Navigation

← Previous Changeset
Next Changeset →

Changeset 263b77a37a173ae8ed008b959ae54d1d48f09f77

Timestamp:

11/03/07 14:18:05 (2 years ago)

Author:

Rémi Denis-Courmont <rem@videolan.org>

git-committer:

Rémi Denis-Courmont <rem@videolan.org> 1173619085 +0000

git-parent:

[56e9569c94674100e92c395deac7ca3b9baaf9ea]

git-author:

Rémi Denis-Courmont <rem@videolan.org> 1173619085 +0000

Message:

API cleanup

Files:

libs/srtp/recv.c (modified) (1 diff)
libs/srtp/srtp.c (modified) (6 diffs)
libs/srtp/srtp.h (modified) (2 diffs)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

libs/srtp/recv.c

r67da488	r263b77a
52	52	"\x12\x34\x56\x78\x90" "\x12\x34\x56\x78\x90" "\x12\x34\x56\x78";
53	53
54		srtp_session_t *s = srtp_create ("AES_CM_128_HMAC_SHA1_80", 0, 0);
	54	srtp_session_t *s = srtp_create (SRTP_ENCR_AES_CM, SRTP_AUTH_HMAC_SHA1, 10,
	55	SRTP_PRF_AES_CM, 0);
55	56	if (s == NULL)
56	57	return 1;

libs/srtp/srtp.c

r67da488	r263b77a
62	62	uint32_t rtp_roc;
63	63	uint16_t rtp_seq;
	64	uint16_t rtp_rcc;
64	65	uint8_t tag_len;
65	66	};
…	…
74	75	SRTCP_SALT
75	76	};
	77
76	78
77	79	#ifdef WIN32
…	…
160	162	* multiple simultaneous sessions with the same master key.
161	163	*
162		* @param name cipher-suite name
163		* @param kdr key derivation rate
	164	* @param encr encryption algorithm number
	165	* @param auth authentication algortihm number
	166	* @param tag_len authentication tag byte length (NOT including RCC)
164	167	* @param flags OR'ed optional flags.
165	168	*
…	…
167	170	*/
168	171	srtp_session_t *
169		srtp_create (const char *name, unsigned flags, unsigned kdr)
170		{
171		assert (name != NULL);
172
173		if (kdr != 0)
174		return NULL; // FIXME: KDR not implemented yet
175
176		uint8_t tag_len;
177		int cipher = GCRY_CIPHER_AES, md = GCRY_MD_SHA1;
178
179		if (strcmp (name, "AES_CM_128_HMAC_SHA1_80") == 0)
180		tag_len = 10;
181		else
182		if (strcmp (name, "AES_CM_128_HMAC_SHA1_32") == 0)
183		tag_len = 4;
184		else
185		// F8_128_HMAC_SHA1_80 is not implemented
	172	srtp_create (int encr, int auth, unsigned tag_len, int prf, unsigned flags)
	173	{
	174	if ((flags & ~SRTP_FLAGS_MASK) \|\| init_libgcrypt ())
186	175	return NULL;
187	176
188		if ((flags & ~SRTP_FLAGS_MASK) \|\| init_libgcrypt ())
	177	int cipher, md;
	178	switch (encr)
	179	{
	180	case SRTP_ENCR_NULL:
	181	cipher = GCRY_CIPHER_NONE;
	182	break;
	183
	184	case SRTP_ENCR_AES_CM:
	185	cipher = GCRY_CIPHER_AES;
	186	break;
	187
	188	default:
	189	return NULL;
	190	}
	191
	192	switch (auth)
	193	{
	194	case SRTP_AUTH_NULL:
	195	md = GCRY_MD_NONE;
	196	break;
	197
	198	case SRTP_AUTH_HMAC_SHA1:
	199	md = GCRY_MD_SHA1;
	200	break;
	201
	202	default:
	203	return NULL;
	204	}
	205
	206	if (tag_len > gcry_md_get_algo_dlen (auth))
	207	return NULL;
	208
	209	if (prf != SRTP_PRF_AES_CM)
189	210	return NULL;
190	211
…	…
195	216	memset (s, 0, sizeof (*s));
196	217	s->flags = flags;
197		~~s->kdr = kdr;~~
198	218	s->tag_len = tag_len;
199	219
…	…
337	357
338	358
	359	/**
	360	* Sets Roll-over-Counter Carry (RCC) rate for the SRTP session. If not
	361	* specified (through this function), the default rate of ONE is assumed
	362	* (i.e. every RTP packets will carry the RoC). RCC rate is ignored if none
	363	* of the RCC mode has been selected.
	364	*
	365	* The RCC mode is selected through one of these flags for srtp_create():
	366	* SRTP_RCC_MODE1: integrity protection only for RoC carrying packets
	367	* SRTP_RCC_MODE2: integrity protection for all packets
	368	* SRTP_RCC_MODE3: no integrity protection
	369	*
	370	* RCC mode 3 is insecure. Compared to plain RTP, it provides confidentiality
	371	* (through encryption) but is much more prone to DoS. It can only be used if
	372	* anti-spoofing protection is provided by lower network layers (e.g. IPsec,
	373	* or trusted routers and proper source address filtering).
	374	*
	375	* If RCC rate is 1, RCC mode 1 and 2 are functionally identical.
	376	*
	377	* @param rate RoC Carry rate (MUST NOT be zero)
	378	*/
	379	void srtp_setrcc_rate (srtp_session_t *s, uint16_t rate)
	380	{
	381	assert (rate != 0);
	382	s->rtp_rcc = rate;
	383	}
	384
	385
339	386	/** AES-CM encryption/decryption (ctr length = 16 bytes) */
340	387	static int

libs/srtp/srtp.h

r9775069	r263b77a
25	25	enum
26	26	{
27		SRTP_UNENCRYPTED=0x1, // do not encrypt SRTP packets
28		SRTCP_UNENCRYPTED=0x2, // do not encrypt SRTCP packets
29		SRTP_NULL_CIPHER=0x3, // use NULL cipher (encrypt nothing)
30		SRTP_UNAUTHENTICATED=0x4, // do not authenticated SRTP packets
31		SRTP_FLAGS_MASK=0x7
	27	SRTP_UNENCRYPTED=0x1, // do not encrypt SRTP packets
	28	SRTCP_UNENCRYPTED=0x2, // do not encrypt SRTCP packets
	29	SRTP_UNAUTHENTICATED=0x4, // authenticate only SRTCP packets
	30
	31	SRTP_RCC_MODE1=0x10, // use Roll-over-Counter Carry mode 1
	32	SRTP_RCC_MODE2=0x20, // use Roll-over-Counter Carry mode 2
	33	SRTP_RCC_MODE3=0x30, // use Roll-over-Counter Carry mode 3 (insecure)
	34
	35	SRTP_FLAGS_MASK=0x38
32	36	};
33	37
	38	/* SRTP encryption algorithms (ciphers); same values as MIKEY */
	39	enum
	40	{
	41	SRTP_ENCR_NULL=0,
	42	SRTP_ENCR_AES_CM=1,
	43	SRTP_ENCR_AES_F8=2 // not implemented
	44	};
	45
	46	/* SRTP authenticaton algorithms; same values as MIKEY */
	47	enum
	48	{
	49	SRTP_AUTH_NULL=0,
	50	SRTP_AUTH_HMAC_SHA1=1
	51	};
	52
	53	/* SRTP pseudo random function; same values as MIKEY */
	54	enum
	55	{
	56	SRTP_PRF_AES_CM=0
	57	};
34	58
35	59	# ifdef __cplusplus
…	…
37	61	# endif
38	62
39		srtp_session_t srtp_create (const char name, unsigned flags, unsigned kdr);
	63	srtp_session_t *srtp_create (int encr, int auth, unsigned tag_len, int prf,
	64	unsigned flags);
40	65	void srtp_destroy (srtp_session_t *s);
	66
41	67	int srtp_setkey (srtp_session_t s, const void key, size_t keylen,
42	68	const void *salt, size_t saltlen);
	69	void srtp_setrcc_rate (srtp_session_t *s, uint16_t rate);
43	70
44	71	int srtp_send (srtp_session_t s, uint8_t buf, size_t *lenp, size_t maxsize);