lightmelody

changeset 718:1a5f60f5df74

added vapi and include files for libsrtp
author Matt Habel <habelinc@gmail.com>
date Wed, 25 Dec 2013 20:32:47 -0500
parents 7acbbd8da0b7
children bdcb548baf22
files include/srtp/ekt.h include/srtp/getopt_s.h include/srtp/rtp.h include/srtp/rtp_priv.h include/srtp/srtp.h include/srtp/srtp/ekt.h include/srtp/srtp/getopt_s.h include/srtp/srtp/rtp.h include/srtp/srtp/rtp_priv.h include/srtp/srtp/srtp.h include/srtp/srtp/srtp_priv.h include/srtp/srtp/ut_sim.h include/srtp/srtp_priv.h include/srtp/ut_sim.h vapi/srtp.vapi
diffstat 15 files changed, 3886 insertions(+), 0 deletions(-) [+]
line diff
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/include/srtp/ekt.h	Wed Dec 25 20:32:47 2013 -0500
     1.3 @@ -0,0 +1,201 @@
     1.4 +/*
     1.5 + * ekt.h
     1.6 + *
     1.7 + * interface to Encrypted Key Transport for SRTP
     1.8 + *
     1.9 + * David McGrew
    1.10 + * Cisco Systems, Inc.
    1.11 + */
    1.12 +/*
    1.13 + *	
    1.14 + * Copyright (c) 2001-2005 Cisco Systems, Inc.
    1.15 + * All rights reserved.
    1.16 + * 
    1.17 + * Redistribution and use in source and binary forms, with or without
    1.18 + * modification, are permitted provided that the following conditions
    1.19 + * are met:
    1.20 + * 
    1.21 + *   Redistributions of source code must retain the above copyright
    1.22 + *   notice, this list of conditions and the following disclaimer.
    1.23 + * 
    1.24 + *   Redistributions in binary form must reproduce the above
    1.25 + *   copyright notice, this list of conditions and the following
    1.26 + *   disclaimer in the documentation and/or other materials provided
    1.27 + *   with the distribution.
    1.28 + * 
    1.29 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
    1.30 + *   contributors may be used to endorse or promote products derived
    1.31 + *   from this software without specific prior written permission.
    1.32 + * 
    1.33 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    1.34 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    1.35 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
    1.36 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    1.37 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
    1.38 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    1.39 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
    1.40 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    1.41 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    1.42 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    1.43 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    1.44 + * OF THE POSSIBILITY OF SUCH DAMAGE.
    1.45 + *
    1.46 + */
    1.47 +
    1.48 +
    1.49 +
    1.50 +/*
    1.51 + * EKT implementation strategy 
    1.52 + * 
    1.53 + * use stream_template approach
    1.54 + *
    1.55 + * in srtp_unprotect, when a new stream appears, check if template has
    1.56 + * EKT defined, and if it does, then apply EKT processing 
    1.57 + *
    1.58 + * question: will we want to allow key-sharing templates in addition
    1.59 + * to EKT templates?  could define a new ssrc_type_t that's associated
    1.60 + * with an EKT, e.g.  ssrc_any_ekt.
    1.61 + *
    1.62 + *
    1.63 + */
    1.64 +
    1.65 +#ifndef EKT_H
    1.66 +#define EKT_H
    1.67 +
    1.68 +#ifdef __cplusplus
    1.69 +extern "C" {
    1.70 +#endif
    1.71 +
    1.72 +#include "srtp_priv.h"
    1.73 +
    1.74 +#define EKT_CIPHER_DEFAULT           1
    1.75 +#define EKT_CIPHER_AES_128_ECB       1
    1.76 +#define EKT_CIPHER_AES_192_KEY_WRAP  2
    1.77 +#define EKT_CIPHER_AES_256_KEY_WRAP  3
    1.78 +
    1.79 +typedef uint16_t ekt_spi_t;
    1.80 +
    1.81 +
    1.82 +unsigned
    1.83 +ekt_octets_after_base_tag(ekt_stream_t ekt);
    1.84 +
    1.85 +/*
    1.86 + * an srtp_policy_t structure can contain a pointer to an
    1.87 + * ekt_policy_t structure
    1.88 + *
    1.89 + * this structure holds all of the high level EKT information, and it
    1.90 + * is passed into libsrtp to indicate what policy should be in effect
    1.91 + */
    1.92 +
    1.93 +typedef struct ekt_policy_ctx_t {
    1.94 +  ekt_spi_t  spi;     /* security parameter index */
    1.95 +  uint8_t    ekt_cipher_type;
    1.96 +  uint8_t   *ekt_key;
    1.97 +  struct ekt_policy_ctx_t *next_ekt_policy;
    1.98 +} ekt_policy_ctx_t;
    1.99 +
   1.100 +
   1.101 +/*
   1.102 + * an ekt_data_t structure holds the data corresponding to an ekt key,
   1.103 + * spi, and so on
   1.104 + */
   1.105 +
   1.106 +typedef struct ekt_data_t {
   1.107 +  ekt_spi_t spi;
   1.108 +  uint8_t ekt_cipher_type;
   1.109 +  aes_expanded_key_t ekt_enc_key;
   1.110 +  aes_expanded_key_t ekt_dec_key;
   1.111 +  struct ekt_data_t *next_ekt_data;
   1.112 +} ekt_data_t;
   1.113 +
   1.114 +/*
   1.115 + * an srtp_stream_ctx_t can contain an ekt_stream_ctx_t
   1.116 + *
   1.117 + * an ekt_stream_ctx_t structure holds all of the EKT information for
   1.118 + * a specific SRTP stream
   1.119 + */
   1.120 +
   1.121 +typedef struct ekt_stream_ctx_t {
   1.122 +  ekt_data_t *data;    
   1.123 +  uint16_t    isn;     /* initial sequence number  */
   1.124 +  uint8_t     encrypted_master_key[SRTP_MAX_KEY_LEN];
   1.125 +} ekt_stream_ctx_t;
   1.126 +
   1.127 +
   1.128 +
   1.129 +err_status_t 
   1.130 +ekt_alloc(ekt_stream_t *stream_data, ekt_policy_t policy);
   1.131 +
   1.132 +err_status_t
   1.133 +ekt_stream_init(ekt_stream_t e, 
   1.134 +		ekt_spi_t spi,
   1.135 +		void *ekt_key,
   1.136 +		unsigned ekt_cipher_type);
   1.137 +
   1.138 +err_status_t
   1.139 +ekt_stream_init_from_policy(ekt_stream_t e, ekt_policy_t p);
   1.140 +  
   1.141 +
   1.142 +
   1.143 +err_status_t
   1.144 +srtp_stream_init_from_ekt(srtp_stream_t stream,			  
   1.145 +			  const void *srtcp_hdr,
   1.146 +			  unsigned pkt_octet_len);
   1.147 +		
   1.148 +
   1.149 +void
   1.150 +ekt_write_data(ekt_stream_t ekt,
   1.151 +	       uint8_t *base_tag, 
   1.152 +	       unsigned base_tag_len, 
   1.153 +	       int *packet_len,
   1.154 +	       xtd_seq_num_t pkt_index);		
   1.155 +
   1.156 +/*
   1.157 + * We handle EKT by performing some additional steps before
   1.158 + * authentication (copying the auth tag into a temporary location,
   1.159 + * zeroizing the "base tag" field in the packet)
   1.160 + *
   1.161 + * With EKT, the tag_len parameter is actually the base tag
   1.162 + * length
   1.163 + */
   1.164 +
   1.165 +err_status_t
   1.166 +ekt_tag_verification_preproces(uint8_t *pkt_tag, 
   1.167 +			       uint8_t *pkt_tag_copy, 
   1.168 +			       unsigned tag_len);
   1.169 +
   1.170 +err_status_t
   1.171 +ekt_tag_verification_postproces(uint8_t *pkt_tag,
   1.172 +				uint8_t *pkt_tag_copy,
   1.173 +				unsigned tag_len);
   1.174 +
   1.175 +
   1.176 +/*
   1.177 + * @brief EKT pre-processing for srtcp tag generation
   1.178 + *
   1.179 + * This function does the pre-processing of the SRTCP authentication
   1.180 + * tag format.  When EKT is used, it consists of writing the Encrypted
   1.181 + * Master Key, the SRTP ROC, the Initial Sequence Number, and SPI
   1.182 + * fields.  The Base Authentication Tag field is set to the all-zero
   1.183 + * value
   1.184 + * 
   1.185 + * When EKT is not used, this function is a no-op.
   1.186 + * 
   1.187 + */
   1.188 +
   1.189 +err_status_t
   1.190 +srtp_stream_srtcp_auth_tag_generation_preprocess(const srtp_stream_t *s,
   1.191 +						 uint8_t *pkt_tag,
   1.192 +						 unsigned pkt_octet_len);
   1.193 +
   1.194 +/* it's not clear that a tag_generation_postprocess function is needed */
   1.195 +
   1.196 +err_status_t
   1.197 +srtcp_auth_tag_generation_postprocess(void);
   1.198 +
   1.199 +
   1.200 +#ifdef __cplusplus
   1.201 +}
   1.202 +#endif
   1.203 +
   1.204 +#endif /* EKT_H */
     2.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     2.2 +++ b/include/srtp/getopt_s.h	Wed Dec 25 20:32:47 2013 -0500
     2.3 @@ -0,0 +1,60 @@
     2.4 +/*
     2.5 + * getopt.h
     2.6 + *
     2.7 + * interface to a minimal implementation of the getopt() function,
     2.8 + * written so that test applications that use that function can run on
     2.9 + * non-POSIX platforms
    2.10 + *
    2.11 + */
    2.12 +/*
    2.13 + *	
    2.14 + * Copyright (c) 2001-2006 Cisco Systems, Inc.
    2.15 + * All rights reserved.
    2.16 + * 
    2.17 + * Redistribution and use in source and binary forms, with or without
    2.18 + * modification, are permitted provided that the following conditions
    2.19 + * are met:
    2.20 + * 
    2.21 + *   Redistributions of source code must retain the above copyright
    2.22 + *   notice, this list of conditions and the following disclaimer.
    2.23 + * 
    2.24 + *   Redistributions in binary form must reproduce the above
    2.25 + *   copyright notice, this list of conditions and the following
    2.26 + *   disclaimer in the documentation and/or other materials provided
    2.27 + *   with the distribution.
    2.28 + * 
    2.29 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
    2.30 + *   contributors may be used to endorse or promote products derived
    2.31 + *   from this software without specific prior written permission.
    2.32 + * 
    2.33 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    2.34 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    2.35 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
    2.36 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    2.37 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
    2.38 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    2.39 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
    2.40 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    2.41 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    2.42 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    2.43 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    2.44 + * OF THE POSSIBILITY OF SUCH DAMAGE.
    2.45 + *
    2.46 + */
    2.47 +
    2.48 +#ifndef GETOPT_S_H
    2.49 +#define GETOPT_S_H
    2.50 +
    2.51 +/* 
    2.52 + * getopt_s(), optarg_s, and optind_s are small, locally defined
    2.53 + * versions of the POSIX standard getopt() interface.
    2.54 + */
    2.55 + 
    2.56 +int
    2.57 +getopt_s(int argc, char * const argv[], const char *optstring);
    2.58 +
    2.59 +extern char *optarg_s;    /* defined in getopt.c */
    2.60 +
    2.61 +extern int optind_s;      /* defined in getopt.c */
    2.62 +
    2.63 +#endif /* GETOPT_S_H */
     3.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     3.2 +++ b/include/srtp/rtp.h	Wed Dec 25 20:32:47 2013 -0500
     3.3 @@ -0,0 +1,139 @@
     3.4 +/*
     3.5 + * rtp.h
     3.6 + * 
     3.7 + * rtp interface for srtp reference implementation
     3.8 + *
     3.9 + * David A. McGrew
    3.10 + * Cisco Systems, Inc.
    3.11 + *
    3.12 + * data types:
    3.13 + *
    3.14 + * rtp_msg_t       an rtp message (the data that goes on the wire)
    3.15 + * rtp_sender_t    sender side socket and rtp info
    3.16 + * rtp_receiver_t  receiver side socket and rtp info
    3.17 + *
    3.18 + */
    3.19 +
    3.20 +/*
    3.21 + *	
    3.22 + * Copyright (c) 2001-2006, Cisco Systems, Inc.
    3.23 + * All rights reserved.
    3.24 + * 
    3.25 + * Redistribution and use in source and binary forms, with or without
    3.26 + * modification, are permitted provided that the following conditions
    3.27 + * are met:
    3.28 + * 
    3.29 + *   Redistributions of source code must retain the above copyright
    3.30 + *   notice, this list of conditions and the following disclaimer.
    3.31 + * 
    3.32 + *   Redistributions in binary form must reproduce the above
    3.33 + *   copyright notice, this list of conditions and the following
    3.34 + *   disclaimer in the documentation and/or other materials provided
    3.35 + *   with the distribution.
    3.36 + * 
    3.37 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
    3.38 + *   contributors may be used to endorse or promote products derived
    3.39 + *   from this software without specific prior written permission.
    3.40 + * 
    3.41 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    3.42 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    3.43 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
    3.44 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    3.45 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
    3.46 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    3.47 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
    3.48 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    3.49 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    3.50 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    3.51 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    3.52 + * OF THE POSSIBILITY OF SUCH DAMAGE.
    3.53 + *
    3.54 + */
    3.55 +
    3.56 +
    3.57 +#ifndef RTP_H
    3.58 +#define RTP_H
    3.59 +
    3.60 +#ifdef HAVE_NETINET_IN_H
    3.61 +# include <netinet/in.h>
    3.62 +#elif defined HAVE_WINSOCK2_H
    3.63 +# include <winsock2.h>
    3.64 +#endif
    3.65 +
    3.66 +#include "srtp.h"
    3.67 +
    3.68 +typedef struct rtp_sender_ctx_t *rtp_sender_t;
    3.69 +
    3.70 +typedef struct rtp_receiver_ctx_t *rtp_receiver_t;
    3.71 +
    3.72 +int
    3.73 +rtp_sendto(rtp_sender_t sender, const void* msg, int len);
    3.74 +
    3.75 +int
    3.76 +rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len);
    3.77 +
    3.78 +int
    3.79 +rtp_receiver_init(rtp_receiver_t rcvr, int sock, 
    3.80 +		  struct sockaddr_in addr, unsigned int ssrc);
    3.81 +
    3.82 +int
    3.83 +rtp_sender_init(rtp_sender_t sender, int sock, 
    3.84 +		struct sockaddr_in addr, unsigned int ssrc);
    3.85 +
    3.86 +/*
    3.87 + * srtp_sender_init(...) initializes an rtp_sender_t
    3.88 + */
    3.89 +
    3.90 +int
    3.91 +srtp_sender_init(rtp_sender_t rtp_ctx,          /* structure to be init'ed */
    3.92 +		 struct sockaddr_in name,       /* socket name             */
    3.93 +		 sec_serv_t security_services,  /* sec. servs. to be used  */
    3.94 +		 unsigned char *input_key       /* master key/salt in hex  */
    3.95 +		 );
    3.96 +
    3.97 +int
    3.98 +srtp_receiver_init(rtp_receiver_t rtp_ctx,       /* structure to be init'ed */
    3.99 +		   struct sockaddr_in name, 	 /* socket name             */
   3.100 +		   sec_serv_t security_services, /* sec. servs. to be used  */
   3.101 +		   unsigned char *input_key	 /* master key/salt in hex  */
   3.102 +		   );
   3.103 +
   3.104 +
   3.105 +int
   3.106 +rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy);
   3.107 +
   3.108 +int
   3.109 +rtp_sender_deinit_srtp(rtp_sender_t sender);
   3.110 +
   3.111 +int
   3.112 +rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy);
   3.113 +
   3.114 +int
   3.115 +rtp_receiver_deinit_srtp(rtp_receiver_t sender);
   3.116 +
   3.117 +
   3.118 +rtp_sender_t 
   3.119 +rtp_sender_alloc(void);
   3.120 +
   3.121 +void
   3.122 +rtp_sender_dealloc(rtp_sender_t rtp_ctx);
   3.123 +
   3.124 +rtp_receiver_t 
   3.125 +rtp_receiver_alloc(void);
   3.126 +
   3.127 +void
   3.128 +rtp_receiver_dealloc(rtp_receiver_t rtp_ctx);
   3.129 +
   3.130 +
   3.131 +/*
   3.132 + * RTP_HEADER_LEN indicates the size of an RTP header
   3.133 + */
   3.134 +#define RTP_HEADER_LEN   12
   3.135 +
   3.136 +/* 
   3.137 + * RTP_MAX_BUF_LEN defines the largest RTP packet in the rtp.c implementation
   3.138 + */
   3.139 +#define RTP_MAX_BUF_LEN  16384
   3.140 +
   3.141 +
   3.142 +#endif /* RTP_H */
     4.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     4.2 +++ b/include/srtp/rtp_priv.h	Wed Dec 25 20:32:47 2013 -0500
     4.3 @@ -0,0 +1,74 @@
     4.4 +/*
     4.5 + * rtp_priv.h
     4.6 + *
     4.7 + * private, internal header file for RTP
     4.8 + *
     4.9 + * David A. McGrew
    4.10 + * Cisco Systems, Inc.
    4.11 + */
    4.12 +/*
    4.13 + *	
    4.14 + * Copyright (c) 2001-2006 Cisco Systems, Inc.
    4.15 + * All rights reserved.
    4.16 + * 
    4.17 + * Redistribution and use in source and binary forms, with or without
    4.18 + * modification, are permitted provided that the following conditions
    4.19 + * are met:
    4.20 + * 
    4.21 + *   Redistributions of source code must retain the above copyright
    4.22 + *   notice, this list of conditions and the following disclaimer.
    4.23 + * 
    4.24 + *   Redistributions in binary form must reproduce the above
    4.25 + *   copyright notice, this list of conditions and the following
    4.26 + *   disclaimer in the documentation and/or other materials provided
    4.27 + *   with the distribution.
    4.28 + * 
    4.29 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
    4.30 + *   contributors may be used to endorse or promote products derived
    4.31 + *   from this software without specific prior written permission.
    4.32 + * 
    4.33 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    4.34 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    4.35 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
    4.36 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    4.37 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
    4.38 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    4.39 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
    4.40 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    4.41 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    4.42 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    4.43 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    4.44 + * OF THE POSSIBILITY OF SUCH DAMAGE.
    4.45 + *
    4.46 + */
    4.47 +
    4.48 +
    4.49 +#ifndef RTP_PRIV_H
    4.50 +#define RTP_PRIV_H
    4.51 +
    4.52 +#include "srtp_priv.h"
    4.53 +#include "rtp.h"
    4.54 +
    4.55 +typedef srtp_hdr_t rtp_hdr_t;
    4.56 +
    4.57 +typedef struct {
    4.58 +  srtp_hdr_t header;        
    4.59 +  char body[RTP_MAX_BUF_LEN];  
    4.60 +} rtp_msg_t;
    4.61 +
    4.62 +typedef struct rtp_sender_ctx_t {
    4.63 +  rtp_msg_t message;         
    4.64 +  int socket;
    4.65 +  srtp_ctx_t *srtp_ctx;
    4.66 +  struct sockaddr_in addr;   /* reciever's address */
    4.67 +} rtp_sender_ctx_t;
    4.68 +
    4.69 +typedef struct rtp_receiver_ctx_t {
    4.70 +  rtp_msg_t message;
    4.71 +  int socket;
    4.72 +  srtp_ctx_t *srtp_ctx;
    4.73 +  struct sockaddr_in addr;   /* receiver's address */
    4.74 +} rtp_receiver_ctx_t;
    4.75 +
    4.76 +
    4.77 +#endif /* RTP_PRIV_H */
     5.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     5.2 +++ b/include/srtp/srtp.h	Wed Dec 25 20:32:47 2013 -0500
     5.3 @@ -0,0 +1,1016 @@
     5.4 +/*
     5.5 + * srtp.h
     5.6 + *
     5.7 + * interface to libsrtp
     5.8 + *
     5.9 + * David A. McGrew
    5.10 + * Cisco Systems, Inc.
    5.11 + */
    5.12 +/*
    5.13 + *
    5.14 + * Copyright (c) 2001-2006, Cisco Systems, Inc.
    5.15 + * All rights reserved.
    5.16 + *
    5.17 + * Redistribution and use in source and binary forms, with or without
    5.18 + * modification, are permitted provided that the following conditions
    5.19 + * are met:
    5.20 + *
    5.21 + *   Redistributions of source code must retain the above copyright
    5.22 + *   notice, this list of conditions and the following disclaimer.
    5.23 + *
    5.24 + *   Redistributions in binary form must reproduce the above
    5.25 + *   copyright notice, this list of conditions and the following
    5.26 + *   disclaimer in the documentation and/or other materials provided
    5.27 + *   with the distribution.
    5.28 + *
    5.29 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
    5.30 + *   contributors may be used to endorse or promote products derived
    5.31 + *   from this software without specific prior written permission.
    5.32 + *
    5.33 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    5.34 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    5.35 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
    5.36 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    5.37 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
    5.38 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    5.39 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
    5.40 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    5.41 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    5.42 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    5.43 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    5.44 + * OF THE POSSIBILITY OF SUCH DAMAGE.
    5.45 + *
    5.46 + */
    5.47 +
    5.48 +
    5.49 +#ifndef SRTP_H
    5.50 +#define SRTP_H
    5.51 +
    5.52 +#ifdef __cplusplus
    5.53 +extern "C" {
    5.54 +#endif
    5.55 +
    5.56 +#include "crypto_kernel.h"
    5.57 +
    5.58 +/**
    5.59 + * @defgroup SRTP Secure RTP
    5.60 + *
    5.61 + * @brief libSRTP provides functions for protecting RTP and RTCP.  See
    5.62 + * Section @ref Overview for an introduction to the use of the library.
    5.63 + *
    5.64 + * @{
    5.65 + */
    5.66 +
    5.67 +/*
    5.68 + * SRTP_MASTER_KEY_LEN is the nominal master key length supported by libSRTP
    5.69 + */
    5.70 +
    5.71 +#define SRTP_MASTER_KEY_LEN 30
    5.72 +
    5.73 +/*
    5.74 + * SRTP_MAX_KEY_LEN is the maximum key length supported by libSRTP
    5.75 + */
    5.76 +#define SRTP_MAX_KEY_LEN      64
    5.77 +
    5.78 +/*
    5.79 + * SRTP_MAX_TAG_LEN is the maximum tag length supported by libSRTP
    5.80 + */
    5.81 +
    5.82 +#define SRTP_MAX_TAG_LEN 12
    5.83 +
    5.84 +/**
    5.85 + * SRTP_MAX_TRAILER_LEN is the maximum length of the SRTP trailer
    5.86 + * (authentication tag and MKI) supported by libSRTP.  This value is
    5.87 + * the maximum number of octets that will be added to an RTP packet by
    5.88 + * srtp_protect().
    5.89 + *
    5.90 + * @brief the maximum number of octets added by srtp_protect().
    5.91 + */
    5.92 +#define SRTP_MAX_TRAILER_LEN SRTP_MAX_TAG_LEN
    5.93 +
    5.94 +/*
    5.95 + * nota bene: since libSRTP doesn't support the use of the MKI, the
    5.96 + * SRTP_MAX_TRAILER_LEN value is just the maximum tag length
    5.97 + */
    5.98 +
    5.99 +/**
   5.100 + * @brief sec_serv_t describes a set of security services.
   5.101 + *
   5.102 + * A sec_serv_t enumeration is used to describe the particular
   5.103 + * security services that will be applied by a particular crypto
   5.104 + * policy (or other mechanism).
   5.105 + */
   5.106 +
   5.107 +typedef enum {
   5.108 +  sec_serv_none          = 0, /**< no services                        */
   5.109 +  sec_serv_conf          = 1, /**< confidentiality                    */
   5.110 +  sec_serv_auth          = 2, /**< authentication                     */
   5.111 +  sec_serv_conf_and_auth = 3  /**< confidentiality and authentication */
   5.112 +} sec_serv_t;
   5.113 +
   5.114 +/**
   5.115 + * @brief crypto_policy_t describes a particular crypto policy that
   5.116 + * can be applied to an SRTP stream.
   5.117 + *
   5.118 + * A crypto_policy_t describes a particular cryptographic policy that
   5.119 + * can be applied to an SRTP or SRTCP stream.  An SRTP session policy
   5.120 + * consists of a list of these policies, one for each SRTP stream
   5.121 + * in the session.
   5.122 + */
   5.123 +
   5.124 +typedef struct crypto_policy_t {
   5.125 +  cipher_type_id_t cipher_type;    /**< An integer representing
   5.126 +				    *   the type of cipher.  */
   5.127 +  int              cipher_key_len; /**< The length of the cipher key
   5.128 +				    *   in octets.                       */
   5.129 +  auth_type_id_t   auth_type;      /**< An integer representing the
   5.130 +				    *   authentication function.         */
   5.131 +  int              auth_key_len;   /**< The length of the authentication
   5.132 +				    *   function key in octets.          */
   5.133 +  int              auth_tag_len;   /**< The length of the authentication
   5.134 +				    *   tag in octets.                   */
   5.135 +  sec_serv_t       sec_serv;       /**< The flag indicating the security
   5.136 +				    *   services to be applied.          */
   5.137 +} crypto_policy_t;
   5.138 +
   5.139 +
   5.140 +/**
   5.141 + * @brief ssrc_type_t describes the type of an SSRC.
   5.142 + *
   5.143 + * An ssrc_type_t enumeration is used to indicate a type of SSRC.  See
   5.144 + * @ref srtp_policy_t for more informataion.
   5.145 + */
   5.146 +
   5.147 +typedef enum {
   5.148 +  ssrc_undefined    = 0,  /**< Indicates an undefined SSRC type. */
   5.149 +  ssrc_specific     = 1,  /**< Indicates a specific SSRC value   */
   5.150 +  ssrc_any_inbound  = 2, /**< Indicates any inbound SSRC value
   5.151 +			    (i.e. a value that is used in the
   5.152 +			    function srtp_unprotect())              */
   5.153 +  ssrc_any_outbound = 3  /**< Indicates any outbound SSRC value
   5.154 +			    (i.e. a value that is used in the
   5.155 +			    function srtp_protect())		  */
   5.156 +} ssrc_type_t;
   5.157 +
   5.158 +/**
   5.159 + * @brief An ssrc_t represents a particular SSRC value, or a `wildcard' SSRC.
   5.160 + *
   5.161 + * An ssrc_t represents a particular SSRC value (if its type is
   5.162 + * ssrc_specific), or a wildcard SSRC value that will match all
   5.163 + * outbound SSRCs (if its type is ssrc_any_outbound) or all inbound
   5.164 + * SSRCs (if its type is ssrc_any_inbound).
   5.165 + *
   5.166 + */
   5.167 +
   5.168 +typedef struct {
   5.169 +  ssrc_type_t type;   /**< The type of this particular SSRC */
   5.170 +  unsigned int value; /**< The value of this SSRC, if it is not a wildcard */
   5.171 +} ssrc_t;
   5.172 +
   5.173 +
   5.174 +/**
   5.175 + * @brief points to an EKT policy
   5.176 + */
   5.177 +typedef struct ekt_policy_ctx_t *ekt_policy_t;
   5.178 +
   5.179 +
   5.180 +/**
   5.181 + * @brief points to EKT stream data
   5.182 + */
   5.183 +typedef struct ekt_stream_ctx_t *ekt_stream_t;
   5.184 +
   5.185 +
   5.186 +/**
   5.187 + * @brief represents the policy for an SRTP session.
   5.188 + *
   5.189 + * A single srtp_policy_t struct represents the policy for a single
   5.190 + * SRTP stream, and a linked list of these elements represents the
   5.191 + * policy for an entire SRTP session.  Each element contains the SRTP
   5.192 + * and SRTCP crypto policies for that stream, a pointer to the SRTP
   5.193 + * master key for that stream, the SSRC describing that stream, or a
   5.194 + * flag indicating a `wildcard' SSRC value, and a `next' field that
   5.195 + * holds a pointer to the next element in the list of policy elements,
   5.196 + * or NULL if it is the last element.
   5.197 + *
   5.198 + * The wildcard value SSRC_ANY_INBOUND matches any SSRC from an
   5.199 + * inbound stream that for which there is no explicit SSRC entry in
   5.200 + * another policy element.  Similarly, the value SSRC_ANY_OUTBOUND
   5.201 + * will matches any SSRC from an outbound stream that does not appear
   5.202 + * in another policy element.  Note that wildcard SSRCs &b cannot be
   5.203 + * used to match both inbound and outbound traffic.  This restriction
   5.204 + * is intentional, and it allows libSRTP to ensure that no security
   5.205 + * lapses result from accidental re-use of SSRC values during key
   5.206 + * sharing.
   5.207 + *
   5.208 + *
   5.209 + * @warning The final element of the list @b must have its `next' pointer
   5.210 + *          set to NULL.
   5.211 + */
   5.212 +
   5.213 +typedef struct srtp_policy_t {
   5.214 +  ssrc_t        ssrc;        /**< The SSRC value of stream, or the
   5.215 +			      *   flags SSRC_ANY_INBOUND or
   5.216 +			      *   SSRC_ANY_OUTBOUND if key sharing
   5.217 +			      *   is used for this policy element.
   5.218 +			      */
   5.219 +  crypto_policy_t rtp;         /**< SRTP crypto policy.                  */
   5.220 +  crypto_policy_t rtcp;        /**< SRTCP crypto policy.                 */
   5.221 +  unsigned char *key;          /**< Pointer to the SRTP master key for
   5.222 +				*    this stream.                        */
   5.223 +  ekt_policy_t ekt;            /**< Pointer to the EKT policy structure
   5.224 +                                *   for this stream (if any)             */
   5.225 +  unsigned long window_size;   /**< The window size to use for replay
   5.226 +				*   protection. */
   5.227 +  int        allow_repeat_tx;  /**< Whether retransmissions of
   5.228 +				*   packets with the same sequence number
   5.229 +				*   are allowed.  (Note that such repeated
   5.230 +				*   transmissions must have the same RTP
   5.231 +				*   payload, or a severe security weakness
   5.232 +				*   is introduced!)                      */
   5.233 +  struct srtp_policy_t *next;  /**< Pointer to next stream policy.       */
   5.234 +} srtp_policy_t;
   5.235 +
   5.236 +
   5.237 +
   5.238 +
   5.239 +/**
   5.240 + * @brief An srtp_t points to an SRTP session structure.
   5.241 + *
   5.242 + * The typedef srtp_t is a pointer to a structure that represents
   5.243 + * an SRTP session.  This datatype is intentially opaque in
   5.244 + * order to separate the interface from the implementation.
   5.245 + *
   5.246 + * An SRTP session consists of all of the traffic sent to the RTP and
   5.247 + * RTCP destination transport addresses, using the RTP/SAVP (Secure
   5.248 + * Audio/Video Profile).  A session can be viewed as a set of SRTP
   5.249 + * streams, each of which originates with a different participant.
   5.250 + */
   5.251 +
   5.252 +typedef struct srtp_ctx_t *srtp_t;
   5.253 +
   5.254 +
   5.255 +/**
   5.256 + * @brief An srtp_stream_t points to an SRTP stream structure.
   5.257 + *
   5.258 + * The typedef srtp_stream_t is a pointer to a structure that
   5.259 + * represents an SRTP stream.  This datatype is intentionally
   5.260 + * opaque in order to separate the interface from the implementation.
   5.261 + *
   5.262 + * An SRTP stream consists of all of the traffic sent to an SRTP
   5.263 + * session by a single participant.  A session can be viewed as
   5.264 + * a set of streams.
   5.265 + *
   5.266 + */
   5.267 +typedef struct srtp_stream_ctx_t *srtp_stream_t;
   5.268 +
   5.269 +
   5.270 +
   5.271 +/**
   5.272 + * @brief srtp_init() initializes the srtp library.
   5.273 + *
   5.274 + * @warning This function @b must be called before any other srtp
   5.275 + * functions.
   5.276 + */
   5.277 +
   5.278 +err_status_t
   5.279 +srtp_init(void);
   5.280 +
   5.281 +/**
   5.282 + * @brief srtp_shutdown() de-initializes the srtp library.
   5.283 + *
   5.284 + * @warning No srtp functions may be called after calling this function.
   5.285 + */
   5.286 +
   5.287 +err_status_t
   5.288 +srtp_shutdown(void);
   5.289 +
   5.290 +/**
   5.291 + * @brief srtp_protect() is the Secure RTP sender-side packet processing
   5.292 + * function.
   5.293 + *
   5.294 + * The function call srtp_protect(ctx, rtp_hdr, len_ptr) applies SRTP
   5.295 + * protection to the RTP packet rtp_hdr (which has length *len_ptr) using
   5.296 + * the SRTP context ctx.  If err_status_ok is returned, then rtp_hdr
   5.297 + * points to the resulting SRTP packet and *len_ptr is the number of
   5.298 + * octets in that packet; otherwise, no assumptions should be made
   5.299 + * about the value of either data elements.
   5.300 + *
   5.301 + * The sequence numbers of the RTP packets presented to this function
   5.302 + * need not be consecutive, but they @b must be out of order by less
   5.303 + * than 2^15 = 32,768 packets.
   5.304 + *
   5.305 + * @warning This function assumes that it can write the authentication
   5.306 + * tag into the location in memory immediately following the RTP
   5.307 + * packet, and assumes that the RTP packet is aligned on a 32-bit
   5.308 + * boundary.
   5.309 + *
   5.310 + * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN
   5.311 + * into the location in memory immediately following the RTP packet.
   5.312 + * Callers MUST ensure that this much writable memory is available in
   5.313 + * the buffer that holds the RTP packet.
   5.314 + *
   5.315 + * @param ctx is the SRTP context to use in processing the packet.
   5.316 + *
   5.317 + * @param rtp_hdr is a pointer to the RTP packet (before the call); after
   5.318 + * the function returns, it points to the srtp packet.
   5.319 + *
   5.320 + * @param len_ptr is a pointer to the length in octets of the complete
   5.321 + * RTP packet (header and body) before the function call, and of the
   5.322 + * complete SRTP packet after the call, if err_status_ok was returned.
   5.323 + * Otherwise, the value of the data to which it points is undefined.
   5.324 + *
   5.325 + * @return
   5.326 + *    - err_status_ok            no problems
   5.327 + *    - err_status_replay_fail   rtp sequence number was non-increasing
   5.328 + *    - @e other                 failure in cryptographic mechanisms
   5.329 + */
   5.330 +
   5.331 +err_status_t
   5.332 +srtp_protect(srtp_t ctx, void *rtp_hdr, int *len_ptr);
   5.333 +
   5.334 +/**
   5.335 + * @brief srtp_unprotect() is the Secure RTP receiver-side packet
   5.336 + * processing function.
   5.337 + *
   5.338 + * The function call srtp_unprotect(ctx, srtp_hdr, len_ptr) verifies
   5.339 + * the Secure RTP protection of the SRTP packet pointed to by srtp_hdr
   5.340 + * (which has length *len_ptr), using the SRTP context ctx.  If
   5.341 + * err_status_ok is returned, then srtp_hdr points to the resulting
   5.342 + * RTP packet and *len_ptr is the number of octets in that packet;
   5.343 + * otherwise, no assumptions should be made about the value of either
   5.344 + * data elements.
   5.345 + *
   5.346 + * The sequence numbers of the RTP packets presented to this function
   5.347 + * need not be consecutive, but they @b must be out of order by less
   5.348 + * than 2^15 = 32,768 packets.
   5.349 + *
   5.350 + * @warning This function assumes that the SRTP packet is aligned on a
   5.351 + * 32-bit boundary.
   5.352 + *
   5.353 + * @param ctx is a pointer to the srtp_t which applies to the
   5.354 + * particular packet.
   5.355 + *
   5.356 + * @param srtp_hdr is a pointer to the header of the SRTP packet
   5.357 + * (before the call).  after the function returns, it points to the
   5.358 + * rtp packet if err_status_ok was returned; otherwise, the value of
   5.359 + * the data to which it points is undefined.
   5.360 + *
   5.361 + * @param len_ptr is a pointer to the length in octets of the complete
   5.362 + * srtp packet (header and body) before the function call, and of the
   5.363 + * complete rtp packet after the call, if err_status_ok was returned.
   5.364 + * Otherwise, the value of the data to which it points is undefined.
   5.365 + *
   5.366 + * @return
   5.367 + *    - err_status_ok          if the RTP packet is valid.
   5.368 + *    - err_status_auth_fail   if the SRTP packet failed the message
   5.369 + *                             authentication check.
   5.370 + *    - err_status_replay_fail if the SRTP packet is a replay (e.g. packet has
   5.371 + *                             already been processed and accepted).
   5.372 + *    - [other]  if there has been an error in the cryptographic mechanisms.
   5.373 + *
   5.374 + */
   5.375 +
   5.376 +err_status_t
   5.377 +srtp_unprotect(srtp_t ctx, void *srtp_hdr, int *len_ptr);
   5.378 +
   5.379 +
   5.380 +/**
   5.381 + * @brief srtp_create() allocates and initializes an SRTP session.
   5.382 +
   5.383 + * The function call srtp_create(session, policy, key) allocates and
   5.384 + * initializes an SRTP session context, applying the given policy and
   5.385 + * key.
   5.386 + *
   5.387 + * @param session is the SRTP session to which the policy is to be added.
   5.388 + *
   5.389 + * @param policy is the srtp_policy_t struct that describes the policy
   5.390 + * for the session.  The struct may be a single element, or it may be
   5.391 + * the head of a list, in which case each element of the list is
   5.392 + * processed.  It may also be NULL, in which case streams should be added
   5.393 + * later using srtp_add_stream().  The final element of the list @b must
   5.394 + * have its `next' field set to NULL.
   5.395 + *
   5.396 + * @return
   5.397 + *    - err_status_ok           if creation succeded.
   5.398 + *    - err_status_alloc_fail   if allocation failed.
   5.399 + *    - err_status_init_fail    if initialization failed.
   5.400 + */
   5.401 +
   5.402 +err_status_t
   5.403 +srtp_create(srtp_t *session, const srtp_policy_t *policy);
   5.404 +
   5.405 +
   5.406 +/**
   5.407 + * @brief srtp_add_stream() allocates and initializes an SRTP stream
   5.408 + * within a given SRTP session.
   5.409 + *
   5.410 + * The function call srtp_add_stream(session, policy) allocates and
   5.411 + * initializes a new SRTP stream within a given, previously created
   5.412 + * session, applying the policy given as the other argument to that
   5.413 + * stream.
   5.414 + *
   5.415 + * @return values:
   5.416 + *    - err_status_ok           if stream creation succeded.
   5.417 + *    - err_status_alloc_fail   if stream allocation failed
   5.418 + *    - err_status_init_fail    if stream initialization failed.
   5.419 + */
   5.420 +
   5.421 +err_status_t
   5.422 +srtp_add_stream(srtp_t session,
   5.423 +		const srtp_policy_t *policy);
   5.424 +
   5.425 +
   5.426 +/**
   5.427 + * @brief srtp_remove_stream() deallocates an SRTP stream.
   5.428 + *
   5.429 + * The function call srtp_remove_stream(session, ssrc) removes
   5.430 + * the SRTP stream with the SSRC value ssrc from the SRTP session
   5.431 + * context given by the argument session.
   5.432 + *
   5.433 + * @param session is the SRTP session from which the stream
   5.434 + *        will be removed.
   5.435 + *
   5.436 + * @param ssrc is the SSRC value of the stream to be removed.
   5.437 + *
   5.438 + * @warning Wildcard SSRC values cannot be removed from a
   5.439 + *          session.
   5.440 + *
   5.441 + * @return
   5.442 + *    - err_status_ok     if the stream deallocation succeded.
   5.443 + *    - [other]           otherwise.
   5.444 + *
   5.445 + */
   5.446 +
   5.447 +err_status_t
   5.448 +srtp_remove_stream(srtp_t session, unsigned int ssrc);
   5.449 +
   5.450 +/**
   5.451 + * @brief crypto_policy_set_rtp_default() sets a crypto policy
   5.452 + * structure to the SRTP default policy for RTP protection.
   5.453 + *
   5.454 + * @param p is a pointer to the policy structure to be set
   5.455 + *
   5.456 + * The function call crypto_policy_set_rtp_default(&p) sets the
   5.457 + * crypto_policy_t at location p to the SRTP default policy for RTP
   5.458 + * protection, as defined in the specification.  This function is a
   5.459 + * convenience that helps to avoid dealing directly with the policy
   5.460 + * data structure.  You are encouraged to initialize policy elements
   5.461 + * with this function call.  Doing so may allow your code to be
   5.462 + * forward compatible with later versions of libSRTP that include more
   5.463 + * elements in the crypto_policy_t datatype.
   5.464 + *
   5.465 + * @return void.
   5.466 + *
   5.467 + */
   5.468 +
   5.469 +void
   5.470 +crypto_policy_set_rtp_default(crypto_policy_t *p);
   5.471 +
   5.472 +/**
   5.473 + * @brief crypto_policy_set_rtcp_default() sets a crypto policy
   5.474 + * structure to the SRTP default policy for RTCP protection.
   5.475 + *
   5.476 + * @param p is a pointer to the policy structure to be set
   5.477 + *
   5.478 + * The function call crypto_policy_set_rtcp_default(&p) sets the
   5.479 + * crypto_policy_t at location p to the SRTP default policy for RTCP
   5.480 + * protection, as defined in the specification.  This function is a
   5.481 + * convenience that helps to avoid dealing directly with the policy
   5.482 + * data structure.  You are encouraged to initialize policy elements
   5.483 + * with this function call.  Doing so may allow your code to be
   5.484 + * forward compatible with later versions of libSRTP that include more
   5.485 + * elements in the crypto_policy_t datatype.
   5.486 + *
   5.487 + * @return void.
   5.488 + *
   5.489 + */
   5.490 +
   5.491 +void
   5.492 +crypto_policy_set_rtcp_default(crypto_policy_t *p);
   5.493 +
   5.494 +/**
   5.495 + * @brief crypto_policy_set_aes_cm_128_hmac_sha1_80() sets a crypto
   5.496 + * policy structure to the SRTP default policy for RTP protection.
   5.497 + *
   5.498 + * @param p is a pointer to the policy structure to be set
   5.499 + *
   5.500 + * The function crypto_policy_set_aes_cm_128_hmac_sha1_80() is a
   5.501 + * synonym for crypto_policy_set_rtp_default().  It conforms to the
   5.502 + * naming convention used in RFC 4568 (SDP Security Descriptions for
   5.503 + * Media Streams).
   5.504 + *
   5.505 + * @return void.
   5.506 + *
   5.507 + */
   5.508 +
   5.509 +#define crypto_policy_set_aes_cm_128_hmac_sha1_80(p) crypto_policy_set_rtp_default(p)
   5.510 +
   5.511 +
   5.512 +/**
   5.513 + * @brief crypto_policy_set_aes_cm_128_hmac_sha1_32() sets a crypto
   5.514 + * policy structure to a short-authentication tag policy
   5.515 + *
   5.516 + * @param p is a pointer to the policy structure to be set
   5.517 + *
   5.518 + * The function call crypto_policy_set_aes_cm_128_hmac_sha1_32(&p)
   5.519 + * sets the crypto_policy_t at location p to use policy
   5.520 + * AES_CM_128_HMAC_SHA1_32 as defined in RFC 4568.
   5.521 + * This policy uses AES-128
   5.522 + * Counter Mode encryption and HMAC-SHA1 authentication, with an
   5.523 + * authentication tag that is only 32 bits long.  This length is
   5.524 + * considered adequate only for protecting audio and video media that
   5.525 + * use a stateless playback function.  See Section 7.5 of RFC 3711
   5.526 + * (http://www.ietf.org/rfc/rfc3711.txt).
   5.527 + *
   5.528 + * This function is a convenience that helps to avoid dealing directly
   5.529 + * with the policy data structure.  You are encouraged to initialize
   5.530 + * policy elements with this function call.  Doing so may allow your
   5.531 + * code to be forward compatible with later versions of libSRTP that
   5.532 + * include more elements in the crypto_policy_t datatype.
   5.533 + *
   5.534 + * @warning This crypto policy is intended for use in SRTP, but not in
   5.535 + * SRTCP.  It is recommended that a policy that uses longer
   5.536 + * authentication tags be used for SRTCP.  See Section 7.5 of RFC 3711
   5.537 + * (http://www.ietf.org/rfc/rfc3711.txt).
   5.538 + *
   5.539 + * @return void.
   5.540 + *
   5.541 + */
   5.542 +
   5.543 +void
   5.544 +crypto_policy_set_aes_cm_128_hmac_sha1_32(crypto_policy_t *p);
   5.545 +
   5.546 +
   5.547 +
   5.548 +/**
   5.549 + * @brief crypto_policy_set_aes_cm_128_null_auth() sets a crypto
   5.550 + * policy structure to an encryption-only policy
   5.551 + *
   5.552 + * @param p is a pointer to the policy structure to be set
   5.553 + *
   5.554 + * The function call crypto_policy_set_aes_cm_128_null_auth(&p) sets
   5.555 + * the crypto_policy_t at location p to use the SRTP default cipher
   5.556 + * (AES-128 Counter Mode), but to use no authentication method.  This
   5.557 + * policy is NOT RECOMMENDED unless it is unavoidable; see Section 7.5
   5.558 + * of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt).
   5.559 + *
   5.560 + * This function is a convenience that helps to avoid dealing directly
   5.561 + * with the policy data structure.  You are encouraged to initialize
   5.562 + * policy elements with this function call.  Doing so may allow your
   5.563 + * code to be forward compatible with later versions of libSRTP that
   5.564 + * include more elements in the crypto_policy_t datatype.
   5.565 + *
   5.566 + * @warning This policy is NOT RECOMMENDED for SRTP unless it is
   5.567 + * unavoidable, and it is NOT RECOMMENDED at all for SRTCP; see
   5.568 + * Section 7.5 of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt).
   5.569 + *
   5.570 + * @return void.
   5.571 + *
   5.572 + */
   5.573 +
   5.574 +void
   5.575 +crypto_policy_set_aes_cm_128_null_auth(crypto_policy_t *p);
   5.576 +
   5.577 +
   5.578 +/**
   5.579 + * @brief crypto_policy_set_null_cipher_hmac_sha1_80() sets a crypto
   5.580 + * policy structure to an authentication-only policy
   5.581 + *
   5.582 + * @param p is a pointer to the policy structure to be set
   5.583 + *
   5.584 + * The function call crypto_policy_set_null_cipher_hmac_sha1_80(&p)
   5.585 + * sets the crypto_policy_t at location p to use HMAC-SHA1 with an 80
   5.586 + * bit authentication tag to provide message authentication, but to
   5.587 + * use no encryption.  This policy is NOT RECOMMENDED for SRTP unless
   5.588 + * there is a requirement to forego encryption.
   5.589 + *
   5.590 + * This function is a convenience that helps to avoid dealing directly
   5.591 + * with the policy data structure.  You are encouraged to initialize
   5.592 + * policy elements with this function call.  Doing so may allow your
   5.593 + * code to be forward compatible with later versions of libSRTP that
   5.594 + * include more elements in the crypto_policy_t datatype.
   5.595 + *
   5.596 + * @warning This policy is NOT RECOMMENDED for SRTP unless there is a
   5.597 + * requirement to forego encryption.
   5.598 + *
   5.599 + * @return void.
   5.600 + *
   5.601 + */
   5.602 +
   5.603 +void
   5.604 +crypto_policy_set_null_cipher_hmac_sha1_80(crypto_policy_t *p);
   5.605 +
   5.606 +
   5.607 +/**
   5.608 + * @brief crypto_policy_set_aes_cm_256_hmac_sha1_80() sets a crypto
   5.609 + * policy structure to a encryption and authentication policy using AES-256
   5.610 + * for RTP protection.
   5.611 + *
   5.612 + * @param p is a pointer to the policy structure to be set
   5.613 + *
   5.614 + * The function call crypto_policy_set_aes_cm_256_hmac_sha1_80(&p)
   5.615 + * sets the crypto_policy_t at location p to use policy
   5.616 + * AES_CM_256_HMAC_SHA1_80 as defined in
   5.617 + * draft-ietf-avt-srtp-big-aes-03.txt.  This policy uses AES-256
   5.618 + * Counter Mode encryption and HMAC-SHA1 authentication, with an 80 bit
   5.619 + * authentication tag.
   5.620 + *
   5.621 + * This function is a convenience that helps to avoid dealing directly
   5.622 + * with the policy data structure.  You are encouraged to initialize
   5.623 + * policy elements with this function call.  Doing so may allow your
   5.624 + * code to be forward compatible with later versions of libSRTP that
   5.625 + * include more elements in the crypto_policy_t datatype.
   5.626 + *
   5.627 + * @return void.
   5.628 + *
   5.629 + */
   5.630 +
   5.631 +void crypto_policy_set_aes_cm_256_hmac_sha1_80(crypto_policy_t *p);
   5.632 +
   5.633 +
   5.634 +/**
   5.635 + * @brief crypto_policy_set_aes_cm_256_hmac_sha1_32() sets a crypto
   5.636 + * policy structure to a short-authentication tag policy using AES-256
   5.637 + * encryption.
   5.638 + *
   5.639 + * @param p is a pointer to the policy structure to be set
   5.640 + *
   5.641 + * The function call crypto_policy_set_aes_cm_256_hmac_sha1_32(&p)
   5.642 + * sets the crypto_policy_t at location p to use policy
   5.643 + * AES_CM_256_HMAC_SHA1_32 as defined in
   5.644 + * draft-ietf-avt-srtp-big-aes-03.txt.  This policy uses AES-256
   5.645 + * Counter Mode encryption and HMAC-SHA1 authentication, with an
   5.646 + * authentication tag that is only 32 bits long.  This length is
   5.647 + * considered adequate only for protecting audio and video media that
   5.648 + * use a stateless playback function.  See Section 7.5 of RFC 3711
   5.649 + * (http://www.ietf.org/rfc/rfc3711.txt).
   5.650 + *
   5.651 + * This function is a convenience that helps to avoid dealing directly
   5.652 + * with the policy data structure.  You are encouraged to initialize
   5.653 + * policy elements with this function call.  Doing so may allow your
   5.654 + * code to be forward compatible with later versions of libSRTP that
   5.655 + * include more elements in the crypto_policy_t datatype.
   5.656 + *
   5.657 + * @warning This crypto policy is intended for use in SRTP, but not in
   5.658 + * SRTCP.  It is recommended that a policy that uses longer
   5.659 + * authentication tags be used for SRTCP.  See Section 7.5 of RFC 3711
   5.660 + * (http://www.ietf.org/rfc/rfc3711.txt).
   5.661 + *
   5.662 + * @return void.
   5.663 + *
   5.664 + */
   5.665 +
   5.666 +void
   5.667 +crypto_policy_set_aes_cm_256_hmac_sha1_32(crypto_policy_t *p);
   5.668 +
   5.669 +
   5.670 +/**
   5.671 + * @brief srtp_dealloc() deallocates storage for an SRTP session
   5.672 + * context.
   5.673 + *
   5.674 + * The function call srtp_dealloc(s) deallocates storage for the
   5.675 + * SRTP session context s.  This function should be called no more
   5.676 + * than one time for each of the contexts allocated by the function
   5.677 + * srtp_create().
   5.678 + *
   5.679 + * @param s is the srtp_t for the session to be deallocated.
   5.680 + *
   5.681 + * @return
   5.682 + *    - err_status_ok             if there no problems.
   5.683 + *    - err_status_dealloc_fail   a memory deallocation failure occured.
   5.684 + */
   5.685 +
   5.686 +err_status_t
   5.687 +srtp_dealloc(srtp_t s);
   5.688 +
   5.689 +
   5.690 +/*
   5.691 + * @brief identifies a particular SRTP profile
   5.692 + *
   5.693 + * An srtp_profile_t enumeration is used to identify a particular SRTP
   5.694 + * profile (that is, a set of algorithms and parameters).  These
   5.695 + * profiles are defined in the DTLS-SRTP draft.
   5.696 + */
   5.697 +
   5.698 +typedef enum {
   5.699 +  srtp_profile_reserved           = 0,
   5.700 +  srtp_profile_aes128_cm_sha1_80  = 1,
   5.701 +  srtp_profile_aes128_cm_sha1_32  = 2,
   5.702 +  srtp_profile_aes256_cm_sha1_80  = 3,
   5.703 +  srtp_profile_aes256_cm_sha1_32  = 4,
   5.704 +  srtp_profile_null_sha1_80       = 5,
   5.705 +  srtp_profile_null_sha1_32       = 6,
   5.706 +} srtp_profile_t;
   5.707 +
   5.708 +
   5.709 +/**
   5.710 + * @brief crypto_policy_set_from_profile_for_rtp() sets a crypto policy
   5.711 + * structure to the appropriate value for RTP based on an srtp_profile_t
   5.712 + *
   5.713 + * @param p is a pointer to the policy structure to be set
   5.714 + *
   5.715 + * The function call crypto_policy_set_rtp_default(&policy, profile)
   5.716 + * sets the crypto_policy_t at location policy to the policy for RTP
   5.717 + * protection, as defined by the srtp_profile_t profile.
   5.718 + *
   5.719 + * This function is a convenience that helps to avoid dealing directly
   5.720 + * with the policy data structure.  You are encouraged to initialize
   5.721 + * policy elements with this function call.  Doing so may allow your
   5.722 + * code to be forward compatible with later versions of libSRTP that
   5.723 + * include more elements in the crypto_policy_t datatype.
   5.724 + *
   5.725 + * @return values
   5.726 + *     - err_status_ok         no problems were encountered
   5.727 + *     - err_status_bad_param  the profile is not supported
   5.728 + *
   5.729 + */
   5.730 +err_status_t
   5.731 +crypto_policy_set_from_profile_for_rtp(crypto_policy_t *policy,
   5.732 +				       srtp_profile_t profile);
   5.733 +
   5.734 +
   5.735 +
   5.736 +
   5.737 +/**
   5.738 + * @brief crypto_policy_set_from_profile_for_rtcp() sets a crypto policy
   5.739 + * structure to the appropriate value for RTCP based on an srtp_profile_t
   5.740 + *
   5.741 + * @param p is a pointer to the policy structure to be set
   5.742 + *
   5.743 + * The function call crypto_policy_set_rtcp_default(&policy, profile)
   5.744 + * sets the crypto_policy_t at location policy to the policy for RTCP
   5.745 + * protection, as defined by the srtp_profile_t profile.
   5.746 + *
   5.747 + * This function is a convenience that helps to avoid dealing directly
   5.748 + * with the policy data structure.  You are encouraged to initialize
   5.749 + * policy elements with this function call.  Doing so may allow your
   5.750 + * code to be forward compatible with later versions of libSRTP that
   5.751 + * include more elements in the crypto_policy_t datatype.
   5.752 + *
   5.753 + * @return values
   5.754 + *     - err_status_ok         no problems were encountered
   5.755 + *     - err_status_bad_param  the profile is not supported
   5.756 + *
   5.757 + */
   5.758 +err_status_t
   5.759 +crypto_policy_set_from_profile_for_rtcp(crypto_policy_t *policy,
   5.760 +				       srtp_profile_t profile);
   5.761 +
   5.762 +/**
   5.763 + * @brief returns the master key length for a given SRTP profile
   5.764 + */
   5.765 +unsigned int
   5.766 +srtp_profile_get_master_key_length(srtp_profile_t profile);
   5.767 +
   5.768 +
   5.769 +/**
   5.770 + * @brief returns the master salt length for a given SRTP profile
   5.771 + */
   5.772 +unsigned int
   5.773 +srtp_profile_get_master_salt_length(srtp_profile_t profile);
   5.774 +
   5.775 +/**
   5.776 + * @brief appends the salt to the key
   5.777 + *
   5.778 + * The function call append_salt_to_key(k, klen, s, slen)
   5.779 + * copies the string s to the location at klen bytes following
   5.780 + * the location k.
   5.781 + *
   5.782 + * @warning There must be at least bytes_in_salt + bytes_in_key bytes
   5.783 + *          available at the location pointed to by key.
   5.784 + *
   5.785 + */
   5.786 +
   5.787 +void
   5.788 +append_salt_to_key(unsigned char *key, unsigned int bytes_in_key,
   5.789 +		   unsigned char *salt, unsigned int bytes_in_salt);
   5.790 +
   5.791 +
   5.792 +
   5.793 +/**
   5.794 + * @}
   5.795 + */
   5.796 +
   5.797 +
   5.798 +
   5.799 +/**
   5.800 + * @defgroup SRTCP Secure RTCP
   5.801 + * @ingroup  SRTP
   5.802 + *
   5.803 + * @brief Secure RTCP functions are used to protect RTCP traffic.
   5.804 + *
   5.805 + * RTCP is the control protocol for RTP.  libSRTP protects RTCP
   5.806 + * traffic in much the same way as it does RTP traffic.  The function
   5.807 + * srtp_protect_rtcp() applies cryptographic protections to outbound
   5.808 + * RTCP packets, and srtp_unprotect_rtcp() verifies the protections on
   5.809 + * inbound RTCP packets.
   5.810 + *
   5.811 + * A note on the naming convention: srtp_protect_rtcp() has an srtp_t
   5.812 + * as its first argument, and thus has `srtp_' as its prefix.  The
   5.813 + * trailing `_rtcp' indicates the protocol on which it acts.
   5.814 + *
   5.815 + * @{
   5.816 + */
   5.817 +
   5.818 +/**
   5.819 + * @brief srtp_protect_rtcp() is the Secure RTCP sender-side packet
   5.820 + * processing function.
   5.821 + *
   5.822 + * The function call srtp_protect_rtcp(ctx, rtp_hdr, len_ptr) applies
   5.823 + * SRTCP protection to the RTCP packet rtcp_hdr (which has length
   5.824 + * *len_ptr) using the SRTP session context ctx.  If err_status_ok is
   5.825 + * returned, then rtp_hdr points to the resulting SRTCP packet and
   5.826 + * *len_ptr is the number of octets in that packet; otherwise, no
   5.827 + * assumptions should be made about the value of either data elements.
   5.828 + *
   5.829 + * @warning This function assumes that it can write the authentication
   5.830 + * tag into the location in memory immediately following the RTCP
   5.831 + * packet, and assumes that the RTCP packet is aligned on a 32-bit
   5.832 + * boundary.
   5.833 + *
   5.834 + * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN+4
   5.835 + * into the location in memory immediately following the RTCP packet.
   5.836 + * Callers MUST ensure that this much writable memory is available in
   5.837 + * the buffer that holds the RTCP packet.
   5.838 + *
   5.839 + * @param ctx is the SRTP context to use in processing the packet.
   5.840 + *
   5.841 + * @param rtcp_hdr is a pointer to the RTCP packet (before the call); after
   5.842 + * the function returns, it points to the srtp packet.
   5.843 + *
   5.844 + * @param pkt_octet_len is a pointer to the length in octets of the
   5.845 + * complete RTCP packet (header and body) before the function call,
   5.846 + * and of the complete SRTCP packet after the call, if err_status_ok
   5.847 + * was returned.  Otherwise, the value of the data to which it points
   5.848 + * is undefined.
   5.849 + *
   5.850 + * @return
   5.851 + *    - err_status_ok            if there were no problems.
   5.852 + *    - [other]                  if there was a failure in
   5.853 + *                               the cryptographic mechanisms.
   5.854 + */
   5.855 +
   5.856 +
   5.857 +err_status_t
   5.858 +srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len);
   5.859 +
   5.860 +/**
   5.861 + * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet
   5.862 + * processing function.
   5.863 + *
   5.864 + * The function call srtp_unprotect_rtcp(ctx, srtp_hdr, len_ptr)
   5.865 + * verifies the Secure RTCP protection of the SRTCP packet pointed to
   5.866 + * by srtcp_hdr (which has length *len_ptr), using the SRTP session
   5.867 + * context ctx.  If err_status_ok is returned, then srtcp_hdr points
   5.868 + * to the resulting RTCP packet and *len_ptr is the number of octets
   5.869 + * in that packet; otherwise, no assumptions should be made about the
   5.870 + * value of either data elements.
   5.871 + *
   5.872 + * @warning This function assumes that the SRTCP packet is aligned on a
   5.873 + * 32-bit boundary.
   5.874 + *
   5.875 + * @param ctx is a pointer to the srtp_t which applies to the
   5.876 + * particular packet.
   5.877 + *
   5.878 + * @param srtcp_hdr is a pointer to the header of the SRTCP packet
   5.879 + * (before the call).  After the function returns, it points to the
   5.880 + * rtp packet if err_status_ok was returned; otherwise, the value of
   5.881 + * the data to which it points is undefined.
   5.882 + *
   5.883 + * @param pkt_octet_len is a pointer to the length in octets of the
   5.884 + * complete SRTCP packet (header and body) before the function call,
   5.885 + * and of the complete rtp packet after the call, if err_status_ok was
   5.886 + * returned.  Otherwise, the value of the data to which it points is
   5.887 + * undefined.
   5.888 + *
   5.889 + * @return
   5.890 + *    - err_status_ok          if the RTCP packet is valid.
   5.891 + *    - err_status_auth_fail   if the SRTCP packet failed the message
   5.892 + *                             authentication check.
   5.893 + *    - err_status_replay_fail if the SRTCP packet is a replay (e.g. has
   5.894 + *                             already been processed and accepted).
   5.895 + *    - [other]  if there has been an error in the cryptographic mechanisms.
   5.896 + *
   5.897 + */
   5.898 +
   5.899 +err_status_t
   5.900 +srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len);
   5.901 +
   5.902 +/**
   5.903 + * @}
   5.904 + */
   5.905 +
   5.906 +/**
   5.907 + * @defgroup SRTPevents SRTP events and callbacks
   5.908 + * @ingroup  SRTP
   5.909 + *
   5.910 + * @brief libSRTP can use a user-provided callback function to
   5.911 + * handle events.
   5.912 + *
   5.913 + *
   5.914 + * libSRTP allows a user to provide a callback function to handle
   5.915 + * events that need to be dealt with outside of the data plane (see
   5.916 + * the enum srtp_event_t for a description of these events).  Dealing
   5.917 + * with these events is not a strict necessity; they are not
   5.918 + * security-critical, but the application may suffer if they are not
   5.919 + * handled.  The function srtp_set_event_handler() is used to provide
   5.920 + * the callback function.
   5.921 + *
   5.922 + * A default event handler that merely reports on the events as they
   5.923 + * happen is included.  It is also possible to set the event handler
   5.924 + * function to NULL, in which case all events will just be silently
   5.925 + * ignored.
   5.926 + *
   5.927 + * @{
   5.928 + */
   5.929 +
   5.930 +/**
   5.931 + * @brief srtp_event_t defines events that need to be handled
   5.932 + *
   5.933 + * The enum srtp_event_t defines events that need to be handled
   5.934 + * outside the `data plane', such as SSRC collisions and
   5.935 + * key expirations.
   5.936 + *
   5.937 + * When a key expires or the maximum number of packets has been
   5.938 + * reached, an SRTP stream will enter an `expired' state in which no
   5.939 + * more packets can be protected or unprotected.  When this happens,
   5.940 + * it is likely that you will want to either deallocate the stream
   5.941 + * (using srtp_stream_dealloc()), and possibly allocate a new one.
   5.942 + *
   5.943 + * When an SRTP stream expires, the other streams in the same session
   5.944 + * are unaffected, unless key sharing is used by that stream.  In the
   5.945 + * latter case, all of the streams in the session will expire.
   5.946 + */
   5.947 +
   5.948 +typedef enum {
   5.949 +  event_ssrc_collision,    /**<
   5.950 +			    * An SSRC collision occured.
   5.951 +			    */
   5.952 +  event_key_soft_limit,    /**< An SRTP stream reached the soft key
   5.953 +			    *   usage limit and will expire soon.
   5.954 +			    */
   5.955 +  event_key_hard_limit,    /**< An SRTP stream reached the hard
   5.956 +			    *   key usage limit and has expired.
   5.957 +			    */
   5.958 +  event_packet_index_limit /**< An SRTP stream reached the hard
   5.959 +			    * packet limit (2^48 packets).
   5.960 +			    */
   5.961 +} srtp_event_t;
   5.962 +
   5.963 +/**
   5.964 + * @brief srtp_event_data_t is the structure passed as a callback to
   5.965 + * the event handler function
   5.966 + *
   5.967 + * The struct srtp_event_data_t holds the data passed to the event
   5.968 + * handler function.
   5.969 + */
   5.970 +
   5.971 +typedef struct srtp_event_data_t {
   5.972 +  srtp_t        session;  /**< The session in which the event happend. */
   5.973 +  srtp_stream_t stream;   /**< The stream in which the event happend.  */
   5.974 +  srtp_event_t  event;    /**< An enum indicating the type of event.   */
   5.975 +} srtp_event_data_t;
   5.976 +
   5.977 +/**
   5.978 + * @brief srtp_event_handler_func_t is the function prototype for
   5.979 + * the event handler.
   5.980 + *
   5.981 + * The typedef srtp_event_handler_func_t is the prototype for the
   5.982 + * event handler function.  It has as its only argument an
   5.983 + * srtp_event_data_t which describes the event that needs to be handled.
   5.984 + * There can only be a single, global handler for all events in
   5.985 + * libSRTP.
   5.986 + */
   5.987 +
   5.988 +typedef void (srtp_event_handler_func_t)(srtp_event_data_t *data);
   5.989 +
   5.990 +/**
   5.991 + * @brief sets the event handler to the function supplied by the caller.
   5.992 + *
   5.993 + * The function call srtp_install_event_handler(func) sets the event
   5.994 + * handler function to the value func.  The value NULL is acceptable
   5.995 + * as an argument; in this case, events will be ignored rather than
   5.996 + * handled.
   5.997 + *
   5.998 + * @param func is a pointer to a fuction that takes an srtp_event_data_t
   5.999 + *             pointer as an argument and returns void.  This function
  5.1000 + *             will be used by libSRTP to handle events.
  5.1001 + */
  5.1002 +
  5.1003 +err_status_t
  5.1004 +srtp_install_event_handler(srtp_event_handler_func_t func);
  5.1005 +
  5.1006 +/**
  5.1007 + * @}
  5.1008 + */
  5.1009 +/* in host order, so outside the #if */
  5.1010 +#define SRTCP_E_BIT      0x80000000
  5.1011 +/* for byte-access */
  5.1012 +#define SRTCP_E_BYTE_BIT 0x80
  5.1013 +#define SRTCP_INDEX_MASK 0x7fffffff
  5.1014 +
  5.1015 +#ifdef __cplusplus
  5.1016 +}
  5.1017 +#endif
  5.1018 +
  5.1019 +#endif /* SRTP_H */
     6.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     6.2 +++ b/include/srtp/srtp/ekt.h	Wed Dec 25 20:32:47 2013 -0500
     6.3 @@ -0,0 +1,201 @@
     6.4 +/*
     6.5 + * ekt.h
     6.6 + *
     6.7 + * interface to Encrypted Key Transport for SRTP
     6.8 + *
     6.9 + * David McGrew
    6.10 + * Cisco Systems, Inc.
    6.11 + */
    6.12 +/*
    6.13 + *	
    6.14 + * Copyright (c) 2001-2005 Cisco Systems, Inc.
    6.15 + * All rights reserved.
    6.16 + * 
    6.17 + * Redistribution and use in source and binary forms, with or without
    6.18 + * modification, are permitted provided that the following conditions
    6.19 + * are met:
    6.20 + * 
    6.21 + *   Redistributions of source code must retain the above copyright
    6.22 + *   notice, this list of conditions and the following disclaimer.
    6.23 + * 
    6.24 + *   Redistributions in binary form must reproduce the above
    6.25 + *   copyright notice, this list of conditions and the following
    6.26 + *   disclaimer in the documentation and/or other materials provided
    6.27 + *   with the distribution.
    6.28 + * 
    6.29 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
    6.30 + *   contributors may be used to endorse or promote products derived
    6.31 + *   from this software without specific prior written permission.
    6.32 + * 
    6.33 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    6.34 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    6.35 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
    6.36 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    6.37 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
    6.38 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    6.39 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
    6.40 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    6.41 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    6.42 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    6.43 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    6.44 + * OF THE POSSIBILITY OF SUCH DAMAGE.
    6.45 + *
    6.46 + */
    6.47 +
    6.48 +
    6.49 +
    6.50 +/*
    6.51 + * EKT implementation strategy 
    6.52 + * 
    6.53 + * use stream_template approach
    6.54 + *
    6.55 + * in srtp_unprotect, when a new stream appears, check if template has
    6.56 + * EKT defined, and if it does, then apply EKT processing 
    6.57 + *
    6.58 + * question: will we want to allow key-sharing templates in addition
    6.59 + * to EKT templates?  could define a new ssrc_type_t that's associated
    6.60 + * with an EKT, e.g.  ssrc_any_ekt.
    6.61 + *
    6.62 + *
    6.63 + */
    6.64 +
    6.65 +#ifndef EKT_H
    6.66 +#define EKT_H
    6.67 +
    6.68 +#ifdef __cplusplus
    6.69 +extern "C" {
    6.70 +#endif
    6.71 +
    6.72 +#include "srtp_priv.h"
    6.73 +
    6.74 +#define EKT_CIPHER_DEFAULT           1
    6.75 +#define EKT_CIPHER_AES_128_ECB       1
    6.76 +#define EKT_CIPHER_AES_192_KEY_WRAP  2
    6.77 +#define EKT_CIPHER_AES_256_KEY_WRAP  3
    6.78 +
    6.79 +typedef uint16_t ekt_spi_t;
    6.80 +
    6.81 +
    6.82 +unsigned
    6.83 +ekt_octets_after_base_tag(ekt_stream_t ekt);
    6.84 +
    6.85 +/*
    6.86 + * an srtp_policy_t structure can contain a pointer to an
    6.87 + * ekt_policy_t structure
    6.88 + *
    6.89 + * this structure holds all of the high level EKT information, and it
    6.90 + * is passed into libsrtp to indicate what policy should be in effect
    6.91 + */
    6.92 +
    6.93 +typedef struct ekt_policy_ctx_t {
    6.94 +  ekt_spi_t  spi;     /* security parameter index */
    6.95 +  uint8_t    ekt_cipher_type;
    6.96 +  uint8_t   *ekt_key;
    6.97 +  struct ekt_policy_ctx_t *next_ekt_policy;
    6.98 +} ekt_policy_ctx_t;
    6.99 +
   6.100 +
   6.101 +/*
   6.102 + * an ekt_data_t structure holds the data corresponding to an ekt key,
   6.103 + * spi, and so on
   6.104 + */
   6.105 +
   6.106 +typedef struct ekt_data_t {
   6.107 +  ekt_spi_t spi;
   6.108 +  uint8_t ekt_cipher_type;
   6.109 +  aes_expanded_key_t ekt_enc_key;
   6.110 +  aes_expanded_key_t ekt_dec_key;
   6.111 +  struct ekt_data_t *next_ekt_data;
   6.112 +} ekt_data_t;
   6.113 +
   6.114 +/*
   6.115 + * an srtp_stream_ctx_t can contain an ekt_stream_ctx_t
   6.116 + *
   6.117 + * an ekt_stream_ctx_t structure holds all of the EKT information for
   6.118 + * a specific SRTP stream
   6.119 + */
   6.120 +
   6.121 +typedef struct ekt_stream_ctx_t {
   6.122 +  ekt_data_t *data;    
   6.123 +  uint16_t    isn;     /* initial sequence number  */
   6.124 +  uint8_t     encrypted_master_key[SRTP_MAX_KEY_LEN];
   6.125 +} ekt_stream_ctx_t;
   6.126 +
   6.127 +
   6.128 +
   6.129 +err_status_t 
   6.130 +ekt_alloc(ekt_stream_t *stream_data, ekt_policy_t policy);
   6.131 +
   6.132 +err_status_t
   6.133 +ekt_stream_init(ekt_stream_t e, 
   6.134 +		ekt_spi_t spi,
   6.135 +		void *ekt_key,
   6.136 +		unsigned ekt_cipher_type);
   6.137 +
   6.138 +err_status_t
   6.139 +ekt_stream_init_from_policy(ekt_stream_t e, ekt_policy_t p);
   6.140 +  
   6.141 +
   6.142 +
   6.143 +err_status_t
   6.144 +srtp_stream_init_from_ekt(srtp_stream_t stream,			  
   6.145 +			  const void *srtcp_hdr,
   6.146 +			  unsigned pkt_octet_len);
   6.147 +		
   6.148 +
   6.149 +void
   6.150 +ekt_write_data(ekt_stream_t ekt,
   6.151 +	       uint8_t *base_tag, 
   6.152 +	       unsigned base_tag_len, 
   6.153 +	       int *packet_len,
   6.154 +	       xtd_seq_num_t pkt_index);		
   6.155 +
   6.156 +/*
   6.157 + * We handle EKT by performing some additional steps before
   6.158 + * authentication (copying the auth tag into a temporary location,
   6.159 + * zeroizing the "base tag" field in the packet)
   6.160 + *
   6.161 + * With EKT, the tag_len parameter is actually the base tag
   6.162 + * length
   6.163 + */
   6.164 +
   6.165 +err_status_t
   6.166 +ekt_tag_verification_preproces(uint8_t *pkt_tag, 
   6.167 +			       uint8_t *pkt_tag_copy, 
   6.168 +			       unsigned tag_len);
   6.169 +
   6.170 +err_status_t
   6.171 +ekt_tag_verification_postproces(uint8_t *pkt_tag,
   6.172 +				uint8_t *pkt_tag_copy,
   6.173 +				unsigned tag_len);
   6.174 +
   6.175 +
   6.176 +/*
   6.177 + * @brief EKT pre-processing for srtcp tag generation
   6.178 + *
   6.179 + * This function does the pre-processing of the SRTCP authentication
   6.180 + * tag format.  When EKT is used, it consists of writing the Encrypted
   6.181 + * Master Key, the SRTP ROC, the Initial Sequence Number, and SPI
   6.182 + * fields.  The Base Authentication Tag field is set to the all-zero
   6.183 + * value
   6.184 + * 
   6.185 + * When EKT is not used, this function is a no-op.
   6.186 + * 
   6.187 + */
   6.188 +
   6.189 +err_status_t
   6.190 +srtp_stream_srtcp_auth_tag_generation_preprocess(const srtp_stream_t *s,
   6.191 +						 uint8_t *pkt_tag,
   6.192 +						 unsigned pkt_octet_len);
   6.193 +
   6.194 +/* it's not clear that a tag_generation_postprocess function is needed */
   6.195 +
   6.196 +err_status_t
   6.197 +srtcp_auth_tag_generation_postprocess(void);
   6.198 +
   6.199 +
   6.200 +#ifdef __cplusplus
   6.201 +}
   6.202 +#endif
   6.203 +
   6.204 +#endif /* EKT_H */
     7.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     7.2 +++ b/include/srtp/srtp/getopt_s.h	Wed Dec 25 20:32:47 2013 -0500
     7.3 @@ -0,0 +1,60 @@
     7.4 +/*
     7.5 + * getopt.h
     7.6 + *
     7.7 + * interface to a minimal implementation of the getopt() function,
     7.8 + * written so that test applications that use that function can run on
     7.9 + * non-POSIX platforms
    7.10 + *
    7.11 + */
    7.12 +/*
    7.13 + *	
    7.14 + * Copyright (c) 2001-2006 Cisco Systems, Inc.
    7.15 + * All rights reserved.
    7.16 + * 
    7.17 + * Redistribution and use in source and binary forms, with or without
    7.18 + * modification, are permitted provided that the following conditions
    7.19 + * are met:
    7.20 + * 
    7.21 + *   Redistributions of source code must retain the above copyright
    7.22 + *   notice, this list of conditions and the following disclaimer.
    7.23 + * 
    7.24 + *   Redistributions in binary form must reproduce the above
    7.25 + *   copyright notice, this list of conditions and the following
    7.26 + *   disclaimer in the documentation and/or other materials provided
    7.27 + *   with the distribution.
    7.28 + * 
    7.29 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
    7.30 + *   contributors may be used to endorse or promote products derived
    7.31 + *   from this software without specific prior written permission.
    7.32 + * 
    7.33 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    7.34 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    7.35 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
    7.36 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    7.37 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
    7.38 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    7.39 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
    7.40 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    7.41 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    7.42 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    7.43 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    7.44 + * OF THE POSSIBILITY OF SUCH DAMAGE.
    7.45 + *
    7.46 + */
    7.47 +
    7.48 +#ifndef GETOPT_S_H
    7.49 +#define GETOPT_S_H
    7.50 +
    7.51 +/* 
    7.52 + * getopt_s(), optarg_s, and optind_s are small, locally defined
    7.53 + * versions of the POSIX standard getopt() interface.
    7.54 + */
    7.55 + 
    7.56 +int
    7.57 +getopt_s(int argc, char * const argv[], const char *optstring);
    7.58 +
    7.59 +extern char *optarg_s;    /* defined in getopt.c */
    7.60 +
    7.61 +extern int optind_s;      /* defined in getopt.c */
    7.62 +
    7.63 +#endif /* GETOPT_S_H */
     8.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     8.2 +++ b/include/srtp/srtp/rtp.h	Wed Dec 25 20:32:47 2013 -0500
     8.3 @@ -0,0 +1,139 @@
     8.4 +/*
     8.5 + * rtp.h
     8.6 + * 
     8.7 + * rtp interface for srtp reference implementation
     8.8 + *
     8.9 + * David A. McGrew
    8.10 + * Cisco Systems, Inc.
    8.11 + *
    8.12 + * data types:
    8.13 + *
    8.14 + * rtp_msg_t       an rtp message (the data that goes on the wire)
    8.15 + * rtp_sender_t    sender side socket and rtp info
    8.16 + * rtp_receiver_t  receiver side socket and rtp info
    8.17 + *
    8.18 + */
    8.19 +
    8.20 +/*
    8.21 + *	
    8.22 + * Copyright (c) 2001-2006, Cisco Systems, Inc.
    8.23 + * All rights reserved.
    8.24 + * 
    8.25 + * Redistribution and use in source and binary forms, with or without
    8.26 + * modification, are permitted provided that the following conditions
    8.27 + * are met:
    8.28 + * 
    8.29 + *   Redistributions of source code must retain the above copyright
    8.30 + *   notice, this list of conditions and the following disclaimer.
    8.31 + * 
    8.32 + *   Redistributions in binary form must reproduce the above
    8.33 + *   copyright notice, this list of conditions and the following
    8.34 + *   disclaimer in the documentation and/or other materials provided
    8.35 + *   with the distribution.
    8.36 + * 
    8.37 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
    8.38 + *   contributors may be used to endorse or promote products derived
    8.39 + *   from this software without specific prior written permission.
    8.40 + * 
    8.41 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    8.42 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    8.43 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
    8.44 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    8.45 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
    8.46 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    8.47 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
    8.48 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    8.49 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    8.50 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    8.51 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    8.52 + * OF THE POSSIBILITY OF SUCH DAMAGE.
    8.53 + *
    8.54 + */
    8.55 +
    8.56 +
    8.57 +#ifndef RTP_H
    8.58 +#define RTP_H
    8.59 +
    8.60 +#ifdef HAVE_NETINET_IN_H
    8.61 +# include <netinet/in.h>
    8.62 +#elif defined HAVE_WINSOCK2_H
    8.63 +# include <winsock2.h>
    8.64 +#endif
    8.65 +
    8.66 +#include "srtp.h"
    8.67 +
    8.68 +typedef struct rtp_sender_ctx_t *rtp_sender_t;
    8.69 +
    8.70 +typedef struct rtp_receiver_ctx_t *rtp_receiver_t;
    8.71 +
    8.72 +int
    8.73 +rtp_sendto(rtp_sender_t sender, const void* msg, int len);
    8.74 +
    8.75 +int
    8.76 +rtp_recvfrom(rtp_receiver_t receiver, void *msg, int *len);
    8.77 +
    8.78 +int
    8.79 +rtp_receiver_init(rtp_receiver_t rcvr, int sock, 
    8.80 +		  struct sockaddr_in addr, unsigned int ssrc);
    8.81 +
    8.82 +int
    8.83 +rtp_sender_init(rtp_sender_t sender, int sock, 
    8.84 +		struct sockaddr_in addr, unsigned int ssrc);
    8.85 +
    8.86 +/*
    8.87 + * srtp_sender_init(...) initializes an rtp_sender_t
    8.88 + */
    8.89 +
    8.90 +int
    8.91 +srtp_sender_init(rtp_sender_t rtp_ctx,          /* structure to be init'ed */
    8.92 +		 struct sockaddr_in name,       /* socket name             */
    8.93 +		 sec_serv_t security_services,  /* sec. servs. to be used  */
    8.94 +		 unsigned char *input_key       /* master key/salt in hex  */
    8.95 +		 );
    8.96 +
    8.97 +int
    8.98 +srtp_receiver_init(rtp_receiver_t rtp_ctx,       /* structure to be init'ed */
    8.99 +		   struct sockaddr_in name, 	 /* socket name             */
   8.100 +		   sec_serv_t security_services, /* sec. servs. to be used  */
   8.101 +		   unsigned char *input_key	 /* master key/salt in hex  */
   8.102 +		   );
   8.103 +
   8.104 +
   8.105 +int
   8.106 +rtp_sender_init_srtp(rtp_sender_t sender, const srtp_policy_t *policy);
   8.107 +
   8.108 +int
   8.109 +rtp_sender_deinit_srtp(rtp_sender_t sender);
   8.110 +
   8.111 +int
   8.112 +rtp_receiver_init_srtp(rtp_receiver_t sender, const srtp_policy_t *policy);
   8.113 +
   8.114 +int
   8.115 +rtp_receiver_deinit_srtp(rtp_receiver_t sender);
   8.116 +
   8.117 +
   8.118 +rtp_sender_t 
   8.119 +rtp_sender_alloc(void);
   8.120 +
   8.121 +void
   8.122 +rtp_sender_dealloc(rtp_sender_t rtp_ctx);
   8.123 +
   8.124 +rtp_receiver_t 
   8.125 +rtp_receiver_alloc(void);
   8.126 +
   8.127 +void
   8.128 +rtp_receiver_dealloc(rtp_receiver_t rtp_ctx);
   8.129 +
   8.130 +
   8.131 +/*
   8.132 + * RTP_HEADER_LEN indicates the size of an RTP header
   8.133 + */
   8.134 +#define RTP_HEADER_LEN   12
   8.135 +
   8.136 +/* 
   8.137 + * RTP_MAX_BUF_LEN defines the largest RTP packet in the rtp.c implementation
   8.138 + */
   8.139 +#define RTP_MAX_BUF_LEN  16384
   8.140 +
   8.141 +
   8.142 +#endif /* RTP_H */
     9.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     9.2 +++ b/include/srtp/srtp/rtp_priv.h	Wed Dec 25 20:32:47 2013 -0500
     9.3 @@ -0,0 +1,74 @@
     9.4 +/*
     9.5 + * rtp_priv.h
     9.6 + *
     9.7 + * private, internal header file for RTP
     9.8 + *
     9.9 + * David A. McGrew
    9.10 + * Cisco Systems, Inc.
    9.11 + */
    9.12 +/*
    9.13 + *	
    9.14 + * Copyright (c) 2001-2006 Cisco Systems, Inc.
    9.15 + * All rights reserved.
    9.16 + * 
    9.17 + * Redistribution and use in source and binary forms, with or without
    9.18 + * modification, are permitted provided that the following conditions
    9.19 + * are met:
    9.20 + * 
    9.21 + *   Redistributions of source code must retain the above copyright
    9.22 + *   notice, this list of conditions and the following disclaimer.
    9.23 + * 
    9.24 + *   Redistributions in binary form must reproduce the above
    9.25 + *   copyright notice, this list of conditions and the following
    9.26 + *   disclaimer in the documentation and/or other materials provided
    9.27 + *   with the distribution.
    9.28 + * 
    9.29 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
    9.30 + *   contributors may be used to endorse or promote products derived
    9.31 + *   from this software without specific prior written permission.
    9.32 + * 
    9.33 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
    9.34 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
    9.35 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
    9.36 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
    9.37 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
    9.38 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
    9.39 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
    9.40 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
    9.41 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
    9.42 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
    9.43 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
    9.44 + * OF THE POSSIBILITY OF SUCH DAMAGE.
    9.45 + *
    9.46 + */
    9.47 +
    9.48 +
    9.49 +#ifndef RTP_PRIV_H
    9.50 +#define RTP_PRIV_H
    9.51 +
    9.52 +#include "srtp_priv.h"
    9.53 +#include "rtp.h"
    9.54 +
    9.55 +typedef srtp_hdr_t rtp_hdr_t;
    9.56 +
    9.57 +typedef struct {
    9.58 +  srtp_hdr_t header;        
    9.59 +  char body[RTP_MAX_BUF_LEN];  
    9.60 +} rtp_msg_t;
    9.61 +
    9.62 +typedef struct rtp_sender_ctx_t {
    9.63 +  rtp_msg_t message;         
    9.64 +  int socket;
    9.65 +  srtp_ctx_t *srtp_ctx;
    9.66 +  struct sockaddr_in addr;   /* reciever's address */
    9.67 +} rtp_sender_ctx_t;
    9.68 +
    9.69 +typedef struct rtp_receiver_ctx_t {
    9.70 +  rtp_msg_t message;
    9.71 +  int socket;
    9.72 +  srtp_ctx_t *srtp_ctx;
    9.73 +  struct sockaddr_in addr;   /* receiver's address */
    9.74 +} rtp_receiver_ctx_t;
    9.75 +
    9.76 +
    9.77 +#endif /* RTP_PRIV_H */
    10.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    10.2 +++ b/include/srtp/srtp/srtp.h	Wed Dec 25 20:32:47 2013 -0500
    10.3 @@ -0,0 +1,1016 @@
    10.4 +/*
    10.5 + * srtp.h
    10.6 + *
    10.7 + * interface to libsrtp
    10.8 + *
    10.9 + * David A. McGrew
   10.10 + * Cisco Systems, Inc.
   10.11 + */
   10.12 +/*
   10.13 + *
   10.14 + * Copyright (c) 2001-2006, Cisco Systems, Inc.
   10.15 + * All rights reserved.
   10.16 + *
   10.17 + * Redistribution and use in source and binary forms, with or without
   10.18 + * modification, are permitted provided that the following conditions
   10.19 + * are met:
   10.20 + *
   10.21 + *   Redistributions of source code must retain the above copyright
   10.22 + *   notice, this list of conditions and the following disclaimer.
   10.23 + *
   10.24 + *   Redistributions in binary form must reproduce the above
   10.25 + *   copyright notice, this list of conditions and the following
   10.26 + *   disclaimer in the documentation and/or other materials provided
   10.27 + *   with the distribution.
   10.28 + *
   10.29 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
   10.30 + *   contributors may be used to endorse or promote products derived
   10.31 + *   from this software without specific prior written permission.
   10.32 + *
   10.33 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
   10.34 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
   10.35 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
   10.36 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
   10.37 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
   10.38 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
   10.39 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
   10.40 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   10.41 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
   10.42 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
   10.43 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
   10.44 + * OF THE POSSIBILITY OF SUCH DAMAGE.
   10.45 + *
   10.46 + */
   10.47 +
   10.48 +
   10.49 +#ifndef SRTP_H
   10.50 +#define SRTP_H
   10.51 +
   10.52 +#ifdef __cplusplus
   10.53 +extern "C" {
   10.54 +#endif
   10.55 +
   10.56 +#include "crypto_kernel.h"
   10.57 +
   10.58 +/**
   10.59 + * @defgroup SRTP Secure RTP
   10.60 + *
   10.61 + * @brief libSRTP provides functions for protecting RTP and RTCP.  See
   10.62 + * Section @ref Overview for an introduction to the use of the library.
   10.63 + *
   10.64 + * @{
   10.65 + */
   10.66 +
   10.67 +/*
   10.68 + * SRTP_MASTER_KEY_LEN is the nominal master key length supported by libSRTP
   10.69 + */
   10.70 +
   10.71 +#define SRTP_MASTER_KEY_LEN 30
   10.72 +
   10.73 +/*
   10.74 + * SRTP_MAX_KEY_LEN is the maximum key length supported by libSRTP
   10.75 + */
   10.76 +#define SRTP_MAX_KEY_LEN      64
   10.77 +
   10.78 +/*
   10.79 + * SRTP_MAX_TAG_LEN is the maximum tag length supported by libSRTP
   10.80 + */
   10.81 +
   10.82 +#define SRTP_MAX_TAG_LEN 12
   10.83 +
   10.84 +/**
   10.85 + * SRTP_MAX_TRAILER_LEN is the maximum length of the SRTP trailer
   10.86 + * (authentication tag and MKI) supported by libSRTP.  This value is
   10.87 + * the maximum number of octets that will be added to an RTP packet by
   10.88 + * srtp_protect().
   10.89 + *
   10.90 + * @brief the maximum number of octets added by srtp_protect().
   10.91 + */
   10.92 +#define SRTP_MAX_TRAILER_LEN SRTP_MAX_TAG_LEN
   10.93 +
   10.94 +/*
   10.95 + * nota bene: since libSRTP doesn't support the use of the MKI, the
   10.96 + * SRTP_MAX_TRAILER_LEN value is just the maximum tag length
   10.97 + */
   10.98 +
   10.99 +/**
  10.100 + * @brief sec_serv_t describes a set of security services.
  10.101 + *
  10.102 + * A sec_serv_t enumeration is used to describe the particular
  10.103 + * security services that will be applied by a particular crypto
  10.104 + * policy (or other mechanism).
  10.105 + */
  10.106 +
  10.107 +typedef enum {
  10.108 +  sec_serv_none          = 0, /**< no services                        */
  10.109 +  sec_serv_conf          = 1, /**< confidentiality                    */
  10.110 +  sec_serv_auth          = 2, /**< authentication                     */
  10.111 +  sec_serv_conf_and_auth = 3  /**< confidentiality and authentication */
  10.112 +} sec_serv_t;
  10.113 +
  10.114 +/**
  10.115 + * @brief crypto_policy_t describes a particular crypto policy that
  10.116 + * can be applied to an SRTP stream.
  10.117 + *
  10.118 + * A crypto_policy_t describes a particular cryptographic policy that
  10.119 + * can be applied to an SRTP or SRTCP stream.  An SRTP session policy
  10.120 + * consists of a list of these policies, one for each SRTP stream
  10.121 + * in the session.
  10.122 + */
  10.123 +
  10.124 +typedef struct crypto_policy_t {
  10.125 +  cipher_type_id_t cipher_type;    /**< An integer representing
  10.126 +				    *   the type of cipher.  */
  10.127 +  int              cipher_key_len; /**< The length of the cipher key
  10.128 +				    *   in octets.                       */
  10.129 +  auth_type_id_t   auth_type;      /**< An integer representing the
  10.130 +				    *   authentication function.         */
  10.131 +  int              auth_key_len;   /**< The length of the authentication
  10.132 +				    *   function key in octets.          */
  10.133 +  int              auth_tag_len;   /**< The length of the authentication
  10.134 +				    *   tag in octets.                   */
  10.135 +  sec_serv_t       sec_serv;       /**< The flag indicating the security
  10.136 +				    *   services to be applied.          */
  10.137 +} crypto_policy_t;
  10.138 +
  10.139 +
  10.140 +/**
  10.141 + * @brief ssrc_type_t describes the type of an SSRC.
  10.142 + *
  10.143 + * An ssrc_type_t enumeration is used to indicate a type of SSRC.  See
  10.144 + * @ref srtp_policy_t for more informataion.
  10.145 + */
  10.146 +
  10.147 +typedef enum {
  10.148 +  ssrc_undefined    = 0,  /**< Indicates an undefined SSRC type. */
  10.149 +  ssrc_specific     = 1,  /**< Indicates a specific SSRC value   */
  10.150 +  ssrc_any_inbound  = 2, /**< Indicates any inbound SSRC value
  10.151 +			    (i.e. a value that is used in the
  10.152 +			    function srtp_unprotect())              */
  10.153 +  ssrc_any_outbound = 3  /**< Indicates any outbound SSRC value
  10.154 +			    (i.e. a value that is used in the
  10.155 +			    function srtp_protect())		  */
  10.156 +} ssrc_type_t;
  10.157 +
  10.158 +/**
  10.159 + * @brief An ssrc_t represents a particular SSRC value, or a `wildcard' SSRC.
  10.160 + *
  10.161 + * An ssrc_t represents a particular SSRC value (if its type is
  10.162 + * ssrc_specific), or a wildcard SSRC value that will match all
  10.163 + * outbound SSRCs (if its type is ssrc_any_outbound) or all inbound
  10.164 + * SSRCs (if its type is ssrc_any_inbound).
  10.165 + *
  10.166 + */
  10.167 +
  10.168 +typedef struct {
  10.169 +  ssrc_type_t type;   /**< The type of this particular SSRC */
  10.170 +  unsigned int value; /**< The value of this SSRC, if it is not a wildcard */
  10.171 +} ssrc_t;
  10.172 +
  10.173 +
  10.174 +/**
  10.175 + * @brief points to an EKT policy
  10.176 + */
  10.177 +typedef struct ekt_policy_ctx_t *ekt_policy_t;
  10.178 +
  10.179 +
  10.180 +/**
  10.181 + * @brief points to EKT stream data
  10.182 + */
  10.183 +typedef struct ekt_stream_ctx_t *ekt_stream_t;
  10.184 +
  10.185 +
  10.186 +/**
  10.187 + * @brief represents the policy for an SRTP session.
  10.188 + *
  10.189 + * A single srtp_policy_t struct represents the policy for a single
  10.190 + * SRTP stream, and a linked list of these elements represents the
  10.191 + * policy for an entire SRTP session.  Each element contains the SRTP
  10.192 + * and SRTCP crypto policies for that stream, a pointer to the SRTP
  10.193 + * master key for that stream, the SSRC describing that stream, or a
  10.194 + * flag indicating a `wildcard' SSRC value, and a `next' field that
  10.195 + * holds a pointer to the next element in the list of policy elements,
  10.196 + * or NULL if it is the last element.
  10.197 + *
  10.198 + * The wildcard value SSRC_ANY_INBOUND matches any SSRC from an
  10.199 + * inbound stream that for which there is no explicit SSRC entry in
  10.200 + * another policy element.  Similarly, the value SSRC_ANY_OUTBOUND
  10.201 + * will matches any SSRC from an outbound stream that does not appear
  10.202 + * in another policy element.  Note that wildcard SSRCs &b cannot be
  10.203 + * used to match both inbound and outbound traffic.  This restriction
  10.204 + * is intentional, and it allows libSRTP to ensure that no security
  10.205 + * lapses result from accidental re-use of SSRC values during key
  10.206 + * sharing.
  10.207 + *
  10.208 + *
  10.209 + * @warning The final element of the list @b must have its `next' pointer
  10.210 + *          set to NULL.
  10.211 + */
  10.212 +
  10.213 +typedef struct srtp_policy_t {
  10.214 +  ssrc_t        ssrc;        /**< The SSRC value of stream, or the
  10.215 +			      *   flags SSRC_ANY_INBOUND or
  10.216 +			      *   SSRC_ANY_OUTBOUND if key sharing
  10.217 +			      *   is used for this policy element.
  10.218 +			      */
  10.219 +  crypto_policy_t rtp;         /**< SRTP crypto policy.                  */
  10.220 +  crypto_policy_t rtcp;        /**< SRTCP crypto policy.                 */
  10.221 +  unsigned char *key;          /**< Pointer to the SRTP master key for
  10.222 +				*    this stream.                        */
  10.223 +  ekt_policy_t ekt;            /**< Pointer to the EKT policy structure
  10.224 +                                *   for this stream (if any)             */
  10.225 +  unsigned long window_size;   /**< The window size to use for replay
  10.226 +				*   protection. */
  10.227 +  int        allow_repeat_tx;  /**< Whether retransmissions of
  10.228 +				*   packets with the same sequence number
  10.229 +				*   are allowed.  (Note that such repeated
  10.230 +				*   transmissions must have the same RTP
  10.231 +				*   payload, or a severe security weakness
  10.232 +				*   is introduced!)                      */
  10.233 +  struct srtp_policy_t *next;  /**< Pointer to next stream policy.       */
  10.234 +} srtp_policy_t;
  10.235 +
  10.236 +
  10.237 +
  10.238 +
  10.239 +/**
  10.240 + * @brief An srtp_t points to an SRTP session structure.
  10.241 + *
  10.242 + * The typedef srtp_t is a pointer to a structure that represents
  10.243 + * an SRTP session.  This datatype is intentially opaque in
  10.244 + * order to separate the interface from the implementation.
  10.245 + *
  10.246 + * An SRTP session consists of all of the traffic sent to the RTP and
  10.247 + * RTCP destination transport addresses, using the RTP/SAVP (Secure
  10.248 + * Audio/Video Profile).  A session can be viewed as a set of SRTP
  10.249 + * streams, each of which originates with a different participant.
  10.250 + */
  10.251 +
  10.252 +typedef struct srtp_ctx_t *srtp_t;
  10.253 +
  10.254 +
  10.255 +/**
  10.256 + * @brief An srtp_stream_t points to an SRTP stream structure.
  10.257 + *
  10.258 + * The typedef srtp_stream_t is a pointer to a structure that
  10.259 + * represents an SRTP stream.  This datatype is intentionally
  10.260 + * opaque in order to separate the interface from the implementation.
  10.261 + *
  10.262 + * An SRTP stream consists of all of the traffic sent to an SRTP
  10.263 + * session by a single participant.  A session can be viewed as
  10.264 + * a set of streams.
  10.265 + *
  10.266 + */
  10.267 +typedef struct srtp_stream_ctx_t *srtp_stream_t;
  10.268 +
  10.269 +
  10.270 +
  10.271 +/**
  10.272 + * @brief srtp_init() initializes the srtp library.
  10.273 + *
  10.274 + * @warning This function @b must be called before any other srtp
  10.275 + * functions.
  10.276 + */
  10.277 +
  10.278 +err_status_t
  10.279 +srtp_init(void);
  10.280 +
  10.281 +/**
  10.282 + * @brief srtp_shutdown() de-initializes the srtp library.
  10.283 + *
  10.284 + * @warning No srtp functions may be called after calling this function.
  10.285 + */
  10.286 +
  10.287 +err_status_t
  10.288 +srtp_shutdown(void);
  10.289 +
  10.290 +/**
  10.291 + * @brief srtp_protect() is the Secure RTP sender-side packet processing
  10.292 + * function.
  10.293 + *
  10.294 + * The function call srtp_protect(ctx, rtp_hdr, len_ptr) applies SRTP
  10.295 + * protection to the RTP packet rtp_hdr (which has length *len_ptr) using
  10.296 + * the SRTP context ctx.  If err_status_ok is returned, then rtp_hdr
  10.297 + * points to the resulting SRTP packet and *len_ptr is the number of
  10.298 + * octets in that packet; otherwise, no assumptions should be made
  10.299 + * about the value of either data elements.
  10.300 + *
  10.301 + * The sequence numbers of the RTP packets presented to this function
  10.302 + * need not be consecutive, but they @b must be out of order by less
  10.303 + * than 2^15 = 32,768 packets.
  10.304 + *
  10.305 + * @warning This function assumes that it can write the authentication
  10.306 + * tag into the location in memory immediately following the RTP
  10.307 + * packet, and assumes that the RTP packet is aligned on a 32-bit
  10.308 + * boundary.
  10.309 + *
  10.310 + * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN
  10.311 + * into the location in memory immediately following the RTP packet.
  10.312 + * Callers MUST ensure that this much writable memory is available in
  10.313 + * the buffer that holds the RTP packet.
  10.314 + *
  10.315 + * @param ctx is the SRTP context to use in processing the packet.
  10.316 + *
  10.317 + * @param rtp_hdr is a pointer to the RTP packet (before the call); after
  10.318 + * the function returns, it points to the srtp packet.
  10.319 + *
  10.320 + * @param len_ptr is a pointer to the length in octets of the complete
  10.321 + * RTP packet (header and body) before the function call, and of the
  10.322 + * complete SRTP packet after the call, if err_status_ok was returned.
  10.323 + * Otherwise, the value of the data to which it points is undefined.
  10.324 + *
  10.325 + * @return
  10.326 + *    - err_status_ok            no problems
  10.327 + *    - err_status_replay_fail   rtp sequence number was non-increasing
  10.328 + *    - @e other                 failure in cryptographic mechanisms
  10.329 + */
  10.330 +
  10.331 +err_status_t
  10.332 +srtp_protect(srtp_t ctx, void *rtp_hdr, int *len_ptr);
  10.333 +
  10.334 +/**
  10.335 + * @brief srtp_unprotect() is the Secure RTP receiver-side packet
  10.336 + * processing function.
  10.337 + *
  10.338 + * The function call srtp_unprotect(ctx, srtp_hdr, len_ptr) verifies
  10.339 + * the Secure RTP protection of the SRTP packet pointed to by srtp_hdr
  10.340 + * (which has length *len_ptr), using the SRTP context ctx.  If
  10.341 + * err_status_ok is returned, then srtp_hdr points to the resulting
  10.342 + * RTP packet and *len_ptr is the number of octets in that packet;
  10.343 + * otherwise, no assumptions should be made about the value of either
  10.344 + * data elements.
  10.345 + *
  10.346 + * The sequence numbers of the RTP packets presented to this function
  10.347 + * need not be consecutive, but they @b must be out of order by less
  10.348 + * than 2^15 = 32,768 packets.
  10.349 + *
  10.350 + * @warning This function assumes that the SRTP packet is aligned on a
  10.351 + * 32-bit boundary.
  10.352 + *
  10.353 + * @param ctx is a pointer to the srtp_t which applies to the
  10.354 + * particular packet.
  10.355 + *
  10.356 + * @param srtp_hdr is a pointer to the header of the SRTP packet
  10.357 + * (before the call).  after the function returns, it points to the
  10.358 + * rtp packet if err_status_ok was returned; otherwise, the value of
  10.359 + * the data to which it points is undefined.
  10.360 + *
  10.361 + * @param len_ptr is a pointer to the length in octets of the complete
  10.362 + * srtp packet (header and body) before the function call, and of the
  10.363 + * complete rtp packet after the call, if err_status_ok was returned.
  10.364 + * Otherwise, the value of the data to which it points is undefined.
  10.365 + *
  10.366 + * @return
  10.367 + *    - err_status_ok          if the RTP packet is valid.
  10.368 + *    - err_status_auth_fail   if the SRTP packet failed the message
  10.369 + *                             authentication check.
  10.370 + *    - err_status_replay_fail if the SRTP packet is a replay (e.g. packet has
  10.371 + *                             already been processed and accepted).
  10.372 + *    - [other]  if there has been an error in the cryptographic mechanisms.
  10.373 + *
  10.374 + */
  10.375 +
  10.376 +err_status_t
  10.377 +srtp_unprotect(srtp_t ctx, void *srtp_hdr, int *len_ptr);
  10.378 +
  10.379 +
  10.380 +/**
  10.381 + * @brief srtp_create() allocates and initializes an SRTP session.
  10.382 +
  10.383 + * The function call srtp_create(session, policy, key) allocates and
  10.384 + * initializes an SRTP session context, applying the given policy and
  10.385 + * key.
  10.386 + *
  10.387 + * @param session is the SRTP session to which the policy is to be added.
  10.388 + *
  10.389 + * @param policy is the srtp_policy_t struct that describes the policy
  10.390 + * for the session.  The struct may be a single element, or it may be
  10.391 + * the head of a list, in which case each element of the list is
  10.392 + * processed.  It may also be NULL, in which case streams should be added
  10.393 + * later using srtp_add_stream().  The final element of the list @b must
  10.394 + * have its `next' field set to NULL.
  10.395 + *
  10.396 + * @return
  10.397 + *    - err_status_ok           if creation succeded.
  10.398 + *    - err_status_alloc_fail   if allocation failed.
  10.399 + *    - err_status_init_fail    if initialization failed.
  10.400 + */
  10.401 +
  10.402 +err_status_t
  10.403 +srtp_create(srtp_t *session, const srtp_policy_t *policy);
  10.404 +
  10.405 +
  10.406 +/**
  10.407 + * @brief srtp_add_stream() allocates and initializes an SRTP stream
  10.408 + * within a given SRTP session.
  10.409 + *
  10.410 + * The function call srtp_add_stream(session, policy) allocates and
  10.411 + * initializes a new SRTP stream within a given, previously created
  10.412 + * session, applying the policy given as the other argument to that
  10.413 + * stream.
  10.414 + *
  10.415 + * @return values:
  10.416 + *    - err_status_ok           if stream creation succeded.
  10.417 + *    - err_status_alloc_fail   if stream allocation failed
  10.418 + *    - err_status_init_fail    if stream initialization failed.
  10.419 + */
  10.420 +
  10.421 +err_status_t
  10.422 +srtp_add_stream(srtp_t session,
  10.423 +		const srtp_policy_t *policy);
  10.424 +
  10.425 +
  10.426 +/**
  10.427 + * @brief srtp_remove_stream() deallocates an SRTP stream.
  10.428 + *
  10.429 + * The function call srtp_remove_stream(session, ssrc) removes
  10.430 + * the SRTP stream with the SSRC value ssrc from the SRTP session
  10.431 + * context given by the argument session.
  10.432 + *
  10.433 + * @param session is the SRTP session from which the stream
  10.434 + *        will be removed.
  10.435 + *
  10.436 + * @param ssrc is the SSRC value of the stream to be removed.
  10.437 + *
  10.438 + * @warning Wildcard SSRC values cannot be removed from a
  10.439 + *          session.
  10.440 + *
  10.441 + * @return
  10.442 + *    - err_status_ok     if the stream deallocation succeded.
  10.443 + *    - [other]           otherwise.
  10.444 + *
  10.445 + */
  10.446 +
  10.447 +err_status_t
  10.448 +srtp_remove_stream(srtp_t session, unsigned int ssrc);
  10.449 +
  10.450 +/**
  10.451 + * @brief crypto_policy_set_rtp_default() sets a crypto policy
  10.452 + * structure to the SRTP default policy for RTP protection.
  10.453 + *
  10.454 + * @param p is a pointer to the policy structure to be set
  10.455 + *
  10.456 + * The function call crypto_policy_set_rtp_default(&p) sets the
  10.457 + * crypto_policy_t at location p to the SRTP default policy for RTP
  10.458 + * protection, as defined in the specification.  This function is a
  10.459 + * convenience that helps to avoid dealing directly with the policy
  10.460 + * data structure.  You are encouraged to initialize policy elements
  10.461 + * with this function call.  Doing so may allow your code to be
  10.462 + * forward compatible with later versions of libSRTP that include more
  10.463 + * elements in the crypto_policy_t datatype.
  10.464 + *
  10.465 + * @return void.
  10.466 + *
  10.467 + */
  10.468 +
  10.469 +void
  10.470 +crypto_policy_set_rtp_default(crypto_policy_t *p);
  10.471 +
  10.472 +/**
  10.473 + * @brief crypto_policy_set_rtcp_default() sets a crypto policy
  10.474 + * structure to the SRTP default policy for RTCP protection.
  10.475 + *
  10.476 + * @param p is a pointer to the policy structure to be set
  10.477 + *
  10.478 + * The function call crypto_policy_set_rtcp_default(&p) sets the
  10.479 + * crypto_policy_t at location p to the SRTP default policy for RTCP
  10.480 + * protection, as defined in the specification.  This function is a
  10.481 + * convenience that helps to avoid dealing directly with the policy
  10.482 + * data structure.  You are encouraged to initialize policy elements
  10.483 + * with this function call.  Doing so may allow your code to be
  10.484 + * forward compatible with later versions of libSRTP that include more
  10.485 + * elements in the crypto_policy_t datatype.
  10.486 + *
  10.487 + * @return void.
  10.488 + *
  10.489 + */
  10.490 +
  10.491 +void
  10.492 +crypto_policy_set_rtcp_default(crypto_policy_t *p);
  10.493 +
  10.494 +/**
  10.495 + * @brief crypto_policy_set_aes_cm_128_hmac_sha1_80() sets a crypto
  10.496 + * policy structure to the SRTP default policy for RTP protection.
  10.497 + *
  10.498 + * @param p is a pointer to the policy structure to be set
  10.499 + *
  10.500 + * The function crypto_policy_set_aes_cm_128_hmac_sha1_80() is a
  10.501 + * synonym for crypto_policy_set_rtp_default().  It conforms to the
  10.502 + * naming convention used in RFC 4568 (SDP Security Descriptions for
  10.503 + * Media Streams).
  10.504 + *
  10.505 + * @return void.
  10.506 + *
  10.507 + */
  10.508 +
  10.509 +#define crypto_policy_set_aes_cm_128_hmac_sha1_80(p) crypto_policy_set_rtp_default(p)
  10.510 +
  10.511 +
  10.512 +/**
  10.513 + * @brief crypto_policy_set_aes_cm_128_hmac_sha1_32() sets a crypto
  10.514 + * policy structure to a short-authentication tag policy
  10.515 + *
  10.516 + * @param p is a pointer to the policy structure to be set
  10.517 + *
  10.518 + * The function call crypto_policy_set_aes_cm_128_hmac_sha1_32(&p)
  10.519 + * sets the crypto_policy_t at location p to use policy
  10.520 + * AES_CM_128_HMAC_SHA1_32 as defined in RFC 4568.
  10.521 + * This policy uses AES-128
  10.522 + * Counter Mode encryption and HMAC-SHA1 authentication, with an
  10.523 + * authentication tag that is only 32 bits long.  This length is
  10.524 + * considered adequate only for protecting audio and video media that
  10.525 + * use a stateless playback function.  See Section 7.5 of RFC 3711
  10.526 + * (http://www.ietf.org/rfc/rfc3711.txt).
  10.527 + *
  10.528 + * This function is a convenience that helps to avoid dealing directly
  10.529 + * with the policy data structure.  You are encouraged to initialize
  10.530 + * policy elements with this function call.  Doing so may allow your
  10.531 + * code to be forward compatible with later versions of libSRTP that
  10.532 + * include more elements in the crypto_policy_t datatype.
  10.533 + *
  10.534 + * @warning This crypto policy is intended for use in SRTP, but not in
  10.535 + * SRTCP.  It is recommended that a policy that uses longer
  10.536 + * authentication tags be used for SRTCP.  See Section 7.5 of RFC 3711
  10.537 + * (http://www.ietf.org/rfc/rfc3711.txt).
  10.538 + *
  10.539 + * @return void.
  10.540 + *
  10.541 + */
  10.542 +
  10.543 +void
  10.544 +crypto_policy_set_aes_cm_128_hmac_sha1_32(crypto_policy_t *p);
  10.545 +
  10.546 +
  10.547 +
  10.548 +/**
  10.549 + * @brief crypto_policy_set_aes_cm_128_null_auth() sets a crypto
  10.550 + * policy structure to an encryption-only policy
  10.551 + *
  10.552 + * @param p is a pointer to the policy structure to be set
  10.553 + *
  10.554 + * The function call crypto_policy_set_aes_cm_128_null_auth(&p) sets
  10.555 + * the crypto_policy_t at location p to use the SRTP default cipher
  10.556 + * (AES-128 Counter Mode), but to use no authentication method.  This
  10.557 + * policy is NOT RECOMMENDED unless it is unavoidable; see Section 7.5
  10.558 + * of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt).
  10.559 + *
  10.560 + * This function is a convenience that helps to avoid dealing directly
  10.561 + * with the policy data structure.  You are encouraged to initialize
  10.562 + * policy elements with this function call.  Doing so may allow your
  10.563 + * code to be forward compatible with later versions of libSRTP that
  10.564 + * include more elements in the crypto_policy_t datatype.
  10.565 + *
  10.566 + * @warning This policy is NOT RECOMMENDED for SRTP unless it is
  10.567 + * unavoidable, and it is NOT RECOMMENDED at all for SRTCP; see
  10.568 + * Section 7.5 of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt).
  10.569 + *
  10.570 + * @return void.
  10.571 + *
  10.572 + */
  10.573 +
  10.574 +void
  10.575 +crypto_policy_set_aes_cm_128_null_auth(crypto_policy_t *p);
  10.576 +
  10.577 +
  10.578 +/**
  10.579 + * @brief crypto_policy_set_null_cipher_hmac_sha1_80() sets a crypto
  10.580 + * policy structure to an authentication-only policy
  10.581 + *
  10.582 + * @param p is a pointer to the policy structure to be set
  10.583 + *
  10.584 + * The function call crypto_policy_set_null_cipher_hmac_sha1_80(&p)
  10.585 + * sets the crypto_policy_t at location p to use HMAC-SHA1 with an 80
  10.586 + * bit authentication tag to provide message authentication, but to
  10.587 + * use no encryption.  This policy is NOT RECOMMENDED for SRTP unless
  10.588 + * there is a requirement to forego encryption.
  10.589 + *
  10.590 + * This function is a convenience that helps to avoid dealing directly
  10.591 + * with the policy data structure.  You are encouraged to initialize
  10.592 + * policy elements with this function call.  Doing so may allow your
  10.593 + * code to be forward compatible with later versions of libSRTP that
  10.594 + * include more elements in the crypto_policy_t datatype.
  10.595 + *
  10.596 + * @warning This policy is NOT RECOMMENDED for SRTP unless there is a
  10.597 + * requirement to forego encryption.
  10.598 + *
  10.599 + * @return void.
  10.600 + *
  10.601 + */
  10.602 +
  10.603 +void
  10.604 +crypto_policy_set_null_cipher_hmac_sha1_80(crypto_policy_t *p);
  10.605 +
  10.606 +
  10.607 +/**
  10.608 + * @brief crypto_policy_set_aes_cm_256_hmac_sha1_80() sets a crypto
  10.609 + * policy structure to a encryption and authentication policy using AES-256
  10.610 + * for RTP protection.
  10.611 + *
  10.612 + * @param p is a pointer to the policy structure to be set
  10.613 + *
  10.614 + * The function call crypto_policy_set_aes_cm_256_hmac_sha1_80(&p)
  10.615 + * sets the crypto_policy_t at location p to use policy
  10.616 + * AES_CM_256_HMAC_SHA1_80 as defined in
  10.617 + * draft-ietf-avt-srtp-big-aes-03.txt.  This policy uses AES-256
  10.618 + * Counter Mode encryption and HMAC-SHA1 authentication, with an 80 bit
  10.619 + * authentication tag.
  10.620 + *
  10.621 + * This function is a convenience that helps to avoid dealing directly
  10.622 + * with the policy data structure.  You are encouraged to initialize
  10.623 + * policy elements with this function call.  Doing so may allow your
  10.624 + * code to be forward compatible with later versions of libSRTP that
  10.625 + * include more elements in the crypto_policy_t datatype.
  10.626 + *
  10.627 + * @return void.
  10.628 + *
  10.629 + */
  10.630 +
  10.631 +void crypto_policy_set_aes_cm_256_hmac_sha1_80(crypto_policy_t *p);
  10.632 +
  10.633 +
  10.634 +/**
  10.635 + * @brief crypto_policy_set_aes_cm_256_hmac_sha1_32() sets a crypto
  10.636 + * policy structure to a short-authentication tag policy using AES-256
  10.637 + * encryption.
  10.638 + *
  10.639 + * @param p is a pointer to the policy structure to be set
  10.640 + *
  10.641 + * The function call crypto_policy_set_aes_cm_256_hmac_sha1_32(&p)
  10.642 + * sets the crypto_policy_t at location p to use policy
  10.643 + * AES_CM_256_HMAC_SHA1_32 as defined in
  10.644 + * draft-ietf-avt-srtp-big-aes-03.txt.  This policy uses AES-256
  10.645 + * Counter Mode encryption and HMAC-SHA1 authentication, with an
  10.646 + * authentication tag that is only 32 bits long.  This length is
  10.647 + * considered adequate only for protecting audio and video media that
  10.648 + * use a stateless playback function.  See Section 7.5 of RFC 3711
  10.649 + * (http://www.ietf.org/rfc/rfc3711.txt).
  10.650 + *
  10.651 + * This function is a convenience that helps to avoid dealing directly
  10.652 + * with the policy data structure.  You are encouraged to initialize
  10.653 + * policy elements with this function call.  Doing so may allow your
  10.654 + * code to be forward compatible with later versions of libSRTP that
  10.655 + * include more elements in the crypto_policy_t datatype.
  10.656 + *
  10.657 + * @warning This crypto policy is intended for use in SRTP, but not in
  10.658 + * SRTCP.  It is recommended that a policy that uses longer
  10.659 + * authentication tags be used for SRTCP.  See Section 7.5 of RFC 3711
  10.660 + * (http://www.ietf.org/rfc/rfc3711.txt).
  10.661 + *
  10.662 + * @return void.
  10.663 + *
  10.664 + */
  10.665 +
  10.666 +void
  10.667 +crypto_policy_set_aes_cm_256_hmac_sha1_32(crypto_policy_t *p);
  10.668 +
  10.669 +
  10.670 +/**
  10.671 + * @brief srtp_dealloc() deallocates storage for an SRTP session
  10.672 + * context.
  10.673 + *
  10.674 + * The function call srtp_dealloc(s) deallocates storage for the
  10.675 + * SRTP session context s.  This function should be called no more
  10.676 + * than one time for each of the contexts allocated by the function
  10.677 + * srtp_create().
  10.678 + *
  10.679 + * @param s is the srtp_t for the session to be deallocated.
  10.680 + *
  10.681 + * @return
  10.682 + *    - err_status_ok             if there no problems.
  10.683 + *    - err_status_dealloc_fail   a memory deallocation failure occured.
  10.684 + */
  10.685 +
  10.686 +err_status_t
  10.687 +srtp_dealloc(srtp_t s);
  10.688 +
  10.689 +
  10.690 +/*
  10.691 + * @brief identifies a particular SRTP profile
  10.692 + *
  10.693 + * An srtp_profile_t enumeration is used to identify a particular SRTP
  10.694 + * profile (that is, a set of algorithms and parameters).  These
  10.695 + * profiles are defined in the DTLS-SRTP draft.
  10.696 + */
  10.697 +
  10.698 +typedef enum {
  10.699 +  srtp_profile_reserved           = 0,
  10.700 +  srtp_profile_aes128_cm_sha1_80  = 1,
  10.701 +  srtp_profile_aes128_cm_sha1_32  = 2,
  10.702 +  srtp_profile_aes256_cm_sha1_80  = 3,
  10.703 +  srtp_profile_aes256_cm_sha1_32  = 4,
  10.704 +  srtp_profile_null_sha1_80       = 5,
  10.705 +  srtp_profile_null_sha1_32       = 6,
  10.706 +} srtp_profile_t;
  10.707 +
  10.708 +
  10.709 +/**
  10.710 + * @brief crypto_policy_set_from_profile_for_rtp() sets a crypto policy
  10.711 + * structure to the appropriate value for RTP based on an srtp_profile_t
  10.712 + *
  10.713 + * @param p is a pointer to the policy structure to be set
  10.714 + *
  10.715 + * The function call crypto_policy_set_rtp_default(&policy, profile)
  10.716 + * sets the crypto_policy_t at location policy to the policy for RTP
  10.717 + * protection, as defined by the srtp_profile_t profile.
  10.718 + *
  10.719 + * This function is a convenience that helps to avoid dealing directly
  10.720 + * with the policy data structure.  You are encouraged to initialize
  10.721 + * policy elements with this function call.  Doing so may allow your
  10.722 + * code to be forward compatible with later versions of libSRTP that
  10.723 + * include more elements in the crypto_policy_t datatype.
  10.724 + *
  10.725 + * @return values
  10.726 + *     - err_status_ok         no problems were encountered
  10.727 + *     - err_status_bad_param  the profile is not supported
  10.728 + *
  10.729 + */
  10.730 +err_status_t
  10.731 +crypto_policy_set_from_profile_for_rtp(crypto_policy_t *policy,
  10.732 +				       srtp_profile_t profile);
  10.733 +
  10.734 +
  10.735 +
  10.736 +
  10.737 +/**
  10.738 + * @brief crypto_policy_set_from_profile_for_rtcp() sets a crypto policy
  10.739 + * structure to the appropriate value for RTCP based on an srtp_profile_t
  10.740 + *
  10.741 + * @param p is a pointer to the policy structure to be set
  10.742 + *
  10.743 + * The function call crypto_policy_set_rtcp_default(&policy, profile)
  10.744 + * sets the crypto_policy_t at location policy to the policy for RTCP
  10.745 + * protection, as defined by the srtp_profile_t profile.
  10.746 + *
  10.747 + * This function is a convenience that helps to avoid dealing directly
  10.748 + * with the policy data structure.  You are encouraged to initialize
  10.749 + * policy elements with this function call.  Doing so may allow your
  10.750 + * code to be forward compatible with later versions of libSRTP that
  10.751 + * include more elements in the crypto_policy_t datatype.
  10.752 + *
  10.753 + * @return values
  10.754 + *     - err_status_ok         no problems were encountered
  10.755 + *     - err_status_bad_param  the profile is not supported
  10.756 + *
  10.757 + */
  10.758 +err_status_t
  10.759 +crypto_policy_set_from_profile_for_rtcp(crypto_policy_t *policy,
  10.760 +				       srtp_profile_t profile);
  10.761 +
  10.762 +/**
  10.763 + * @brief returns the master key length for a given SRTP profile
  10.764 + */
  10.765 +unsigned int
  10.766 +srtp_profile_get_master_key_length(srtp_profile_t profile);
  10.767 +
  10.768 +
  10.769 +/**
  10.770 + * @brief returns the master salt length for a given SRTP profile
  10.771 + */
  10.772 +unsigned int
  10.773 +srtp_profile_get_master_salt_length(srtp_profile_t profile);
  10.774 +
  10.775 +/**
  10.776 + * @brief appends the salt to the key
  10.777 + *
  10.778 + * The function call append_salt_to_key(k, klen, s, slen)
  10.779 + * copies the string s to the location at klen bytes following
  10.780 + * the location k.
  10.781 + *
  10.782 + * @warning There must be at least bytes_in_salt + bytes_in_key bytes
  10.783 + *          available at the location pointed to by key.
  10.784 + *
  10.785 + */
  10.786 +
  10.787 +void
  10.788 +append_salt_to_key(unsigned char *key, unsigned int bytes_in_key,
  10.789 +		   unsigned char *salt, unsigned int bytes_in_salt);
  10.790 +
  10.791 +
  10.792 +
  10.793 +/**
  10.794 + * @}
  10.795 + */
  10.796 +
  10.797 +
  10.798 +
  10.799 +/**
  10.800 + * @defgroup SRTCP Secure RTCP
  10.801 + * @ingroup  SRTP
  10.802 + *
  10.803 + * @brief Secure RTCP functions are used to protect RTCP traffic.
  10.804 + *
  10.805 + * RTCP is the control protocol for RTP.  libSRTP protects RTCP
  10.806 + * traffic in much the same way as it does RTP traffic.  The function
  10.807 + * srtp_protect_rtcp() applies cryptographic protections to outbound
  10.808 + * RTCP packets, and srtp_unprotect_rtcp() verifies the protections on
  10.809 + * inbound RTCP packets.
  10.810 + *
  10.811 + * A note on the naming convention: srtp_protect_rtcp() has an srtp_t
  10.812 + * as its first argument, and thus has `srtp_' as its prefix.  The
  10.813 + * trailing `_rtcp' indicates the protocol on which it acts.
  10.814 + *
  10.815 + * @{
  10.816 + */
  10.817 +
  10.818 +/**
  10.819 + * @brief srtp_protect_rtcp() is the Secure RTCP sender-side packet
  10.820 + * processing function.
  10.821 + *
  10.822 + * The function call srtp_protect_rtcp(ctx, rtp_hdr, len_ptr) applies
  10.823 + * SRTCP protection to the RTCP packet rtcp_hdr (which has length
  10.824 + * *len_ptr) using the SRTP session context ctx.  If err_status_ok is
  10.825 + * returned, then rtp_hdr points to the resulting SRTCP packet and
  10.826 + * *len_ptr is the number of octets in that packet; otherwise, no
  10.827 + * assumptions should be made about the value of either data elements.
  10.828 + *
  10.829 + * @warning This function assumes that it can write the authentication
  10.830 + * tag into the location in memory immediately following the RTCP
  10.831 + * packet, and assumes that the RTCP packet is aligned on a 32-bit
  10.832 + * boundary.
  10.833 + *
  10.834 + * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN+4
  10.835 + * into the location in memory immediately following the RTCP packet.
  10.836 + * Callers MUST ensure that this much writable memory is available in
  10.837 + * the buffer that holds the RTCP packet.
  10.838 + *
  10.839 + * @param ctx is the SRTP context to use in processing the packet.
  10.840 + *
  10.841 + * @param rtcp_hdr is a pointer to the RTCP packet (before the call); after
  10.842 + * the function returns, it points to the srtp packet.
  10.843 + *
  10.844 + * @param pkt_octet_len is a pointer to the length in octets of the
  10.845 + * complete RTCP packet (header and body) before the function call,
  10.846 + * and of the complete SRTCP packet after the call, if err_status_ok
  10.847 + * was returned.  Otherwise, the value of the data to which it points
  10.848 + * is undefined.
  10.849 + *
  10.850 + * @return
  10.851 + *    - err_status_ok            if there were no problems.
  10.852 + *    - [other]                  if there was a failure in
  10.853 + *                               the cryptographic mechanisms.
  10.854 + */
  10.855 +
  10.856 +
  10.857 +err_status_t
  10.858 +srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len);
  10.859 +
  10.860 +/**
  10.861 + * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet
  10.862 + * processing function.
  10.863 + *
  10.864 + * The function call srtp_unprotect_rtcp(ctx, srtp_hdr, len_ptr)
  10.865 + * verifies the Secure RTCP protection of the SRTCP packet pointed to
  10.866 + * by srtcp_hdr (which has length *len_ptr), using the SRTP session
  10.867 + * context ctx.  If err_status_ok is returned, then srtcp_hdr points
  10.868 + * to the resulting RTCP packet and *len_ptr is the number of octets
  10.869 + * in that packet; otherwise, no assumptions should be made about the
  10.870 + * value of either data elements.
  10.871 + *
  10.872 + * @warning This function assumes that the SRTCP packet is aligned on a
  10.873 + * 32-bit boundary.
  10.874 + *
  10.875 + * @param ctx is a pointer to the srtp_t which applies to the
  10.876 + * particular packet.
  10.877 + *
  10.878 + * @param srtcp_hdr is a pointer to the header of the SRTCP packet
  10.879 + * (before the call).  After the function returns, it points to the
  10.880 + * rtp packet if err_status_ok was returned; otherwise, the value of
  10.881 + * the data to which it points is undefined.
  10.882 + *
  10.883 + * @param pkt_octet_len is a pointer to the length in octets of the
  10.884 + * complete SRTCP packet (header and body) before the function call,
  10.885 + * and of the complete rtp packet after the call, if err_status_ok was
  10.886 + * returned.  Otherwise, the value of the data to which it points is
  10.887 + * undefined.
  10.888 + *
  10.889 + * @return
  10.890 + *    - err_status_ok          if the RTCP packet is valid.
  10.891 + *    - err_status_auth_fail   if the SRTCP packet failed the message
  10.892 + *                             authentication check.
  10.893 + *    - err_status_replay_fail if the SRTCP packet is a replay (e.g. has
  10.894 + *                             already been processed and accepted).
  10.895 + *    - [other]  if there has been an error in the cryptographic mechanisms.
  10.896 + *
  10.897 + */
  10.898 +
  10.899 +err_status_t
  10.900 +srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len);
  10.901 +
  10.902 +/**
  10.903 + * @}
  10.904 + */
  10.905 +
  10.906 +/**
  10.907 + * @defgroup SRTPevents SRTP events and callbacks
  10.908 + * @ingroup  SRTP
  10.909 + *
  10.910 + * @brief libSRTP can use a user-provided callback function to
  10.911 + * handle events.
  10.912 + *
  10.913 + *
  10.914 + * libSRTP allows a user to provide a callback function to handle
  10.915 + * events that need to be dealt with outside of the data plane (see
  10.916 + * the enum srtp_event_t for a description of these events).  Dealing
  10.917 + * with these events is not a strict necessity; they are not
  10.918 + * security-critical, but the application may suffer if they are not
  10.919 + * handled.  The function srtp_set_event_handler() is used to provide
  10.920 + * the callback function.
  10.921 + *
  10.922 + * A default event handler that merely reports on the events as they
  10.923 + * happen is included.  It is also possible to set the event handler
  10.924 + * function to NULL, in which case all events will just be silently
  10.925 + * ignored.
  10.926 + *
  10.927 + * @{
  10.928 + */
  10.929 +
  10.930 +/**
  10.931 + * @brief srtp_event_t defines events that need to be handled
  10.932 + *
  10.933 + * The enum srtp_event_t defines events that need to be handled
  10.934 + * outside the `data plane', such as SSRC collisions and
  10.935 + * key expirations.
  10.936 + *
  10.937 + * When a key expires or the maximum number of packets has been
  10.938 + * reached, an SRTP stream will enter an `expired' state in which no
  10.939 + * more packets can be protected or unprotected.  When this happens,
  10.940 + * it is likely that you will want to either deallocate the stream
  10.941 + * (using srtp_stream_dealloc()), and possibly allocate a new one.
  10.942 + *
  10.943 + * When an SRTP stream expires, the other streams in the same session
  10.944 + * are unaffected, unless key sharing is used by that stream.  In the
  10.945 + * latter case, all of the streams in the session will expire.
  10.946 + */
  10.947 +
  10.948 +typedef enum {
  10.949 +  event_ssrc_collision,    /**<
  10.950 +			    * An SSRC collision occured.
  10.951 +			    */
  10.952 +  event_key_soft_limit,    /**< An SRTP stream reached the soft key
  10.953 +			    *   usage limit and will expire soon.
  10.954 +			    */
  10.955 +  event_key_hard_limit,    /**< An SRTP stream reached the hard
  10.956 +			    *   key usage limit and has expired.
  10.957 +			    */
  10.958 +  event_packet_index_limit /**< An SRTP stream reached the hard
  10.959 +			    * packet limit (2^48 packets).
  10.960 +			    */
  10.961 +} srtp_event_t;
  10.962 +
  10.963 +/**
  10.964 + * @brief srtp_event_data_t is the structure passed as a callback to
  10.965 + * the event handler function
  10.966 + *
  10.967 + * The struct srtp_event_data_t holds the data passed to the event
  10.968 + * handler function.
  10.969 + */
  10.970 +
  10.971 +typedef struct srtp_event_data_t {
  10.972 +  srtp_t        session;  /**< The session in which the event happend. */
  10.973 +  srtp_stream_t stream;   /**< The stream in which the event happend.  */
  10.974 +  srtp_event_t  event;    /**< An enum indicating the type of event.   */
  10.975 +} srtp_event_data_t;
  10.976 +
  10.977 +/**
  10.978 + * @brief srtp_event_handler_func_t is the function prototype for
  10.979 + * the event handler.
  10.980 + *
  10.981 + * The typedef srtp_event_handler_func_t is the prototype for the
  10.982 + * event handler function.  It has as its only argument an
  10.983 + * srtp_event_data_t which describes the event that needs to be handled.
  10.984 + * There can only be a single, global handler for all events in
  10.985 + * libSRTP.
  10.986 + */
  10.987 +
  10.988 +typedef void (srtp_event_handler_func_t)(srtp_event_data_t *data);
  10.989 +
  10.990 +/**
  10.991 + * @brief sets the event handler to the function supplied by the caller.
  10.992 + *
  10.993 + * The function call srtp_install_event_handler(func) sets the event
  10.994 + * handler function to the value func.  The value NULL is acceptable
  10.995 + * as an argument; in this case, events will be ignored rather than
  10.996 + * handled.
  10.997 + *
  10.998 + * @param func is a pointer to a fuction that takes an srtp_event_data_t
  10.999 + *             pointer as an argument and returns void.  This function
 10.1000 + *             will be used by libSRTP to handle events.
 10.1001 + */
 10.1002 +
 10.1003 +err_status_t
 10.1004 +srtp_install_event_handler(srtp_event_handler_func_t func);
 10.1005 +
 10.1006 +/**
 10.1007 + * @}
 10.1008 + */
 10.1009 +/* in host order, so outside the #if */
 10.1010 +#define SRTCP_E_BIT      0x80000000
 10.1011 +/* for byte-access */
 10.1012 +#define SRTCP_E_BYTE_BIT 0x80
 10.1013 +#define SRTCP_INDEX_MASK 0x7fffffff
 10.1014 +
 10.1015 +#ifdef __cplusplus
 10.1016 +}
 10.1017 +#endif
 10.1018 +
 10.1019 +#endif /* SRTP_H */
    11.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    11.2 +++ b/include/srtp/srtp/srtp_priv.h	Wed Dec 25 20:32:47 2013 -0500
    11.3 @@ -0,0 +1,256 @@
    11.4 +/*
    11.5 + * srtp_priv.h
    11.6 + *
    11.7 + * private internal data structures and functions for libSRTP
    11.8 + *
    11.9 + * David A. McGrew
   11.10 + * Cisco Systems, Inc.
   11.11 + */
   11.12 +/*
   11.13 + *	
   11.14 + * Copyright (c) 2001-2006 Cisco Systems, Inc.
   11.15 + * All rights reserved.
   11.16 + * 
   11.17 + * Redistribution and use in source and binary forms, with or without
   11.18 + * modification, are permitted provided that the following conditions
   11.19 + * are met:
   11.20 + * 
   11.21 + *   Redistributions of source code must retain the above copyright
   11.22 + *   notice, this list of conditions and the following disclaimer.
   11.23 + * 
   11.24 + *   Redistributions in binary form must reproduce the above
   11.25 + *   copyright notice, this list of conditions and the following
   11.26 + *   disclaimer in the documentation and/or other materials provided
   11.27 + *   with the distribution.
   11.28 + * 
   11.29 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
   11.30 + *   contributors may be used to endorse or promote products derived
   11.31 + *   from this software without specific prior written permission.
   11.32 + * 
   11.33 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
   11.34 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
   11.35 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
   11.36 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
   11.37 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
   11.38 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
   11.39 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
   11.40 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   11.41 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
   11.42 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
   11.43 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
   11.44 + * OF THE POSSIBILITY OF SUCH DAMAGE.
   11.45 + *
   11.46 + */
   11.47 +
   11.48 +#ifndef SRTP_PRIV_H
   11.49 +#define SRTP_PRIV_H
   11.50 +
   11.51 +#include "srtp.h"
   11.52 +#include "rdbx.h"
   11.53 +#include "rdb.h"
   11.54 +#include "integers.h"
   11.55 +
   11.56 +/*
   11.57 + * an srtp_hdr_t represents the srtp header
   11.58 + *
   11.59 + * in this implementation, an srtp_hdr_t is assumed to be 32-bit aligned
   11.60 + * 
   11.61 + * (note that this definition follows that of RFC 1889 Appendix A, but
   11.62 + * is not identical)
   11.63 + */
   11.64 + 
   11.65 +#ifndef WORDS_BIGENDIAN
   11.66 +
   11.67 +/*
   11.68 + * srtp_hdr_t represents an RTP or SRTP header.  The bit-fields in
   11.69 + * this structure should be declared "unsigned int" instead of 
   11.70 + * "unsigned char", but doing so causes the MS compiler to not
   11.71 + * fully pack the bit fields.
   11.72 + */
   11.73 +
   11.74 +typedef struct {
   11.75 +  unsigned char cc:4;	/* CSRC count             */
   11.76 +  unsigned char x:1;	/* header extension flag  */
   11.77 +  unsigned char p:1;	/* padding flag           */
   11.78 +  unsigned char version:2; /* protocol version    */
   11.79 +  unsigned char pt:7;	/* payload type           */
   11.80 +  unsigned char m:1;	/* marker bit             */
   11.81 +  uint16_t seq;		/* sequence number        */
   11.82 +  uint32_t ts;		/* timestamp              */
   11.83 +  uint32_t ssrc;	/* synchronization source */
   11.84 +} srtp_hdr_t;
   11.85 +
   11.86 +#else /*  BIG_ENDIAN */
   11.87 +
   11.88 +typedef struct {
   11.89 +  unsigned char version:2; /* protocol version    */
   11.90 +  unsigned char p:1;	/* padding flag           */
   11.91 +  unsigned char x:1;	/* header extension flag  */
   11.92 +  unsigned char cc:4;	/* CSRC count             */
   11.93 +  unsigned char m:1;	/* marker bit             */
   11.94 +  unsigned pt:7;	/* payload type           */
   11.95 +  uint16_t seq;		/* sequence number        */
   11.96 +  uint32_t ts;		/* timestamp              */
   11.97 +  uint32_t ssrc;	/* synchronization source */
   11.98 +} srtp_hdr_t;
   11.99 +
  11.100 +#endif
  11.101 +
  11.102 +typedef struct {
  11.103 +  uint16_t profile_specific;    /* profile-specific info               */
  11.104 +  uint16_t length;              /* number of 32-bit words in extension */
  11.105 +} srtp_hdr_xtnd_t;
  11.106 +
  11.107 +
  11.108 +/*
  11.109 + * srtcp_hdr_t represents a secure rtcp header 
  11.110 + *
  11.111 + * in this implementation, an srtcp header is assumed to be 32-bit
  11.112 + * alinged
  11.113 + */
  11.114 +
  11.115 +#ifndef WORDS_BIGENDIAN
  11.116 +
  11.117 +typedef struct {
  11.118 +  unsigned char rc:5;		/* reception report count */
  11.119 +  unsigned char p:1;		/* padding flag           */
  11.120 +  unsigned char version:2;	/* protocol version       */
  11.121 +  unsigned char pt:8;		/* payload type           */
  11.122 +  uint16_t len;			/* length                 */
  11.123 +  uint32_t ssrc;	       	/* synchronization source */
  11.124 +} srtcp_hdr_t;
  11.125 +
  11.126 +typedef struct {
  11.127 +  unsigned int index:31;    /* srtcp packet index in network order! */
  11.128 +  unsigned int e:1;         /* encrypted? 1=yes */
  11.129 +  /* optional mikey/etc go here */
  11.130 +  /* and then the variable-length auth tag */
  11.131 +} srtcp_trailer_t;
  11.132 +
  11.133 +
  11.134 +#else /*  BIG_ENDIAN */
  11.135 +
  11.136 +typedef struct {
  11.137 +  unsigned char version:2;	/* protocol version       */
  11.138 +  unsigned char p:1;		/* padding flag           */
  11.139 +  unsigned char rc:5;		/* reception report count */
  11.140 +  unsigned char pt:8;		/* payload type           */
  11.141 +  uint16_t len;			/* length                 */
  11.142 +  uint32_t ssrc;	       	/* synchronization source */
  11.143 +} srtcp_hdr_t;
  11.144 +
  11.145 +typedef struct {
  11.146 +  unsigned int version:2;  /* protocol version                     */
  11.147 +  unsigned int p:1;        /* padding flag                         */
  11.148 +  unsigned int count:5;    /* varies by packet type                */
  11.149 +  unsigned int pt:8;       /* payload type                         */
  11.150 +  uint16_t length;         /* len of uint32s of packet less header */
  11.151 +} rtcp_common_t;
  11.152 +
  11.153 +typedef struct {
  11.154 +  unsigned int e:1;         /* encrypted? 1=yes */
  11.155 +  unsigned int index:31;    /* srtcp packet index */
  11.156 +  /* optional mikey/etc go here */
  11.157 +  /* and then the variable-length auth tag */
  11.158 +} srtcp_trailer_t;
  11.159 +
  11.160 +#endif
  11.161 +
  11.162 +
  11.163 +/*
  11.164 + * the following declarations are libSRTP internal functions 
  11.165 + */
  11.166 +
  11.167 +/*
  11.168 + * srtp_get_stream(ssrc) returns a pointer to the stream corresponding
  11.169 + * to ssrc, or NULL if no stream exists for that ssrc
  11.170 + */
  11.171 +
  11.172 +srtp_stream_t 
  11.173 +srtp_get_stream(srtp_t srtp, uint32_t ssrc);
  11.174 +
  11.175 +
  11.176 +/*
  11.177 + * srtp_stream_init_keys(s, k) (re)initializes the srtp_stream_t s by
  11.178 + * deriving all of the needed keys using the KDF and the key k.
  11.179 + */
  11.180 +
  11.181 +
  11.182 +err_status_t
  11.183 +srtp_stream_init_keys(srtp_stream_t srtp, const void *key);
  11.184 +
  11.185 +/*
  11.186 + * srtp_stream_init(s, p) initializes the srtp_stream_t s to 
  11.187 + * use the policy at the location p
  11.188 + */
  11.189 +err_status_t
  11.190 +srtp_stream_init(srtp_stream_t srtp, 
  11.191 +		 const srtp_policy_t *p);
  11.192 +
  11.193 +
  11.194 +/*
  11.195 + * libsrtp internal datatypes 
  11.196 + */
  11.197 +
  11.198 +typedef enum direction_t { 
  11.199 +  dir_unknown       = 0,
  11.200 +  dir_srtp_sender   = 1, 
  11.201 +  dir_srtp_receiver = 2
  11.202 +} direction_t;
  11.203 +
  11.204 +/* 
  11.205 + * an srtp_stream_t has its own SSRC, encryption key, authentication
  11.206 + * key, sequence number, and replay database
  11.207 + * 
  11.208 + * note that the keys might not actually be unique, in which case the
  11.209 + * cipher_t and auth_t pointers will point to the same structures
  11.210 + */
  11.211 +
  11.212 +typedef struct srtp_stream_ctx_t {
  11.213 +  uint32_t   ssrc;
  11.214 +  cipher_t  *rtp_cipher;
  11.215 +  auth_t    *rtp_auth;
  11.216 +  rdbx_t     rtp_rdbx;
  11.217 +  sec_serv_t rtp_services;
  11.218 +  cipher_t  *rtcp_cipher;
  11.219 +  auth_t    *rtcp_auth;
  11.220 +  rdb_t      rtcp_rdb;
  11.221 +  sec_serv_t rtcp_services;
  11.222 +  key_limit_ctx_t *limit;
  11.223 +  direction_t direction;
  11.224 +  int        allow_repeat_tx;
  11.225 +  ekt_stream_t ekt; 
  11.226 +  struct srtp_stream_ctx_t *next;   /* linked list of streams */
  11.227 +} srtp_stream_ctx_t;
  11.228 +
  11.229 +
  11.230 +/*
  11.231 + * an srtp_ctx_t holds a stream list and a service description
  11.232 + */
  11.233 +
  11.234 +typedef struct srtp_ctx_t {
  11.235 +  srtp_stream_ctx_t *stream_list;     /* linked list of streams            */
  11.236 +  srtp_stream_ctx_t *stream_template; /* act as template for other streams */
  11.237 +} srtp_ctx_t;
  11.238 +
  11.239 +
  11.240 +
  11.241 +/*
  11.242 + * srtp_handle_event(srtp, srtm, evnt) calls the event handling
  11.243 + * function, if there is one.
  11.244 + *
  11.245 + * This macro is not included in the documentation as it is 
  11.246 + * an internal-only function.
  11.247 + */
  11.248 +
  11.249 +#define srtp_handle_event(srtp, strm, evnt)         \
  11.250 +   if(srtp_event_handler) {                         \
  11.251 +      srtp_event_data_t data;                       \
  11.252 +      data.session = srtp;                          \
  11.253 +      data.stream  = strm;                          \
  11.254 +      data.event   = evnt;                          \
  11.255 +      srtp_event_handler(&data);                    \
  11.256 +}   
  11.257 +
  11.258 +
  11.259 +#endif /* SRTP_PRIV_H */
    12.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    12.2 +++ b/include/srtp/srtp/ut_sim.h	Wed Dec 25 20:32:47 2013 -0500
    12.3 @@ -0,0 +1,80 @@
    12.4 +/*
    12.5 + * ut-sim.h
    12.6 + *
    12.7 + * an unreliable transport simulator
    12.8 + * (for testing replay databases and suchlike)
    12.9 + *
   12.10 + * David A. McGrew
   12.11 + * Cisco Systems, Inc.
   12.12 + */
   12.13 +
   12.14 +/*
   12.15 + *	
   12.16 + * Copyright (c) 2001-2006, Cisco Systems, Inc.
   12.17 + * All rights reserved.
   12.18 + * 
   12.19 + * Redistribution and use in source and binary forms, with or without
   12.20 + * modification, are permitted provided that the following conditions
   12.21 + * are met:
   12.22 + * 
   12.23 + *   Redistributions of source code must retain the above copyright
   12.24 + *   notice, this list of conditions and the following disclaimer.
   12.25 + * 
   12.26 + *   Redistributions in binary form must reproduce the above
   12.27 + *   copyright notice, this list of conditions and the following
   12.28 + *   disclaimer in the documentation and/or other materials provided
   12.29 + *   with the distribution.
   12.30 + * 
   12.31 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
   12.32 + *   contributors may be used to endorse or promote products derived
   12.33 + *   from this software without specific prior written permission.
   12.34 + * 
   12.35 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
   12.36 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
   12.37 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
   12.38 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
   12.39 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
   12.40 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
   12.41 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
   12.42 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   12.43 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
   12.44 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
   12.45 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
   12.46 + * OF THE POSSIBILITY OF SUCH DAMAGE.
   12.47 + *
   12.48 + */
   12.49 +
   12.50 +
   12.51 +
   12.52 +#ifndef UT_SIM_H
   12.53 +#define UT_SIM_H
   12.54 +
   12.55 +#include "integers.h"  /* for uint32_t */
   12.56 +
   12.57 +#define UT_BUF 160      /* maximum amount of packet reorder */
   12.58 +
   12.59 +typedef struct {
   12.60 +  uint32_t index;
   12.61 +  uint32_t buffer[UT_BUF];
   12.62 +} ut_connection;
   12.63 +
   12.64 +/*
   12.65 + * ut_init(&u) initializes the ut_connection 
   12.66 + *
   12.67 + * this function should always be the first one called on a new
   12.68 + * ut_connection
   12.69 + */
   12.70 +
   12.71 +void
   12.72 +ut_init(ut_connection *utc);
   12.73 +
   12.74 +/*
   12.75 + * ut_next_index(&u) returns the next index from the simulated
   12.76 + * unreliable connection
   12.77 + */
   12.78 +
   12.79 +uint32_t
   12.80 +ut_next_index(ut_connection *utc);
   12.81 +
   12.82 +
   12.83 +#endif /* UT_SIM_H */
    13.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    13.2 +++ b/include/srtp/srtp_priv.h	Wed Dec 25 20:32:47 2013 -0500
    13.3 @@ -0,0 +1,256 @@
    13.4 +/*
    13.5 + * srtp_priv.h
    13.6 + *
    13.7 + * private internal data structures and functions for libSRTP
    13.8 + *
    13.9 + * David A. McGrew
   13.10 + * Cisco Systems, Inc.
   13.11 + */
   13.12 +/*
   13.13 + *	
   13.14 + * Copyright (c) 2001-2006 Cisco Systems, Inc.
   13.15 + * All rights reserved.
   13.16 + * 
   13.17 + * Redistribution and use in source and binary forms, with or without
   13.18 + * modification, are permitted provided that the following conditions
   13.19 + * are met:
   13.20 + * 
   13.21 + *   Redistributions of source code must retain the above copyright
   13.22 + *   notice, this list of conditions and the following disclaimer.
   13.23 + * 
   13.24 + *   Redistributions in binary form must reproduce the above
   13.25 + *   copyright notice, this list of conditions and the following
   13.26 + *   disclaimer in the documentation and/or other materials provided
   13.27 + *   with the distribution.
   13.28 + * 
   13.29 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
   13.30 + *   contributors may be used to endorse or promote products derived
   13.31 + *   from this software without specific prior written permission.
   13.32 + * 
   13.33 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
   13.34 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
   13.35 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
   13.36 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
   13.37 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
   13.38 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
   13.39 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
   13.40 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   13.41 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
   13.42 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
   13.43 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
   13.44 + * OF THE POSSIBILITY OF SUCH DAMAGE.
   13.45 + *
   13.46 + */
   13.47 +
   13.48 +#ifndef SRTP_PRIV_H
   13.49 +#define SRTP_PRIV_H
   13.50 +
   13.51 +#include "srtp.h"
   13.52 +#include "rdbx.h"
   13.53 +#include "rdb.h"
   13.54 +#include "integers.h"
   13.55 +
   13.56 +/*
   13.57 + * an srtp_hdr_t represents the srtp header
   13.58 + *
   13.59 + * in this implementation, an srtp_hdr_t is assumed to be 32-bit aligned
   13.60 + * 
   13.61 + * (note that this definition follows that of RFC 1889 Appendix A, but
   13.62 + * is not identical)
   13.63 + */
   13.64 + 
   13.65 +#ifndef WORDS_BIGENDIAN
   13.66 +
   13.67 +/*
   13.68 + * srtp_hdr_t represents an RTP or SRTP header.  The bit-fields in
   13.69 + * this structure should be declared "unsigned int" instead of 
   13.70 + * "unsigned char", but doing so causes the MS compiler to not
   13.71 + * fully pack the bit fields.
   13.72 + */
   13.73 +
   13.74 +typedef struct {
   13.75 +  unsigned char cc:4;	/* CSRC count             */
   13.76 +  unsigned char x:1;	/* header extension flag  */
   13.77 +  unsigned char p:1;	/* padding flag           */
   13.78 +  unsigned char version:2; /* protocol version    */
   13.79 +  unsigned char pt:7;	/* payload type           */
   13.80 +  unsigned char m:1;	/* marker bit             */
   13.81 +  uint16_t seq;		/* sequence number        */
   13.82 +  uint32_t ts;		/* timestamp              */
   13.83 +  uint32_t ssrc;	/* synchronization source */
   13.84 +} srtp_hdr_t;
   13.85 +
   13.86 +#else /*  BIG_ENDIAN */
   13.87 +
   13.88 +typedef struct {
   13.89 +  unsigned char version:2; /* protocol version    */
   13.90 +  unsigned char p:1;	/* padding flag           */
   13.91 +  unsigned char x:1;	/* header extension flag  */
   13.92 +  unsigned char cc:4;	/* CSRC count             */
   13.93 +  unsigned char m:1;	/* marker bit             */
   13.94 +  unsigned pt:7;	/* payload type           */
   13.95 +  uint16_t seq;		/* sequence number        */
   13.96 +  uint32_t ts;		/* timestamp              */
   13.97 +  uint32_t ssrc;	/* synchronization source */
   13.98 +} srtp_hdr_t;
   13.99 +
  13.100 +#endif
  13.101 +
  13.102 +typedef struct {
  13.103 +  uint16_t profile_specific;    /* profile-specific info               */
  13.104 +  uint16_t length;              /* number of 32-bit words in extension */
  13.105 +} srtp_hdr_xtnd_t;
  13.106 +
  13.107 +
  13.108 +/*
  13.109 + * srtcp_hdr_t represents a secure rtcp header 
  13.110 + *
  13.111 + * in this implementation, an srtcp header is assumed to be 32-bit
  13.112 + * alinged
  13.113 + */
  13.114 +
  13.115 +#ifndef WORDS_BIGENDIAN
  13.116 +
  13.117 +typedef struct {
  13.118 +  unsigned char rc:5;		/* reception report count */
  13.119 +  unsigned char p:1;		/* padding flag           */
  13.120 +  unsigned char version:2;	/* protocol version       */
  13.121 +  unsigned char pt:8;		/* payload type           */
  13.122 +  uint16_t len;			/* length                 */
  13.123 +  uint32_t ssrc;	       	/* synchronization source */
  13.124 +} srtcp_hdr_t;
  13.125 +
  13.126 +typedef struct {
  13.127 +  unsigned int index:31;    /* srtcp packet index in network order! */
  13.128 +  unsigned int e:1;         /* encrypted? 1=yes */
  13.129 +  /* optional mikey/etc go here */
  13.130 +  /* and then the variable-length auth tag */
  13.131 +} srtcp_trailer_t;
  13.132 +
  13.133 +
  13.134 +#else /*  BIG_ENDIAN */
  13.135 +
  13.136 +typedef struct {
  13.137 +  unsigned char version:2;	/* protocol version       */
  13.138 +  unsigned char p:1;		/* padding flag           */
  13.139 +  unsigned char rc:5;		/* reception report count */
  13.140 +  unsigned char pt:8;		/* payload type           */
  13.141 +  uint16_t len;			/* length                 */
  13.142 +  uint32_t ssrc;	       	/* synchronization source */
  13.143 +} srtcp_hdr_t;
  13.144 +
  13.145 +typedef struct {
  13.146 +  unsigned int version:2;  /* protocol version                     */
  13.147 +  unsigned int p:1;        /* padding flag                         */
  13.148 +  unsigned int count:5;    /* varies by packet type                */
  13.149 +  unsigned int pt:8;       /* payload type                         */
  13.150 +  uint16_t length;         /* len of uint32s of packet less header */
  13.151 +} rtcp_common_t;
  13.152 +
  13.153 +typedef struct {
  13.154 +  unsigned int e:1;         /* encrypted? 1=yes */
  13.155 +  unsigned int index:31;    /* srtcp packet index */
  13.156 +  /* optional mikey/etc go here */
  13.157 +  /* and then the variable-length auth tag */
  13.158 +} srtcp_trailer_t;
  13.159 +
  13.160 +#endif
  13.161 +
  13.162 +
  13.163 +/*
  13.164 + * the following declarations are libSRTP internal functions 
  13.165 + */
  13.166 +
  13.167 +/*
  13.168 + * srtp_get_stream(ssrc) returns a pointer to the stream corresponding
  13.169 + * to ssrc, or NULL if no stream exists for that ssrc
  13.170 + */
  13.171 +
  13.172 +srtp_stream_t 
  13.173 +srtp_get_stream(srtp_t srtp, uint32_t ssrc);
  13.174 +
  13.175 +
  13.176 +/*
  13.177 + * srtp_stream_init_keys(s, k) (re)initializes the srtp_stream_t s by
  13.178 + * deriving all of the needed keys using the KDF and the key k.
  13.179 + */
  13.180 +
  13.181 +
  13.182 +err_status_t
  13.183 +srtp_stream_init_keys(srtp_stream_t srtp, const void *key);
  13.184 +
  13.185 +/*
  13.186 + * srtp_stream_init(s, p) initializes the srtp_stream_t s to 
  13.187 + * use the policy at the location p
  13.188 + */
  13.189 +err_status_t
  13.190 +srtp_stream_init(srtp_stream_t srtp, 
  13.191 +		 const srtp_policy_t *p);
  13.192 +
  13.193 +
  13.194 +/*
  13.195 + * libsrtp internal datatypes 
  13.196 + */
  13.197 +
  13.198 +typedef enum direction_t { 
  13.199 +  dir_unknown       = 0,
  13.200 +  dir_srtp_sender   = 1, 
  13.201 +  dir_srtp_receiver = 2
  13.202 +} direction_t;
  13.203 +
  13.204 +/* 
  13.205 + * an srtp_stream_t has its own SSRC, encryption key, authentication
  13.206 + * key, sequence number, and replay database
  13.207 + * 
  13.208 + * note that the keys might not actually be unique, in which case the
  13.209 + * cipher_t and auth_t pointers will point to the same structures
  13.210 + */
  13.211 +
  13.212 +typedef struct srtp_stream_ctx_t {
  13.213 +  uint32_t   ssrc;
  13.214 +  cipher_t  *rtp_cipher;
  13.215 +  auth_t    *rtp_auth;
  13.216 +  rdbx_t     rtp_rdbx;
  13.217 +  sec_serv_t rtp_services;
  13.218 +  cipher_t  *rtcp_cipher;
  13.219 +  auth_t    *rtcp_auth;
  13.220 +  rdb_t      rtcp_rdb;
  13.221 +  sec_serv_t rtcp_services;
  13.222 +  key_limit_ctx_t *limit;
  13.223 +  direction_t direction;
  13.224 +  int        allow_repeat_tx;
  13.225 +  ekt_stream_t ekt; 
  13.226 +  struct srtp_stream_ctx_t *next;   /* linked list of streams */
  13.227 +} srtp_stream_ctx_t;
  13.228 +
  13.229 +
  13.230 +/*
  13.231 + * an srtp_ctx_t holds a stream list and a service description
  13.232 + */
  13.233 +
  13.234 +typedef struct srtp_ctx_t {
  13.235 +  srtp_stream_ctx_t *stream_list;     /* linked list of streams            */
  13.236 +  srtp_stream_ctx_t *stream_template; /* act as template for other streams */
  13.237 +} srtp_ctx_t;
  13.238 +
  13.239 +
  13.240 +
  13.241 +/*
  13.242 + * srtp_handle_event(srtp, srtm, evnt) calls the event handling
  13.243 + * function, if there is one.
  13.244 + *
  13.245 + * This macro is not included in the documentation as it is 
  13.246 + * an internal-only function.
  13.247 + */
  13.248 +
  13.249 +#define srtp_handle_event(srtp, strm, evnt)         \
  13.250 +   if(srtp_event_handler) {                         \
  13.251 +      srtp_event_data_t data;                       \
  13.252 +      data.session = srtp;                          \
  13.253 +      data.stream  = strm;                          \
  13.254 +      data.event   = evnt;                          \
  13.255 +      srtp_event_handler(&data);                    \
  13.256 +}   
  13.257 +
  13.258 +
  13.259 +#endif /* SRTP_PRIV_H */
    14.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    14.2 +++ b/include/srtp/ut_sim.h	Wed Dec 25 20:32:47 2013 -0500
    14.3 @@ -0,0 +1,80 @@
    14.4 +/*
    14.5 + * ut-sim.h
    14.6 + *
    14.7 + * an unreliable transport simulator
    14.8 + * (for testing replay databases and suchlike)
    14.9 + *
   14.10 + * David A. McGrew
   14.11 + * Cisco Systems, Inc.
   14.12 + */
   14.13 +
   14.14 +/*
   14.15 + *	
   14.16 + * Copyright (c) 2001-2006, Cisco Systems, Inc.
   14.17 + * All rights reserved.
   14.18 + * 
   14.19 + * Redistribution and use in source and binary forms, with or without
   14.20 + * modification, are permitted provided that the following conditions
   14.21 + * are met:
   14.22 + * 
   14.23 + *   Redistributions of source code must retain the above copyright
   14.24 + *   notice, this list of conditions and the following disclaimer.
   14.25 + * 
   14.26 + *   Redistributions in binary form must reproduce the above
   14.27 + *   copyright notice, this list of conditions and the following
   14.28 + *   disclaimer in the documentation and/or other materials provided
   14.29 + *   with the distribution.
   14.30 + * 
   14.31 + *   Neither the name of the Cisco Systems, Inc. nor the names of its
   14.32 + *   contributors may be used to endorse or promote products derived
   14.33 + *   from this software without specific prior written permission.
   14.34 + * 
   14.35 + * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
   14.36 + * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
   14.37 + * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
   14.38 + * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
   14.39 + * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
   14.40 + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
   14.41 + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
   14.42 + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
   14.43 + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
   14.44 + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
   14.45 + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
   14.46 + * OF THE POSSIBILITY OF SUCH DAMAGE.
   14.47 + *
   14.48 + */
   14.49 +
   14.50 +
   14.51 +
   14.52 +#ifndef UT_SIM_H
   14.53 +#define UT_SIM_H
   14.54 +
   14.55 +#include "integers.h"  /* for uint32_t */
   14.56 +
   14.57 +#define UT_BUF 160      /* maximum amount of packet reorder */
   14.58 +
   14.59 +typedef struct {
   14.60 +  uint32_t index;
   14.61 +  uint32_t buffer[UT_BUF];
   14.62 +} ut_connection;
   14.63 +
   14.64 +/*
   14.65 + * ut_init(&u) initializes the ut_connection 
   14.66 + *
   14.67 + * this function should always be the first one called on a new
   14.68 + * ut_connection
   14.69 + */
   14.70 +
   14.71 +void
   14.72 +ut_init(ut_connection *utc);
   14.73 +
   14.74 +/*
   14.75 + * ut_next_index(&u) returns the next index from the simulated
   14.76 + * unreliable connection
   14.77 + */
   14.78 +
   14.79 +uint32_t
   14.80 +ut_next_index(ut_connection *utc);
   14.81 +
   14.82 +
   14.83 +#endif /* UT_SIM_H */
    15.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
    15.2 +++ b/vapi/srtp.vapi	Wed Dec 25 20:32:47 2013 -0500
    15.3 @@ -0,0 +1,234 @@
    15.4 +/*
    15.5 + *  Vala API for Secure RTP 
    15.6 + *
    15.7 + *  LightMelody - Lightweight XMPP/Jingle Client Library
    15.8 + *  Copyright (C) 2012, 2013 Copyleft Games Group
    15.9 + *
   15.10 + *  This program is free software; you can redistribute it and/or modify
   15.11 + *  it under the terms of the GNU Affero General Public License as published
   15.12 + *  by the Free Software Foundation, either version 3 of the License, or
   15.13 + *  (at your option) any later version.
   15.14 + *
   15.15 + *  This program is distributed in the hope that it will be useful,
   15.16 + *  but WITHOUT ANY WARRANTY; without even the implied warranty of
   15.17 + *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
   15.18 + *  GNU Affero General Public License for more details.
   15.19 + *
   15.20 + *  You should have received a copy of the GNU Affero General Public License
   15.21 + *  along with this program; if not, see http://www.gnu.org/licenses
   15.22 + *
   15.23 + */
   15.24 +
   15.25 +[CCode (cheader_filename = "srtp/srtp.h,srtp/rtp.h")]
   15.26 +
   15.27 +namespace SRTP {
   15.28 +
   15.29 +    public const uint SRTCP_E_BIT;
   15.30 +    public const uint SRTCP_E_BYTE_BIT;
   15.31 +    public const uint SRTCP_INDEX_MASK;
   15.32 +    
   15.33 +    public struct CipherType : uint32 { }
   15.34 +    public struct AuthType   : uint32 { }
   15.35 +
   15.36 +    [CCode (cname="ekt_policy_t")]
   15.37 +    public struct EKTPolicy { }
   15.38 +
   15.39 +    [CCode (cname="ekt_stream_t")]
   15.40 +    public struct EKTStream { }
   15.41 +
   15.42 +    [CCode (cname="srtp_stream_t")]
   15.43 +    public struct Stream { }
   15.44 +
   15.45 +    [CCode (cname = "srtcp_hdr_t")]
   15.46 +    public struct SRTCPHeader { }
   15.47 +
   15.48 +    [CCode (cname="rtp_sender_t")]
   15.49 +    public struct Sender { }
   15.50 +
   15.51 +    [CCode (cname="rtp_receiver_t")]
   15.52 +    public struct Receiver { }
   15.53 +
   15.54 +    [CCode (cname="err_status_t", cprefix="err_status_")]
   15.55 +    public enum ErrStatus {
   15.56 +        ok = 0,
   15.57 +        fail,
   15.58 +        bad_param,
   15.59 +        alloc_fail,
   15.60 +        dealloc_fail,
   15.61 +        init_fail,
   15.62 +        terminus,
   15.63 +        auth_fail,
   15.64 +        cipher_fail,
   15.65 +        replay_fail,
   15.66 +        replay_old,
   15.67 +        algo_fail,
   15.68 +        no_such_op,
   15.69 +        no_ctx,
   15.70 +        cant_check,
   15.71 +        key_expired,
   15.72 +        socket_err,
   15.73 +        signal_err,
   15.74 +        nonce_bad,
   15.75 +        read_fail,
   15.76 +        write_fail,
   15.77 +        parse_err,
   15.78 +        encode_err,
   15.79 +        semaphore_err,
   15.80 +        pfkey_err
   15.81 +    }
   15.82 +
   15.83 +    [CCode (cname="srtp_profile_t", cprefix="srtp_profile_")]
   15.84 +    public enum Profile {
   15.85 +        reserved           = 0,
   15.86 +        aes128_cm_sha1_80  = 1,
   15.87 +        aes128_cm_sha1_32  = 2,
   15.88 +        aes256_cm_sha1_80  = 3,
   15.89 +        aes256_cm_sha1_32  = 4,
   15.90 +        null_sha1_80       = 5,
   15.91 +        null_sha1_32       = 6,
   15.92 +    }
   15.93 +
   15.94 +    [CCode (cname="srtp_profile_get_master_key_length")]
   15.95 +    public uint GetMasterKeyLength(Profile profile);
   15.96 +
   15.97 +    [CCode (cname="srtp_profile_get_master_salt_length")]
   15.98 +    public uint GetMasterSaltLength(Profile profile);
   15.99 +
  15.100 +    
  15.101 +    [CCode (cname="sec_serv_t", cprefix="sec_serv_")]
  15.102 +    public enum SecurityService {
  15.103 +        [CCode (cname="sec_serv_none")]
  15.104 +        None = 0,
  15.105 +        [CCode (cname="sec_serv_conf")]
  15.106 +        Conf = 1,
  15.107 +        [CCode (cname="sec_serv_auth")]
  15.108 +        Auth = 2,
  15.109 +        [CCode (cname="sec_serv_conf_and_auth")]
  15.110 +        ConfAndAuth = 3
  15.111 +    }
  15.112 +
  15.113 +    [CCode (cname="crypto_policy_t")]
  15.114 +    public struct CryptoPolicy {
  15.115 +        [CCode (cname="cipher_type")]
  15.116 +        CipherType      CipherType;
  15.117 +        [CCode (cname="cipher_key_len")]
  15.118 +        int             CipherKeyLen;
  15.119 +        [CCode (cname="auth_type")]
  15.120 +        AuthType        AuthType;
  15.121 +        [CCode (cname="auth_key_len")]
  15.122 +        int             AuthKeyLen;
  15.123 +        [CCode (cname="auth_tag_len")]
  15.124 +        int             AuthTagLen;
  15.125 +        [CCode (cname="sec_serv")]
  15.126 +        SecurityService SecurityServices;
  15.127 +
  15.128 +        [CCode (cname = "crypto_policy_set_rtp_default")]
  15.129 +        public void SetRTPDefault();
  15.130 +
  15.131 +        [CCode (cname = "crypto_policy_set_rtcp_default")]
  15.132 +        public void SetRTCPDefault();
  15.133 +
  15.134 +        [CCode (cname = "crypto_policy_set_aes_cm_128_hmac_sha1_80")]
  15.135 +        public void Set_AES_CM_128_HMAC_SHA1_80();
  15.136 +
  15.137 +        [CCode (cname = "crypto_policy_set_aes_cm_128_hmac_sha1_32")]
  15.138 +        public void Set_AES_CM_128_HMAC_SHA1_32(); 
  15.139 +
  15.140 +        [CCode (cname = "crypto_policy_set_aes_cm_128_null_auth")]
  15.141 +        public void Set_AES_CM_128_HMAC_null_Auth(); 
  15.142 +
  15.143 +        [CCode (cname = "crypto_policy_set_null_cipher_hmac_sha1_80")]
  15.144 +        public void Set_null_Cipher_HMAC_SHA1_80(); 
  15.145 +        
  15.146 +        [CCode (cname="crypto_policy_set_aes_cm_256_hmac_sha1_80")]
  15.147 +        public void Set_AES_CM_256_HMAC_SHA1_80();
  15.148 +
  15.149 +        [CCode (cname="crypto_policy_set_aes_cm_256_hmac_sha1_32")]
  15.150 +        public void Set_AES_CM_256_HMAC_SHA1_32();
  15.151 +
  15.152 +        [CCode (cname="crypto_policy_set_from_profile_for_rtp")]
  15.153 +        public ErrStatus SetRTPFromProfile(Profile profile);
  15.154 +
  15.155 +        [CCode (cname="crypto_policy_set_from_profile_for_rtcp")]
  15.156 +        public ErrStatus SetRTCPFromProfile(Profile profile);
  15.157 +    }
  15.158 +    
  15.159 +    [CCode (cname="ssrc_type_t", has_type_id=false)]
  15.160 +    public enum SSRCType {
  15.161 +        [CCode (cname = "ssrc_undefined")]
  15.162 +        Undefined = 0,
  15.163 +        [CCode (cname = "ssrc_specific")]
  15.164 +        Specific = 1,
  15.165 +        [CCode (cname = "ssrc_any_inbound")]
  15.166 +        AnyInbound = 2,
  15.167 +        [CCode (cname = "ssrc_any_outbound")]
  15.168 +        AnyOutbound = 3
  15.169 +    }
  15.170 +
  15.171 +    [CCode (cname="ssrc_t")]
  15.172 +    public struct SSRC {
  15.173 +        SSRCType     type;
  15.174 +        uint value;
  15.175 +    }
  15.176 +
  15.177 +    [CCode (cname="srtp_policy_t", destroy_function="")]
  15.178 +    public struct Policy {
  15.179 +        SSRC ssrc;
  15.180 +        CryptoPolicy rtp;
  15.181 +        CryptoPolicy rtcp;
  15.182 +        string key;
  15.183 +        EKTPolicy? ekt;
  15.184 +        ulong window_size;
  15.185 +        int allow_repeat_tx;
  15.186 +    }
  15.187 +
  15.188 +    // initalizes the srtp library; must be called before anything else
  15.189 +    [CCode (cname="srtp_init")]
  15.190 +    public ErrStatus init();
  15.191 +    // does cleanup for the srtp library; called after everything else
  15.192 +    [CCode (cname = "srtp_shutdown")]
  15.193 +    public ErrStatus shutdown();
  15.194 +
  15.195 +    [CCode (cname="srtp_ctx_t", cprefix="srtp_", destroy_function="srtp_dealloc")]
  15.196 +    public struct SRTP { 
  15.197 +        public ErrStatus protect(void* rtcp_hdr, ref int pkt_octet_len);
  15.198 +        public ErrStatus unprotect(void* rtcp_hdr, ref int pkt_octet_len);
  15.199 +
  15.200 +        public static ErrStatus create(out SRTP session, Policy policy);
  15.201 +        public ErrStatus add_stream(Policy policy);
  15.202 +        public ErrStatus remove_stream(uint ssrc);
  15.203 +
  15.204 +    }
  15.205 +
  15.206 +    [CCode (cname = "srtp_event_t")]
  15.207 +    public enum Event {
  15.208 +        [CCode (cname = "event_ssrc_collision")]
  15.209 +        SSRCCollision,
  15.210 +        [CCode (cname = "event_key_soft_limit")]
  15.211 +        KeySoftLimit,
  15.212 +        [CCode (cname = "event_key_hard_limit")]
  15.213 +        KeyHardLimit,
  15.214 +        [CCode (cname = "event_packet_index_limit")]
  15.215 +        PacketIndexLimit
  15.216 +    }
  15.217 +
  15.218 +
  15.219 +    [CCode (cname="srtp_event_data_t")]
  15.220 +    public class EventData {
  15.221 +        public SRTP session;
  15.222 +        public Stream stream;
  15.223 +        public Event event;
  15.224 +    }
  15.225 +
  15.226 +    
  15.227 +    [CCode (cname="srtp_event_handler_func_t", has_target=false)]
  15.228 +    public delegate void EventHandlerFunc(EventData data);
  15.229 +
  15.230 +    [CCode (cname="srtp_install_event_handler")]
  15.231 +    public ErrStatus InstallEventHandler(EventHandlerFunc func);
  15.232 +    
  15.233 +    [CCode (cname="append_salt_to_key")]
  15.234 +    public void AppendSaltToKey(out string key, uint bytes_in_key, 
  15.235 +                                    string salt, uint bytes_in_salt);
  15.236 +
  15.237 +}