diff --git a/fuzzer/fuzzer.c b/fuzzer/fuzzer.c index 65499fefd..0e1494572 100644 --- a/fuzzer/fuzzer.c +++ b/fuzzer/fuzzer.c @@ -185,16 +185,14 @@ void fuzz_free(void *ptr) static srtp_err_status_t fuzz_srtp_protect(srtp_t srtp_sender, void *hdr, size_t *len, - uint8_t use_mki, size_t mki) { - return srtp_protect(srtp_sender, hdr, len); + return srtp_protect(srtp_sender, hdr, len, mki); } static srtp_err_status_t fuzz_srtp_unprotect(srtp_t srtp_sender, void *hdr, size_t *len, - uint8_t use_mki, size_t mki) { return srtp_unprotect(srtp_sender, hdr, len); @@ -203,91 +201,34 @@ static srtp_err_status_t fuzz_srtp_unprotect(srtp_t srtp_sender, static srtp_err_status_t fuzz_srtp_protect_rtcp(srtp_t srtp_sender, void *hdr, size_t *len, - uint8_t use_mki, size_t mki) { - return srtp_protect_rtcp(srtp_sender, hdr, len); + return srtp_protect_rtcp(srtp_sender, hdr, len, mki); } static srtp_err_status_t fuzz_srtp_unprotect_rtcp(srtp_t srtp_sender, void *hdr, size_t *len, - uint8_t use_mki, size_t mki) { return srtp_unprotect_rtcp(srtp_sender, hdr, len); } -static srtp_err_status_t fuzz_srtp_protect_mki(srtp_t srtp_sender, - void *hdr, - size_t *len, - uint8_t use_mki, - size_t mki) -{ - return srtp_protect_mki(srtp_sender, hdr, len, use_mki, mki); -} - -static srtp_err_status_t fuzz_srtp_protect_rtcp_mki(srtp_t srtp_sender, - void *hdr, - size_t *len, - uint8_t use_mki, - size_t mki) -{ - return srtp_protect_rtcp_mki(srtp_sender, hdr, len, use_mki, mki); -} - -static srtp_err_status_t fuzz_srtp_unprotect_mki(srtp_t srtp_sender, - void *hdr, - size_t *len, - uint8_t use_mki, - size_t mki) -{ - return srtp_unprotect_mki(srtp_sender, hdr, len, use_mki); -} - -static srtp_err_status_t fuzz_srtp_unprotect_rtcp_mki(srtp_t srtp_sender, - void *hdr, - size_t *len, - uint8_t use_mki, - size_t mki) -{ - return srtp_unprotect_rtcp_mki(srtp_sender, hdr, len, use_mki); -} - /* Get protect length functions */ static srtp_err_status_t fuzz_srtp_get_protect_length(const srtp_t srtp_ctx, - uint8_t use_mki, size_t mki, size_t *length) { - return srtp_get_protect_trailer_length(srtp_ctx, 0, 0, length); + return srtp_get_protect_trailer_length(srtp_ctx, mki, length); } static srtp_err_status_t fuzz_srtp_get_protect_rtcp_length( const srtp_t srtp_ctx, - uint8_t use_mki, size_t mki, size_t *length) { - return srtp_get_protect_rtcp_trailer_length(srtp_ctx, 0, 0, length); -} - -static srtp_err_status_t fuzz_srtp_get_protect_mki_length(const srtp_t srtp_ctx, - uint8_t use_mki, - size_t mki, - size_t *length) -{ - return srtp_get_protect_trailer_length(srtp_ctx, use_mki, mki, length); -} - -static srtp_err_status_t fuzz_srtp_get_protect_rtcp_mki_length( - const srtp_t srtp_ctx, - uint8_t use_mki, - size_t mki, - size_t *length) -{ - return srtp_get_protect_rtcp_trailer_length(srtp_ctx, use_mki, mki, length); + return srtp_get_protect_rtcp_trailer_length(srtp_ctx, mki, length); } static uint8_t *extract_key(const uint8_t **data, @@ -338,7 +279,6 @@ static srtp_master_key_t *extract_master_key(const uint8_t **data, EXTRACT(ret->key, *data, *size, key_size); EXTRACT(ret->mki_id, *data, *size, mki_id_size); - ret->mki_size = mki_id_size; end: return ret; } @@ -611,21 +551,18 @@ static uint8_t *run_srtp_func(const srtp_t srtp_ctx, struct { uint16_t size; uint8_t srtp_func; - uint8_t use_mki; uint32_t mki; uint8_t stretch; } params_1; struct { uint8_t srtp_func; - uint8_t use_mki; uint32_t mki; } params_2; size_t ret_size; EXTRACT_IF(¶ms_1, *data, *size, sizeof(params_1)); params_1.srtp_func %= sizeof(srtp_funcs) / sizeof(srtp_funcs[0]); - params_1.use_mki %= 2; if (*size < params_1.size) { goto end; @@ -647,8 +584,7 @@ static uint8_t *run_srtp_func(const srtp_t srtp_ctx, size_t alloc_size; if (srtp_funcs[params_1.srtp_func].get_length( - srtp_ctx, params_1.use_mki, params_1.mki, &alloc_size) != - srtp_err_status_ok) { + srtp_ctx, params_1.mki, &alloc_size) != srtp_err_status_ok) { goto end; } @@ -660,8 +596,7 @@ static uint8_t *run_srtp_func(const srtp_t srtp_ctx, EXTRACT(copy, *data, *size, params_1.size); if (srtp_funcs[params_1.srtp_func].srtp_func( - srtp_ctx, copy, &ret_size, params_1.use_mki, params_1.mki) != - srtp_err_status_ok) { + srtp_ctx, copy, &ret_size, params_1.mki) != srtp_err_status_ok) { fuzz_free(copy); goto end; } @@ -673,7 +608,6 @@ static uint8_t *run_srtp_func(const srtp_t srtp_ctx, EXTRACT_IF(¶ms_2, *data, *size, sizeof(params_2)); params_2.srtp_func %= sizeof(srtp_funcs) / sizeof(srtp_funcs[0]); - params_2.use_mki %= 2; if (ret_size == 0) { goto end; @@ -685,8 +619,7 @@ static uint8_t *run_srtp_func(const srtp_t srtp_ctx, size_t alloc_size; if (srtp_funcs[params_2.srtp_func].get_length( - srtp_ctx, params_2.use_mki, params_2.mki, &alloc_size) != - srtp_err_status_ok) { + srtp_ctx, params_2.mki, &alloc_size) != srtp_err_status_ok) { goto end; } @@ -700,8 +633,7 @@ static uint8_t *run_srtp_func(const srtp_t srtp_ctx, copy = copy_2; if (srtp_funcs[params_2.srtp_func].srtp_func( - srtp_ctx, copy, &ret_size, params_2.use_mki, params_2.mki) != - srtp_err_status_ok) { + srtp_ctx, copy, &ret_size, params_2.mki) != srtp_err_status_ok) { fuzz_free(copy); ret = NULL; goto end; diff --git a/fuzzer/fuzzer.h b/fuzzer/fuzzer.h index 4059ab1cd..c8858b273 100644 --- a/fuzzer/fuzzer.h +++ b/fuzzer/fuzzer.h @@ -23,11 +23,9 @@ #error "Cannot detect word size" #endif -typedef srtp_err_status_t ( - *fuzz_srtp_func)(srtp_t, void *, size_t *, uint8_t, size_t); +typedef srtp_err_status_t (*fuzz_srtp_func)(srtp_t, void *, size_t *, size_t); typedef void (*fuzz_srtp_crypto_policy_func)(srtp_crypto_policy_t *); typedef srtp_err_status_t (*fuzz_srtp_get_length_func)(const srtp_t, - uint8_t, size_t, size_t *); @@ -45,60 +43,25 @@ struct fuzz_srtp_params { static srtp_err_status_t fuzz_srtp_protect(srtp_t srtp_sender, void *hdr, size_t *len, - uint8_t use_mki, size_t mki); static srtp_err_status_t fuzz_srtp_unprotect(srtp_t srtp_sender, void *hdr, size_t *len, - uint8_t use_mki, size_t mki); static srtp_err_status_t fuzz_srtp_protect_rtcp(srtp_t srtp_sender, void *hdr, size_t *len, - uint8_t use_mki, size_t mki); static srtp_err_status_t fuzz_srtp_unprotect_rtcp(srtp_t srtp_sender, void *hdr, size_t *len, - uint8_t use_mki, size_t mki); -static srtp_err_status_t fuzz_srtp_protect_mki(srtp_t srtp_sender, - void *hdr, - size_t *len, - uint8_t use_mki, - size_t mki); -static srtp_err_status_t fuzz_srtp_protect_rtcp_mki(srtp_t srtp_sender, - void *hdr, - size_t *len, - uint8_t use_mki, - size_t mki); -static srtp_err_status_t fuzz_srtp_unprotect_mki(srtp_t srtp_sender, - void *hdr, - size_t *len, - uint8_t use_mki, - size_t mki); -static srtp_err_status_t fuzz_srtp_unprotect_rtcp_mki(srtp_t srtp_sender, - void *hdr, - size_t *len, - uint8_t use_mki, - size_t mki); static srtp_err_status_t fuzz_srtp_get_protect_length(const srtp_t srtp_ctx, - uint8_t use_mki, size_t mki, size_t *length); -static srtp_err_status_t fuzz_srtp_get_protect_mki_length(const srtp_t srtp_ctx, - uint8_t use_mki, - size_t mki, - size_t *length); static srtp_err_status_t fuzz_srtp_get_protect_rtcp_length( const srtp_t srtp_ctx, - uint8_t use_mki, - size_t mki, - size_t *length); -static srtp_err_status_t fuzz_srtp_get_protect_rtcp_mki_length( - const srtp_t srtp_ctx, - uint8_t use_mki, size_t mki, size_t *length); @@ -112,11 +75,7 @@ const struct fuzz_srtp_func_ext srtp_funcs[] = { { fuzz_srtp_protect, true, fuzz_srtp_get_protect_length }, { fuzz_srtp_unprotect, false, NULL }, { fuzz_srtp_protect_rtcp, true, fuzz_srtp_get_protect_rtcp_length }, - { fuzz_srtp_unprotect_rtcp, false, NULL }, - { fuzz_srtp_protect_mki, true, fuzz_srtp_get_protect_mki_length }, - { fuzz_srtp_unprotect_mki, false, NULL }, - { fuzz_srtp_protect_rtcp_mki, true, fuzz_srtp_get_protect_rtcp_mki_length }, - { fuzz_srtp_unprotect_rtcp_mki, false, NULL } + { fuzz_srtp_unprotect_rtcp, false, NULL } }; struct fuzz_srtp_crypto_policy_func_ext { diff --git a/include/srtp.h b/include/srtp.h index 8d512358e..d013c5a03 100644 --- a/include/srtp.h +++ b/include/srtp.h @@ -292,13 +292,11 @@ typedef struct { /** * @brief srtp_master_key_t represents a master key. There will * be a Master Key Index and the Master Key associated with the - * Master Key Index. Need to also keep track of the Master Key - * Index Size to correctly read it from a packet. + * Master Key Index. */ typedef struct srtp_master_key_t { uint8_t *key; uint8_t *mki_id; - size_t mki_size; } srtp_master_key_t; /** @@ -338,6 +336,8 @@ typedef struct srtp_policy_t { /**< this stream. */ srtp_master_key_t **keys; /** Array of Master Key structures */ size_t num_master_keys; /** Number of master keys */ + bool use_mki; /** Whether MKI is in use */ + size_t mki_size; /** Size of MKI when in use */ size_t window_size; /**< The window size to use for replay */ /**< protection. */ bool allow_repeat_tx; /**< Whether retransmissions of */ @@ -417,66 +417,18 @@ srtp_err_status_t srtp_shutdown(void); * complete SRTP packet after the call, if srtp_err_status_ok was returned. * Otherwise, the value of the data to which it points is undefined. * - * @return - * - srtp_err_status_ok no problems - * - srtp_err_status_replay_fail rtp sequence number was non-increasing - * - @e other failure in cryptographic mechanisms - */ -srtp_err_status_t srtp_protect(srtp_t ctx, uint8_t *rtp_hdr, size_t *len_ptr); - -/** - * @brief srtp_protect_mki() is the Secure RTP sender-side packet processing - * function that can utilize MKI. - * - * The function call srtp_protect(ctx, rtp_hdr, len_ptr) applies SRTP - * protection to the RTP packet rtp_hdr (which has length *len_ptr) using - * the SRTP context ctx. If srtp_err_status_ok is returned, then rtp_hdr - * points to the resulting SRTP packet and *len_ptr is the number of - * octets in that packet; otherwise, no assumptions should be made - * about the value of either data elements. - * - * The sequence numbers of the RTP packets presented to this function - * need not be consecutive, but they @b must be out of order by less - * than 2^15 = 32,768 packets. - * - * @warning This function assumes that it can write the authentication - * tag into the location in memory immediately following the RTP - * packet, and assumes that the RTP packet is aligned on a 32-bit - * boundary. - * - * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN - * into the location in memory immediately following the RTP packet. - * Callers MUST ensure that this much writable memory is available in - * the buffer that holds the RTP packet. - * - * @param ctx is the SRTP context to use in processing the packet. - * - * @param rtp_hdr is a pointer to the RTP packet (before the call); after - * the function returns, it points to the srtp packet. - * - * @param pkt_octet_len is a pointer to the length in octets of the complete - * RTP packet (header and body) before the function call, and of the - * complete SRTP packet after the call, if srtp_err_status_ok was returned. - * Otherwise, the value of the data to which it points is undefined. - * - * @param use_mki is a boolean to tell the system if mki is being used. If - * set to false then will use the first set of session keys. If set to true - * will - * use the session keys identified by the mki_index - * * @param mki_index integer value specifying which set of session keys should be - * used if use_mki is set to true. + * used if use_mki in the policy was set to true. Otherwise ignored. * * @return * - srtp_err_status_ok no problems * - srtp_err_status_replay_fail rtp sequence number was non-increasing * - @e other failure in cryptographic mechanisms */ -srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, - uint8_t *rtp_hdr, - size_t *pkt_octet_len, - bool use_mki, - size_t mki_index); +srtp_err_status_t srtp_protect(srtp_ctx_t *ctx, + uint8_t *rtp_hdr, + size_t *pkt_octet_len, + size_t mki_index); /** * @brief srtp_unprotect() is the Secure RTP receiver-side packet @@ -515,6 +467,7 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, * authentication check. * - srtp_err_status_replay_fail if the SRTP packet is a replay (e.g. packet * has already been processed and accepted). + * - srtp_err_status_bad_mki if the MKI in the packet is not a known MKI id * - [other] if there has been an error in the cryptographic mechanisms. * */ @@ -522,57 +475,6 @@ srtp_err_status_t srtp_unprotect(srtp_t ctx, uint8_t *srtp_hdr, size_t *len_ptr); -/** - * @brief srtp_unprotect_mki() is the Secure RTP receiver-side packet - * processing function that checks for MKI. - * - * The function call srtp_unprotect(ctx, srtp_hdr, len_ptr) verifies - * the Secure RTP protection of the SRTP packet pointed to by srtp_hdr - * (which has length *len_ptr), using the SRTP context ctx. If - * srtp_err_status_ok is returned, then srtp_hdr points to the resulting - * RTP packet and *len_ptr is the number of octets in that packet; - * otherwise, no assumptions should be made about the value of either - * data elements. - * - * The sequence numbers of the RTP packets presented to this function - * need not be consecutive, but they @b must be out of order by less - * than 2^15 = 32,768 packets. - * - * @warning This function assumes that the SRTP packet is aligned on a - * 32-bit boundary. - * - * @param ctx is the SRTP session which applies to the particular packet. - * - * @param srtp_hdr is a pointer to the header of the SRTP packet - * (before the call). after the function returns, it points to the - * rtp packet if srtp_err_status_ok was returned; otherwise, the value of - * the data to which it points is undefined. - * - * @param len_ptr is a pointer to the length in octets of the complete - * srtp packet (header and body) before the function call, and of the - * complete rtp packet after the call, if srtp_err_status_ok was returned. - * Otherwise, the value of the data to which it points is undefined. - * - * @param use_mki is a boolean to tell the system if mki is being used. If - * set to false then will use the first set of session keys. If set to true - * will - * use the session keys identified by the mki_index - * - * @return - * - srtp_err_status_ok if the RTP packet is valid. - * - srtp_err_status_auth_fail if the SRTP packet failed the message - * authentication check. - * - srtp_err_status_replay_fail if the SRTP packet is a replay (e.g. packet - * has already been processed and accepted). - * - srtp_err_status_bad_mki if the MKI in the packet is not a known MKI id - * - [other] if there has been an error in the cryptographic mechanisms. - * - */ -srtp_err_status_t srtp_unprotect_mki(srtp_t ctx, - uint8_t *srtp_hdr, - size_t *len_ptr, - bool use_mki); - /** * @brief srtp_create() allocates and initializes an SRTP session. @@ -1236,65 +1138,18 @@ void srtp_append_salt_to_key(uint8_t *key, * was returned. Otherwise, the value of the data to which it points * is undefined. * - * @return - * - srtp_err_status_ok if there were no problems. - * - [other] if there was a failure in - * the cryptographic mechanisms. - */ -srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, - uint8_t *rtcp_hdr, - size_t *pkt_octet_len); - -/** - * @brief srtp_protect_rtcp_mki() is the Secure RTCP sender-side packet - * processing function that can utilize mki. - * - * The function call srtp_protect_rtcp(ctx, rtp_hdr, len_ptr) applies - * SRTCP protection to the RTCP packet rtcp_hdr (which has length - * *len_ptr) using the SRTP session context ctx. If srtp_err_status_ok is - * returned, then rtp_hdr points to the resulting SRTCP packet and - * *len_ptr is the number of octets in that packet; otherwise, no - * assumptions should be made about the value of either data elements. - * - * @warning This function assumes that it can write the authentication - * tag into the location in memory immediately following the RTCP - * packet, and assumes that the RTCP packet is aligned on a 32-bit - * boundary. - * - * @warning This function assumes that it can write SRTP_MAX_SRTCP_TRAILER_LEN - * into the location in memory immediately following the RTCP packet. - * Callers MUST ensure that this much writable memory is available in - * the buffer that holds the RTCP packet. - * - * @param ctx is the SRTP context to use in processing the packet. - * - * @param rtcp_hdr is a pointer to the RTCP packet (before the call); after - * the function returns, it points to the srtp packet. - * - * @param pkt_octet_len is a pointer to the length in octets of the - * complete RTCP packet (header and body) before the function call, - * and of the complete SRTCP packet after the call, if srtp_err_status_ok - * was returned. Otherwise, the value of the data to which it points - * is undefined. - * - * @param use_mki is a boolean to tell the system if mki is being used. If - * set to false then will use the first set of session keys. If set to true - * will - * use the session keys identified by the mki_index - * * @param mki_index integer value specifying which set of session keys should be - * used if use_mki is set to true. + * used if use_mki was set to true. Otherwise ignored. * * @return * - srtp_err_status_ok if there were no problems. * - [other] if there was a failure in * the cryptographic mechanisms. */ -srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, - uint8_t *rtcp_hdr, - size_t *pkt_octet_len, - bool use_mki, - size_t mki_index); +srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, + uint8_t *rtcp_hdr, + size_t *pkt_octet_len, + size_t mki_index); /** * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet @@ -1331,6 +1186,8 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, * authentication check. * - srtp_err_status_replay_fail if the SRTCP packet is a replay (e.g. has * already been processed and accepted). + * - srtp_err_status_bad_mki if the MKI in the packet is not a known MKI + * id * - [other] if there has been an error in the cryptographic mechanisms. * */ @@ -1338,56 +1195,6 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, uint8_t *srtcp_hdr, size_t *pkt_octet_len); -/** - * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet - * processing function. - * - * The function call srtp_unprotect_rtcp(ctx, srtp_hdr, len_ptr) - * verifies the Secure RTCP protection of the SRTCP packet pointed to - * by srtcp_hdr (which has length *len_ptr), using the SRTP session - * context ctx. If srtp_err_status_ok is returned, then srtcp_hdr points - * to the resulting RTCP packet and *len_ptr is the number of octets - * in that packet; otherwise, no assumptions should be made about the - * value of either data elements. - * - * @warning This function assumes that the SRTCP packet is aligned on a - * 32-bit boundary. - * - * @param ctx is a pointer to the srtp_t which applies to the - * particular packet. - * - * @param srtcp_hdr is a pointer to the header of the SRTCP packet - * (before the call). After the function returns, it points to the - * rtp packet if srtp_err_status_ok was returned; otherwise, the value of - * the data to which it points is undefined. - * - * @param pkt_octet_len is a pointer to the length in octets of the - * complete SRTCP packet (header and body) before the function call, - * and of the complete rtp packet after the call, if srtp_err_status_ok was - * returned. Otherwise, the value of the data to which it points is - * undefined. - * - * @param use_mki is a boolean to tell the system if mki is being used. If - * set to false then will use the first set of session keys. If set to true - * will use the session keys identified by the mki_index - * - * @return - * - srtp_err_status_ok if the RTCP packet is valid. - * - srtp_err_status_auth_fail if the SRTCP packet failed the message - * authentication check. - * - srtp_err_status_replay_fail if the SRTCP packet is a replay (e.g. has - * already been processed and accepted). - * - srtp_err_status_bad_mki if the MKI in the packet is not a known MKI - * id - * - [other] if there has been an error in the - * cryptographic mechanisms. - * - */ -srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, - uint8_t *srtcp_hdr, - size_t *pkt_octet_len, - bool use_mki); - /** * @} */ @@ -1613,7 +1420,6 @@ srtp_err_status_t srtp_install_log_handler(srtp_log_handler_func_t func, * */ srtp_err_status_t srtp_get_protect_trailer_length(srtp_t session, - bool use_mki, size_t mki_index, size_t *length); @@ -1630,7 +1436,6 @@ srtp_err_status_t srtp_get_protect_trailer_length(srtp_t session, * */ srtp_err_status_t srtp_get_protect_rtcp_trailer_length(srtp_t session, - bool use_mki, size_t mki_index, size_t *length); diff --git a/include/srtp_priv.h b/include/srtp_priv.h index 8fa4b08c3..f1184b104 100644 --- a/include/srtp_priv.h +++ b/include/srtp_priv.h @@ -78,25 +78,6 @@ typedef struct srtp_stream_list_ctx_t_ *srtp_stream_list_t; */ srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc); -/* - * srtp_stream_init_keys(s, k) (re)initializes the srtp_stream_t s by - * deriving all of the needed keys using the KDF and the key k. - */ -srtp_err_status_t srtp_stream_init_keys(srtp_stream_ctx_t *srtp, - srtp_master_key_t *master_key, - const size_t current_mki_index); - -/* - * srtp_stream_init_all_master_keys(s, k, m) (re)initializes the srtp_stream_t s - * by deriving all of the needed keys for all the master keys using the KDF and - * the keys from k. - */ -srtp_err_status_t srtp_stream_init_all_master_keys( - srtp_stream_ctx_t *srtp, - uint8_t *key, - srtp_master_key_t **keys, - const size_t max_master_keys); - /* * libsrtp internal datatypes */ @@ -120,7 +101,6 @@ typedef struct srtp_session_keys_t { uint8_t salt[SRTP_AEAD_SALT_LEN]; uint8_t c_salt[SRTP_AEAD_SALT_LEN]; uint8_t *mki_id; - size_t mki_size; srtp_key_limit_ctx_t *limit; } srtp_session_keys_t; @@ -135,6 +115,8 @@ typedef struct srtp_stream_ctx_t_ { uint32_t ssrc; srtp_session_keys_t *session_keys; size_t num_master_keys; + bool use_mki; + size_t mki_size; srtp_rdbx_t rtp_rdbx; srtp_sec_serv_t rtp_services; srtp_rdb_t rtcp_rdb; diff --git a/srtp.def b/srtp.def index ceedb3028..7c4d83812 100644 --- a/srtp.def +++ b/srtp.def @@ -2,9 +2,7 @@ EXPORTS srtp_init srtp_shutdown srtp_protect -srtp_protect_mki srtp_unprotect -srtp_unprotect_mki srtp_create srtp_stream_add srtp_stream_remove @@ -34,9 +32,7 @@ srtp_append_salt_to_key srtp_get_protect_trailer_length srtp_get_protect_rtcp_trailer_length srtp_protect_rtcp -srtp_protect_rtcp_mki srtp_unprotect_rtcp -srtp_unprotect_rtcp_mki srtp_stream_set_roc srtp_set_user_data srtp_stream_get_roc diff --git a/srtp/srtp.c b/srtp/srtp.c index e4d004b88..004a074cf 100644 --- a/srtp/srtp.c +++ b/srtp/srtp.c @@ -275,7 +275,7 @@ static srtp_err_status_t srtp_stream_dealloc( if (session_keys->mki_id) { octet_string_set_to_zero(session_keys->mki_id, - session_keys->mki_size); + stream->mki_size); srtp_crypto_free(session_keys->mki_id); session_keys->mki_id = NULL; } @@ -368,14 +368,26 @@ static srtp_err_status_t srtp_valid_policy(const srtp_policy_t *policy) return srtp_err_status_bad_param; } + if (policy->use_mki) { + if (policy->mki_size == 0 || policy->mki_size > SRTP_MAX_MKI_LEN) { + return srtp_err_status_bad_param; + } + } else if (policy->mki_size != 0) { + return srtp_err_status_bad_param; + } + for (size_t i = 0; i < policy->num_master_keys; i++) { if (policy->keys[i]->key == NULL) { return srtp_err_status_bad_param; } - if (policy->keys[i]->mki_size > SRTP_MAX_MKI_LEN) { + if (policy->use_mki && policy->keys[i]->mki_id == NULL) { return srtp_err_status_bad_param; } } + } else { + if (policy->use_mki || policy->mki_size != 0) { + return srtp_err_status_bad_param; + } } return srtp_err_status_ok; @@ -587,13 +599,11 @@ static srtp_err_status_t srtp_stream_clone( template_session_keys->rtp_xtn_hdr_cipher; session_keys->rtcp_cipher = template_session_keys->rtcp_cipher; session_keys->rtcp_auth = template_session_keys->rtcp_auth; - session_keys->mki_size = template_session_keys->mki_size; - if (template_session_keys->mki_size == 0) { + if (stream_template->mki_size == 0) { session_keys->mki_id = NULL; } else { - session_keys->mki_id = - srtp_crypto_alloc(template_session_keys->mki_size); + session_keys->mki_id = srtp_crypto_alloc(stream_template->mki_size); if (session_keys->mki_id == NULL) { srtp_stream_dealloc(*str_ptr, stream_template); @@ -601,7 +611,7 @@ static srtp_err_status_t srtp_stream_clone( return srtp_err_status_init_fail; } memcpy(session_keys->mki_id, template_session_keys->mki_id, - session_keys->mki_size); + stream_template->mki_size); } /* Copy the salt values */ memcpy(session_keys->salt, template_session_keys->salt, @@ -619,6 +629,9 @@ static srtp_err_status_t srtp_stream_clone( } } + str->use_mki = stream_template->use_mki; + str->mki_size = stream_template->mki_size; + /* initialize replay databases */ status = srtp_rdbx_init( &str->rtp_rdbx, srtp_rdbx_get_window_size(&stream_template->rtp_rdbx)); @@ -894,72 +907,35 @@ static inline size_t full_key_length(const srtp_cipher_type_t *cipher) } } -srtp_session_keys_t *srtp_get_session_keys_with_mki_index( - srtp_stream_ctx_t *stream, - bool use_mki, - size_t mki_index) +srtp_err_status_t srtp_get_session_keys(srtp_stream_ctx_t *stream, + size_t mki_index, + srtp_session_keys_t **session_keys) { - if (use_mki) { + if (stream->use_mki) { if (mki_index >= stream->num_master_keys) { - return NULL; - } - return &stream->session_keys[mki_index]; - } - - return &stream->session_keys[0]; -} - -size_t srtp_inject_mki(uint8_t *mki_tag_location, - srtp_session_keys_t *session_keys, - bool use_mki) -{ - size_t mki_size = 0; - - if (use_mki) { - mki_size = session_keys->mki_size; - - if (mki_size != 0) { - // Write MKI into memory - memcpy(mki_tag_location, session_keys->mki_id, mki_size); + return srtp_err_status_bad_mki; } + *session_keys = &stream->session_keys[mki_index]; + return srtp_err_status_ok; } - return mki_size; + *session_keys = &stream->session_keys[0]; + return srtp_err_status_ok; } -srtp_err_status_t srtp_stream_init_all_master_keys(srtp_stream_ctx_t *srtp, - uint8_t *key, - srtp_master_key_t **keys, - const size_t max_master_keys) +void srtp_inject_mki(uint8_t *mki_tag_location, + const srtp_session_keys_t *session_keys, + size_t mki_size) { - srtp_err_status_t status = srtp_err_status_ok; - srtp_master_key_t single_master_key; - - if (key != NULL) { - srtp->num_master_keys = 1; - single_master_key.key = key; - single_master_key.mki_id = NULL; - single_master_key.mki_size = 0; - status = srtp_stream_init_keys(srtp, &single_master_key, 0); - } else { - srtp->num_master_keys = max_master_keys; - - for (size_t i = 0; - i < srtp->num_master_keys && i < SRTP_MAX_NUM_MASTER_KEYS; i++) { - status = srtp_stream_init_keys(srtp, keys[i], i); - - if (status) { - return status; - } - } + if (mki_size > 0) { + // Write MKI into memory + memcpy(mki_tag_location, session_keys->mki_id, mki_size); } - - return status; } -srtp_err_status_t srtp_stream_init_keys(srtp_stream_ctx_t *srtp, - srtp_master_key_t *master_key, - const size_t current_mki_index) +srtp_err_status_t srtp_stream_init_keys(srtp_session_keys_t *session_keys, + const srtp_master_key_t *master_key, + size_t mki_size) { srtp_err_status_t stat; srtp_kdf_t kdf; @@ -968,31 +944,29 @@ srtp_err_status_t srtp_stream_init_keys(srtp_stream_ctx_t *srtp, size_t kdf_keylen = 30, rtp_keylen, rtcp_keylen; size_t rtp_base_key_len, rtp_salt_len; size_t rtcp_base_key_len, rtcp_salt_len; - srtp_session_keys_t *session_keys = NULL; - uint8_t *key = master_key->key; /* If RTP or RTCP have a key length > AES-128, assume matching kdf. */ /* TODO: kdf algorithm, master key length, and master salt length should * be part of srtp_policy_t. */ - session_keys = &srtp->session_keys[current_mki_index]; /* initialize key limit to maximum value */ srtp_key_limit_set(session_keys->limit, 0xffffffffffffLL); - if (master_key->mki_size != 0) { - session_keys->mki_id = srtp_crypto_alloc(master_key->mki_size); + if (mki_size != 0) { + if (master_key->mki_id == NULL) { + return srtp_err_status_bad_param; + } + session_keys->mki_id = srtp_crypto_alloc(mki_size); if (session_keys->mki_id == NULL) { return srtp_err_status_init_fail; } - memcpy(session_keys->mki_id, master_key->mki_id, master_key->mki_size); + memcpy(session_keys->mki_id, master_key->mki_id, mki_size); } else { session_keys->mki_id = NULL; } - session_keys->mki_size = master_key->mki_size; - input_keylen = full_key_length(session_keys->rtp_cipher->type); input_keylen_rtcp = full_key_length(session_keys->rtcp_cipher->type); if (input_keylen_rtcp > input_keylen) { @@ -1040,14 +1014,13 @@ srtp_err_status_t srtp_stream_init_keys(srtp_stream_ctx_t *srtp, * the legacy CTR mode KDF, which uses a 112 bit master SALT. */ memset(tmp_key, 0x0, MAX_SRTP_KEY_LEN); - memcpy(tmp_key, key, input_keylen); + memcpy(tmp_key, master_key->key, input_keylen); /* initialize KDF state */ #if defined(OPENSSL) && defined(OPENSSL_KDF) - stat = srtp_kdf_init(&kdf, (const uint8_t *)tmp_key, rtp_base_key_len, - rtp_salt_len); + stat = srtp_kdf_init(&kdf, tmp_key, rtp_base_key_len, rtp_salt_len); #else - stat = srtp_kdf_init(&kdf, (const uint8_t *)tmp_key, kdf_keylen); + stat = srtp_kdf_init(&kdf, tmp_key, kdf_keylen); #endif if (stat) { /* zeroize temp buffer */ @@ -1137,18 +1110,17 @@ srtp_err_status_t srtp_stream_init_keys(srtp_stream_ctx_t *srtp, } } memset(tmp_xtn_hdr_key, 0x0, MAX_SRTP_KEY_LEN); - memcpy(tmp_xtn_hdr_key, key, + memcpy(tmp_xtn_hdr_key, master_key->key, (rtp_xtn_hdr_base_key_len + rtp_xtn_hdr_salt_len)); xtn_hdr_kdf = &tmp_kdf; /* initialize KDF state */ #if defined(OPENSSL) && defined(OPENSSL_KDF) stat = - srtp_kdf_init(xtn_hdr_kdf, (const uint8_t *)tmp_xtn_hdr_key, + srtp_kdf_init(xtn_hdr_kdf, tmp_xtn_hdr_key, rtp_xtn_hdr_base_key_len, rtp_xtn_hdr_salt_len); #else - stat = srtp_kdf_init(xtn_hdr_kdf, (const uint8_t *)tmp_xtn_hdr_key, - kdf_keylen); + stat = srtp_kdf_init(xtn_hdr_kdf, tmp_xtn_hdr_key, kdf_keylen); #endif octet_string_set_to_zero(tmp_xtn_hdr_key, MAX_SRTP_KEY_LEN); if (stat) { @@ -1323,6 +1295,46 @@ srtp_err_status_t srtp_stream_init_keys(srtp_stream_ctx_t *srtp, return srtp_err_status_ok; } +srtp_err_status_t srtp_stream_init_all_master_keys(srtp_stream_ctx_t *srtp, + const srtp_policy_t *p) +{ + srtp_err_status_t status = srtp_err_status_ok; + if (p->key != NULL) { + if (p->use_mki) { + return srtp_err_status_bad_param; + } + srtp_master_key_t single_master_key; + srtp->num_master_keys = 1; + srtp->use_mki = false; + srtp->mki_size = 0; + single_master_key.key = p->key; + single_master_key.mki_id = NULL; + status = srtp_stream_init_keys(&srtp->session_keys[0], + &single_master_key, 0); + } else { + if (p->num_master_keys > SRTP_MAX_NUM_MASTER_KEYS) { + return srtp_err_status_bad_param; + } + if (p->use_mki && p->mki_size == 0) { + return srtp_err_status_bad_param; + } + + srtp->num_master_keys = p->num_master_keys; + srtp->use_mki = p->use_mki; + srtp->mki_size = p->mki_size; + + for (size_t i = 0; i < srtp->num_master_keys; i++) { + status = srtp_stream_init_keys(&srtp->session_keys[i], p->keys[i], + srtp->mki_size); + if (status) { + return status; + } + } + } + + return status; +} + static srtp_err_status_t srtp_stream_init(srtp_stream_ctx_t *srtp, const srtp_policy_t *p) { @@ -1382,8 +1394,7 @@ static srtp_err_status_t srtp_stream_init(srtp_stream_ctx_t *srtp, /* DAM - no RTCP key limit at present */ /* initialize keys */ - err = srtp_stream_init_all_master_keys(srtp, p->key, p->keys, - p->num_master_keys); + err = srtp_stream_init_all_master_keys(srtp, p); if (err) { srtp_rdbx_dealloc(&srtp->rtp_rdbx); return err; @@ -1634,13 +1645,20 @@ static void srtp_calc_aead_iv(srtp_session_keys_t *session_keys, v128_xor(iv, &in, &salt); } -srtp_session_keys_t *srtp_get_session_keys(srtp_stream_ctx_t *stream, - const uint8_t *hdr, - size_t pkt_octet_len, - size_t *mki_size) +srtp_err_status_t srtp_get_session_keys_for_packet( + srtp_stream_ctx_t *stream, + const uint8_t *hdr, + size_t pkt_octet_len, + size_t *mki_size, + srtp_session_keys_t **session_keys) { - size_t base_mki_start_location = pkt_octet_len; - size_t mki_start_location = 0; + if (!stream->use_mki) { + *mki_size = 0; + *session_keys = &stream->session_keys[0]; + return srtp_err_status_ok; + } + + size_t mki_start_location = pkt_octet_len; size_t tag_len = 0; // Determine the authentication tag size @@ -1651,28 +1669,30 @@ srtp_session_keys_t *srtp_get_session_keys(srtp_stream_ctx_t *stream, tag_len = srtp_auth_get_tag_length(stream->session_keys[0].rtp_auth); } - if (tag_len > base_mki_start_location) { + if (tag_len > mki_start_location) { *mki_size = 0; - return NULL; + return srtp_err_status_bad_mki; } - base_mki_start_location -= tag_len; + mki_start_location -= tag_len; + + if (stream->mki_size > mki_start_location) { + return srtp_err_status_bad_mki; + } + + mki_start_location -= stream->mki_size; for (size_t i = 0; i < stream->num_master_keys; i++) { - if (stream->session_keys[i].mki_size != 0 && - stream->session_keys[i].mki_size <= base_mki_start_location) { - *mki_size = stream->session_keys[i].mki_size; - mki_start_location = base_mki_start_location - *mki_size; - - if (memcmp(hdr + mki_start_location, stream->session_keys[i].mki_id, - *mki_size) == 0) { - return &stream->session_keys[i]; - } + if (memcmp(hdr + mki_start_location, stream->session_keys[i].mki_id, + stream->mki_size) == 0) { + *mki_size = stream->mki_size; + *session_keys = &stream->session_keys[i]; + return srtp_err_status_ok; } } *mki_size = 0; - return NULL; + return srtp_err_status_bad_mki; } static srtp_err_status_t srtp_estimate_index(srtp_rdbx_t *rdbx, @@ -1729,8 +1749,7 @@ static srtp_err_status_t srtp_protect_aead(srtp_ctx_t *ctx, srtp_stream_ctx_t *stream, uint8_t *rtp_hdr, size_t *pkt_octet_len, - srtp_session_keys_t *session_keys, - bool use_mki) + srtp_session_keys_t *session_keys) { srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr; uint8_t *enc_start; /* pointer to start of encrypted portion */ @@ -1743,7 +1762,6 @@ static srtp_err_status_t srtp_protect_aead(srtp_ctx_t *ctx, size_t aad_len; srtp_hdr_xtnd_t *xtn_hdr = NULL; size_t mki_size = 0; - uint8_t *mki_location = NULL; debug_print0(mod_srtp, "function srtp_protect_aead"); @@ -1867,8 +1885,11 @@ static srtp_err_status_t srtp_protect_aead(srtp_ctx_t *ctx, return (srtp_err_status_cipher_fail); } - mki_location = rtp_hdr + *pkt_octet_len + tag_len; - mki_size = srtp_inject_mki(mki_location, session_keys, use_mki); + if (stream->use_mki) { + uint8_t *mki_location = rtp_hdr + *pkt_octet_len + tag_len; + srtp_inject_mki(mki_location, session_keys, stream->mki_size); + mki_size = stream->mki_size; + } /* increase the packet length by the length of the auth tag */ *pkt_octet_len += tag_len; @@ -2078,16 +2099,8 @@ static srtp_err_status_t srtp_unprotect_aead(srtp_ctx_t *ctx, srtp_err_status_t srtp_protect(srtp_ctx_t *ctx, uint8_t *rtp_hdr, - size_t *pkt_octet_len) -{ - return srtp_protect_mki(ctx, rtp_hdr, pkt_octet_len, false, 0); -} - -srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, - uint8_t *rtp_hdr, - size_t *pkt_octet_len, - bool use_mki, - size_t mki_index) + size_t *pkt_octet_len, + size_t mki_index) { srtp_hdr_t *hdr = (srtp_hdr_t *)rtp_hdr; uint8_t *enc_start; /* pointer to start of encrypted portion */ @@ -2103,7 +2116,6 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, srtp_hdr_xtnd_t *xtn_hdr = NULL; size_t mki_size = 0; srtp_session_keys_t *session_keys = NULL; - uint8_t *mki_location = NULL; debug_print0(mod_srtp, "function srtp_protect"); @@ -2170,11 +2182,9 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, } } - session_keys = - srtp_get_session_keys_with_mki_index(stream, use_mki, mki_index); - - if (session_keys == NULL) { - return srtp_err_status_bad_mki; + status = srtp_get_session_keys(stream, mki_index, &session_keys); + if (status) { + return status; } /* @@ -2184,7 +2194,7 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { return srtp_protect_aead(ctx, stream, rtp_hdr, pkt_octet_len, - session_keys, use_mki); + session_keys); } /* @@ -2232,8 +2242,11 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, enc_start = NULL; } - mki_location = rtp_hdr + *pkt_octet_len; - mki_size = srtp_inject_mki(mki_location, session_keys, use_mki); + if (stream->use_mki) { + uint8_t *mki_location = rtp_hdr + *pkt_octet_len; + srtp_inject_mki(mki_location, session_keys, stream->mki_size); + mki_size = stream->mki_size; + } /* * if we're providing authentication, set the auth_start and auth_tag @@ -2382,10 +2395,8 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, *pkt_octet_len += tag_len; } - if (use_mki) { - /* increate the packet length by the mki size */ - *pkt_octet_len += mki_size; - } + /* increate the packet length by the mki size if used */ + *pkt_octet_len += mki_size; return srtp_err_status_ok; } @@ -2393,14 +2404,6 @@ srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx, uint8_t *srtp_hdr, size_t *pkt_octet_len) -{ - return srtp_unprotect_mki(ctx, srtp_hdr, pkt_octet_len, false); -} - -srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, - uint8_t *srtp_hdr, - size_t *pkt_octet_len, - bool use_mki) { srtp_hdr_t *hdr = (srtp_hdr_t *)srtp_hdr; uint8_t *enc_start; /* pointer to start of encrypted portion */ @@ -2486,15 +2489,10 @@ srtp_err_status_t srtp_unprotect_mki(srtp_ctx_t *ctx, debug_print(mod_srtp, "estimated u_packet index: %016" PRIx64, est); /* Determine if MKI is being used and what session keys should be used */ - if (use_mki) { - session_keys = - srtp_get_session_keys(stream, srtp_hdr, *pkt_octet_len, &mki_size); - - if (session_keys == NULL) { - return srtp_err_status_bad_mki; - } - } else { - session_keys = &stream->session_keys[0]; + status = srtp_get_session_keys_for_packet(stream, srtp_hdr, *pkt_octet_len, + &mki_size, &session_keys); + if (status) { + return status; } /* @@ -3056,6 +3054,21 @@ static bool update_template_stream_cb(srtp_stream_t stream, void *raw_data) return true; } +static srtp_err_status_t is_update_policy_compatable( + srtp_stream_t stream, + const srtp_policy_t *policy) +{ + if (stream->use_mki != policy->use_mki) { + return srtp_err_status_bad_param; + } + + if (stream->use_mki && stream->mki_size != policy->mki_size) { + return srtp_err_status_bad_param; + } + + return srtp_err_status_ok; +} + static srtp_err_status_t update_template_streams(srtp_t session, const srtp_policy_t *policy) { @@ -3072,6 +3085,11 @@ static srtp_err_status_t update_template_streams(srtp_t session, return srtp_err_status_bad_param; } + status = is_update_policy_compatable(session->stream_template, policy); + if (status != srtp_err_status_ok) { + return status; + } + /* allocate new template stream */ status = srtp_stream_alloc(&new_stream_template, policy); if (status) { @@ -3136,6 +3154,11 @@ static srtp_err_status_t stream_update(srtp_t session, return srtp_err_status_bad_param; } + status = is_update_policy_compatable(stream, policy); + if (status != srtp_err_status_ok) { + return status; + } + /* save old extendard seq */ old_index = stream->rtp_rdbx.index; old_rtcp_rdb = stream->rtcp_rdb; @@ -3487,14 +3510,13 @@ static srtp_err_status_t srtp_protect_rtcp_aead( srtp_stream_ctx_t *stream, uint8_t *rtcp_hdr, size_t *pkt_octet_len, - srtp_session_keys_t *session_keys, - bool use_mki) + srtp_session_keys_t *session_keys) { srtcp_hdr_t *hdr = (srtcp_hdr_t *)rtcp_hdr; uint8_t *enc_start; /* pointer to start of encrypted portion */ uint8_t *trailer_p; /* pointer to start of trailer */ uint32_t trailer; /* trailer value */ - size_t enc_octet_len = 0; /* number of octets in encrypted portion */ + size_t enc_octet_len = 0; /* number of octets in encrypted portion */ uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ srtp_err_status_t status; size_t tag_len; @@ -3527,9 +3549,12 @@ static srtp_err_status_t srtp_protect_rtcp_aead( trailer = 0x00000000; /* set encrypt bit */ } - mki_size = srtp_inject_mki(rtcp_hdr + *pkt_octet_len + tag_len + - sizeof(srtcp_trailer_t), - session_keys, use_mki); + if (stream->use_mki) { + srtp_inject_mki(rtcp_hdr + *pkt_octet_len + tag_len + + sizeof(srtcp_trailer_t), + session_keys, stream->mki_size); + mki_size = stream->mki_size; + } /* * set the auth_tag pointer to the proper location, which is after @@ -3659,13 +3684,13 @@ static srtp_err_status_t srtp_unprotect_rtcp_aead( uint8_t *srtcp_hdr, size_t *pkt_octet_len, srtp_session_keys_t *session_keys, - bool use_mki) + size_t mki_size) { srtcp_hdr_t *hdr = (srtcp_hdr_t *)srtcp_hdr; uint8_t *enc_start; /* pointer to start of encrypted portion */ uint8_t *trailer_p; /* pointer to start of trailer */ uint32_t trailer; /* trailer value */ - size_t enc_octet_len = 0; /* number of octets in encrypted portion */ + size_t enc_octet_len = 0; /* number of octets in encrypted portion */ uint8_t *auth_tag = NULL; /* location of auth_tag within packet */ srtp_err_status_t status; size_t tag_len; @@ -3673,15 +3698,10 @@ static srtp_err_status_t srtp_unprotect_rtcp_aead( uint32_t seq_num; v128_t iv; uint32_t tseq; - size_t mki_size = 0; /* get tag length from stream context */ tag_len = srtp_auth_get_tag_length(session_keys->rtcp_auth); - if (use_mki) { - mki_size = session_keys->mki_size; - } - /* * set encryption start, encryption length, and trailer */ @@ -3849,16 +3869,8 @@ static srtp_err_status_t srtp_unprotect_rtcp_aead( srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, uint8_t *rtcp_hdr, - size_t *pkt_octet_len) -{ - return srtp_protect_rtcp_mki(ctx, rtcp_hdr, pkt_octet_len, false, 0); -} - -srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, - uint8_t *rtcp_hdr, - size_t *pkt_octet_len, - bool use_mki, - size_t mki_index) + size_t *pkt_octet_len, + size_t mki_index) { srtcp_hdr_t *hdr = (srtcp_hdr_t *)rtcp_hdr; uint8_t *enc_start; /* pointer to start of encrypted portion */ @@ -3928,11 +3940,9 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, } } - session_keys = - srtp_get_session_keys_with_mki_index(stream, use_mki, mki_index); - - if (session_keys == NULL) { - return srtp_err_status_bad_mki; + status = srtp_get_session_keys(stream, mki_index, &session_keys); + if (status) { + return status; } /* @@ -3942,7 +3952,7 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { return srtp_protect_rtcp_aead(stream, rtcp_hdr, pkt_octet_len, - session_keys, use_mki); + session_keys); } /* get tag length from stream context */ @@ -3971,9 +3981,11 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, trailer = 0x00000000; /* set encrypt bit */ } - mki_size = + if (stream->use_mki) { srtp_inject_mki(rtcp_hdr + *pkt_octet_len + sizeof(srtcp_trailer_t), - session_keys, use_mki); + session_keys, stream->mki_size); + mki_size = stream->mki_size; + } /* * set the auth_start and auth_tag pointers to the proper locations @@ -4087,14 +4099,6 @@ srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, uint8_t *srtcp_hdr, size_t *pkt_octet_len) -{ - return srtp_unprotect_rtcp_mki(ctx, srtcp_hdr, pkt_octet_len, false); -} - -srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, - uint8_t *srtcp_hdr, - size_t *pkt_octet_len, - bool use_mki) { srtcp_hdr_t *hdr = (srtcp_hdr_t *)srtcp_hdr; uint8_t *enc_start; /* pointer to start of encrypted portion */ @@ -4148,15 +4152,10 @@ srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, /* * Determine if MKI is being used and what session keys should be used */ - if (use_mki) { - session_keys = - srtp_get_session_keys(stream, srtcp_hdr, *pkt_octet_len, &mki_size); - - if (session_keys == NULL) { - return srtp_err_status_bad_mki; - } - } else { - session_keys = &stream->session_keys[0]; + status = srtp_get_session_keys_for_packet(stream, srtcp_hdr, *pkt_octet_len, + &mki_size, &session_keys); + if (status) { + return status; } /* get tag length from stream context */ @@ -4177,7 +4176,7 @@ srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { return srtp_unprotect_rtcp_aead(ctx, stream, srtcp_hdr, pkt_octet_len, - session_keys, mki_size != 0); + session_keys, mki_size); } sec_serv_confidentiality = stream->rtcp_services == sec_serv_conf || @@ -4512,7 +4511,6 @@ size_t srtp_profile_get_master_salt_length(srtp_profile_t profile) srtp_err_status_t stream_get_protect_trailer_length(srtp_stream_ctx_t *stream, bool is_rtp, - bool use_mki, size_t mki_index, size_t *length) { @@ -4520,13 +4518,13 @@ srtp_err_status_t stream_get_protect_trailer_length(srtp_stream_ctx_t *stream, *length = 0; - if (use_mki) { + if (stream->use_mki) { if (mki_index >= stream->num_master_keys) { return srtp_err_status_bad_mki; } session_key = &stream->session_keys[mki_index]; - *length += session_key->mki_size; + *length += stream->mki_size; } else { session_key = &stream->session_keys[0]; @@ -4545,7 +4543,6 @@ struct get_protect_trailer_length_data { bool found_stream; /* whether at least one matching stream was found */ size_t length; /* maximum trailer length found so far */ bool is_rtp; - bool use_mki; size_t mki_index; }; @@ -4555,8 +4552,7 @@ static bool get_protect_trailer_length_cb(srtp_stream_t stream, void *raw_data) (struct get_protect_trailer_length_data *)raw_data; size_t temp_length; - if (stream_get_protect_trailer_length(stream, data->is_rtp, data->use_mki, - data->mki_index, + if (stream_get_protect_trailer_length(stream, data->is_rtp, data->mki_index, &temp_length) == srtp_err_status_ok) { data->found_stream = true; if (temp_length > data->length) { @@ -4569,12 +4565,11 @@ static bool get_protect_trailer_length_cb(srtp_stream_t stream, void *raw_data) srtp_err_status_t get_protect_trailer_length(srtp_t session, bool is_rtp, - bool use_mki, size_t mki_index, size_t *length) { srtp_stream_ctx_t *stream; - struct get_protect_trailer_length_data data = { false, 0, is_rtp, use_mki, + struct get_protect_trailer_length_data data = { false, 0, is_rtp, mki_index }; if (session == NULL) { @@ -4585,7 +4580,7 @@ srtp_err_status_t get_protect_trailer_length(srtp_t session, if (stream != NULL) { data.found_stream = true; - stream_get_protect_trailer_length(stream, is_rtp, use_mki, mki_index, + stream_get_protect_trailer_length(stream, is_rtp, mki_index, &data.length); } @@ -4601,20 +4596,17 @@ srtp_err_status_t get_protect_trailer_length(srtp_t session, } srtp_err_status_t srtp_get_protect_trailer_length(srtp_t session, - bool use_mki, size_t mki_index, size_t *length) { - return get_protect_trailer_length(session, 1, use_mki, mki_index, length); + return get_protect_trailer_length(session, true, mki_index, length); } srtp_err_status_t srtp_get_protect_rtcp_trailer_length(srtp_t session, - bool use_mki, size_t mki_index, size_t *length) { - return get_protect_trailer_length(session, false, use_mki, mki_index, - length); + return get_protect_trailer_length(session, false, mki_index, length); } /* diff --git a/test/rtp.c b/test/rtp.c index 4c8ca571a..e7675add4 100644 --- a/test/rtp.c +++ b/test/rtp.c @@ -75,7 +75,7 @@ ssize_t rtp_sendto(rtp_sender_t sender, const void *msg, size_t len) /* apply srtp */ stat = srtp_protect(sender->srtp_ctx, (uint8_t *)&sender->message.header, - &pkt_len); + &pkt_len, 0); if (stat) { #if PRINT_DEBUG fprintf(stderr, "error: srtp protection failed with code %d\n", stat); diff --git a/test/srtp_driver.c b/test/srtp_driver.c index a48d2d413..6658d9a59 100644 --- a/test/srtp_driver.c +++ b/test/srtp_driver.c @@ -62,6 +62,8 @@ srtp_err_status_t srtp_validate(void); +srtp_err_status_t srtp_validate_mki(void); + srtp_err_status_t srtp_validate_null(void); #ifdef GCM @@ -90,6 +92,8 @@ srtp_err_status_t srtp_test_remove_stream(void); srtp_err_status_t srtp_test_update(void); +srtp_err_status_t srtp_test_update_mki(void); + srtp_err_status_t srtp_test_protect_trailer_length(void); srtp_err_status_t srtp_test_protect_rtcp_trailer_length(void); @@ -142,14 +146,12 @@ extern uint8_t test_key_gcm[28]; // clang-format off srtp_master_key_t master_key_1 = { test_key, - test_mki_id, - TEST_MKI_ID_SIZE + test_mki_id }; srtp_master_key_t master_key_2 = { test_key_2, - test_mki_id_2, - TEST_MKI_ID_SIZE + test_mki_id_2 }; srtp_master_key_t *test_keys[2] = { @@ -461,6 +463,19 @@ int main(int argc, char *argv[]) exit(1); } + /* + * run validation test against the reference packets - note + * that this test only covers the default policy + */ + printf("testing srtp_protect and srtp_unprotect against " + "reference packet using mki\n"); + if (srtp_validate_mki() == srtp_err_status_ok) { + printf("passed\n\n"); + } else { + printf("failed\n"); + exit(1); + } + printf("testing srtp_protect and srtp_unprotect against " "reference packet using null cipher and HMAC\n"); if (srtp_validate_null() == srtp_err_status_ok) { @@ -560,6 +575,17 @@ int main(int argc, char *argv[]) exit(1); } + /* + * test the function srtp_update() + */ + printf("testing srtp_update_mki()..."); + if (srtp_test_update_mki() == srtp_err_status_ok) { + printf("passed\n"); + } else { + printf("failed\n"); + exit(1); + } + /* * test the functions srtp_get_protect_trailer_length * and srtp_get_protect_rtcp_trailer_length @@ -964,7 +990,7 @@ double srtp_bits_per_second(size_t msg_len_octets, const srtp_policy_t *policy) for (size_t i = 0; i < num_trials; i++) { len = input_len; /* srtp protect message */ - status = srtp_protect(srtp, mesg, &len); + status = srtp_protect(srtp, mesg, &len, 0); if (status) { printf("error: srtp_protect() failed with error code %d\n", status); exit(1); @@ -1016,7 +1042,7 @@ double srtp_rejections_per_second(size_t msg_len_octets, if (mesg == NULL) { return 0.0; /* indicate failure by returning zero */ } - srtp_protect(srtp, mesg, &len); + srtp_protect(srtp, mesg, &len, 0); timer = clock(); for (size_t i = 0; i < num_trials; i++) { @@ -1044,56 +1070,6 @@ void err_check(srtp_err_status_t s) } } -srtp_err_status_t srtp_test_call_protect(srtp_t srtp_sender, - uint8_t *hdr, - size_t *len, - bool use_mki, - size_t mki_index) -{ - if (!use_mki) { - return srtp_protect(srtp_sender, hdr, len); - } else { - return srtp_protect_mki(srtp_sender, hdr, len, true, mki_index); - } -} - -srtp_err_status_t srtp_test_call_protect_rtcp(srtp_t srtp_sender, - uint8_t *hdr, - size_t *len, - bool use_mki, - size_t mki_index) -{ - if (!use_mki) { - return srtp_protect_rtcp(srtp_sender, hdr, len); - } else { - return srtp_protect_rtcp_mki(srtp_sender, hdr, len, true, mki_index); - } -} - -srtp_err_status_t srtp_test_call_unprotect(srtp_t srtp_sender, - uint8_t *hdr, - size_t *len, - bool use_mki) -{ - if (!use_mki) { - return srtp_unprotect(srtp_sender, hdr, len); - } else { - return srtp_unprotect_mki(srtp_sender, hdr, len, use_mki); - } -} - -srtp_err_status_t srtp_test_call_unprotect_rtcp(srtp_t srtp_sender, - uint8_t *hdr, - size_t *len, - bool use_mki) -{ - if (!use_mki) { - return srtp_unprotect_rtcp(srtp_sender, hdr, len); - } else { - return srtp_unprotect_rtcp_mki(srtp_sender, hdr, len, use_mki); - } -} - srtp_err_status_t srtp_test(const srtp_policy_t *policy, bool test_extension_headers, bool use_mki, @@ -1110,19 +1086,24 @@ srtp_err_status_t srtp_test(const srtp_policy_t *policy, size_t len, len2; size_t tag_length; uint32_t ssrc; - srtp_policy_t *rcvr_policy; - srtp_policy_t tmp_policy; + srtp_policy_t send_policy; + srtp_policy_t rcvr_policy; uint8_t header = 1; + memcpy(&send_policy, policy, sizeof(srtp_policy_t)); + + send_policy.use_mki = use_mki; + if (!use_mki) { + send_policy.mki_size = 0; + } + if (test_extension_headers) { - memcpy(&tmp_policy, policy, sizeof(srtp_policy_t)); - tmp_policy.enc_xtn_hdr = &header; - tmp_policy.enc_xtn_hdr_count = 1; - err_check(srtp_create(&srtp_sender, &tmp_policy)); - } else { - err_check(srtp_create(&srtp_sender, policy)); + send_policy.enc_xtn_hdr = &header; + send_policy.enc_xtn_hdr_count = 1; } + err_check(srtp_create(&srtp_sender, &send_policy)); + /* print out policy */ err_check(srtp_session_print_policy(srtp_sender)); @@ -1164,8 +1145,7 @@ srtp_err_status_t srtp_test(const srtp_policy_t *policy, debug_print(mod_driver, "reference packet before protection:\n%s", octet_string_hex_string(hdr, len)); #endif - err_check( - srtp_test_call_protect(srtp_sender, hdr, &len, use_mki, mki_index)); + err_check(srtp_protect(srtp_sender, hdr, &len, mki_index)); debug_print(mod_driver, "after protection:\n%s", srtp_packet_to_string(hdr, len)); @@ -1185,8 +1165,8 @@ srtp_err_status_t srtp_test(const srtp_policy_t *policy, * data following the packet is different, then we know that the * protect function is overwriting the end of the packet. */ - err_check(srtp_get_protect_trailer_length(srtp_sender, use_mki, mki_index, - &tag_length)); + err_check( + srtp_get_protect_trailer_length(srtp_sender, mki_index, &tag_length)); pkt_end = hdr + msg_len + tag_length; for (i = 0; i < 4; i++) { if (pkt_end[i] != 0xff) { @@ -1226,34 +1206,12 @@ srtp_err_status_t srtp_test(const srtp_policy_t *policy, printf("passed\n"); } - /* - * if the policy uses a 'wildcard' ssrc, then we need to make a copy - * of the policy that changes the direction to inbound - * - * we always copy the policy into the rcvr_policy, since otherwise - * the compiler would fret about the constness of the policy - */ - rcvr_policy = (srtp_policy_t *)malloc(sizeof(srtp_policy_t)); - if (rcvr_policy == NULL) { - free(hdr); - free(hdr2); - return srtp_err_status_alloc_fail; - } - if (test_extension_headers) { - memcpy(rcvr_policy, &tmp_policy, sizeof(srtp_policy_t)); - if (tmp_policy.ssrc.type == ssrc_any_outbound) { - rcvr_policy->ssrc.type = ssrc_any_inbound; - } - } else { - memcpy(rcvr_policy, policy, sizeof(srtp_policy_t)); - if (policy->ssrc.type == ssrc_any_outbound) { - rcvr_policy->ssrc.type = ssrc_any_inbound; - } - } + memcpy(&rcvr_policy, &send_policy, sizeof(srtp_policy_t)); + rcvr_policy.ssrc.type = ssrc_any_inbound; - err_check(srtp_create(&srtp_rcvr, rcvr_policy)); + err_check(srtp_create(&srtp_rcvr, &rcvr_policy)); - err_check(srtp_test_call_unprotect(srtp_rcvr, hdr, &len, use_mki)); + err_check(srtp_unprotect(srtp_rcvr, hdr, &len)); debug_print(mod_driver, "after unprotection:\n%s", srtp_packet_to_string(hdr, len)); @@ -1268,7 +1226,6 @@ srtp_err_status_t srtp_test(const srtp_policy_t *policy, if (status) { free(hdr); free(hdr2); - free(rcvr_policy); return status; } @@ -1281,13 +1238,11 @@ srtp_err_status_t srtp_test(const srtp_policy_t *policy, printf("testing for false positives in replay check..."); /* unprotect a second time - should fail with a replay error */ - status = - srtp_test_call_unprotect(srtp_rcvr, hdr, &msg_len_enc, use_mki); + status = srtp_unprotect(srtp_rcvr, hdr, &msg_len_enc); if (status != srtp_err_status_replay_fail) { printf("failed with error code %d\n", status); free(hdr); free(hdr2); - free(rcvr_policy); return srtp_err_status_algo_fail; } else { printf("passed\n"); @@ -1299,20 +1254,18 @@ srtp_err_status_t srtp_test(const srtp_policy_t *policy, ((srtp_hdr_t *)hdr)->seq++; /* apply protection */ - err_check( - srtp_test_call_protect(srtp_sender, hdr, &len, use_mki, mki_index)); + err_check(srtp_protect(srtp_sender, hdr, &len, mki_index)); /* flip bits in packet */ data[0] ^= 0xff; /* unprotect, and check for authentication failure */ - status = srtp_test_call_unprotect(srtp_rcvr, hdr, &len, use_mki); + status = srtp_unprotect(srtp_rcvr, hdr, &len); if (status != srtp_err_status_auth_fail) { printf("failed with error code %d\n", status); printf("failed\n"); free(hdr); free(hdr2); - free(rcvr_policy); return srtp_err_status_algo_fail; } else { printf("passed\n"); @@ -1324,7 +1277,6 @@ srtp_err_status_t srtp_test(const srtp_policy_t *policy, free(hdr); free(hdr2); - free(rcvr_policy); return srtp_err_status_ok; } @@ -1342,9 +1294,17 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, size_t len, len2; size_t tag_length; uint32_t ssrc; - srtp_policy_t *rcvr_policy; + srtp_policy_t send_policy; + srtp_policy_t rcvr_policy; - err_check(srtp_create(&srtcp_sender, policy)); + memcpy(&send_policy, policy, sizeof(srtp_policy_t)); + + send_policy.use_mki = use_mki; + if (!use_mki) { + send_policy.mki_size = 0; + } + + err_check(srtp_create(&srtcp_sender, &send_policy)); /* print out policy */ err_check(srtp_session_print_policy(srtcp_sender)); @@ -1380,8 +1340,7 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, debug_print(mod_driver, "reference packet before protection:\n%s", octet_string_hex_string(hdr, len)); #endif - err_check(srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, use_mki, - mki_index)); + err_check(srtp_protect_rtcp(srtcp_sender, hdr, &len, mki_index)); debug_print(mod_driver, "after protection:\n%s", srtp_rtcp_packet_to_string(hdr, len)); @@ -1401,8 +1360,7 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, * data following the packet is different, then we know that the * protect function is overwriting the end of the packet. */ - srtp_get_protect_rtcp_trailer_length(srtcp_sender, use_mki, mki_index, - &tag_length); + srtp_get_protect_rtcp_trailer_length(srtcp_sender, mki_index, &tag_length); pkt_end = hdr + msg_len + tag_length; for (size_t i = 0; i < 4; i++) { if (pkt_end[i] != 0xff) { @@ -1442,27 +1400,14 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, printf("passed\n"); } - /* - * if the policy uses a 'wildcard' ssrc, then we need to make a copy - * of the policy that changes the direction to inbound - * - * we always copy the policy into the rcvr_policy, since otherwise - * the compiler would fret about the constness of the policy - */ - rcvr_policy = (srtp_policy_t *)malloc(sizeof(srtp_policy_t)); - if (rcvr_policy == NULL) { - free(hdr); - free(hdr2); - return srtp_err_status_alloc_fail; - } - memcpy(rcvr_policy, policy, sizeof(srtp_policy_t)); - if (policy->ssrc.type == ssrc_any_outbound) { - rcvr_policy->ssrc.type = ssrc_any_inbound; + memcpy(&rcvr_policy, &send_policy, sizeof(srtp_policy_t)); + if (send_policy.ssrc.type == ssrc_any_outbound) { + rcvr_policy.ssrc.type = ssrc_any_inbound; } - err_check(srtp_create(&srtcp_rcvr, rcvr_policy)); + err_check(srtp_create(&srtcp_rcvr, &rcvr_policy)); - err_check(srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &len, use_mki)); + err_check(srtp_unprotect_rtcp(srtcp_rcvr, hdr, &len)); debug_print(mod_driver, "after unprotection:\n%s", srtp_rtcp_packet_to_string(hdr, len)); @@ -1477,7 +1422,6 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, if (status) { free(hdr); free(hdr2); - free(rcvr_policy); return status; } @@ -1490,13 +1434,11 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, printf("testing for false positives in replay check..."); /* unprotect a second time - should fail with a replay error */ - status = srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &msg_len_enc, - use_mki); + status = srtp_unprotect_rtcp(srtcp_rcvr, hdr, &msg_len_enc); if (status != srtp_err_status_replay_fail) { printf("failed with error code %d\n", status); free(hdr); free(hdr2); - free(rcvr_policy); return srtp_err_status_algo_fail; } else { printf("passed\n"); @@ -1505,20 +1447,18 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, printf("testing for false positives in auth check..."); /* apply protection */ - err_check(srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, use_mki, - mki_index)); + err_check(srtp_protect_rtcp(srtcp_sender, hdr, &len, mki_index)); /* flip bits in packet */ data[0] ^= 0xff; /* unprotect, and check for authentication failure */ - status = srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &len, use_mki); + status = srtp_unprotect_rtcp(srtcp_rcvr, hdr, &len); if (status != srtp_err_status_auth_fail) { printf("failed with error code %d\n", status); printf("failed\n"); free(hdr); free(hdr2); - free(rcvr_policy); return srtp_err_status_algo_fail; } else { printf("passed\n"); @@ -1530,7 +1470,6 @@ srtp_err_status_t srtcp_test(const srtp_policy_t *policy, free(hdr); free(hdr2); - free(rcvr_policy); return srtp_err_status_ok; } @@ -1572,6 +1511,9 @@ bool srtp_session_print_stream(srtp_stream_t stream, void *raw_data) "# rtcp cipher: %s\r\n" "# rtcp auth: %s\r\n" "# rtcp services: %s\r\n" + "# num keys: %zu\r\n" + "# use mki: %s\r\n" + "# mki size: %zu\r\n" "# window size: %zu\r\n" "# tx rtx allowed:%s\r\n", ssrc_text, session_keys->rtp_cipher->type->description, @@ -1579,7 +1521,8 @@ bool srtp_session_print_stream(srtp_stream_t stream, void *raw_data) serv_descr[stream->rtp_services], session_keys->rtcp_cipher->type->description, session_keys->rtcp_auth->type->description, - serv_descr[stream->rtcp_services], + serv_descr[stream->rtcp_services], stream->num_master_keys, + stream->use_mki ? "true" : "false", stream->mki_size, srtp_rdbx_get_window_size(&stream->rtp_rdbx), stream->allow_repeat_tx ? "true" : "false"); @@ -1827,7 +1770,7 @@ srtp_err_status_t srtp_validate(void) * protect plaintext, then compare with ciphertext */ len = 28; - status = srtp_protect(srtp_snd, srtp_plaintext, &len); + status = srtp_protect(srtp_snd, srtp_plaintext, &len, 0); if (status || (len != 38)) { return srtp_err_status_fail; } @@ -1845,7 +1788,7 @@ srtp_err_status_t srtp_validate(void) * protect plaintext rtcp, then compare with srtcp ciphertext */ len = 24; - status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len); + status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len, 0); if (status || (len != 38)) { return srtp_err_status_fail; } @@ -1907,6 +1850,182 @@ srtp_err_status_t srtp_validate(void) return srtp_err_status_ok; } +/* + * srtp_validate_mki() verifies the correctness of libsrtp by comparing + * some computed packets against some pre-computed reference values. + * These packets were made with the default SRTP policy. + */ + +srtp_err_status_t srtp_validate_mki(void) +{ + // clang-format off + uint8_t srtp_plaintext_ref[28] = { + 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad, + 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab, + 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, + 0xab, 0xab, 0xab, 0xab + }; + uint8_t srtp_plaintext[42] = { + 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad, + 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab, + 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, + 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00 + }; + uint8_t srtp_ciphertext[42] = { + 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad, + 0xca, 0xfe, 0xba, 0xbe, 0x4e, 0x55, 0xdc, 0x4c, + 0xe7, 0x99, 0x78, 0xd8, 0x8c, 0xa4, 0xd2, 0x15, + 0x94, 0x9d, 0x24, 0x02, 0xe1, 0xf9, 0x7a, 0x0d, + 0xb7, 0x8d, 0x6a, 0xcc, 0x99, 0xea, 0x17, 0x9b, + 0x8d, 0xbb + }; + uint8_t rtcp_plaintext_ref[24] = { + 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe, + 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, + 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, + }; + uint8_t rtcp_plaintext[42] = { + 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe, + 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, + 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, + 0x00, 0x00 + }; + uint8_t srtcp_ciphertext[42] = { + 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe, + 0x71, 0x28, 0x03, 0x5b, 0xe4, 0x87, 0xb9, 0xbd, + 0xbe, 0xf8, 0x90, 0x41, 0xf9, 0x77, 0xa5, 0xa8, + 0x80, 0x00, 0x00, 0x01, 0xe1, 0xf9, 0x7a, 0x0d, + 0x99, 0x3e, 0x08, 0xcd, 0x54, 0xd6, 0xc1, 0x23, + 0x07, 0x98 + }; + // clang-format on + + srtp_t srtp_snd, srtp_recv; + srtp_err_status_t status; + size_t len; + srtp_policy_t policy; + + /* + * create a session with a single stream using the default srtp + * policy and with the SSRC value 0xcafebabe + */ + memset(&policy, 0, sizeof(policy)); + srtp_crypto_policy_set_rtp_default(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + policy.ssrc.type = ssrc_specific; + policy.ssrc.value = 0xcafebabe; + policy.keys = test_keys; + policy.num_master_keys = 2; + policy.use_mki = true; + policy.mki_size = TEST_MKI_ID_SIZE; + policy.window_size = 128; + policy.allow_repeat_tx = false; + policy.next = NULL; + + status = srtp_create(&srtp_snd, &policy); + if (status) { + return status; + } + + /* + * protect plaintext, then compare with ciphertext + */ + len = 28; + status = srtp_protect(srtp_snd, srtp_plaintext, &len, 0); + if (status) { + return status; + } + + debug_print(mod_driver, "ciphertext:\n %s", + octet_string_hex_string(srtp_plaintext, len)); + debug_print( + mod_driver, "ciphertext reference:\n %s", + octet_string_hex_string(srtp_ciphertext, sizeof(srtp_ciphertext))); + + if (len != sizeof(srtp_ciphertext)) { + return srtp_err_status_fail; + } + + if (!srtp_octet_string_equal(srtp_plaintext, srtp_ciphertext, len)) { + return srtp_err_status_fail; + } + + /* + * protect plaintext rtcp, then compare with srtcp ciphertext + */ + len = 24; + status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len, 0); + if (status) { + return status; + } + + debug_print(mod_driver, "srtcp ciphertext:\n %s", + octet_string_hex_string(rtcp_plaintext, len)); + debug_print( + mod_driver, "srtcp ciphertext reference:\n %s", + octet_string_hex_string(srtcp_ciphertext, sizeof(srtcp_ciphertext))); + + if (len != sizeof(srtcp_ciphertext)) { + return srtp_err_status_fail; + } + + if (!srtp_octet_string_equal(rtcp_plaintext, srtcp_ciphertext, len)) { + return srtp_err_status_fail; + } + + /* + * create a receiver session context comparable to the one created + * above - we need to do this so that the replay checking doesn't + * complain + */ + status = srtp_create(&srtp_recv, &policy); + if (status) { + return status; + } + + /* + * unprotect ciphertext, then compare with plaintext + */ + len = 42; + status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len); + if (status || (len != 28)) { + return status; + } + + if (!srtp_octet_string_equal(srtp_ciphertext, srtp_plaintext_ref, len)) { + return srtp_err_status_fail; + } + + /* + * unprotect srtcp ciphertext, then compare with rtcp plaintext + */ + len = 42; + status = srtp_unprotect_rtcp(srtp_recv, srtcp_ciphertext, &len); + if (status || (len != 24)) { + return status; + } + + if (!srtp_octet_string_equal(srtcp_ciphertext, rtcp_plaintext_ref, len)) { + return srtp_err_status_fail; + } + + status = srtp_dealloc(srtp_snd); + if (status) { + return status; + } + + status = srtp_dealloc(srtp_recv); + if (status) { + return status; + } + + return srtp_err_status_ok; +} + /* * srtp_validate_null() verifies the correctness of libsrtp by comparing * some computed packets against some pre-computed reference values. @@ -1986,7 +2105,7 @@ srtp_err_status_t srtp_validate_null(void) * protect plaintext, then compare with ciphertext */ len = 28; - status = srtp_protect(srtp_snd, srtp_plaintext, &len); + status = srtp_protect(srtp_snd, srtp_plaintext, &len, 0); if (status || (len != 38)) { return srtp_err_status_fail; } @@ -2004,7 +2123,7 @@ srtp_err_status_t srtp_validate_null(void) * protect plaintext rtcp, then compare with srtcp ciphertext */ len = 24; - status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len); + status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len, 0); if (status || (len != 38)) { return srtp_err_status_fail; } @@ -2147,7 +2266,7 @@ srtp_err_status_t srtp_validate_gcm(void) * protect plaintext rtp, then compare with srtp ciphertext */ len = 28; - status = srtp_protect(srtp_snd, rtp_plaintext, &len); + status = srtp_protect(srtp_snd, rtp_plaintext, &len, 0); if (status || (len != 44)) { return srtp_err_status_fail; } @@ -2165,7 +2284,7 @@ srtp_err_status_t srtp_validate_gcm(void) * protect plaintext rtcp, then compare with srtcp ciphertext */ len = 24; - status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len); + status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len, 0); if (status || (len != 44)) { return srtp_err_status_fail; } @@ -2311,7 +2430,7 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers(void) * protect plaintext, then compare with ciphertext */ len = sizeof(srtp_plaintext_ref); - status = srtp_protect(srtp_snd, srtp_plaintext, &len); + status = srtp_protect(srtp_snd, srtp_plaintext, &len, 0); if (status || (len != sizeof(srtp_plaintext))) { return srtp_err_status_fail; } @@ -2440,7 +2559,7 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm(void) * protect plaintext, then compare with ciphertext */ len = sizeof(srtp_plaintext_ref); - status = srtp_protect(srtp_snd, srtp_plaintext, &len); + status = srtp_protect(srtp_snd, srtp_plaintext, &len, 0); if (status || (len != sizeof(srtp_plaintext))) { return srtp_err_status_fail; } @@ -2560,7 +2679,7 @@ srtp_err_status_t srtp_validate_aes_256(void) * protect plaintext, then compare with ciphertext */ len = 28; - status = srtp_protect(srtp_snd, srtp_plaintext, &len); + status = srtp_protect(srtp_snd, srtp_plaintext, &len, 0); if (status || (len != 38)) { return srtp_err_status_fail; } @@ -2688,7 +2807,7 @@ srtp_err_status_t srtp_test_empty_payload(void) return srtp_err_status_fail; } - status = srtp_protect(srtp_snd, mesg, &len); + status = srtp_protect(srtp_snd, mesg, &len, 0); if (status) { return status; } else if (len != 12 + 10) { @@ -2763,7 +2882,7 @@ srtp_err_status_t srtp_test_empty_payload_gcm(void) return srtp_err_status_fail; } - status = srtp_protect(srtp_snd, mesg, &len); + status = srtp_protect(srtp_snd, mesg, &len, 0); if (status) { return status; } else if (len != 12 + 16) { @@ -2958,7 +3077,7 @@ srtp_err_status_t srtp_test_update(void) } ((srtp_hdr_t *)msg)->seq = htons(65535); - status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); + status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets, 0); if (status) { return srtp_err_status_fail; } @@ -2977,7 +3096,7 @@ srtp_err_status_t srtp_test_update(void) } ((srtp_hdr_t *)msg)->seq = htons(1); - status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); + status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets, 0); if (status) { return srtp_err_status_fail; } @@ -3004,7 +3123,7 @@ srtp_err_status_t srtp_test_update(void) } ((srtp_hdr_t *)msg)->seq = htons(2); - status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); + status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets, 0); if (status) { return srtp_err_status_fail; } @@ -3032,7 +3151,7 @@ srtp_err_status_t srtp_test_update(void) } ((srtp_hdr_t *)msg)->seq = htons(3); - status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets); + status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets, 0); if (status) { return srtp_err_status_fail; } @@ -3099,6 +3218,58 @@ srtp_err_status_t srtp_test_update(void) return srtp_err_status_ok; } +srtp_err_status_t srtp_test_update_mki(void) +{ + srtp_err_status_t status; + srtp_t srtp; + srtp_policy_t policy; + + memset(&policy, 0, sizeof(policy)); + srtp_crypto_policy_set_rtp_default(&policy.rtp); + srtp_crypto_policy_set_rtcp_default(&policy.rtcp); + policy.ssrc.type = ssrc_any_outbound; + policy.keys = test_keys; + policy.num_master_keys = 1; + policy.use_mki = true; + policy.mki_size = 1; + + status = srtp_create(&srtp, &policy); + if (status) { + return status; + } + + /* can not turn off mki */ + policy.use_mki = false; + policy.mki_size = 0; + status = srtp_update(srtp, &policy); + if (status == srtp_err_status_ok) { + return srtp_err_status_fail; + } + + /* update same values still ok*/ + policy.use_mki = true; + policy.mki_size = 1; + status = srtp_update(srtp, &policy); + if (status) { + return status; + } + + /* can not change mki size*/ + policy.use_mki = true; + policy.mki_size = 2; + status = srtp_update(srtp, &policy); + if (status == srtp_err_status_ok) { + return srtp_err_status_fail; + } + + status = srtp_dealloc(srtp); + if (status) { + return status; + } + + return srtp_err_status_ok; +} + srtp_err_status_t srtp_test_setup_protect_trailer_streams( srtp_t *srtp_send, srtp_t *srtp_send_mki, @@ -3136,6 +3307,8 @@ srtp_err_status_t srtp_test_setup_protect_trailer_streams( policy_mki.key = NULL; policy_mki.keys = test_keys; policy_mki.num_master_keys = 2; + policy_mki.use_mki = true; + policy_mki.mki_size = TEST_MKI_ID_SIZE; #ifdef GCM memset(&policy_aes_gcm, 0, sizeof(policy_aes_gcm)); @@ -3157,6 +3330,8 @@ srtp_err_status_t srtp_test_setup_protect_trailer_streams( policy_aes_gcm_mki.key = NULL; policy_aes_gcm_mki.keys = test_keys; policy_aes_gcm_mki.num_master_keys = 2; + policy_aes_gcm_mki.use_mki = true; + policy_aes_gcm_mki.mki_size = TEST_MKI_ID_SIZE; #endif // GCM /* create a send ctx with defualt profile and test_key */ @@ -3194,10 +3369,13 @@ srtp_err_status_t srtp_test_protect_trailer_length(void) size_t length = 0; srtp_err_status_t status; - srtp_test_setup_protect_trailer_streams( + status = srtp_test_setup_protect_trailer_streams( &srtp_send, &srtp_send_mki, &srtp_send_aes_gcm, &srtp_send_aes_gcm_mki); + if (status) { + return status; + } - status = srtp_get_protect_trailer_length(srtp_send, 0, 0, &length); + status = srtp_get_protect_trailer_length(srtp_send, 0, &length); if (status) { return status; } @@ -3207,7 +3385,7 @@ srtp_err_status_t srtp_test_protect_trailer_length(void) return srtp_err_status_fail; } - status = srtp_get_protect_trailer_length(srtp_send_mki, 1, 1, &length); + status = srtp_get_protect_trailer_length(srtp_send_mki, 1, &length); if (status) { return status; } @@ -3218,7 +3396,7 @@ srtp_err_status_t srtp_test_protect_trailer_length(void) } #ifdef GCM - status = srtp_get_protect_trailer_length(srtp_send_aes_gcm, 0, 0, &length); + status = srtp_get_protect_trailer_length(srtp_send_aes_gcm, 0, &length); if (status) { return status; } @@ -3228,8 +3406,7 @@ srtp_err_status_t srtp_test_protect_trailer_length(void) return srtp_err_status_fail; } - status = - srtp_get_protect_trailer_length(srtp_send_aes_gcm_mki, 1, 1, &length); + status = srtp_get_protect_trailer_length(srtp_send_aes_gcm_mki, 1, &length); if (status) { return status; } @@ -3262,7 +3439,7 @@ srtp_err_status_t srtp_test_protect_rtcp_trailer_length(void) srtp_test_setup_protect_trailer_streams( &srtp_send, &srtp_send_mki, &srtp_send_aes_gcm, &srtp_send_aes_gcm_mki); - status = srtp_get_protect_rtcp_trailer_length(srtp_send, 0, 0, &length); + status = srtp_get_protect_rtcp_trailer_length(srtp_send, 0, &length); if (status) { return status; } @@ -3272,7 +3449,7 @@ srtp_err_status_t srtp_test_protect_rtcp_trailer_length(void) return srtp_err_status_fail; } - status = srtp_get_protect_rtcp_trailer_length(srtp_send_mki, 1, 1, &length); + status = srtp_get_protect_rtcp_trailer_length(srtp_send_mki, 1, &length); if (status) { return status; } @@ -3284,7 +3461,7 @@ srtp_err_status_t srtp_test_protect_rtcp_trailer_length(void) #ifdef GCM status = - srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm, 0, 0, &length); + srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm, 0, &length); if (status) { return status; } @@ -3294,8 +3471,8 @@ srtp_err_status_t srtp_test_protect_rtcp_trailer_length(void) return srtp_err_status_fail; } - status = srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm_mki, 1, 1, - &length); + status = + srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm_mki, 1, &length); if (status) { return status; } @@ -3376,7 +3553,7 @@ srtp_err_status_t srtp_test_out_of_order_after_rollover(void) /* Create and protect packets to get to get roc == 1 */ pkts[0] = srtp_create_test_packet_extended(64, sender_policy.ssrc.value, 65534, 0, &pkt_len_octets[0]); - status = srtp_protect(sender_session, pkts[0], &pkt_len_octets[0]); + status = srtp_protect(sender_session, pkts[0], &pkt_len_octets[0], 0); if (status) { return status; } @@ -3391,7 +3568,7 @@ srtp_err_status_t srtp_test_out_of_order_after_rollover(void) pkts[1] = srtp_create_test_packet_extended(64, sender_policy.ssrc.value, 65535, 1, &pkt_len_octets[1]); - status = srtp_protect(sender_session, pkts[1], &pkt_len_octets[1]); + status = srtp_protect(sender_session, pkts[1], &pkt_len_octets[1], 0); if (status) { return status; } @@ -3406,7 +3583,7 @@ srtp_err_status_t srtp_test_out_of_order_after_rollover(void) pkts[2] = srtp_create_test_packet_extended(64, sender_policy.ssrc.value, 0, 2, &pkt_len_octets[2]); - status = srtp_protect(sender_session, pkts[2], &pkt_len_octets[2]); + status = srtp_protect(sender_session, pkts[2], &pkt_len_octets[2], 0); if (status) { return status; } @@ -3421,7 +3598,7 @@ srtp_err_status_t srtp_test_out_of_order_after_rollover(void) pkts[3] = srtp_create_test_packet_extended(64, sender_policy.ssrc.value, 1, 3, &pkt_len_octets[3]); - status = srtp_protect(sender_session, pkts[3], &pkt_len_octets[3]); + status = srtp_protect(sender_session, pkts[3], &pkt_len_octets[3], 0); if (status) { return status; } @@ -3436,7 +3613,7 @@ srtp_err_status_t srtp_test_out_of_order_after_rollover(void) pkts[4] = srtp_create_test_packet_extended(64, sender_policy.ssrc.value, 2, 4, &pkt_len_octets[4]); - status = srtp_protect(sender_session, pkts[4], &pkt_len_octets[4]); + status = srtp_protect(sender_session, pkts[4], &pkt_len_octets[4], 0); if (status) { return status; } @@ -3570,7 +3747,7 @@ srtp_err_status_t srtp_test_get_roc(void) pkt = srtp_create_test_packet_extended(msg_len_octets, policy.ssrc.value, seq, ts, &protected_msg_len_octets); - status = srtp_protect(session, pkt, &protected_msg_len_octets); + status = srtp_protect(session, pkt, &protected_msg_len_octets, 0); free(pkt); if (status) { return status; @@ -3655,7 +3832,7 @@ static srtp_err_status_t test_set_receiver_roc(uint32_t packets, tmp_pkt = srtp_create_test_packet_extended( msg_len_octets, sender_policy.ssrc.value, seq, ts, &tmp_len); - status = srtp_protect(sender_session, tmp_pkt, &tmp_len); + status = srtp_protect(sender_session, tmp_pkt, &tmp_len, 0); free(tmp_pkt); if (status) { return status; @@ -3674,7 +3851,8 @@ static srtp_err_status_t test_set_receiver_roc(uint32_t packets, pkt_1 = srtp_create_test_packet_extended(msg_len_octets, sender_policy.ssrc.value, seq, ts, &protected_msg_len_octets_1); - status = srtp_protect(sender_session, pkt_1, &protected_msg_len_octets_1); + status = + srtp_protect(sender_session, pkt_1, &protected_msg_len_octets_1, 0); if (status) { return status; } @@ -3685,7 +3863,8 @@ static srtp_err_status_t test_set_receiver_roc(uint32_t packets, pkt_2 = srtp_create_test_packet_extended(msg_len_octets, sender_policy.ssrc.value, seq, ts, &protected_msg_len_octets_2); - status = srtp_protect(sender_session, pkt_2, &protected_msg_len_octets_2); + status = + srtp_protect(sender_session, pkt_2, &protected_msg_len_octets_2, 0); if (status) { return status; } @@ -3814,7 +3993,7 @@ static srtp_err_status_t test_set_sender_roc(uint16_t seq, uint32_t roc_to_set) pkt = srtp_create_test_packet_extended(msg_len_octets, sender_policy.ssrc.value, seq, ts, &protected_msg_len_octets); - status = srtp_protect(sender_session, pkt, &protected_msg_len_octets); + status = srtp_protect(sender_session, pkt, &protected_msg_len_octets, 0); if (status) { return status; } @@ -4041,11 +4220,13 @@ const srtp_policy_t default_policy = { }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + true, /* no mki */ + TEST_MKI_ID_SIZE, /* mki size */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; @@ -4069,11 +4250,13 @@ const srtp_policy_t aes_only_policy = { }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + true, /* no mki */ + TEST_MKI_ID_SIZE, /* mki size */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; @@ -4097,11 +4280,13 @@ const srtp_policy_t hmac_only_policy = { }, NULL, (srtp_master_key_t **)test_keys, - 2, /* Number of Master keys associated with the policy */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* Number of Master keys associated with the policy */ + true, /* no mki */ + TEST_MKI_ID_SIZE, /* mki size */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; @@ -4128,11 +4313,13 @@ const srtp_policy_t aes128_gcm_8_policy = { }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + true, /* no mki */ + TEST_MKI_ID_SIZE, /* mki size */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; @@ -4158,11 +4345,13 @@ const srtp_policy_t aes128_gcm_8_cauth_policy = { }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + true, /* no mki */ + TEST_MKI_ID_SIZE, /* mki size */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; @@ -4188,11 +4377,13 @@ const srtp_policy_t aes256_gcm_8_policy = { }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + true, /* no mki */ + TEST_MKI_ID_SIZE, /* mki size */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; @@ -4218,11 +4409,13 @@ const srtp_policy_t aes256_gcm_8_cauth_policy = { }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + true, /* no mki */ + TEST_MKI_ID_SIZE, /* mki size */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; #endif @@ -4247,11 +4440,13 @@ const srtp_policy_t null_policy = { }, NULL, (srtp_master_key_t **)test_keys, - 2, /* indicates the number of Master keys */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + true, /* no mki */ + TEST_MKI_ID_SIZE, /* mki size */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; @@ -4277,14 +4472,12 @@ uint8_t test_256_key_2[46] = { srtp_master_key_t master_256_key_1 = { test_256_key, - test_mki_id, - TEST_MKI_ID_SIZE + test_mki_id }; srtp_master_key_t master_256_key_2 = { test_256_key_2, - test_mki_id_2, - TEST_MKI_ID_SIZE + test_mki_id_2 }; srtp_master_key_t *test_256_keys[2] = { @@ -4315,11 +4508,13 @@ const srtp_policy_t aes_256_hmac_policy = { }, NULL, (srtp_master_key_t **)test_256_keys, - 2, /* indicates the number of Master keys */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + 2, /* indicates the number of Master keys */ + true, /* no mki */ + TEST_MKI_ID_SIZE, /* mki size */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; @@ -4342,12 +4537,14 @@ const srtp_policy_t hmac_only_with_no_master_key = { sec_serv_auth /* security services flag */ }, NULL, - NULL, /* no master keys*/ - 0, /* indicates the number of Master keys */ - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + NULL, /* no master keys*/ + 0, /* indicates the number of Master keys */ + false, /* no mki */ + 0, /* mki size */ + 128, /* replay window size */ + false, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL }; @@ -4408,10 +4605,12 @@ const srtp_policy_t wildcard_policy = { test_key, NULL, 0, - 128, /* replay window size */ - 0, /* retransmission not allowed */ - NULL, /* no encrypted extension headers */ - 0, /* list of encrypted extension headers is empty */ + false, /* no mki */ + 0, /* mki size */ + 128, /* replay window size */ + 0, /* retransmission not allowed */ + NULL, /* no encrypted extension headers */ + 0, /* list of encrypted extension headers is empty */ NULL };