182 lines
6.0 KiB
C
182 lines
6.0 KiB
C
/*
|
|
* ekt.h
|
|
*
|
|
* interface to Encrypted Key Transport for SRTP
|
|
*
|
|
* David McGrew
|
|
* Cisco Systems, Inc.
|
|
*/
|
|
/*
|
|
*
|
|
* Copyright (c) 2001-2017 Cisco Systems, Inc.
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, are permitted provided that the following conditions
|
|
* are met:
|
|
*
|
|
* Redistributions of source code must retain the above copyright
|
|
* notice, this list of conditions and the following disclaimer.
|
|
*
|
|
* Redistributions in binary form must reproduce the above
|
|
* copyright notice, this list of conditions and the following
|
|
* disclaimer in the documentation and/or other materials provided
|
|
* with the distribution.
|
|
*
|
|
* Neither the name of the Cisco Systems, Inc. nor the names of its
|
|
* contributors may be used to endorse or promote products derived
|
|
* from this software without specific prior written permission.
|
|
*
|
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
|
|
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
|
|
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
|
|
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
|
|
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
|
|
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
|
|
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
|
|
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
|
|
* OF THE POSSIBILITY OF SUCH DAMAGE.
|
|
*
|
|
*/
|
|
|
|
/*
|
|
* EKT implementation strategy
|
|
*
|
|
* use stream_template approach
|
|
*
|
|
* in srtp_unprotect, when a new stream appears, check if template has
|
|
* EKT defined, and if it does, then apply EKT processing
|
|
*
|
|
* question: will we want to allow key-sharing templates in addition
|
|
* to EKT templates? could define a new ssrc_type_t that's associated
|
|
* with an EKT, e.g. ssrc_any_ekt.
|
|
*
|
|
*
|
|
*/
|
|
|
|
#ifndef SRTP_EKT_H
|
|
#define SRTP_EKT_H
|
|
|
|
// left in commented out as reminder to not include private headers
|
|
//#include "srtp_priv.h"
|
|
|
|
#ifdef __cplusplus
|
|
extern "C" {
|
|
#endif
|
|
|
|
#define SRTP_EKT_CIPHER_DEFAULT 1
|
|
#define SRTP_EKT_CIPHER_AES_128_ECB 1
|
|
#define SRTP_EKT_CIPHER_AES_192_KEY_WRAP 2
|
|
#define SRTP_EKT_CIPHER_AES_256_KEY_WRAP 3
|
|
|
|
typedef uint16_t srtp_ekt_spi_t;
|
|
|
|
unsigned srtp_ekt_octets_after_base_tag(srtp_ekt_stream_t ekt);
|
|
|
|
/*
|
|
* an srtp_policy_t structure can contain a pointer to an
|
|
* srtp_ekt_policy_t structure
|
|
*
|
|
* this structure holds all of the high level EKT information, and it
|
|
* is passed into libsrtp to indicate what policy should be in effect
|
|
*/
|
|
|
|
typedef struct srtp_ekt_policy_ctx_t {
|
|
srtp_ekt_spi_t spi; /* security parameter index */
|
|
uint8_t ekt_cipher_type;
|
|
uint8_t *ekt_key;
|
|
struct srtp_ekt_policy_ctx_t *next_ekt_policy;
|
|
} srtp_ekt_policy_ctx_t;
|
|
|
|
/*
|
|
* an srtp_ekt_data_t structure holds the data corresponding to an ekt key,
|
|
* spi, and so on
|
|
*/
|
|
|
|
typedef struct srtp_ekt_data_t {
|
|
srtp_ekt_spi_t spi;
|
|
uint8_t ekt_cipher_type;
|
|
srtp_aes_expanded_key_t ekt_enc_key;
|
|
srtp_aes_expanded_key_t ekt_dec_key;
|
|
struct ekt_data_t *next_ekt_data;
|
|
} srtp_ekt_data_t;
|
|
|
|
/*
|
|
* an srtp_stream_ctx_t can contain an srtp_ekt_stream_ctx_t
|
|
*
|
|
* an srtp_ekt_stream_ctx_t structure holds all of the EKT information for
|
|
* a specific SRTP stream
|
|
*/
|
|
|
|
typedef struct srtp_ekt_stream_ctx_t {
|
|
srtp_ekt_data_t *data;
|
|
uint16_t isn; /* initial sequence number */
|
|
uint8_t encrypted_master_key[SRTP_MAX_KEY_LEN];
|
|
} srtp_ekt_stream_ctx_t;
|
|
|
|
srtp_err_status_t srtp_ekt_alloc(srtp_ekt_stream_t *stream_data,
|
|
srtp_ekt_policy_t policy);
|
|
|
|
srtp_err_status_t srtp_ekt_stream_init(srtp_ekt_stream_t e,
|
|
srtp_ekt_spi_t spi,
|
|
void *ekt_key,
|
|
unsigned ekt_cipher_type);
|
|
|
|
srtp_err_status_t srtp_ekt_stream_init_from_policy(srtp_ekt_stream_t e,
|
|
srtp_ekt_policy_t p);
|
|
|
|
srtp_err_status_t srtp_stream_init_from_ekt(srtp_stream_t stream,
|
|
const void *srtcp_hdr,
|
|
unsigned pkt_octet_len);
|
|
|
|
void srtp_ekt_write_data(srtp_ekt_stream_t ekt,
|
|
uint8_t *base_tag,
|
|
unsigned base_tag_len,
|
|
int *packet_len,
|
|
srtp_xtd_seq_num_t pkt_index);
|
|
|
|
/*
|
|
* We handle EKT by performing some additional steps before
|
|
* authentication (copying the auth tag into a temporary location,
|
|
* zeroizing the "base tag" field in the packet)
|
|
*
|
|
* With EKT, the tag_len parameter is actually the base tag
|
|
* length
|
|
*/
|
|
srtp_err_status_t srtp_ekt_tag_verification_preproces(uint8_t *pkt_tag,
|
|
uint8_t *pkt_tag_copy,
|
|
unsigned tag_len);
|
|
|
|
srtp_err_status_t srtp_ekt_tag_verification_postproces(uint8_t *pkt_tag,
|
|
uint8_t *pkt_tag_copy,
|
|
unsigned tag_len);
|
|
|
|
/*
|
|
* @brief EKT pre-processing for srtcp tag generation
|
|
*
|
|
* This function does the pre-processing of the SRTCP authentication
|
|
* tag format. When EKT is used, it consists of writing the Encrypted
|
|
* Master Key, the SRTP ROC, the Initial Sequence Number, and SPI
|
|
* fields. The Base Authentication Tag field is set to the all-zero
|
|
* value
|
|
*
|
|
* When EKT is not used, this function is a no-op.
|
|
*
|
|
*/
|
|
srtp_err_status_t srtp_stream_srtcp_auth_tag_generation_preprocess(
|
|
const srtp_stream_t *s,
|
|
uint8_t *pkt_tag,
|
|
unsigned pkt_octet_len);
|
|
|
|
/* it's not clear that a tag_generation_postprocess function is needed */
|
|
srtp_err_status_t srtcp_auth_tag_generation_postprocess(void);
|
|
|
|
#ifdef __cplusplus
|
|
}
|
|
#endif
|
|
|
|
#endif /* SRTP_EKT_H */
|