kenmirrors/freeswitch
1
0
Fork 0
mirror of https://github.com/signalwire/freeswitch.git synced 2025-08-13 01:26:58 +00:00
Code Issues Projects Releases Wiki Activity

FS-9785: upgrade libsrtp to 2.1

Browse Source
This commit is contained in:
Mike Jerris
2017-06-26 12:11:02 -05:00
parent 19e8621682
commit 3bcf5b7ff8
129 changed files with 21084 additions and 21652 deletions
Download Patch File Download Diff File Expand all files Collapse all files

318
libs/srtp/crypto/include/cipher.h
View File

@@ -7,26 +7,26 @@
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006,2013 Cisco Systems, Inc.
*
* Copyright (c) 2001-2017 Cisco Systems, Inc.
* All rights reserved.
*
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
@@ -43,212 +43,180 @@
*/
#ifndef CIPHER_H
#define CIPHER_H
#ifndef SRTP_CIPHER_H
#define SRTP_CIPHER_H
#include "datatypes.h"
#include "rdbx.h" /* for xtd_seq_num_t */
#include "err.h" /* for error codes */
#include "crypto.h" /* for cipher_type_id_t */
#include "crypto_types.h" /* for values of cipher_type_id_t */
#include "srtp.h"
#include "crypto_types.h" /* for values of cipher_type_id_t */
/**
* @brief cipher_direction_t defines a particular cipher operation.
#ifdef __cplusplus
extern "C" {
#endif
/*
* srtp_cipher_direction_t defines a particular cipher operation.
*
* A cipher_direction_t is an enum that describes a particular cipher
* A srtp_cipher_direction_t is an enum that describes a particular cipher
* operation, i.e. encryption or decryption. For some ciphers, this
* distinction does not matter, but for others, it is essential.
*/
typedef enum {
direction_encrypt, /**< encryption (convert plaintext to ciphertext) */
direction_decrypt, /**< decryption (convert ciphertext to plaintext) */
direction_any /**< encryption or decryption */
} cipher_direction_t;
typedef enum {
srtp_direction_encrypt, /**< encryption (convert plaintext to ciphertext) */
srtp_direction_decrypt, /**< decryption (convert ciphertext to plaintext) */
srtp_direction_any /**< encryption or decryption */
} srtp_cipher_direction_t;
/*
* the cipher_pointer and cipher_type_pointer definitions are needed
* as cipher_t and cipher_type_t are not yet defined
* the srtp_cipher_pointer_t definition is needed
* as srtp_cipher_t is not yet defined
*/
typedef struct cipher_type_t *cipher_type_pointer_t;
typedef struct cipher_t *cipher_pointer_t;
typedef struct srtp_cipher_t *srtp_cipher_pointer_t;
/*
* a cipher_alloc_func_t allocates (but does not initialize) a cipher_t
* a srtp_cipher_alloc_func_t allocates (but does not initialize) a srtp_cipher_t
*/
typedef err_status_t (*cipher_alloc_func_t)
(cipher_pointer_t *cp, int key_len, int tag_len);
/*
* a cipher_init_func_t [re-]initializes a cipher_t with a given key
*/
typedef err_status_t (*cipher_init_func_t)
(void *state, const uint8_t *key, int key_len);
/* a cipher_dealloc_func_t de-allocates a cipher_t */
typedef err_status_t (*cipher_dealloc_func_t)(cipher_pointer_t cp);
/* a cipher_set_segment_func_t sets the segment index of a cipher_t */
typedef err_status_t (*cipher_set_segment_func_t)
(void *state, xtd_seq_num_t idx);
/*
* a cipher_set_aad_func_t processes the AAD data for AEAD ciphers
*/
typedef err_status_t (*cipher_set_aad_func_t)
(void *state, uint8_t *aad, unsigned int aad_len);
/* a cipher_encrypt_func_t encrypts data in-place */
typedef err_status_t (*cipher_encrypt_func_t)
(void *state, uint8_t *buffer, unsigned int *octets_to_encrypt);
/* a cipher_decrypt_func_t decrypts data in-place */
typedef err_status_t (*cipher_decrypt_func_t)
(void *state, uint8_t *buffer, unsigned int *octets_to_decrypt);
/*
* a cipher_set_iv_func_t function sets the current initialization vector
*/
typedef err_status_t (*cipher_set_iv_func_t)
(cipher_pointer_t cp, void *iv, cipher_direction_t direction);
typedef srtp_err_status_t (*srtp_cipher_alloc_func_t)
(srtp_cipher_pointer_t *cp, int key_len, int tag_len);
/*
* a cipher_get_tag_funct_t function is used to get the authentication
* a srtp_cipher_init_func_t [re-]initializes a cipher_t with a given key
*/
typedef srtp_err_status_t (*srtp_cipher_init_func_t)
(void *state, const uint8_t *key);
/* a srtp_cipher_dealloc_func_t de-allocates a cipher_t */
typedef srtp_err_status_t (*srtp_cipher_dealloc_func_t)(srtp_cipher_pointer_t cp);
/*
* a srtp_cipher_set_aad_func_t processes the AAD data for AEAD ciphers
*/
typedef srtp_err_status_t (*srtp_cipher_set_aad_func_t)
(void *state, const uint8_t *aad, uint32_t aad_len);
/* a srtp_cipher_encrypt_func_t encrypts data in-place */
typedef srtp_err_status_t (*srtp_cipher_encrypt_func_t)
(void *state, uint8_t *buffer, unsigned int *octets_to_encrypt);
/* a srtp_cipher_decrypt_func_t decrypts data in-place */
typedef srtp_err_status_t (*srtp_cipher_decrypt_func_t)
(void *state, uint8_t *buffer, unsigned int *octets_to_decrypt);
/*
* a srtp_cipher_set_iv_func_t function sets the current initialization vector
*/
typedef srtp_err_status_t (*srtp_cipher_set_iv_func_t)
(void *state, uint8_t *iv, srtp_cipher_direction_t direction);
/*
* a cipher_get_tag_func_t function is used to get the authentication
* tag that was calculated by an AEAD cipher.
*/
typedef err_status_t (*cipher_get_tag_func_t)
(void *state, void *tag, int *len);
typedef srtp_err_status_t (*srtp_cipher_get_tag_func_t)
(void *state, uint8_t *tag, uint32_t *len);
/*
* cipher_test_case_t is a (list of) key, salt, xtd_seq_num_t,
* plaintext, and ciphertext values that are known to be correct for a
* srtp_cipher_test_case_t is a (list of) key, salt, plaintext, ciphertext,
* and aad values that are known to be correct for a
* particular cipher. this data can be used to test an implementation
* in an on-the-fly self test of the correcness of the implementation.
* (see the cipher_type_self_test() function below)
* in an on-the-fly self test of the correctness of the implementation.
* (see the srtp_cipher_type_self_test() function below)
*/
typedef struct srtp_cipher_test_case_t {
int key_length_octets; /* octets in key */
const uint8_t *key; /* key */
uint8_t *idx; /* packet index */
int plaintext_length_octets; /* octets in plaintext */
const uint8_t *plaintext; /* plaintext */
int ciphertext_length_octets; /* octets in plaintext */
const uint8_t *ciphertext; /* ciphertext */
int aad_length_octets; /* octets in AAD */
const uint8_t *aad; /* AAD */
int tag_length_octets; /* Length of AEAD tag */
const struct srtp_cipher_test_case_t *next_test_case; /* pointer to next testcase */
} srtp_cipher_test_case_t;
typedef struct cipher_test_case_t {
int key_length_octets; /* octets in key */
uint8_t *key; /* key */
uint8_t *idx; /* packet index */
int plaintext_length_octets; /* octets in plaintext */
uint8_t *plaintext; /* plaintext */
int ciphertext_length_octets; /* octets in plaintext */
uint8_t *ciphertext; /* ciphertext */
int aad_length_octets; /* octets in AAD */
uint8_t *aad; /* AAD */
int tag_length_octets; /* Length of AEAD tag */
struct cipher_test_case_t *next_test_case; /* pointer to next testcase */
} cipher_test_case_t;
/* cipher_type_t defines the 'metadata' for a particular cipher type */
typedef struct cipher_type_t {
cipher_alloc_func_t alloc;
cipher_dealloc_func_t dealloc;
cipher_init_func_t init;
cipher_set_aad_func_t set_aad;
cipher_encrypt_func_t encrypt;
cipher_encrypt_func_t decrypt;
cipher_set_iv_func_t set_iv;
cipher_get_tag_func_t get_tag;
char *description;
int ref_count;
cipher_test_case_t *test_data;
debug_module_t *debug;
cipher_type_id_t id;
} cipher_type_t;
/* srtp_cipher_type_t defines the 'metadata' for a particular cipher type */
typedef struct srtp_cipher_type_t {
srtp_cipher_alloc_func_t alloc;
srtp_cipher_dealloc_func_t dealloc;
srtp_cipher_init_func_t init;
srtp_cipher_set_aad_func_t set_aad;
srtp_cipher_encrypt_func_t encrypt;
srtp_cipher_encrypt_func_t decrypt;
srtp_cipher_set_iv_func_t set_iv;
srtp_cipher_get_tag_func_t get_tag;
const char *description;
const srtp_cipher_test_case_t *test_data;
srtp_cipher_type_id_t id;
} srtp_cipher_type_t;
/*
* cipher_t defines an instantiation of a particular cipher, with fixed
* srtp_cipher_t defines an instantiation of a particular cipher, with fixed
* key length, key and salt values
*/
typedef struct cipher_t {
cipher_type_t *type;
void *state;
int key_len;
int algorithm;
} cipher_t;
/* some syntactic sugar on these function types */
#define cipher_type_alloc(ct, c, klen, tlen) ((ct)->alloc((c), (klen), (tlen)))
#define cipher_dealloc(c) (((c)->type)->dealloc(c))
#define cipher_init(c, k) (((c)->type)->init(((c)->state), (k), ((c)->key_len)))
#define cipher_encrypt(c, buf, len) \
(((c)->type)->encrypt(((c)->state), (buf), (len)))
#define cipher_get_tag(c, buf, len) \
(((c)->type)->get_tag(((c)->state), (buf), (len)))
#define cipher_decrypt(c, buf, len) \
(((c)->type)->decrypt(((c)->state), (buf), (len)))
#define cipher_set_iv(c, n, dir) \
((c) ? (((c)->type)->set_iv(((cipher_pointer_t)(c)->state), (n), (dir))) : \
err_status_no_such_op)
#define cipher_set_aad(c, a, l) \
(((c) && (((c)->type)->set_aad)) ? \
(((c)->type)->set_aad(((c)->state), (a), (l))) : \
err_status_no_such_op)
err_status_t
cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output);
typedef struct srtp_cipher_t {
const srtp_cipher_type_t *type;
void *state;
int key_len;
int algorithm;
} srtp_cipher_t;
/* some bookkeeping functions */
int
cipher_get_key_length(const cipher_t *c);
/*
* cipher_type_self_test() tests a cipher against test cases provided in
* an array of values of key/xtd_seq_num_t/plaintext/ciphertext
* that is known to be good
*/
err_status_t
cipher_type_self_test(const cipher_type_t *ct);
/*
* cipher_type_test() tests a cipher against external test cases provided in
* an array of values of key/xtd_seq_num_t/plaintext/ciphertext
* that is known to be good
*/
err_status_t
cipher_type_test(const cipher_type_t *ct, const cipher_test_case_t *test_data);
int srtp_cipher_get_key_length(const srtp_cipher_t *c);
/*
* cipher_bits_per_second(c, l, t) computes (and estimate of) the
* srtp_cipher_type_self_test() tests a cipher against test cases provided in
* an array of values of key/srtp_xtd_seq_num_t/plaintext/ciphertext
* that is known to be good
*/
srtp_err_status_t srtp_cipher_type_self_test(const srtp_cipher_type_t *ct);
/*
* srtp_cipher_type_test() tests a cipher against external test cases provided in
* an array of values of key/srtp_xtd_seq_num_t/plaintext/ciphertext
* that is known to be good
*/
srtp_err_status_t srtp_cipher_type_test(const srtp_cipher_type_t *ct, const srtp_cipher_test_case_t *test_data);
/*
* srtp_cipher_bits_per_second(c, l, t) computes (an estimate of) the
* number of bits that a cipher implementation can encrypt in a second
*
*
* c is a cipher (which MUST be allocated and initialized already), l
* is the length in octets of the test data to be encrypted, and t is
* the number of trials
*
* if an error is encountered, then the value 0 is returned
*/
uint64_t srtp_cipher_bits_per_second(srtp_cipher_t *c, int octets_in_buffer, int num_trials);
uint64_t
cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials);
srtp_err_status_t srtp_cipher_type_alloc(const srtp_cipher_type_t *ct, srtp_cipher_t **c, int key_len, int tlen);
srtp_err_status_t srtp_cipher_dealloc(srtp_cipher_t *c);
srtp_err_status_t srtp_cipher_init(srtp_cipher_t *c, const uint8_t *key);
srtp_err_status_t srtp_cipher_set_iv(srtp_cipher_t *c, uint8_t *iv, int direction);
srtp_err_status_t srtp_cipher_output(srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output);
srtp_err_status_t srtp_cipher_encrypt(srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output);
srtp_err_status_t srtp_cipher_decrypt(srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output);
srtp_err_status_t srtp_cipher_get_tag(srtp_cipher_t *c, uint8_t *buffer, uint32_t *tag_len);
srtp_err_status_t srtp_cipher_set_aad(srtp_cipher_t *c, const uint8_t *aad, uint32_t aad_len);
#endif /* CIPHER_H */
/*
* srtp_replace_cipher_type(ct, id)
*
* replaces srtp's existing cipher implementation for the cipher_type id
* with a new one passed in externally. The new cipher must pass all the
* existing cipher_type's self tests as well as its own.
*/
srtp_err_status_t srtp_replace_cipher_type(const srtp_cipher_type_t *ct, srtp_cipher_type_id_t id);
#ifdef __cplusplus
}
#endif
#endif /* SRTP_CIPHER_H */