * the rdbx_t pointed to by rdbx + * + */ + +xtd_seq_num_t +rdbx_get_packet_index(const rdbx_t *rdbx); + /* * xtd_seq_num_t functions - these are *internal* functions of rdbx, and * shouldn't be used to manipulate rdbx internal values. use the rdbx * api instead! */ +/* + * rdbx_get_ws(rdbx_ptr) + * + * gets the window size which was used to initialize the rdbx + */ + +unsigned long +rdbx_get_window_size(const rdbx_t *rdbx); + /* index_init(&pi) initializes a packet index pi (sets it to zero) */ diff --git a/third_party/srtp/crypto/include/sha1.h b/third_party/srtp/crypto/include/sha1.h index e3af4d4b..f1744ced 100644 --- a/third_party/srtp/crypto/include/sha1.h +++ b/third_party/srtp/crypto/include/sha1.h @@ -47,7 +47,49 @@ #ifndef SHA1_H #define SHA1_H +#ifdef HAVE_CONFIG_H + #include <config.h> +#endif + #include "err.h" +#ifdef OPENSSL +#include <openssl/evp.h> +#include <stdint.h> + +typedef EVP_MD_CTX sha1_ctx_t; + +/* + * sha1_init(&ctx) initializes the SHA1 context ctx + * + * sha1_update(&ctx, msg, len) hashes the len octets starting at msg + * into the SHA1 context + * + * sha1_final(&ctx, output) performs the final processing of the SHA1 + * context and writes the result to the 20 octets at output + * + * Return values are ignored on the EVP functions since all three + * of these functions return void. + * + */ + +static inline void sha1_init (sha1_ctx_t *ctx) +{ + EVP_MD_CTX_init(ctx); + EVP_DigestInit(ctx, EVP_sha1()); +} + +static inline void sha1_update (sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg) +{ + EVP_DigestUpdate(ctx, M, octets_in_msg); +} + +static inline void sha1_final (sha1_ctx_t *ctx, uint32_t *output) +{ + unsigned int len = 0; + + EVP_DigestFinal(ctx, (unsigned char*)output, &len); +} +#else #include "datatypes.h" typedef struct { @@ -104,5 +146,7 @@ sha1_final(sha1_ctx_t *ctx, uint32_t output[5]); void sha1_core(const uint32_t M[16], uint32_t hash_value[5]); + +#endif /* else OPENSSL */ #endif /* SHA1_H */ diff --git a/third_party/srtp/crypto/include/xfm.h b/third_party/srtp/crypto/include/xfm.h index 5837149b..80774f96 100644 --- a/third_party/srtp/crypto/include/xfm.h +++ b/third_party/srtp/crypto/include/xfm.h @@ -7,6 +7,42 @@ * Cisco Systems, Inc. */ +/* + * + * Copyright (c) 2001-2006, Cisco Systems, Inc. + * All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * + * Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer. + * + * Redistributions in binary form must reproduce the above + * copyright notice, this list of conditions and the following + * disclaimer in the documentation and/or other materials provided + * with the distribution. + * + * Neither the name of the Cisco Systems, Inc. nor the names of its + * contributors may be used to endorse or promote products derived + * from this software without specific prior written permission. + * + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + * + */ + #ifndef XFM_H #define XFM_H |