public/rtphone
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

- initial import

Browse Source
This commit is contained in:
Dmytro Bogovych
2018-06-05 11:05:37 +03:00
commit e1a4931375
4673 changed files with 1383093 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

90
src/libs/srtp/crypto/include/aes.h Normal file
View File

@@ -0,0 +1,90 @@
/*
* aes.h
*
* header file for the AES block cipher
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef _AES_H
#define _AES_H
#include "config.h"
#include "datatypes.h"
#include "gf2_8.h"
#include "err.h"
/* aes internals */
typedef struct {
v128_t round[15];
int num_rounds;
} aes_expanded_key_t;
err_status_t
aes_expand_encryption_key(const uint8_t *key,
int key_len,
aes_expanded_key_t *expanded_key);
err_status_t
aes_expand_decryption_key(const uint8_t *key,
int key_len,
aes_expanded_key_t *expanded_key);
void
aes_encrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key);
void
aes_decrypt(v128_t *plaintext, const aes_expanded_key_t *exp_key);
#if 0
/*
* internal functions
*/
void
aes_init_sbox(void);
void
aes_compute_tables(void);
#endif
#endif /* _AES_H */

50
src/libs/srtp/crypto/include/aes_cbc.h Normal file
View File

@@ -0,0 +1,50 @@
/*
* aes_cbc.h
*
* Header for AES Cipher Blobk Chaining Mode.
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
#ifndef AES_CBC_H
#define AES_CBC_H
#include "aes.h"
#include "cipher.h"
typedef struct {
v128_t state; /* cipher chaining state */
v128_t previous; /* previous ciphertext block */
aes_expanded_key_t expanded_key; /* the cipher key */
} aes_cbc_ctx_t;
err_status_t
aes_cbc_set_key(aes_cbc_ctx_t *c,
const unsigned char *key);
err_status_t
aes_cbc_encrypt(aes_cbc_ctx_t *c,
unsigned char *buf,
unsigned int *bytes_in_data);
err_status_t
aes_cbc_context_init(aes_cbc_ctx_t *c, const uint8_t *key,
int key_len, cipher_direction_t dir);
err_status_t
aes_cbc_set_iv(aes_cbc_ctx_t *c, void *iv);
err_status_t
aes_cbc_nist_encrypt(aes_cbc_ctx_t *c,
unsigned char *data,
unsigned int *bytes_in_data);
err_status_t
aes_cbc_nist_decrypt(aes_cbc_ctx_t *c,
unsigned char *data,
unsigned int *bytes_in_data);
#endif /* AES_CBC_H */

57
src/libs/srtp/crypto/include/aes_icm.h Normal file
View File

@@ -0,0 +1,57 @@
/*
* aes_icm.h
*
* Header for AES Integer Counter Mode.
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
#ifndef AES_ICM_H
#define AES_ICM_H
#include "aes.h"
#include "cipher.h"
typedef struct {
v128_t counter; /* holds the counter value */
v128_t offset; /* initial offset value */
v128_t keystream_buffer; /* buffers bytes of keystream */
aes_expanded_key_t expanded_key; /* the cipher key */
int bytes_in_buffer; /* number of unused bytes in buffer */
} aes_icm_ctx_t;
err_status_t
aes_icm_context_init(aes_icm_ctx_t *c,
const unsigned char *key,
int key_len);
err_status_t
aes_icm_set_iv(aes_icm_ctx_t *c, void *iv);
err_status_t
aes_icm_encrypt(aes_icm_ctx_t *c,
unsigned char *buf, unsigned int *bytes_to_encr);
err_status_t
aes_icm_output(aes_icm_ctx_t *c,
unsigned char *buf, int bytes_to_output);
err_status_t
aes_icm_dealloc(cipher_t *c);
err_status_t
aes_icm_encrypt_ismacryp(aes_icm_ctx_t *c,
unsigned char *buf,
unsigned int *enc_len,
int forIsmacryp);
err_status_t
aes_icm_alloc_ismacryp(cipher_t **c,
int key_len,
int forIsmacryp);
#endif /* AES_ICM_H */

57
src/libs/srtp/crypto/include/alloc.h Normal file
View File

@@ -0,0 +1,57 @@
/*
* alloc.h
*
* interface to memory allocation and deallocation, with optional debugging
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef CRYPTO_ALLOC_H
#define CRYPTO_ALLOC_H
#include "datatypes.h"
void *
crypto_alloc(size_t size);
void
crypto_free(void *ptr);
#endif /* CRYPTO_ALLOC_H */

171
src/libs/srtp/crypto/include/auth.h Normal file
View File

@@ -0,0 +1,171 @@
/*
* auth.h
*
* common interface to authentication functions
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef AUTH_H
#define AUTH_H
#include "datatypes.h"
#include "err.h" /* error codes */
#include "crypto.h" /* for auth_type_id_t */
#include "crypto_types.h" /* for values of auth_type_id_t */
typedef struct auth_type_t *auth_type_pointer;
typedef struct auth_t *auth_pointer_t;
typedef err_status_t (*auth_alloc_func)
(auth_pointer_t *ap, int key_len, int out_len);
typedef err_status_t (*auth_init_func)
(void *state, const uint8_t *key, int key_len);
typedef err_status_t (*auth_dealloc_func)(auth_pointer_t ap);
typedef err_status_t (*auth_compute_func)
(void *state, uint8_t *buffer, int octets_to_auth,
int tag_len, uint8_t *tag);
typedef err_status_t (*auth_update_func)
(void *state, uint8_t *buffer, int octets_to_auth);
typedef err_status_t (*auth_start_func)(void *state);
/* some syntactic sugar on these function types */
#define auth_type_alloc(at, a, klen, outlen) \
((at)->alloc((a), (klen), (outlen)))
#define auth_init(a, key) \
(((a)->type)->init((a)->state, (key), ((a)->key_len)))
#define auth_compute(a, buf, len, res) \
(((a)->type)->compute((a)->state, (buf), (len), (a)->out_len, (res)))
#define auth_update(a, buf, len) \
(((a)->type)->update((a)->state, (buf), (len)))
#define auth_start(a)(((a)->type)->start((a)->state))
#define auth_dealloc(c) (((c)->type)->dealloc(c))
/* functions to get information about a particular auth_t */
int
auth_get_key_length(const struct auth_t *a);
int
auth_get_tag_length(const struct auth_t *a);
int
auth_get_prefix_length(const struct auth_t *a);
/*
* auth_test_case_t is a (list of) key/message/tag values that are
* known to be correct for a particular cipher. this data can be used
* to test an implementation in an on-the-fly self test of the
* correcness of the implementation. (see the auth_type_self_test()
* function below)
*/
typedef struct auth_test_case_t {
int key_length_octets; /* octets in key */
uint8_t *key; /* key */
int data_length_octets; /* octets in data */
uint8_t *data; /* data */
int tag_length_octets; /* octets in tag */
uint8_t *tag; /* tag */
struct auth_test_case_t *next_test_case; /* pointer to next testcase */
} auth_test_case_t;
/* auth_type_t */
typedef struct auth_type_t {
auth_alloc_func alloc;
auth_dealloc_func dealloc;
auth_init_func init;
auth_compute_func compute;
auth_update_func update;
auth_start_func start;
char *description;
int ref_count;
auth_test_case_t *test_data;
debug_module_t *debug;
auth_type_id_t id;
} auth_type_t;
typedef struct auth_t {
auth_type_t *type;
void *state;
int out_len; /* length of output tag in octets */
int key_len; /* length of key in octets */
int prefix_len; /* length of keystream prefix */
} auth_t;
/*
* auth_type_self_test() tests an auth_type against test cases
* provided in an array of values of key/message/tag that is known to
* be good
*/
err_status_t
auth_type_self_test(const auth_type_t *at);
/*
* auth_type_test() tests an auth_type against external test cases
* provided in an array of values of key/message/tag that is known to
* be good
*/
err_status_t
auth_type_test(const auth_type_t *at, const auth_test_case_t *test_data);
/*
* auth_type_get_ref_count(at) returns the reference count (the number
* of instantiations) of the auth_type_t at
*/
int
auth_type_get_ref_count(const auth_type_t *at);
#endif /* AUTH_H */

230
src/libs/srtp/crypto/include/cipher.h Normal file
View File

@@ -0,0 +1,230 @@
/*
* cipher.h
*
* common interface to ciphers
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef CIPHER_H
#define CIPHER_H
#include "datatypes.h"
#include "rdbx.h" /* for xtd_seq_num_t */
#include "err.h" /* for error codes */
#include "crypto.h" /* for cipher_type_id_t */
#include "crypto_types.h" /* for values of cipher_type_id_t */
/**
* @brief cipher_direction_t defines a particular cipher operation.
*
* A cipher_direction_t is an enum that describes a particular cipher
* operation, i.e. encryption or decryption. For some ciphers, this
* distinction does not matter, but for others, it is essential.
*/
typedef enum {
direction_encrypt, /**< encryption (convert plaintext to ciphertext) */
direction_decrypt, /**< decryption (convert ciphertext to plaintext) */
direction_any /**< encryption or decryption */
} cipher_direction_t;
/*
* the cipher_pointer and cipher_type_pointer definitions are needed
* as cipher_t and cipher_type_t are not yet defined
*/
typedef struct cipher_type_t *cipher_type_pointer_t;
typedef struct cipher_t *cipher_pointer_t;
/*
* a cipher_alloc_func_t allocates (but does not initialize) a cipher_t
*/
typedef err_status_t (*cipher_alloc_func_t)
(cipher_pointer_t *cp, int key_len);
/*
* a cipher_init_func_t [re-]initializes a cipher_t with a given key
* and direction (i.e., encrypt or decrypt)
*/
typedef err_status_t (*cipher_init_func_t)
(void *state, const uint8_t *key, int key_len, cipher_direction_t dir);
/* a cipher_dealloc_func_t de-allocates a cipher_t */
typedef err_status_t (*cipher_dealloc_func_t)(cipher_pointer_t cp);
/* a cipher_set_segment_func_t sets the segment index of a cipher_t */
typedef err_status_t (*cipher_set_segment_func_t)
(void *state, xtd_seq_num_t idx);
/* a cipher_encrypt_func_t encrypts data in-place */
typedef err_status_t (*cipher_encrypt_func_t)
(void *state, uint8_t *buffer, unsigned int *octets_to_encrypt);
/* a cipher_decrypt_func_t decrypts data in-place */
typedef err_status_t (*cipher_decrypt_func_t)
(void *state, uint8_t *buffer, unsigned int *octets_to_decrypt);
/*
* a cipher_set_iv_func_t function sets the current initialization vector
*/
typedef err_status_t (*cipher_set_iv_func_t)
(cipher_pointer_t cp, void *iv);
/*
* cipher_test_case_t is a (list of) key, salt, xtd_seq_num_t,
* plaintext, and ciphertext values that are known to be correct for a
* particular cipher. this data can be used to test an implementation
* in an on-the-fly self test of the correcness of the implementation.
* (see the cipher_type_self_test() function below)
*/
typedef struct cipher_test_case_t {
int key_length_octets; /* octets in key */
uint8_t *key; /* key */
uint8_t *idx; /* packet index */
int plaintext_length_octets; /* octets in plaintext */
uint8_t *plaintext; /* plaintext */
int ciphertext_length_octets; /* octets in plaintext */
uint8_t *ciphertext; /* ciphertext */
struct cipher_test_case_t *next_test_case; /* pointer to next testcase */
} cipher_test_case_t;
/* cipher_type_t defines the 'metadata' for a particular cipher type */
typedef struct cipher_type_t {
cipher_alloc_func_t alloc;
cipher_dealloc_func_t dealloc;
cipher_init_func_t init;
cipher_encrypt_func_t encrypt;
cipher_encrypt_func_t decrypt;
cipher_set_iv_func_t set_iv;
char *description;
int ref_count;
cipher_test_case_t *test_data;
debug_module_t *debug;
cipher_type_id_t id;
} cipher_type_t;
/*
* cipher_t defines an instantiation of a particular cipher, with fixed
* key length, key and salt values
*/
typedef struct cipher_t {
cipher_type_t *type;
void *state;
int key_len;
#ifdef FORCE_64BIT_ALIGN
int pad;
#endif
} cipher_t;
/* some syntactic sugar on these function types */
#define cipher_type_alloc(ct, c, klen) ((ct)->alloc((c), (klen)))
#define cipher_dealloc(c) (((c)->type)->dealloc(c))
#define cipher_init(c, k, dir) (((c)->type)->init(((c)->state), (k), ((c)->key_len), (dir)))
#define cipher_encrypt(c, buf, len) \
(((c)->type)->encrypt(((c)->state), (buf), (len)))
#define cipher_decrypt(c, buf, len) \
(((c)->type)->decrypt(((c)->state), (buf), (len)))
#define cipher_set_iv(c, n) \
((c) ? (((c)->type)->set_iv(((cipher_pointer_t)(c)->state), (n))) : \
err_status_no_such_op)
err_status_t
cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output);
/* some bookkeeping functions */
int
cipher_get_key_length(const cipher_t *c);
/*
* cipher_type_self_test() tests a cipher against test cases provided in
* an array of values of key/xtd_seq_num_t/plaintext/ciphertext
* that is known to be good
*/
err_status_t
cipher_type_self_test(const cipher_type_t *ct);
/*
* cipher_type_test() tests a cipher against external test cases provided in
* an array of values of key/xtd_seq_num_t/plaintext/ciphertext
* that is known to be good
*/
err_status_t
cipher_type_test(const cipher_type_t *ct, const cipher_test_case_t *test_data);
/*
* cipher_bits_per_second(c, l, t) computes (and estimate of) the
* number of bits that a cipher implementation can encrypt in a second
*
* c is a cipher (which MUST be allocated and initialized already), l
* is the length in octets of the test data to be encrypted, and t is
* the number of trials
*
* if an error is encountered, then the value 0 is returned
*/
uint64_t
cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials);
#endif /* CIPHER_H */

16
src/libs/srtp/crypto/include/config.h Normal file
View File

@@ -0,0 +1,16 @@
#ifndef SRTP_CONFIG_H
#define SRTP_CONFIG_H
#define HAVE_STDLIB_H
#ifdef WIN32
# define inline __inline
#endif
#ifdef WIN32
#define HAVE_WINSOCK2_H 1
#define CPU_CISC 1
#else
#endif
#endif

43
src/libs/srtp/crypto/include/crypto.h Normal file
View File

@@ -0,0 +1,43 @@
/*
* crypto.h
*
* API for libcrypto
*
* David A. McGrew
* Cisco Systems, Inc.
*/
#ifndef CRYPTO_H
#define CRYPTO_H
/**
* @brief A cipher_type_id_t is an identifier for a particular cipher
* type.
*
* A cipher_type_id_t is an integer that represents a particular
* cipher type, e.g. the Advanced Encryption Standard (AES). A
* NULL_CIPHER is avaliable; this cipher leaves the data unchanged,
* and can be selected to indicate that no encryption is to take
* place.
*
* @ingroup Ciphers
*/
typedef uint32_t cipher_type_id_t;
/**
* @brief An auth_type_id_t is an identifier for a particular authentication
* function.
*
* An auth_type_id_t is an integer that represents a particular
* authentication function type, e.g. HMAC-SHA1. A NULL_AUTH is
* avaliable; this authentication function performs no computation,
* and can be selected to indicate that no authentication is to take
* place.
*
* @ingroup Authentication
*/
typedef uint32_t auth_type_id_t;
#endif /* CRYPTO_H */

280
src/libs/srtp/crypto/include/crypto_kernel.h Normal file
View File

@@ -0,0 +1,280 @@
/*
* crypto_kernel.h
*
* header for the cryptographic kernel
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2001-2006 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef CRYPTO_KERNEL
#define CRYPTO_KERNEL
#include "rand_source.h"
#include "prng.h"
#include "cipher.h"
#include "auth.h"
#include "cryptoalg.h"
#include "stat.h"
#include "err.h"
#include "crypto_types.h"
#include "key.h"
#include "crypto.h"
/*
* crypto_kernel_state_t defines the possible states:
*
* insecure - not yet initialized
* secure - initialized and passed self-tests
*/
typedef enum {
crypto_kernel_state_insecure,
crypto_kernel_state_secure
} crypto_kernel_state_t;
/*
* linked list of cipher types
*/
typedef struct kernel_cipher_type {
cipher_type_id_t id;
cipher_type_t *cipher_type;
struct kernel_cipher_type *next;
} kernel_cipher_type_t;
/*
* linked list of auth types
*/
typedef struct kernel_auth_type {
auth_type_id_t id;
auth_type_t *auth_type;
struct kernel_auth_type *next;
} kernel_auth_type_t;
/*
* linked list of debug modules
*/
typedef struct kernel_debug_module {
debug_module_t *mod;
struct kernel_debug_module *next;
} kernel_debug_module_t;
/*
* crypto_kernel_t is the data structure for the crypto kernel
*
* note that there is *exactly one* instance of this data type,
* a global variable defined in crypto_kernel.c
*/
typedef struct {
crypto_kernel_state_t state; /* current state of kernel */
kernel_cipher_type_t *cipher_type_list; /* list of all cipher types */
kernel_auth_type_t *auth_type_list; /* list of all auth func types */
kernel_debug_module_t *debug_module_list; /* list of all debug modules */
} crypto_kernel_t;
/*
* crypto_kernel_t external api
*/
/*
* The function crypto_kernel_init() initialized the crypto kernel and
* runs the self-test operations on the random number generators and
* crypto algorithms. Possible return values are:
*
* err_status_ok initialization successful
* <other> init failure
*
* If any value other than err_status_ok is returned, the
* crypto_kernel MUST NOT be used.
*/
err_status_t
crypto_kernel_init(void);
/*
* The function crypto_kernel_shutdown() de-initializes the
* crypto_kernel, zeroizes keys and other cryptographic material, and
* deallocates any dynamically allocated memory. Possible return
* values are:
*
* err_status_ok shutdown successful
* <other> shutdown failure
*
*/
err_status_t
crypto_kernel_shutdown(void);
/*
* The function crypto_kernel_stats() checks the the crypto_kernel,
* running tests on the ciphers, auth funcs, and rng, and prints out a
* status report. Possible return values are:
*
* err_status_ok all tests were passed
* <other> a test failed
*
*/
err_status_t
crypto_kernel_status(void);
/*
* crypto_kernel_list_debug_modules() outputs a list of debugging modules
*
*/
err_status_t
crypto_kernel_list_debug_modules(void);
/*
* crypto_kernel_load_cipher_type()
*
*/
err_status_t
crypto_kernel_load_cipher_type(cipher_type_t *ct, cipher_type_id_t id);
err_status_t
crypto_kernel_load_auth_type(auth_type_t *ct, auth_type_id_t id);
/*
* crypto_kernel_replace_cipher_type(ct, id)
*
* replaces the crypto kernel's existing cipher for the cipher_type id
* with a new one passed in externally. The new cipher must pass all the
* existing cipher_type's self tests as well as its own.
*/
err_status_t
crypto_kernel_replace_cipher_type(cipher_type_t *ct, cipher_type_id_t id);
/*
* crypto_kernel_replace_auth_type(ct, id)
*
* replaces the crypto kernel's existing cipher for the auth_type id
* with a new one passed in externally. The new auth type must pass all the
* existing auth_type's self tests as well as its own.
*/
err_status_t
crypto_kernel_replace_auth_type(auth_type_t *ct, auth_type_id_t id);
err_status_t
crypto_kernel_load_debug_module(debug_module_t *new_dm);
/*
* crypto_kernel_alloc_cipher(id, cp, key_len);
*
* allocates a cipher of type id at location *cp, with key length
* key_len octets. Return values are:
*
* err_status_ok no problems
* err_status_alloc_fail an allocation failure occured
* err_status_fail couldn't find cipher with identifier 'id'
*/
err_status_t
crypto_kernel_alloc_cipher(cipher_type_id_t id,
cipher_pointer_t *cp,
int key_len);
/*
* crypto_kernel_alloc_auth(id, ap, key_len, tag_len);
*
* allocates an auth function of type id at location *ap, with key
* length key_len octets and output tag length of tag_len. Return
* values are:
*
* err_status_ok no problems
* err_status_alloc_fail an allocation failure occured
* err_status_fail couldn't find auth with identifier 'id'
*/
err_status_t
crypto_kernel_alloc_auth(auth_type_id_t id,
auth_pointer_t *ap,
int key_len,
int tag_len);
/*
* crypto_kernel_set_debug_module(mod_name, v)
*
* sets dynamic debugging to the value v (0 for off, 1 for on) for the
* debug module with the name mod_name
*
* returns err_status_ok on success, err_status_fail otherwise
*/
err_status_t
crypto_kernel_set_debug_module(char *mod_name, int v);
/**
* @brief writes a random octet string.
*
* The function call crypto_get_random(dest, len) writes len octets of
* random data to the location to which dest points, and returns an
* error code. This error code @b must be checked, and if a failure is
* reported, the data in the buffer @b must @b not be used.
*
* @warning If the return code is not checked, then non-random
* data may be in the buffer. This function will fail
* unless it is called after crypto_kernel_init().
*
* @return
* - err_status_ok if no problems occured.
* - [other] a problem occured, and no assumptions should
* be made about the contents of the destination
* buffer.
*
* @ingroup SRTP
*/
err_status_t
crypto_get_random(unsigned char *buffer, unsigned int length);
#endif /* CRYPTO_KERNEL */

239
src/libs/srtp/crypto/include/crypto_math.h Normal file
View File

@@ -0,0 +1,239 @@
/*
* math.h
*
* crypto math operations and data types
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef MATH_H
#define MATH_H
#include "datatypes.h"
unsigned char
v32_weight(v32_t a);
unsigned char
v32_distance(v32_t x, v32_t y);
unsigned int
v32_dot_product(v32_t a, v32_t b);
char *
v16_bit_string(v16_t x);
char *
v32_bit_string(v32_t x);
char *
v64_bit_string(const v64_t *x);
char *
octet_hex_string(uint8_t x);
char *
v16_hex_string(v16_t x);
char *
v32_hex_string(v32_t x);
char *
v64_hex_string(const v64_t *x);
int
hex_char_to_nibble(uint8_t c);
int
is_hex_string(char *s);
v16_t
hex_string_to_v16(char *s);
v32_t
hex_string_to_v32(char *s);
v64_t
hex_string_to_v64(char *s);
/* the matrix A[] is stored in column format, i.e., A[i] is
the ith column of the matrix */
uint8_t
A_times_x_plus_b(uint8_t A[8], uint8_t x, uint8_t b);
void
v16_copy_octet_string(v16_t *x, const uint8_t s[2]);
void
v32_copy_octet_string(v32_t *x, const uint8_t s[4]);
void
v64_copy_octet_string(v64_t *x, const uint8_t s[8]);
void
v128_add(v128_t *z, v128_t *x, v128_t *y);
int
octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
void
octet_string_set_to_zero(uint8_t *s, int len);
/*
* the matrix A[] is stored in column format, i.e., A[i] is the ith
* column of the matrix
*/
uint8_t
A_times_x_plus_b(uint8_t A[8], uint8_t x, uint8_t b);
#if 0
#if WORDS_BIGENDIAN
#define _v128_add(z, x, y) { \
uint64_t tmp; \
\
tmp = x->v32[3] + y->v32[3]; \
z->v32[3] = (uint32_t) tmp; \
\
tmp = x->v32[2] + y->v32[2] + (tmp >> 32); \
z->v32[2] = (uint32_t) tmp; \
\
tmp = x->v32[1] + y->v32[1] + (tmp >> 32); \
z->v32[1] = (uint32_t) tmp; \
\
tmp = x->v32[0] + y->v32[0] + (tmp >> 32); \
z->v32[0] = (uint32_t) tmp; \
}
#else /* assume little endian architecture */
#define _v128_add(z, x, y) { \
uint64_t tmp; \
\
tmp = htonl(x->v32[3]) + htonl(y->v32[3]); \
z->v32[3] = ntohl((uint32_t) tmp); \
\
tmp = htonl(x->v32[2]) + htonl(y->v32[2]) \
+ htonl(tmp >> 32); \
z->v32[2] = ntohl((uint32_t) tmp); \
\
tmp = htonl(x->v32[1]) + htonl(y->v32[1]) \
+ htonl(tmp >> 32); \
z->v32[1] = ntohl((uint32_t) tmp); \
\
tmp = htonl(x->v32[0]) + htonl(y->v32[0]) \
+ htonl(tmp >> 32); \
z->v32[0] = ntohl((uint32_t) tmp); \
}
#endif /* WORDS_BIGENDIAN */
#endif
#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
#define v128_set_to_zero(z) _v128_set_to_zero(z)
#define v128_copy(z, x) _v128_copy(z, x)
#define v128_xor(z, x, y) _v128_xor(z, x, y)
#define v128_and(z, x, y) _v128_and(z, x, y)
#define v128_or(z, x, y) _v128_or(z, x, y)
#define v128_complement(x) _v128_complement(x)
#define v128_is_eq(x, y) _v128_is_eq(x, y)
#define v128_xor_eq(x, y) _v128_xor_eq(x, y)
#define v128_get_bit(x, i) _v128_get_bit(x, i)
#define v128_set_bit(x, i) _v128_set_bit(x, i)
#define v128_clear_bit(x, i) _v128_clear_bit(x, i)
#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y)
#else
void
v128_set_to_zero(v128_t *x);
int
v128_is_eq(const v128_t *x, const v128_t *y);
void
v128_copy(v128_t *x, const v128_t *y);
void
v128_xor(v128_t *z, v128_t *x, v128_t *y);
void
v128_and(v128_t *z, v128_t *x, v128_t *y);
void
v128_or(v128_t *z, v128_t *x, v128_t *y);
void
v128_complement(v128_t *x);
int
v128_get_bit(const v128_t *x, int i);
void
v128_set_bit(v128_t *x, int i) ;
void
v128_clear_bit(v128_t *x, int i);
void
v128_set_bit_to(v128_t *x, int i, int y);
#endif /* DATATYPES_USE_MACROS */
/*
* octet_string_is_eq(a,b, len) returns 1 if the length len strings a
* and b are not equal, returns 0 otherwise
*/
int
octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
void
octet_string_set_to_zero(uint8_t *s, int len);
#endif /* MATH_H */

220
src/libs/srtp/crypto/include/crypto_types.h Normal file
View File

@@ -0,0 +1,220 @@
/*
* crypto_types.h
*
* constants for cipher types and auth func types
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2001-2006 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef CRYPTO_TYPES_H
#define CRYPTO_TYPES_H
/**
* @defgroup Algos Cryptographic Algorithms
*
*
* This library provides several different cryptographic algorithms,
* each of which can be selected by using the cipher_type_id_t and
* auth_type_id_t. These algorithms are documented below.
*
* Authentication functions that use the Universal Security Transform
* (UST) must be used in conjunction with a cipher other than the null
* cipher. These functions require a per-message pseudorandom input
* that is generated by the cipher.
*
* The identifiers STRONGHOLD_AUTH and STRONGHOLD_CIPHER identify the
* strongest available authentication function and cipher,
* respectively. They are resolved at compile time to the strongest
* available algorithm. The stronghold algorithms can serve as did
* the keep of a medieval fortification; they provide the strongest
* defense (or the last refuge).
*
* @{
*/
/**
* @defgroup Ciphers Cipher Types
*
* @brief Each cipher type is identified by an unsigned integer. The
* cipher types available in this edition of libSRTP are given
* by the #defines below.
*
* A cipher_type_id_t is an identifier for a cipher_type; only values
* given by the #defines above (or those present in the file
* crypto_types.h) should be used.
*
* The identifier STRONGHOLD_CIPHER indicates the strongest available
* cipher, allowing an application to choose the strongest available
* algorithm without any advance knowledge about the avaliable
* algorithms.
*
* @{
*/
/**
* @brief The null cipher performs no encryption.
*
* The NULL_CIPHER leaves its inputs unaltered, during both the
* encryption and decryption operations. This cipher can be chosen
* to indicate that no encryption is to be performed.
*/
#define NULL_CIPHER 0
/**
* @brief AES Integer Counter Mode (AES ICM)
*
* AES ICM is the variant of counter mode that is used by Secure RTP.
* This cipher uses a 16-, 24-, or 32-octet key concatenated with a
* 14-octet offset (or salt) value.
*/
#define AES_ICM 1
/**
* @brief AES-128 Integer Counter Mode (AES ICM)
* AES-128 ICM is a deprecated alternate name for AES ICM.
*/
#define AES_128_ICM AES_ICM
/**
* @brief SEAL 3.0
*
* SEAL is the Software-Optimized Encryption Algorithm of Coppersmith
* and Rogaway. Nota bene: this cipher is IBM proprietary.
*/
#define SEAL 2
/**
* @brief AES Cipher Block Chaining mode (AES CBC)
*
* AES CBC is the AES Cipher Block Chaining mode.
* This cipher uses a 16-, 24-, or 32-octet key.
*/
#define AES_CBC 3
/**
* @brief AES-128 Cipher Block Chaining mode (AES CBC)
*
* AES-128 CBC is a deprecated alternate name for AES CBC.
*/
#define AES_128_CBC AES_CBC
/**
* @brief Strongest available cipher.
*
* This identifier resolves to the strongest cipher type available.
*/
#define STRONGHOLD_CIPHER AES_ICM
/**
* @}
*/
/**
* @defgroup Authentication Authentication Function Types
*
* @brief Each authentication function type is identified by an
* unsigned integer. The authentication function types available in
* this edition of libSRTP are given by the #defines below.
*
* An auth_type_id_t is an identifier for an authentication function type;
* only values given by the #defines above (or those present in the
* file crypto_types.h) should be used.
*
* The identifier STRONGHOLD_AUTH indicates the strongest available
* authentication function, allowing an application to choose the
* strongest available algorithm without any advance knowledge about
* the avaliable algorithms. The stronghold algorithms can serve as
* did the keep of a medieval fortification; they provide the
* strongest defense (or the last refuge).
*
* @{
*/
/**
* @brief The null authentication function performs no authentication.
*
* The NULL_AUTH function does nothing, and can be selected to indicate
* that authentication should not be performed.
*/
#define NULL_AUTH 0
/**
* @brief UST with TMMH Version 2
*
* UST_TMMHv2 implements the Truncated Multi-Modular Hash using
* UST. This function must be used in conjunction with a cipher other
* than the null cipher.
* with a cipher.
*/
#define UST_TMMHv2 1
/**
* @brief (UST) AES-128 XORMAC
*
* UST_AES_128_XMAC implements AES-128 XORMAC, using UST. Nota bene:
* the XORMAC algorithm is IBM proprietary.
*/
#define UST_AES_128_XMAC 2
/**
* @brief HMAC-SHA1
*
* HMAC_SHA1 implements the Hash-based MAC using the NIST Secure
* Hash Algorithm version 1 (SHA1).
*/
#define HMAC_SHA1 3
/**
* @brief Strongest available authentication function.
*
* This identifier resolves to the strongest available authentication
* function.
*/
#define STRONGHOLD_AUTH HMAC_SHA1
/**
* @}
*/
/**
* @}
*/
#endif /* CRYPTO_TYPES_H */

133
src/libs/srtp/crypto/include/cryptoalg.h Normal file
View File

@@ -0,0 +1,133 @@
/*
* cryptoalg.h
*
* API for authenticated encryption crypto algorithms
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef CRYPTOALG_H
#define CRYPTOALG_H
#include "err.h"
/**
* @defgroup Crypto Cryptography
*
* Zed uses a simple interface to a cryptographic transform.
*
* @{
*/
/**
* @brief applies a crypto algorithm
*
* The function pointer cryptoalg_func_t points to a function that
* implements a crypto transform, and provides a uniform API for
* accessing crypto mechanisms.
*
* @param key location of secret key
*
* @param clear data to be authenticated but not encrypted
*
* @param clear_len length of data to be authenticated but not encrypted
*
* @param iv location to write the Initialization Vector (IV)
*
* @param protect location of the data to be encrypted and
* authenticated (before the function call), and the ciphertext
* and authentication tag (after the call)
*
* @param protected_len location of the length of the data to be
* encrypted and authenticated (before the function call), and the
* length of the ciphertext (after the call)
*
*/
typedef err_status_t (*cryptoalg_func_t)
(void *key,
const void *clear,
unsigned clear_len,
void *iv,
void *protect,
unsigned *protected_len);
typedef
err_status_t (*cryptoalg_inv_t)
(void *key, /* location of secret key */
const void *clear, /* data to be authenticated only */
unsigned clear_len, /* length of data to be authenticated only */
void *iv, /* location of iv */
void *opaque, /* data to be decrypted and authenticated */
unsigned *opaque_len /* location of the length of data to be
* decrypted and authd (before and after)
*/
);
typedef struct cryptoalg_ctx_t {
cryptoalg_func_t enc;
cryptoalg_inv_t dec;
unsigned key_len;
unsigned iv_len;
unsigned auth_tag_len;
unsigned max_expansion;
} cryptoalg_ctx_t;
typedef cryptoalg_ctx_t *cryptoalg_t;
#define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len)
#define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len)
#define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len)
int
cryptoalg_get_id(cryptoalg_t c);
cryptoalg_t
cryptoalg_find_by_id(int id);
/**
* @}
*/
#endif /* CRYPTOALG_H */

506
src/libs/srtp/crypto/include/datatypes.h Normal file
View File

@@ -0,0 +1,506 @@
/*
* datatypes.h
*
* data types for bit vectors and finite fields
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef _DATATYPES_H
#define _DATATYPES_H
#include "integers.h" /* definitions of uint32_t, et cetera */
#include "alloc.h"
#include <stdarg.h>
#ifndef SRTP_KERNEL
# include <stdio.h>
# include <string.h>
# include <time.h>
# ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
# elif defined HAVE_WINSOCK2_H
# include <winsock2.h>
# endif
#endif
/* if DATATYPES_USE_MACROS is defined, then little functions are macros */
#define DATATYPES_USE_MACROS
typedef union {
uint8_t v8[2];
uint16_t value;
} v16_t;
typedef union {
uint8_t v8[4];
uint16_t v16[2];
uint32_t value;
} v32_t;
typedef union {
uint8_t v8[8];
uint16_t v16[4];
uint32_t v32[2];
uint64_t value;
} v64_t;
typedef union {
uint8_t v8[16];
uint16_t v16[8];
uint32_t v32[4];
uint64_t v64[2];
} v128_t;
/* some useful and simple math functions */
#define pow_2(X) ( (unsigned int)1 << (X) ) /* 2^X */
#define pow_minus_one(X) ( (X) ? -1 : 1 ) /* (-1)^X */
/*
* octet_get_weight(x) returns the hamming weight (number of bits equal to
* one) in the octet x
*/
int
octet_get_weight(uint8_t octet);
char *
octet_bit_string(uint8_t x);
#define MAX_PRINT_STRING_LEN 1024
char *
octet_string_hex_string(const void *str, int length);
char *
v128_bit_string(v128_t *x);
char *
v128_hex_string(v128_t *x);
uint8_t
nibble_to_hex_char(uint8_t nibble);
char *
char_to_hex_string(char *x, int num_char);
uint8_t
hex_string_to_octet(char *s);
/*
* hex_string_to_octet_string(raw, hex, len) converts the hexadecimal
* string at *hex (of length len octets) to the equivalent raw data
* and writes it to *raw.
*
* if a character in the hex string that is not a hexadeciaml digit
* (0123456789abcdefABCDEF) is encountered, the function stops writing
* data to *raw
*
* the number of hex digits copied (which is two times the number of
* octets in *raw) is returned
*/
int
hex_string_to_octet_string(char *raw, char *hex, int len);
v128_t
hex_string_to_v128(char *s);
void
v128_copy_octet_string(v128_t *x, const uint8_t s[16]);
void
v128_left_shift(v128_t *x, int shift_index);
void
v128_right_shift(v128_t *x, int shift_index);
/*
* the following macros define the data manipulation functions
*
* If DATATYPES_USE_MACROS is defined, then these macros are used
* directly (and function call overhead is avoided). Otherwise,
* the macros are used through the functions defined in datatypes.c
* (and the compiler provides better warnings).
*/
#define _v128_set_to_zero(x) \
( \
(x)->v32[0] = 0, \
(x)->v32[1] = 0, \
(x)->v32[2] = 0, \
(x)->v32[3] = 0 \
)
#define _v128_copy(x, y) \
( \
(x)->v32[0] = (y)->v32[0], \
(x)->v32[1] = (y)->v32[1], \
(x)->v32[2] = (y)->v32[2], \
(x)->v32[3] = (y)->v32[3] \
)
#define _v128_xor(z, x, y) \
( \
(z)->v32[0] = (x)->v32[0] ^ (y)->v32[0], \
(z)->v32[1] = (x)->v32[1] ^ (y)->v32[1], \
(z)->v32[2] = (x)->v32[2] ^ (y)->v32[2], \
(z)->v32[3] = (x)->v32[3] ^ (y)->v32[3] \
)
#define _v128_and(z, x, y) \
( \
(z)->v32[0] = (x)->v32[0] & (y)->v32[0], \
(z)->v32[1] = (x)->v32[1] & (y)->v32[1], \
(z)->v32[2] = (x)->v32[2] & (y)->v32[2], \
(z)->v32[3] = (x)->v32[3] & (y)->v32[3] \
)
#define _v128_or(z, x, y) \
( \
(z)->v32[0] = (x)->v32[0] | (y)->v32[0], \
(z)->v32[1] = (x)->v32[1] | (y)->v32[1], \
(z)->v32[2] = (x)->v32[2] | (y)->v32[2], \
(z)->v32[3] = (x)->v32[3] | (y)->v32[3] \
)
#define _v128_complement(x) \
( \
(x)->v32[0] = ~(x)->v32[0], \
(x)->v32[1] = ~(x)->v32[1], \
(x)->v32[2] = ~(x)->v32[2], \
(x)->v32[3] = ~(x)->v32[3] \
)
/* ok for NO_64BIT_MATH if it can compare uint64_t's (even as structures) */
#define _v128_is_eq(x, y) \
(((x)->v64[0] == (y)->v64[0]) && ((x)->v64[1] == (y)->v64[1]))
#ifdef NO_64BIT_MATH
#define _v128_xor_eq(z, x) \
( \
(z)->v32[0] ^= (x)->v32[0], \
(z)->v32[1] ^= (x)->v32[1], \
(z)->v32[2] ^= (x)->v32[2], \
(z)->v32[3] ^= (x)->v32[3] \
)
#else
#define _v128_xor_eq(z, x) \
( \
(z)->v64[0] ^= (x)->v64[0], \
(z)->v64[1] ^= (x)->v64[1] \
)
#endif
/* NOTE! This assumes an odd ordering! */
/* This will not be compatible directly with math on some processors */
/* bit 0 is first 32-bit word, low order bit. in little-endian, that's
the first byte of the first 32-bit word. In big-endian, that's
the 3rd byte of the first 32-bit word */
/* The get/set bit code is used by the replay code ONLY, and it doesn't
really care which bit is which. AES does care which bit is which, but
doesn't use the 128-bit get/set or 128-bit shifts */
#define _v128_get_bit(x, bit) \
( \
((((x)->v32[(bit) >> 5]) >> ((bit) & 31)) & 1) \
)
#define _v128_set_bit(x, bit) \
( \
(((x)->v32[(bit) >> 5]) |= ((uint32_t)1 << ((bit) & 31))) \
)
#define _v128_clear_bit(x, bit) \
( \
(((x)->v32[(bit) >> 5]) &= ~((uint32_t)1 << ((bit) & 31))) \
)
#define _v128_set_bit_to(x, bit, value) \
( \
(value) ? _v128_set_bit(x, bit) : \
_v128_clear_bit(x, bit) \
)
#if 0
/* nothing uses this */
#ifdef WORDS_BIGENDIAN
#define _v128_add(z, x, y) { \
uint64_t tmp; \
\
tmp = x->v32[3] + y->v32[3]; \
z->v32[3] = (uint32_t) tmp; \
\
tmp = x->v32[2] + y->v32[2] + (tmp >> 32); \
z->v32[2] = (uint32_t) tmp; \
\
tmp = x->v32[1] + y->v32[1] + (tmp >> 32); \
z->v32[1] = (uint32_t) tmp; \
\
tmp = x->v32[0] + y->v32[0] + (tmp >> 32); \
z->v32[0] = (uint32_t) tmp; \
}
#else /* assume little endian architecture */
#define _v128_add(z, x, y) { \
uint64_t tmp; \
\
tmp = htonl(x->v32[3]) + htonl(y->v32[3]); \
z->v32[3] = ntohl((uint32_t) tmp); \
\
tmp = htonl(x->v32[2]) + htonl(y->v32[2]) \
+ htonl(tmp >> 32); \
z->v32[2] = ntohl((uint32_t) tmp); \
\
tmp = htonl(x->v32[1]) + htonl(y->v32[1]) \
+ htonl(tmp >> 32); \
z->v32[1] = ntohl((uint32_t) tmp); \
\
tmp = htonl(x->v32[0]) + htonl(y->v32[0]) \
+ htonl(tmp >> 32); \
z->v32[0] = ntohl((uint32_t) tmp); \
}
#endif /* WORDS_BIGENDIAN */
#endif /* 0 */
#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
#define v128_set_to_zero(z) _v128_set_to_zero(z)
#define v128_copy(z, x) _v128_copy(z, x)
#define v128_xor(z, x, y) _v128_xor(z, x, y)
#define v128_and(z, x, y) _v128_and(z, x, y)
#define v128_or(z, x, y) _v128_or(z, x, y)
#define v128_complement(x) _v128_complement(x)
#define v128_is_eq(x, y) _v128_is_eq(x, y)
#define v128_xor_eq(x, y) _v128_xor_eq(x, y)
#define v128_get_bit(x, i) _v128_get_bit(x, i)
#define v128_set_bit(x, i) _v128_set_bit(x, i)
#define v128_clear_bit(x, i) _v128_clear_bit(x, i)
#define v128_set_bit_to(x, i, y) _v128_set_bit_to(x, i, y)
#else
void
v128_set_to_zero(v128_t *x);
int
v128_is_eq(const v128_t *x, const v128_t *y);
void
v128_copy(v128_t *x, const v128_t *y);
void
v128_xor(v128_t *z, v128_t *x, v128_t *y);
void
v128_and(v128_t *z, v128_t *x, v128_t *y);
void
v128_or(v128_t *z, v128_t *x, v128_t *y);
void
v128_complement(v128_t *x);
int
v128_get_bit(const v128_t *x, int i);
void
v128_set_bit(v128_t *x, int i) ;
void
v128_clear_bit(v128_t *x, int i);
void
v128_set_bit_to(v128_t *x, int i, int y);
#endif /* DATATYPES_USE_MACROS */
/*
* octet_string_is_eq(a,b, len) returns 1 if the length len strings a
* and b are not equal, returns 0 otherwise
*/
int
octet_string_is_eq(uint8_t *a, uint8_t *b, int len);
void
octet_string_set_to_zero(uint8_t *s, int len);
#ifndef SRTP_KERNEL_LINUX
/*
* Convert big endian integers to CPU byte order.
*/
#ifdef WORDS_BIGENDIAN
/* Nothing to do. */
# define be32_to_cpu(x) (x)
# define be64_to_cpu(x) (x)
#elif defined(HAVE_BYTESWAP_H)
/* We have (hopefully) optimized versions in byteswap.h */
# include <byteswap.h>
# define be32_to_cpu(x) bswap_32((x))
# define be64_to_cpu(x) bswap_64((x))
#else
#if defined(__GNUC__) && defined(HAVE_X86)
/* Fall back. */
static inline uint32_t be32_to_cpu(uint32_t v) {
/* optimized for x86. */
asm("bswap %0" : "=r" (v) : "0" (v));
return v;
}
# else /* HAVE_X86 */
# ifdef HAVE_NETINET_IN_H
# include <netinet/in.h>
# elif defined HAVE_WINSOCK2_H
# include <winsock2.h>
# endif
# define be32_to_cpu(x) ntohl((x))
# endif /* HAVE_X86 */
static inline uint64_t be64_to_cpu(uint64_t v) {
# ifdef NO_64BIT_MATH
/* use the make64 functions to do 64-bit math */
v = make64(htonl(low32(v)),htonl(high32(v)));
# else
/* use the native 64-bit math */
v= (uint64_t)((be32_to_cpu((uint32_t)(v >> 32))) | (((uint64_t)be32_to_cpu((uint32_t)v)) << 32));
# endif
return v;
}
#endif /* ! SRTP_KERNEL_LINUX */
#endif /* WORDS_BIGENDIAN */
/*
* functions manipulating bitvector_t
*
* A bitvector_t consists of an array of words and an integer
* representing the number of significant bits stored in the array.
* The bits are packed as follows: the least significant bit is that
* of word[0], while the most significant bit is the nth most
* significant bit of word[m], where length = bits_per_word * m + n.
*
*/
#define bits_per_word 32
#define bytes_per_word 4
typedef struct {
uint32_t length;
uint32_t *word;
} bitvector_t;
#define _bitvector_get_bit(v, bit_index) \
( \
((((v)->word[((bit_index) >> 5)]) >> ((bit_index) & 31)) & 1) \
)
#define _bitvector_set_bit(v, bit_index) \
( \
(((v)->word[((bit_index) >> 5)] |= ((uint32_t)1 << ((bit_index) & 31)))) \
)
#define _bitvector_clear_bit(v, bit_index) \
( \
(((v)->word[((bit_index) >> 5)] &= ~((uint32_t)1 << ((bit_index) & 31)))) \
)
#define _bitvector_get_length(v) \
( \
((v)->length) \
)
#ifdef DATATYPES_USE_MACROS /* little functions are really macros */
#define bitvector_get_bit(v, bit_index) _bitvector_get_bit(v, bit_index)
#define bitvector_set_bit(v, bit_index) _bitvector_set_bit(v, bit_index)
#define bitvector_clear_bit(v, bit_index) _bitvector_clear_bit(v, bit_index)
#define bitvector_get_length(v) _bitvector_get_length(v)
#else
int
bitvector_get_bit(const bitvector_t *v, int bit_index);
void
bitvector_set_bit(bitvector_t *v, int bit_index);
void
bitvector_clear_bit(bitvector_t *v, int bit_index);
unsigned long
bitvector_get_length(const bitvector_t *v);
#endif
int
bitvector_alloc(bitvector_t *v, unsigned long length);
void
bitvector_dealloc(bitvector_t *v);
void
bitvector_set_to_zero(bitvector_t *x);
void
bitvector_left_shift(bitvector_t *x, int index);
char *
bitvector_bit_string(bitvector_t *x, char* buf, int len);
#endif /* _DATATYPES_H */

174
src/libs/srtp/crypto/include/err.h Normal file
View File

@@ -0,0 +1,174 @@
/*
* err.h
*
* error status codes
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef ERR_H
#define ERR_H
#include "datatypes.h"
/**
* @defgroup Error Error Codes
*
* Error status codes are represented by the enumeration err_status_t.
*
* @{
*/
/*
* @brief err_status_t defines error codes.
*
* The enumeration err_status_t defines error codes. Note that the
* value of err_status_ok is equal to zero, which can simplify error
* checking somewhat.
*
*/
typedef enum {
err_status_ok = 0, /**< nothing to report */
err_status_fail = 1, /**< unspecified failure */
err_status_bad_param = 2, /**< unsupported parameter */
err_status_alloc_fail = 3, /**< couldn't allocate memory */
err_status_dealloc_fail = 4, /**< couldn't deallocate properly */
err_status_init_fail = 5, /**< couldn't initialize */
err_status_terminus = 6, /**< can't process as much data as requested */
err_status_auth_fail = 7, /**< authentication failure */
err_status_cipher_fail = 8, /**< cipher failure */
err_status_replay_fail = 9, /**< replay check failed (bad index) */
err_status_replay_old = 10, /**< replay check failed (index too old) */
err_status_algo_fail = 11, /**< algorithm failed test routine */
err_status_no_such_op = 12, /**< unsupported operation */
err_status_no_ctx = 13, /**< no appropriate context found */
err_status_cant_check = 14, /**< unable to perform desired validation */
err_status_key_expired = 15, /**< can't use key any more */
err_status_socket_err = 16, /**< error in use of socket */
err_status_signal_err = 17, /**< error in use POSIX signals */
err_status_nonce_bad = 18, /**< nonce check failed */
err_status_read_fail = 19, /**< couldn't read data */
err_status_write_fail = 20, /**< couldn't write data */
err_status_parse_err = 21, /**< error pasring data */
err_status_encode_err = 22, /**< error encoding data */
err_status_semaphore_err = 23,/**< error while using semaphores */
err_status_pfkey_err = 24 /**< error while using pfkey */
} err_status_t;
/**
* @}
*/
typedef enum {
err_level_emergency = 0,
err_level_alert,
err_level_critical,
err_level_error,
err_level_warning,
err_level_notice,
err_level_info,
err_level_debug,
err_level_none
} err_reporting_level_t;
/*
* err_reporting_init prepares the error system. If
* ERR_REPORTING_SYSLOG is defined, it will open syslog.
*
* The ident argument is a string that will be prepended to
* all syslog messages. It is conventionally argv[0].
*/
err_status_t
err_reporting_init(char *ident);
#ifdef SRTP_KERNEL_LINUX
extern err_reporting_level_t err_level;
#else
/*
* keydaemon_report_error reports a 'printf' formatted error
* string, followed by a an arg list. The priority argument
* is equivalent to that defined for syslog.
*
* Errors will be reported to ERR_REPORTING_FILE, if defined, and to
* syslog, if ERR_REPORTING_SYSLOG is defined.
*
*/
void
err_report(int priority, char *format, ...);
#endif /* ! SRTP_KERNEL_LINUX */
/*
* debug_module_t defines a debug module
*/
typedef struct {
int on; /* 1 if debugging is on, 0 if it is off */
char *name; /* printable name for debug module */
} debug_module_t;
#ifdef ENABLE_DEBUGGING
#define debug_on(mod) (mod).on = 1
#define debug_off(mod) (mod).on = 0
/* use err_report() to report debug message */
#define debug_print(mod, format, arg) \
if (mod.on) err_report(err_level_debug, ("%s: " format "\n"), mod.name, arg)
#define debug_print2(mod, format, arg1,arg2) \
if (mod.on) err_report(err_level_debug, ("%s: " format "\n"), mod.name, arg1,arg2)
#else
/* define macros to do nothing */
#define debug_print(mod, format, arg)
#define debug_on(mod)
#define debug_off(mod)
#endif
#endif /* ERR_H */

79
src/libs/srtp/crypto/include/gf2_8.h Normal file
View File

@@ -0,0 +1,79 @@
/*
* gf2_8.h
*
* GF(256) implementation
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef GF2_8_H
#define GF2_8_H
#include "datatypes.h" /* for uint8_t definition */
typedef uint8_t gf2_8;
#define gf2_8_field_polynomial 0x1B
/*
* gf2_8_shift(x) returns
*/
/*
* gf2_8_shift(z) returns the result of the GF(2^8) 'multiply by x'
* operation, using the field representation from AES; that is, the
* next gf2_8 value in the cyclic representation of that field. The
* value z should be an uint8_t.
*/
#define gf2_8_shift(z) (((z) & 128) ? \
(((z) << 1) ^ gf2_8_field_polynomial) : ((z) << 1))
gf2_8
gf2_8_compute_inverse(gf2_8 x);
void
test_gf2_8(void);
gf2_8
gf2_8_multiply(gf2_8 x, gf2_8 y);
#endif /* GF2_8_H */

78
src/libs/srtp/crypto/include/hmac.h Normal file
View File

@@ -0,0 +1,78 @@
/*
* hmac.h
*
* interface to hmac auth_type_t
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2001-2006, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef HMAC_H
#define HMAC_H
#include "auth.h"
#include "sha1.h"
typedef struct {
uint8_t opad[64];
sha1_ctx_t ctx;
sha1_ctx_t init_ctx;
} hmac_ctx_t;
err_status_t
hmac_alloc(auth_t **a, int key_len, int out_len);
err_status_t
hmac_dealloc(auth_t *a);
err_status_t
hmac_init(hmac_ctx_t *state, const uint8_t *key, int key_len);
err_status_t
hmac_start(hmac_ctx_t *state);
err_status_t
hmac_update(hmac_ctx_t *state, const uint8_t *message, int msg_octets);
err_status_t
hmac_compute(hmac_ctx_t *state, const void *message,
int msg_octets, int tag_len, uint8_t *result);
#endif /* HMAC_H */

155
src/libs/srtp/crypto/include/integers.h Normal file
View File

@@ -0,0 +1,155 @@
/*
* integers.h
*
* defines integer types (or refers to their definitions)
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef INTEGERS_H
#define INTEGERS_H
#include "config.h" /* configuration file, using autoconf */
#ifdef SRTP_KERNEL
#include "kernel_compat.h"
#else /* SRTP_KERNEL */
/* use standard integer definitions, if they're available */
#ifdef HAVE_STDLIB_H
# include <stdlib.h>
#endif
#ifdef HAVE_STDINT_H
# include <stdint.h>
#endif
#ifdef HAVE_INTTYPES_H
# include <inttypes.h>
#endif
#ifdef HAVE_SYS_TYPES_H
# include <sys/types.h>
#endif
#ifdef HAVE_SYS_INT_TYPES_H
# include <sys/int_types.h> /* this exists on Sun OS */
#endif
#ifdef HAVE_MACHINE_TYPES_H
# include <machine/types.h>
#endif
#ifndef WIN32
# define SIZEOF_UNSIGNED_LONG_LONG 8
#endif
/* Can we do 64 bit integers? */
#ifndef HAVE_UINT64_T
# if SIZEOF_UNSIGNED_LONG == 8
typedef unsigned long uint64_t;
# elif SIZEOF_UNSIGNED_LONG_LONG == 8
typedef unsigned long long uint64_t;
# else
# ifdef _WIN32
typedef unsigned __int64 uint64_t;
# else
# define NO_64BIT_MATH 1
# endif
# endif
#endif
/* Reasonable defaults for 32 bit machines - you may need to
* edit these definitions for your own machine. */
#ifndef HAVE_UINT8_T
typedef unsigned char uint8_t;
#endif
#ifndef HAVE_UINT16_T
typedef unsigned short int uint16_t;
#endif
#ifndef HAVE_UINT32_T
typedef unsigned int uint32_t;
#endif
#ifdef NO_64BIT_MATH
typedef double uint64_t;
/* assert that sizeof(double) == 8 */
extern uint64_t make64(uint32_t high, uint32_t low);
extern uint32_t high32(uint64_t value);
extern uint32_t low32(uint64_t value);
#endif
#endif /* SRTP_KERNEL */
/* These macros are to load and store 32-bit values from un-aligned
addresses. This is required for processors that do not allow unaligned
loads. */
#ifdef ALIGNMENT_32BIT_REQUIRED
/* Note that if it's in a variable, you can memcpy it */
#ifdef WORDS_BIGENDIAN
#define PUT_32(addr,value) \
{ \
((unsigned char *) (addr))[0] = (value >> 24); \
((unsigned char *) (addr))[1] = (value >> 16) & 0xff; \
((unsigned char *) (addr))[2] = (value >> 8) & 0xff; \
((unsigned char *) (addr))[3] = (value) & 0xff; \
}
#define GET_32(addr) ((((unsigned char *) (addr))[0] << 24) | \
(((unsigned char *) (addr))[1] << 16) | \
(((unsigned char *) (addr))[2] << 8) | \
(((unsigned char *) (addr))[3]))
#else
#define PUT_32(addr,value) \
{ \
((unsigned char *) (addr))[3] = (value >> 24); \
((unsigned char *) (addr))[2] = (value >> 16) & 0xff; \
((unsigned char *) (addr))[1] = (value >> 8) & 0xff; \
((unsigned char *) (addr))[0] = (value) & 0xff; \
}
#define GET_32(addr) ((((unsigned char *) (addr))[3] << 24) | \
(((unsigned char *) (addr))[2] << 16) | \
(((unsigned char *) (addr))[1] << 8) | \
(((unsigned char *) (addr))[0]))
#endif // WORDS_BIGENDIAN
#else
#define PUT_32(addr,value) *(((uint32_t *) (addr)) = (value)
#define GET_32(addr) (*(((uint32_t *) (addr)))
#endif
#endif /* INTEGERS_H */

84
src/libs/srtp/crypto/include/kernel_compat.h Normal file
View File

@@ -0,0 +1,84 @@
/*
* kernel_compat.h
*
* Compatibility stuff for building in kernel context where standard
* C headers and library are not available.
*
* Marcus Sundberg
* Ingate Systems AB
*/
/*
*
* Copyright(c) 2005 Ingate Systems AB
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the author(s) nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef KERNEL_COMPAT_H
#define KERNEL_COMPAT_H
#ifdef SRTP_KERNEL_LINUX
#include <linux/kernel.h>
#include <linux/slab.h>
#include <linux/sched.h>
#include <linux/random.h>
#include <linux/byteorder/generic.h>
#define err_report(priority, ...) \
do {\
if (priority <= err_level) {\
printk(__VA_ARGS__);\
}\
}while(0)
#define clock() (jiffies)
#define time(x) (jiffies)
/* rand() implementation. */
#define RAND_MAX 32767
static inline int rand(void)
{
uint32_t temp;
get_random_bytes(&temp, sizeof(temp));
return temp % (RAND_MAX+1);
}
/* stdio/stdlib implementation. */
#define printf(...) printk(__VA_ARGS__)
#define exit(n) panic("%s:%d: exit(%d)\n", __FILE__, __LINE__, (n))
#endif /* SRTP_KERNEL_LINUX */
#endif /* KERNEL_COMPAT_H */

82
src/libs/srtp/crypto/include/key.h Normal file
View File

@@ -0,0 +1,82 @@
/*
* key.h
*
* key usage limits enforcement
*
* David A. Mcgrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef KEY_H
#define KEY_H
#include "rdbx.h" /* for xtd_seq_num_t */
#include "err.h"
typedef struct key_limit_ctx_t *key_limit_t;
typedef enum {
key_event_normal,
key_event_soft_limit,
key_event_hard_limit
} key_event_t;
err_status_t
key_limit_set(key_limit_t key, const xtd_seq_num_t s);
err_status_t
key_limit_clone(key_limit_t original, key_limit_t *new_key);
err_status_t
key_limit_check(const key_limit_t key);
key_event_t
key_limit_update(key_limit_t key);
typedef enum {
key_state_normal,
key_state_past_soft_limit,
key_state_expired
} key_state_t;
typedef struct key_limit_ctx_t {
xtd_seq_num_t num_left;
key_state_t state;
} key_limit_ctx_t;
#endif /* KEY_H */

68
src/libs/srtp/crypto/include/null_auth.h Normal file
View File

@@ -0,0 +1,68 @@
/*
* null-auth.h
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
/*
*
* Copyright (c) 2001-2006, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef NULL_AUTH_H
#define NULL_AUTH_H
#include "auth.h"
typedef struct {
char foo;
} null_auth_ctx_t;
err_status_t
null_auth_alloc(auth_t **a, int key_len, int out_len);
err_status_t
null_auth_dealloc(auth_t *a);
err_status_t
null_auth_init(null_auth_ctx_t *state, const uint8_t *key, int key_len);
err_status_t
null_auth_compute (null_auth_ctx_t *state, uint8_t *message,
int msg_octets, int tag_len, uint8_t *result);
#endif /* NULL_AUTH_H */

80
src/libs/srtp/crypto/include/null_cipher.h Normal file
View File

@@ -0,0 +1,80 @@
/*
* null-cipher.h
*
* header file for the null cipher
*
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef NULL_CIPHER_H
#define NULL_CIPHER_H
#include "datatypes.h"
#include "cipher.h"
typedef struct {
char foo ;/* empty, for now */
} null_cipher_ctx_t;
/*
* none of these functions do anything (though future versions may keep
* track of bytes encrypted, number of instances, and/or other info).
*/
err_status_t
null_cipher_init(null_cipher_ctx_t *c, const uint8_t *key, int key_len);
err_status_t
null_cipher_set_segment(null_cipher_ctx_t *c,
unsigned long segment_index);
err_status_t
null_cipher_encrypt(null_cipher_ctx_t *c,
unsigned char *buf, unsigned int *bytes_to_encr);
err_status_t
null_cipher_encrypt_aligned(null_cipher_ctx_t *c,
unsigned char *buf, int bytes_to_encr);
#endif /* NULL_CIPHER_H */

54
src/libs/srtp/crypto/include/prng.h Normal file
View File

@@ -0,0 +1,54 @@
/*
* prng.h
*
* pseudorandom source
*
* David A. McGrew
* Cisco Systems, Inc.
*/
#ifndef PRNG_H
#define PRNG_H
#include "rand_source.h" /* for rand_source_func_t definition */
#include "aes.h" /* for aes */
#include "aes_icm.h" /* for aes ctr */
#define MAX_PRNG_OUT_LEN 0xffffffffU
/*
* x917_prng is an ANSI X9.17-like AES-based PRNG
*/
typedef struct {
v128_t state; /* state data */
aes_expanded_key_t key; /* secret key */
uint32_t octet_count; /* number of octets output since last init */
rand_source_func_t rand; /* random source for re-initialization */
} x917_prng_t;
err_status_t
x917_prng_init(rand_source_func_t random_source);
err_status_t
x917_prng_get_octet_string(uint8_t *dest, uint32_t len);
/*
* ctr_prng is an AES-CTR based PRNG
*/
typedef struct {
uint32_t octet_count; /* number of octets output since last init */
aes_icm_ctx_t state; /* state data */
rand_source_func_t rand; /* random source for re-initialization */
} ctr_prng_t;
err_status_t
ctr_prng_init(rand_source_func_t random_source);
err_status_t
ctr_prng_get_octet_string(void *dest, uint32_t len);
#endif

91
src/libs/srtp/crypto/include/rand_source.h Normal file
View File

@@ -0,0 +1,91 @@
/*
* rand_source.h
*
* implements a random source based on /dev/random
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2001-2006 Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef RAND_SOURCE
#define RAND_SOURCE
#include "err.h"
#include "datatypes.h"
err_status_t
rand_source_init(void);
/*
* rand_source_get_octet_string() writes a random octet string.
*
* The function call rand_source_get_octet_string(dest, len) writes
* len octets of random data to the location to which dest points,
* and returns an error code. This error code should be checked,
* and if a failure is reported, the data in the buffer MUST NOT
* be used.
*
* warning: If the return code is not checked, then non-random
* data may inadvertently be used.
*
* returns:
* - err_status_ok if no problems occured.
* - [other] a problem occured, and no assumptions should
* be made about the contents of the destination
* buffer.
*/
err_status_t
rand_source_get_octet_string(void *dest, uint32_t length);
err_status_t
rand_source_deinit(void);
/*
* function prototype for a random source function
*
* A rand_source_func_t writes num_octets at the location indicated by
* dest and returns err_status_ok. Any other return value indicates
* failure.
*/
typedef err_status_t (*rand_source_func_t)
(void *dest, uint32_t num_octets);
#endif /* RAND_SOURCE */

94
src/libs/srtp/crypto/include/rdb.h Normal file
View File

@@ -0,0 +1,94 @@
/*
* replay-database.h
*
* interface for a replay database for packet security
*
* David A. McGrew
* Cisco Systems, Inc.
*/
#ifndef REPLAY_DB_H
#define REPLAY_DB_H
#include "integers.h" /* for uint32_t */
#include "datatypes.h" /* for v128_t */
#include "err.h" /* for err_status_t */
/*
* if the ith least significant bit is one, then the packet index
* window_end-i is in the database
*/
typedef struct {
uint32_t window_start; /* packet index of the first bit in bitmask */
v128_t bitmask;
} rdb_t;
#define rdb_bits_in_bitmask (8*sizeof(v128_t))
/*
* rdb init
*
* initalizes rdb
*
* returns err_status_ok on success, err_status_t_fail otherwise
*/
err_status_t
rdb_init(rdb_t *rdb);
/*
* rdb_check
*
* checks to see if index appears in rdb
*
* returns err_status_fail if the index already appears in rdb,
* returns err_status_ok otherwise
*/
err_status_t
rdb_check(const rdb_t *rdb, uint32_t rdb_index);
/*
* rdb_add_index
*
* adds index to rdb_t (and does *not* check if index appears in db)
*
* returns err_status_ok on success, err_status_fail otherwise
*
*/
err_status_t
rdb_add_index(rdb_t *rdb, uint32_t rdb_index);
/*
* the functions rdb_increment() and rdb_get_value() are for use by
* senders, not receivers - DO NOT use these functions on the same
* rdb_t upon which rdb_add_index is used!
*/
/*
* rdb_increment(db) increments the sequence number in db, if it is
* not too high
*
* return values:
*
* err_status_ok no problem
* err_status_key_expired sequence number too high
*
*/
err_status_t
rdb_increment(rdb_t *rdb);
/*
* rdb_get_value(db) returns the current sequence number of db
*/
uint32_t
rdb_get_value(const rdb_t *rdb);
#endif /* REPLAY_DB_H */

186
src/libs/srtp/crypto/include/rdbx.h Normal file
View File

@@ -0,0 +1,186 @@
/*
* rdbx.h
*
* replay database with extended packet indices, using a rollover counter
*
* David A. McGrew
* Cisco Systems, Inc.
*
*/
#ifndef RDBX_H
#define RDBX_H
#include "datatypes.h"
#include "err.h"
/* #define ROC_TEST */
#ifndef ROC_TEST
typedef uint16_t sequence_number_t; /* 16 bit sequence number */
typedef uint32_t rollover_counter_t; /* 32 bit rollover counter */
#else /* use small seq_num and roc datatypes for testing purposes */
typedef unsigned char sequence_number_t; /* 8 bit sequence number */
typedef uint16_t rollover_counter_t; /* 16 bit rollover counter */
#endif
#define seq_num_median (1 << (8*sizeof(sequence_number_t) - 1))
#define seq_num_max (1 << (8*sizeof(sequence_number_t)))
/*
* An xtd_seq_num_t is a 64-bit unsigned integer used as an 'extended'
* sequence number.
*/
typedef uint64_t xtd_seq_num_t;
/*
* An rdbx_t is a replay database with extended range; it uses an
* xtd_seq_num_t and a bitmask of recently received indices.
*/
typedef struct {
xtd_seq_num_t index;
bitvector_t bitmask;
} rdbx_t;
/*
* rdbx_init(rdbx_ptr, ws)
*
* initializes the rdbx pointed to by its argument with the window size ws,
* setting the rollover counter and sequence number to zero
*/
err_status_t
rdbx_init(rdbx_t *rdbx, unsigned long ws);
/*
* rdbx_dealloc(rdbx_ptr)
*
* frees memory associated with the rdbx
*/
err_status_t
rdbx_dealloc(rdbx_t *rdbx);
/*
* rdbx_estimate_index(rdbx, guess, s)
*
* given an rdbx and a sequence number s (from a newly arrived packet),
* sets the contents of *guess to contain the best guess of the packet
* index to which s corresponds, and returns the difference between
* *guess and the locally stored synch info
*/
int
rdbx_estimate_index(const rdbx_t *rdbx,
xtd_seq_num_t *guess,
sequence_number_t s);
/*
* rdbx_check(rdbx, delta);
*
* rdbx_check(&r, delta) checks to see if the xtd_seq_num_t
* which is at rdbx->window_start + delta is in the rdb
*
*/
err_status_t
rdbx_check(const rdbx_t *rdbx, int difference);
/*
* replay_add_index(rdbx, delta)
*
* adds the xtd_seq_num_t at rdbx->window_start + delta to replay_db
* (and does *not* check if that xtd_seq_num_t appears in db)
*
* this function should be called *only* after replay_check has
* indicated that the index does not appear in the rdbx, and a mutex
* should protect the rdbx between these calls if necessary.
*/
err_status_t
rdbx_add_index(rdbx_t *rdbx, int delta);
/*
* rdbx_set_roc(rdbx, roc) initalizes the rdbx_t at the location rdbx
* to have the rollover counter value roc. If that value is less than
* the current rollover counter value, then the function returns
* err_status_replay_old; otherwise, err_status_ok is returned.
*
*/
err_status_t
rdbx_set_roc(rdbx_t *rdbx, uint32_t roc);
/*
* rdbx_get_roc(rdbx) returns the value of the rollover counter for
* the rdbx_t pointed to by rdbx
*
*/
xtd_seq_num_t
rdbx_get_packet_index(const rdbx_t *rdbx);
/*
* xtd_seq_num_t functions - these are *internal* functions of rdbx, and
* shouldn't be used to manipulate rdbx internal values. use the rdbx
* api instead!
*/
/*
* rdbx_get_ws(rdbx_ptr)
*
* gets the window size which was used to initialize the rdbx
*/
unsigned long
rdbx_get_window_size(const rdbx_t *rdbx);
/* index_init(&pi) initializes a packet index pi (sets it to zero) */
void
index_init(xtd_seq_num_t *pi);
/* index_advance(&pi, s) advances a xtd_seq_num_t forward by s */
void
index_advance(xtd_seq_num_t *pi, sequence_number_t s);
/*
* index_guess(local, guess, s)
*
* given a xtd_seq_num_t local (which represents the highest
* known-to-be-good index) and a sequence number s (from a newly
* arrived packet), sets the contents of *guess to contain the best
* guess of the packet index to which s corresponds, and returns the
* difference between *guess and *local
*/
int
index_guess(const xtd_seq_num_t *local,
xtd_seq_num_t *guess,
sequence_number_t s);
#endif /* RDBX_H */

108
src/libs/srtp/crypto/include/sha1.h Normal file
View File

@@ -0,0 +1,108 @@
/*
* sha1.h
*
* interface to the Secure Hash Algorithm v.1 (SHA-1), specified in
* FIPS 180-1
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright (c) 2001-2006, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef SHA1_H
#define SHA1_H
#include "err.h"
#include "datatypes.h"
typedef struct {
uint32_t H[5]; /* state vector */
uint32_t M[16]; /* message buffer */
int octets_in_buffer; /* octets of message in buffer */
uint32_t num_bits_in_msg; /* total number of bits in message */
} sha1_ctx_t;
/*
* sha1(&ctx, msg, len, output) hashes the len octets starting at msg
* into the SHA1 context, then writes the result to the 20 octets at
* output
*
*/
void
sha1(const uint8_t *message, int octets_in_msg, uint32_t output[5]);
/*
* sha1_init(&ctx) initializes the SHA1 context ctx
*
* sha1_update(&ctx, msg, len) hashes the len octets starting at msg
* into the SHA1 context
*
* sha1_final(&ctx, output) performs the final processing of the SHA1
* context and writes the result to the 20 octets at output
*
*/
void
sha1_init(sha1_ctx_t *ctx);
void
sha1_update(sha1_ctx_t *ctx, const uint8_t *M, int octets_in_msg);
void
sha1_final(sha1_ctx_t *ctx, uint32_t output[5]);
/*
* The sha1_core function is INTERNAL to SHA-1, but it is declared
* here because it is also used by the cipher SEAL 3.0 in its key
* setup algorithm.
*/
/*
* sha1_core(M, H) computes the core sha1 compression function, where M is
* the next part of the message and H is the intermediate state {H0,
* H1, ...}
*
* this function does not do any of the padding required in the
* complete sha1 function
*/
void
sha1_core(const uint32_t M[16], uint32_t hash_value[5]);
#endif /* SHA1_H */

69
src/libs/srtp/crypto/include/stat.h Normal file
View File

@@ -0,0 +1,69 @@
/*
* stats.h
*
* interface to statistical test functions
*
* David A. McGrew
* Cisco Systems, Inc.
*/
/*
*
* Copyright(c) 2001-2006, Cisco Systems, Inc.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
*
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
*
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*
*/
#ifndef STAT_H
#define STAT_H
#include "datatypes.h" /* for uint8_t */
#include "err.h" /* for err_status_t */
#include "rand_source.h" /* for rand_source_func_t definition */
err_status_t
stat_test_monobit(uint8_t *data);
err_status_t
stat_test_poker(uint8_t *data);
err_status_t
stat_test_runs(uint8_t *data);
err_status_t
stat_test_rand_source(rand_source_func_t rs);
err_status_t
stat_test_rand_source_with_repetition(rand_source_func_t source, unsigned num_trials);
#endif /* STAT_H */

139
src/libs/srtp/crypto/include/xfm.h Normal file
View File

@@ -0,0 +1,139 @@
/*
* xfm.h
*
* interface for abstract crypto transform
*
* David A. McGrew
* Cisco Systems, Inc.
*/
#ifndef XFM_H
#define XFM_H
#include "crypto_kernel.h"
#include "err.h"
/**
* @defgroup Crypto Cryptography
*
* A simple interface to an abstract cryptographic transform that
* provides both confidentiality and message authentication.
*
* @{
*/
/**
* @brief applies a crypto transform
*
* The function pointer xfm_func_t points to a function that
* implements a crypto transform, and provides a uniform API for
* accessing crypto mechanisms.
*
* @param key location of secret key
*
* @param clear data to be authenticated only
*
* @param clear_len length of data to be authenticated only
*
* @param iv location to write the Initialization Vector (IV)
*
* @param protect location of the data to be encrypted and
* authenticated (before the function call), and the ciphertext
* and authentication tag (after the call)
*
* @param protected_len location of the length of the data to be
* encrypted and authenticated (before the function call), and the
* length of the ciphertext (after the call)
*
* @param auth_tag location to write auth tag
*/
typedef err_status_t (*xfm_func_t)
(void *key,
void *clear,
unsigned clear_len,
void *iv,
void *protect,
unsigned *protected_len,
void *auth_tag
);
typedef
err_status_t (*xfm_inv_t)
(void *key, /* location of secret key */
void *clear, /* data to be authenticated only */
unsigned clear_len, /* length of data to be authenticated only */
void *iv, /* location of iv */
void *opaque, /* data to be decrypted and authenticated */
unsigned *opaque_len, /* location of the length of data to be
* decrypted and authd (before and after)
*/
void *auth_tag /* location of auth tag */
);
typedef struct xfm_ctx_t {
xfm_func_t func;
xfm_inv_t inv;
unsigned key_len;
unsigned iv_len;
unsigned auth_tag_len;
} xfm_ctx_t;
typedef xfm_ctx_t *xfm_t;
#define xfm_get_key_len(xfm) ((xfm)->key_len)
#define xfm_get_iv_len(xfm) ((xfm)->iv_len)
#define xfm_get_auth_tag_len(xfm) ((xfm)->auth_tag_len)
/* cryptoalgo - 5/28 */
typedef err_status_t (*cryptoalg_func_t)
(void *key,
void *clear,
unsigned clear_len,
void *iv,
void *opaque,
unsigned *opaque_len
);
typedef
err_status_t (*cryptoalg_inv_t)
(void *key, /* location of secret key */
void *clear, /* data to be authenticated only */
unsigned clear_len, /* length of data to be authenticated only */
void *iv, /* location of iv */
void *opaque, /* data to be decrypted and authenticated */
unsigned *opaque_len /* location of the length of data to be
* decrypted and authd (before and after)
*/
);
typedef struct cryptoalg_ctx_t {
cryptoalg_func_t enc;
cryptoalg_inv_t dec;
unsigned key_len;
unsigned iv_len;
unsigned auth_tag_len;
unsigned max_expansion;
} cryptoalg_ctx_t;
typedef cryptoalg_ctx_t *cryptoalg_t;
#define cryptoalg_get_key_len(cryptoalg) ((cryptoalg)->key_len)
#define cryptoalg_get_iv_len(cryptoalg) ((cryptoalg)->iv_len)
#define cryptoalg_get_auth_tag_len(cryptoalg) ((cryptoalg)->auth_tag_len)
/**
* @}
*/
#endif /* XFM_H */