| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * srtp.c | 2 * srtp.c |
| 3 * | 3 * |
| 4 * the secure real-time transport protocol | 4 * the secure real-time transport protocol |
| 5 * | 5 * |
| 6 * David A. McGrew | 6 * David A. McGrew |
| 7 * Cisco Systems, Inc. | 7 * Cisco Systems, Inc. |
| 8 */ | 8 */ |
| 9 /* | 9 /* |
| 10 * | 10 * |
| (...skipping 2843 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2854 * +--+--+--+--+--+--+--+--+--+--+--+--+ | | 2854 * +--+--+--+--+--+--+--+--+--+--+--+--+ | |
| 2855 * | Initialization Vector |<--+ | 2855 * | Initialization Vector |<--+ |
| 2856 * +--+--+--+--+--+--+--+--+--+--+--+--+* | 2856 * +--+--+--+--+--+--+--+--+--+--+--+--+* |
| 2857 * | 2857 * |
| 2858 * Input: *stream - pointer to SRTP stream context, used to retrieve | 2858 * Input: *stream - pointer to SRTP stream context, used to retrieve |
| 2859 * the SALT | 2859 * the SALT |
| 2860 * *iv - Pointer to recieve the calculated IV | 2860 * *iv - Pointer to recieve the calculated IV |
| 2861 * seq_num - The SEQ value to use for the IV calculation. | 2861 * seq_num - The SEQ value to use for the IV calculation. |
| 2862 * *hdr - The RTP header, used to get the SSRC value | 2862 * *hdr - The RTP header, used to get the SSRC value |
| 2863 * | 2863 * |
| 2864 * Returns: srtp_err_status_ok if no error or srtp_err_status_bad_param |
| 2865 * if seq_num is invalid |
| 2866 * |
| 2864 */ | 2867 */ |
| 2865 static void srtp_calc_aead_iv_srtcp(srtp_stream_ctx_t *stream, v128_t *iv, | 2868 static srtp_err_status_t |
| 2866 uint32_t seq_num, srtcp_hdr_t *hdr) | 2869 srtp_calc_aead_iv_srtcp(srtp_stream_ctx_t *stream, v128_t *iv, |
| 2870 uint32_t seq_num, srtcp_hdr_t *hdr) |
| 2867 { | 2871 { |
| 2868 v128_t in; | 2872 v128_t in; |
| 2869 v128_t salt; | 2873 v128_t salt; |
| 2870 | 2874 |
| 2871 memset(&in, 0, sizeof(v128_t)); | 2875 memset(&in, 0, sizeof(v128_t)); |
| 2872 memset(&salt, 0, sizeof(v128_t)); | 2876 memset(&salt, 0, sizeof(v128_t)); |
| 2873 | 2877 |
| 2874 in.v16[0] = 0; | 2878 in.v16[0] = 0; |
| 2875 memcpy(&in.v16[1], &hdr->ssrc, 4); /* still in network order! */ | 2879 memcpy(&in.v16[1], &hdr->ssrc, 4); /* still in network order! */ |
| 2876 in.v16[3] = 0; | 2880 in.v16[3] = 0; |
| 2877 in.v32[2] = 0x7FFFFFFF & htonl(seq_num); /* bit 32 is suppose to be zero */ | 2881 |
| 2882 /* |
| 2883 * The SRTCP index (seq_num) spans bits 0 through 30 inclusive. |
| 2884 * The most significant bit should be zero. |
| 2885 */ |
| 2886 if (seq_num & 0x80000000UL) { |
| 2887 return srtp_err_status_bad_param; |
| 2888 } |
| 2889 in.v32[2] = htonl(seq_num); |
| 2878 | 2890 |
| 2879 debug_print(mod_srtp, "Pre-salted RTCP IV = %s\n", v128_hex_string(&in)); | 2891 debug_print(mod_srtp, "Pre-salted RTCP IV = %s\n", v128_hex_string(&in)); |
| 2880 | 2892 |
| 2881 /* | 2893 /* |
| 2882 * Get the SALT value from the context | 2894 * Get the SALT value from the context |
| 2883 */ | 2895 */ |
| 2884 memcpy(salt.v8, stream->c_salt, 12); | 2896 memcpy(salt.v8, stream->c_salt, 12); |
| 2885 debug_print(mod_srtp, "RTCP SALT = %s\n", v128_hex_string(&salt)); | 2897 debug_print(mod_srtp, "RTCP SALT = %s\n", v128_hex_string(&salt)); |
| 2886 | 2898 |
| 2887 /* | 2899 /* |
| 2888 * Finally, apply the SALT to the input | 2900 * Finally, apply the SALT to the input |
| 2889 */ | 2901 */ |
| 2890 v128_xor(iv, &in, &salt); | 2902 v128_xor(iv, &in, &salt); |
| 2903 |
| 2904 return srtp_err_status_ok; |
| 2891 } | 2905 } |
| 2892 | 2906 |
| 2893 /* | 2907 /* |
| 2894 * This code handles AEAD ciphers for outgoing RTCP. We currently support | 2908 * This code handles AEAD ciphers for outgoing RTCP. We currently support |
| 2895 * AES-GCM mode with 128 or 256 bit keys. | 2909 * AES-GCM mode with 128 or 256 bit keys. |
| 2896 */ | 2910 */ |
| 2897 static srtp_err_status_t | 2911 static srtp_err_status_t |
| 2898 srtp_protect_rtcp_aead (srtp_t ctx, srtp_stream_ctx_t *stream, | 2912 srtp_protect_rtcp_aead (srtp_t ctx, srtp_stream_ctx_t *stream, |
| 2899 void *rtcp_hdr, unsigned int *pkt_octet_len) | 2913 void *rtcp_hdr, unsigned int *pkt_octet_len) |
| 2900 { | 2914 { |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2948 */ | 2962 */ |
| 2949 status = srtp_rdb_increment(&stream->rtcp_rdb); | 2963 status = srtp_rdb_increment(&stream->rtcp_rdb); |
| 2950 if (status) { | 2964 if (status) { |
| 2951 return status; | 2965 return status; |
| 2952 } | 2966 } |
| 2953 seq_num = srtp_rdb_get_value(&stream->rtcp_rdb); | 2967 seq_num = srtp_rdb_get_value(&stream->rtcp_rdb); |
| 2954 *trailer |= htonl(seq_num); | 2968 *trailer |= htonl(seq_num); |
| 2955 debug_print(mod_srtp, "srtcp index: %x", seq_num); | 2969 debug_print(mod_srtp, "srtcp index: %x", seq_num); |
| 2956 | 2970 |
| 2957 /* | 2971 /* |
| 2958 * Calculating the IV and pass it down to the cipher | 2972 * Calculate and set the IV |
| 2959 */ | 2973 */ |
| 2960 srtp_calc_aead_iv_srtcp(stream, &iv, seq_num, hdr); | 2974 status = srtp_calc_aead_iv_srtcp(stream, &iv, seq_num, hdr); |
| 2975 if (status) { |
| 2976 return srtp_err_status_cipher_fail; |
| 2977 } |
| 2961 status = srtp_cipher_set_iv(stream->rtcp_cipher, (uint8_t*)&iv, srtp_directi
on_encrypt); | 2978 status = srtp_cipher_set_iv(stream->rtcp_cipher, (uint8_t*)&iv, srtp_directi
on_encrypt); |
| 2962 if (status) { | 2979 if (status) { |
| 2963 return srtp_err_status_cipher_fail; | 2980 return srtp_err_status_cipher_fail; |
| 2964 } | 2981 } |
| 2965 | 2982 |
| 2966 /* | 2983 /* |
| 2967 * Set the AAD for GCM mode | 2984 * Set the AAD for GCM mode |
| 2968 */ | 2985 */ |
| 2969 if (enc_start) { | 2986 if (enc_start) { |
| 2970 /* | 2987 /* |
| (...skipping 124 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3095 seq_num = ntohl(*trailer) & SRTCP_INDEX_MASK; | 3112 seq_num = ntohl(*trailer) & SRTCP_INDEX_MASK; |
| 3096 debug_print(mod_srtp, "srtcp index: %x", seq_num); | 3113 debug_print(mod_srtp, "srtcp index: %x", seq_num); |
| 3097 status = srtp_rdb_check(&stream->rtcp_rdb, seq_num); | 3114 status = srtp_rdb_check(&stream->rtcp_rdb, seq_num); |
| 3098 if (status) { | 3115 if (status) { |
| 3099 return status; | 3116 return status; |
| 3100 } | 3117 } |
| 3101 | 3118 |
| 3102 /* | 3119 /* |
| 3103 * Calculate and set the IV | 3120 * Calculate and set the IV |
| 3104 */ | 3121 */ |
| 3105 srtp_calc_aead_iv_srtcp(stream, &iv, seq_num, hdr); | 3122 status = srtp_calc_aead_iv_srtcp(stream, &iv, seq_num, hdr); |
| 3123 if (status) { |
| 3124 return srtp_err_status_cipher_fail; |
| 3125 } |
| 3106 status = srtp_cipher_set_iv(stream->rtcp_cipher, (uint8_t*)&iv, srtp_directi
on_decrypt); | 3126 status = srtp_cipher_set_iv(stream->rtcp_cipher, (uint8_t*)&iv, srtp_directi
on_decrypt); |
| 3107 if (status) { | 3127 if (status) { |
| 3108 return srtp_err_status_cipher_fail; | 3128 return srtp_err_status_cipher_fail; |
| 3109 } | 3129 } |
| 3110 | 3130 |
| 3111 /* | 3131 /* |
| 3112 * Set the AAD for GCM mode | 3132 * Set the AAD for GCM mode |
| 3113 */ | 3133 */ |
| 3114 if (enc_start) { | 3134 if (enc_start) { |
| 3115 /* | 3135 /* |
| (...skipping 711 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 3827 srtp_err_status_t srtp_set_debug_module(char *mod_name, int v) | 3847 srtp_err_status_t srtp_set_debug_module(char *mod_name, int v) |
| 3828 { | 3848 { |
| 3829 return srtp_crypto_kernel_set_debug_module(mod_name, v); | 3849 return srtp_crypto_kernel_set_debug_module(mod_name, v); |
| 3830 } | 3850 } |
| 3831 | 3851 |
| 3832 srtp_err_status_t srtp_list_debug_modules(void) | 3852 srtp_err_status_t srtp_list_debug_modules(void) |
| 3833 { | 3853 { |
| 3834 return srtp_crypto_kernel_list_debug_modules(); | 3854 return srtp_crypto_kernel_list_debug_modules(); |
| 3835 } | 3855 } |
| 3836 | 3856 |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2723863003:
Fix incorrectly masked seq number for GCM IV. (Closed)
