2
0

srtp_driver.c 118 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353354355356357358359360361362363364365366367368369370371372373374375376377378379380381382383384385386387388389390391392393394395396397398399400401402403404405406407408409410411412413414415416417418419420421422423424425426427428429430431432433434435436437438439440441442443444445446447448449450451452453454455456457458459460461462463464465466467468469470471472473474475476477478479480481482483484485486487488489490491492493494495496497498499500501502503504505506507508509510511512513514515516517518519520521522523524525526527528529530531532533534535536537538539540541542543544545546547548549550551552553554555556557558559560561562563564565566567568569570571572573574575576577578579580581582583584585586587588589590591592593594595596597598599600601602603604605606607608609610611612613614615616617618619620621622623624625626627628629630631632633634635636637638639640641642643644645646647648649650651652653654655656657658659660661662663664665666667668669670671672673674675676677678679680681682683684685686687688689690691692693694695696697698699700701702703704705706707708709710711712713714715716717718719720721722723724725726727728729730731732733734735736737738739740741742743744745746747748749750751752753754755756757758759760761762763764765766767768769770771772773774775776777778779780781782783784785786787788789790791792793794795796797798799800801802803804805806807808809810811812813814815816817818819820821822823824825826827828829830831832833834835836837838839840841842843844845846847848849850851852853854855856857858859860861862863864865866867868869870871872873874875876877878879880881882883884885886887888889890891892893894895896897898899900901902903904905906907908909910911912913914915916917918919920921922923924925926927928929930931932933934935936937938939940941942943944945946947948949950951952953954955956957958959960961962963964965966967968969970971972973974975976977978979980981982983984985986987988989990991992993994995996997998999100010011002100310041005100610071008100910101011101210131014101510161017101810191020102110221023102410251026102710281029103010311032103310341035103610371038103910401041104210431044104510461047104810491050105110521053105410551056105710581059106010611062106310641065106610671068106910701071107210731074107510761077107810791080108110821083108410851086108710881089109010911092109310941095109610971098109911001101110211031104110511061107110811091110111111121113111411151116111711181119112011211122112311241125112611271128112911301131113211331134113511361137113811391140114111421143114411451146114711481149115011511152115311541155115611571158115911601161116211631164116511661167116811691170117111721173117411751176117711781179118011811182118311841185118611871188118911901191119211931194119511961197119811991200120112021203120412051206120712081209121012111212121312141215121612171218121912201221122212231224122512261227122812291230123112321233123412351236123712381239124012411242124312441245124612471248124912501251125212531254125512561257125812591260126112621263126412651266126712681269127012711272127312741275127612771278127912801281128212831284128512861287128812891290129112921293129412951296129712981299130013011302130313041305130613071308130913101311131213131314131513161317131813191320132113221323132413251326132713281329133013311332133313341335133613371338133913401341134213431344134513461347134813491350135113521353135413551356135713581359136013611362136313641365136613671368136913701371137213731374137513761377137813791380138113821383138413851386138713881389139013911392139313941395139613971398139914001401140214031404140514061407140814091410141114121413141414151416141714181419142014211422142314241425142614271428142914301431143214331434143514361437143814391440144114421443144414451446144714481449145014511452145314541455145614571458145914601461146214631464146514661467146814691470147114721473147414751476147714781479148014811482148314841485148614871488148914901491149214931494149514961497149814991500150115021503150415051506150715081509151015111512151315141515151615171518151915201521152215231524152515261527152815291530153115321533153415351536153715381539154015411542154315441545154615471548154915501551155215531554155515561557155815591560156115621563156415651566156715681569157015711572157315741575157615771578157915801581158215831584158515861587158815891590159115921593159415951596159715981599160016011602160316041605160616071608160916101611161216131614161516161617161816191620162116221623162416251626162716281629163016311632163316341635163616371638163916401641164216431644164516461647164816491650165116521653165416551656165716581659166016611662166316641665166616671668166916701671167216731674167516761677167816791680168116821683168416851686168716881689169016911692169316941695169616971698169917001701170217031704170517061707170817091710171117121713171417151716171717181719172017211722172317241725172617271728172917301731173217331734173517361737173817391740174117421743174417451746174717481749175017511752175317541755175617571758175917601761176217631764176517661767176817691770177117721773177417751776177717781779178017811782178317841785178617871788178917901791179217931794179517961797179817991800180118021803180418051806180718081809181018111812181318141815181618171818181918201821182218231824182518261827182818291830183118321833183418351836183718381839184018411842184318441845184618471848184918501851185218531854185518561857185818591860186118621863186418651866186718681869187018711872187318741875187618771878187918801881188218831884188518861887188818891890189118921893189418951896189718981899190019011902190319041905190619071908190919101911191219131914191519161917191819191920192119221923192419251926192719281929193019311932193319341935193619371938193919401941194219431944194519461947194819491950195119521953195419551956195719581959196019611962196319641965196619671968196919701971197219731974197519761977197819791980198119821983198419851986198719881989199019911992199319941995199619971998199920002001200220032004200520062007200820092010201120122013201420152016201720182019202020212022202320242025202620272028202920302031203220332034203520362037203820392040204120422043204420452046204720482049205020512052205320542055205620572058205920602061206220632064206520662067206820692070207120722073207420752076207720782079208020812082208320842085208620872088208920902091209220932094209520962097209820992100210121022103210421052106210721082109211021112112211321142115211621172118211921202121212221232124212521262127212821292130213121322133213421352136213721382139214021412142214321442145214621472148214921502151215221532154215521562157215821592160216121622163216421652166216721682169217021712172217321742175217621772178217921802181218221832184218521862187218821892190219121922193219421952196219721982199220022012202220322042205220622072208220922102211221222132214221522162217221822192220222122222223222422252226222722282229223022312232223322342235223622372238223922402241224222432244224522462247224822492250225122522253225422552256225722582259226022612262226322642265226622672268226922702271227222732274227522762277227822792280228122822283228422852286228722882289229022912292229322942295229622972298229923002301230223032304230523062307230823092310231123122313231423152316231723182319232023212322232323242325232623272328232923302331233223332334233523362337233823392340234123422343234423452346234723482349235023512352235323542355235623572358235923602361236223632364236523662367236823692370237123722373237423752376237723782379238023812382238323842385238623872388238923902391239223932394239523962397239823992400240124022403240424052406240724082409241024112412241324142415241624172418241924202421242224232424242524262427242824292430243124322433243424352436243724382439244024412442244324442445244624472448244924502451245224532454245524562457245824592460246124622463246424652466246724682469247024712472247324742475247624772478247924802481248224832484248524862487248824892490249124922493249424952496249724982499250025012502250325042505250625072508250925102511251225132514251525162517251825192520252125222523252425252526252725282529253025312532253325342535253625372538253925402541254225432544254525462547254825492550255125522553255425552556255725582559256025612562256325642565256625672568256925702571257225732574257525762577257825792580258125822583258425852586258725882589259025912592259325942595259625972598259926002601260226032604260526062607260826092610261126122613261426152616261726182619262026212622262326242625262626272628262926302631263226332634263526362637263826392640264126422643264426452646264726482649265026512652265326542655265626572658265926602661266226632664266526662667266826692670267126722673267426752676267726782679268026812682268326842685268626872688268926902691269226932694269526962697269826992700270127022703270427052706270727082709271027112712271327142715271627172718271927202721272227232724272527262727272827292730273127322733273427352736273727382739274027412742274327442745274627472748274927502751275227532754275527562757275827592760276127622763276427652766276727682769277027712772277327742775277627772778277927802781278227832784278527862787278827892790279127922793279427952796279727982799280028012802280328042805280628072808280928102811281228132814281528162817281828192820282128222823282428252826282728282829283028312832283328342835283628372838283928402841284228432844284528462847284828492850285128522853285428552856285728582859286028612862286328642865286628672868286928702871287228732874287528762877287828792880288128822883288428852886288728882889289028912892289328942895289628972898289929002901290229032904290529062907290829092910291129122913291429152916291729182919292029212922292329242925292629272928292929302931293229332934293529362937293829392940294129422943294429452946294729482949295029512952295329542955295629572958295929602961296229632964296529662967296829692970297129722973297429752976297729782979298029812982298329842985298629872988298929902991299229932994299529962997299829993000300130023003300430053006300730083009301030113012301330143015301630173018301930203021302230233024302530263027302830293030303130323033303430353036303730383039304030413042304330443045304630473048304930503051305230533054305530563057305830593060306130623063306430653066306730683069307030713072307330743075307630773078307930803081308230833084308530863087308830893090309130923093309430953096309730983099310031013102310331043105310631073108310931103111311231133114311531163117311831193120312131223123312431253126312731283129313031313132313331343135313631373138313931403141314231433144314531463147314831493150315131523153315431553156315731583159316031613162316331643165316631673168316931703171317231733174317531763177317831793180318131823183318431853186318731883189319031913192319331943195319631973198319932003201320232033204320532063207320832093210321132123213321432153216321732183219322032213222322332243225322632273228322932303231323232333234323532363237323832393240324132423243324432453246324732483249325032513252325332543255325632573258325932603261326232633264326532663267326832693270327132723273327432753276327732783279328032813282328332843285328632873288328932903291329232933294329532963297329832993300330133023303330433053306330733083309331033113312331333143315331633173318331933203321332233233324332533263327332833293330333133323333333433353336333733383339334033413342334333443345334633473348334933503351335233533354335533563357335833593360336133623363336433653366336733683369337033713372337333743375337633773378337933803381338233833384338533863387338833893390339133923393339433953396339733983399340034013402340334043405340634073408340934103411341234133414341534163417341834193420342134223423342434253426342734283429343034313432343334343435343634373438343934403441344234433444344534463447344834493450345134523453345434553456345734583459346034613462346334643465346634673468346934703471347234733474347534763477347834793480348134823483348434853486348734883489349034913492349334943495349634973498349935003501350235033504350535063507350835093510351135123513351435153516351735183519352035213522352335243525352635273528352935303531353235333534353535363537353835393540354135423543354435453546354735483549355035513552355335543555355635573558355935603561356235633564356535663567356835693570357135723573357435753576357735783579358035813582358335843585358635873588358935903591359235933594359535963597359835993600360136023603360436053606360736083609361036113612361336143615361636173618361936203621362236233624362536263627362836293630363136323633363436353636363736383639364036413642364336443645364636473648364936503651365236533654365536563657365836593660366136623663366436653666366736683669367036713672367336743675367636773678367936803681368236833684368536863687368836893690369136923693369436953696369736983699370037013702370337043705370637073708370937103711371237133714371537163717371837193720372137223723372437253726372737283729373037313732373337343735373637373738373937403741374237433744374537463747374837493750375137523753375437553756375737583759376037613762376337643765376637673768376937703771377237733774377537763777377837793780378137823783378437853786378737883789379037913792379337943795379637973798379938003801380238033804380538063807380838093810381138123813381438153816381738183819382038213822382338243825382638273828382938303831383238333834383538363837383838393840384138423843
  1. /*
  2. * srtp_driver.c
  3. *
  4. * a test driver for libSRTP
  5. *
  6. * David A. McGrew
  7. * Cisco Systems, Inc.
  8. */
  9. /*
  10. *
  11. * Copyright (c) 2001-2017, Cisco Systems, Inc.
  12. * All rights reserved.
  13. *
  14. * Redistribution and use in source and binary forms, with or without
  15. * modification, are permitted provided that the following conditions
  16. * are met:
  17. *
  18. * Redistributions of source code must retain the above copyright
  19. * notice, this list of conditions and the following disclaimer.
  20. *
  21. * Redistributions in binary form must reproduce the above
  22. * copyright notice, this list of conditions and the following
  23. * disclaimer in the documentation and/or other materials provided
  24. * with the distribution.
  25. *
  26. * Neither the name of the Cisco Systems, Inc. nor the names of its
  27. * contributors may be used to endorse or promote products derived
  28. * from this software without specific prior written permission.
  29. *
  30. * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  31. * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  32. * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
  33. * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
  34. * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
  35. * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  36. * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  37. * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  38. * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  39. * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
  40. * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
  41. * OF THE POSSIBILITY OF SUCH DAMAGE.
  42. *
  43. */
  44. #include <string.h> /* for memcpy() */
  45. #include <time.h> /* for clock() */
  46. #include <stdlib.h> /* for malloc(), free() */
  47. #include <stdio.h> /* for print(), fflush() */
  48. #include "getopt_s.h" /* for local getopt() */
  49. #include "srtp_priv.h"
  50. #include "util.h"
  51. #ifdef HAVE_NETINET_IN_H
  52. #include <netinet/in.h>
  53. #elif defined HAVE_WINSOCK2_H
  54. #include <winsock2.h>
  55. #endif
  56. #define PRINT_REFERENCE_PACKET 1
  57. srtp_err_status_t srtp_validate(void);
  58. #ifdef GCM
  59. srtp_err_status_t srtp_validate_gcm(void);
  60. #endif
  61. srtp_err_status_t srtp_validate_encrypted_extensions_headers(void);
  62. #ifdef GCM
  63. srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm(void);
  64. #endif
  65. srtp_err_status_t srtp_validate_aes_256(void);
  66. srtp_err_status_t srtp_create_big_policy(srtp_policy_t **list);
  67. srtp_err_status_t srtp_dealloc_big_policy(srtp_policy_t *list);
  68. srtp_err_status_t srtp_test_empty_payload(void);
  69. #ifdef GCM
  70. srtp_err_status_t srtp_test_empty_payload_gcm(void);
  71. #endif
  72. srtp_err_status_t srtp_test_remove_stream(void);
  73. srtp_err_status_t srtp_test_update(void);
  74. srtp_err_status_t srtp_test_protect_trailer_length(void);
  75. srtp_err_status_t srtp_test_protect_rtcp_trailer_length(void);
  76. srtp_err_status_t srtp_test_get_roc(void);
  77. srtp_err_status_t srtp_test_set_receiver_roc(void);
  78. srtp_err_status_t srtp_test_set_sender_roc(void);
  79. double srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy);
  80. double srtp_rejections_per_second(int msg_len_octets,
  81. const srtp_policy_t *policy);
  82. void srtp_do_timing(const srtp_policy_t *policy);
  83. void srtp_do_rejection_timing(const srtp_policy_t *policy);
  84. srtp_err_status_t srtp_test(const srtp_policy_t *policy,
  85. int extension_header,
  86. int mki_index);
  87. srtp_err_status_t srtcp_test(const srtp_policy_t *policy, int mki_index);
  88. srtp_err_status_t srtp_session_print_policy(srtp_t srtp);
  89. srtp_err_status_t srtp_print_policy(const srtp_policy_t *policy);
  90. char *srtp_packet_to_string(srtp_hdr_t *hdr, int packet_len);
  91. double mips_estimate(int num_trials, int *ignore);
  92. #define TEST_MKI_ID_SIZE 4
  93. extern uint8_t test_key[46];
  94. extern uint8_t test_key_2[46];
  95. extern uint8_t test_mki_id[TEST_MKI_ID_SIZE];
  96. extern uint8_t test_mki_id_2[TEST_MKI_ID_SIZE];
  97. // clang-format off
  98. srtp_master_key_t master_key_1 = {
  99. test_key,
  100. test_mki_id,
  101. TEST_MKI_ID_SIZE
  102. };
  103. srtp_master_key_t master_key_2 = {
  104. test_key_2,
  105. test_mki_id_2,
  106. TEST_MKI_ID_SIZE
  107. };
  108. srtp_master_key_t *test_keys[2] = {
  109. &master_key_1,
  110. &master_key_2
  111. };
  112. // clang-format on
  113. void usage(char *prog_name)
  114. {
  115. printf("usage: %s [ -t ][ -c ][ -v ][ -o ][-d <debug_module> ]* [ -l ]\n"
  116. " -t run timing test\n"
  117. " -r run rejection timing test\n"
  118. " -c run codec timing test\n"
  119. " -v run validation tests\n"
  120. " -o output logging to stdout\n"
  121. " -d <mod> turn on debugging module <mod>\n"
  122. " -l list debugging modules\n",
  123. prog_name);
  124. exit(1);
  125. }
  126. void log_handler(srtp_log_level_t level, const char *msg, void *data)
  127. {
  128. char level_char = '?';
  129. switch (level) {
  130. case srtp_log_level_error:
  131. level_char = 'e';
  132. break;
  133. case srtp_log_level_warning:
  134. level_char = 'w';
  135. break;
  136. case srtp_log_level_info:
  137. level_char = 'i';
  138. break;
  139. case srtp_log_level_debug:
  140. level_char = 'd';
  141. break;
  142. }
  143. printf("SRTP-LOG [%c]: %s\n", level_char, msg);
  144. }
  145. /*
  146. * The policy_array and invalid_policy_array are null-terminated arrays of
  147. * policy structs. They is declared at the end of this file.
  148. */
  149. extern const srtp_policy_t *policy_array[];
  150. extern const srtp_policy_t *invalid_policy_array[];
  151. /* the wildcard_policy is declared below; it has a wildcard ssrc */
  152. extern const srtp_policy_t wildcard_policy;
  153. /*
  154. * mod_driver debug module - debugging module for this test driver
  155. *
  156. * we use the crypto_kernel debugging system in this driver, which
  157. * makes the interface uniform and increases portability
  158. */
  159. srtp_debug_module_t mod_driver = {
  160. 0, /* debugging is off by default */
  161. "driver" /* printable name for module */
  162. };
  163. int main(int argc, char *argv[])
  164. {
  165. int q;
  166. unsigned do_timing_test = 0;
  167. unsigned do_rejection_test = 0;
  168. unsigned do_codec_timing = 0;
  169. unsigned do_validation = 0;
  170. unsigned do_list_mods = 0;
  171. unsigned do_log_stdout = 0;
  172. srtp_err_status_t status;
  173. /*
  174. * verify that the compiler has interpreted the header data
  175. * structure srtp_hdr_t correctly
  176. */
  177. if (sizeof(srtp_hdr_t) != 12) {
  178. printf("error: srtp_hdr_t has incorrect size"
  179. "(size is %ld bytes, expected 12)\n",
  180. (long)sizeof(srtp_hdr_t));
  181. exit(1);
  182. }
  183. /* initialize srtp library */
  184. status = srtp_init();
  185. if (status) {
  186. printf("error: srtp init failed with error code %d\n", status);
  187. exit(1);
  188. }
  189. /* load srtp_driver debug module */
  190. status = srtp_crypto_kernel_load_debug_module(&mod_driver);
  191. if (status) {
  192. printf("error: load of srtp_driver debug module failed "
  193. "with error code %d\n",
  194. status);
  195. exit(1);
  196. }
  197. /* process input arguments */
  198. while (1) {
  199. q = getopt_s(argc, argv, "trcvold:");
  200. if (q == -1) {
  201. break;
  202. }
  203. switch (q) {
  204. case 't':
  205. do_timing_test = 1;
  206. break;
  207. case 'r':
  208. do_rejection_test = 1;
  209. break;
  210. case 'c':
  211. do_codec_timing = 1;
  212. break;
  213. case 'v':
  214. do_validation = 1;
  215. break;
  216. case 'o':
  217. do_log_stdout = 1;
  218. break;
  219. case 'l':
  220. do_list_mods = 1;
  221. break;
  222. case 'd':
  223. status = srtp_set_debug_module(optarg_s, 1);
  224. if (status) {
  225. printf("error: set debug module (%s) failed\n", optarg_s);
  226. exit(1);
  227. }
  228. break;
  229. default:
  230. usage(argv[0]);
  231. }
  232. }
  233. if (!do_validation && !do_timing_test && !do_codec_timing &&
  234. !do_list_mods && !do_rejection_test) {
  235. usage(argv[0]);
  236. }
  237. if (do_log_stdout) {
  238. status = srtp_install_log_handler(log_handler, NULL);
  239. if (status) {
  240. printf("error: install log handler failed\n");
  241. exit(1);
  242. }
  243. }
  244. if (do_list_mods) {
  245. status = srtp_list_debug_modules();
  246. if (status) {
  247. printf("error: list of debug modules failed\n");
  248. exit(1);
  249. }
  250. }
  251. if (do_validation) {
  252. const srtp_policy_t **policy = policy_array;
  253. srtp_policy_t *big_policy;
  254. srtp_t srtp_sender;
  255. /* loop over policy array, testing srtp and srtcp for each policy */
  256. while (*policy != NULL) {
  257. printf("testing srtp_protect and srtp_unprotect\n");
  258. if (srtp_test(*policy, 0, -1) == srtp_err_status_ok) {
  259. printf("passed\n\n");
  260. } else {
  261. printf("failed\n");
  262. exit(1);
  263. }
  264. printf("testing srtp_protect and srtp_unprotect with encrypted "
  265. "extensions headers\n");
  266. if (srtp_test(*policy, 1, -1) == srtp_err_status_ok) {
  267. printf("passed\n\n");
  268. } else {
  269. printf("failed\n");
  270. exit(1);
  271. }
  272. printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp\n");
  273. if (srtcp_test(*policy, -1) == srtp_err_status_ok) {
  274. printf("passed\n\n");
  275. } else {
  276. printf("failed\n");
  277. exit(1);
  278. }
  279. printf("testing srtp_protect_rtp and srtp_unprotect_rtp with MKI "
  280. "index set to 0\n");
  281. if (srtp_test(*policy, 0, 0) == srtp_err_status_ok) {
  282. printf("passed\n\n");
  283. } else {
  284. printf("failed\n");
  285. exit(1);
  286. }
  287. printf("testing srtp_protect_rtp and srtp_unprotect_rtp with MKI "
  288. "index set to 1\n");
  289. if (srtp_test(*policy, 0, 1) == srtp_err_status_ok) {
  290. printf("passed\n\n");
  291. } else {
  292. printf("failed\n");
  293. exit(1);
  294. }
  295. printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp with MKI "
  296. "index set to 0\n");
  297. if (srtcp_test(*policy, 0) == srtp_err_status_ok) {
  298. printf("passed\n\n");
  299. } else {
  300. printf("failed\n");
  301. exit(1);
  302. }
  303. printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp with MKI "
  304. "index set to 1\n");
  305. if (srtcp_test(*policy, 1) == srtp_err_status_ok) {
  306. printf("passed\n\n");
  307. } else {
  308. printf("failed\n");
  309. exit(1);
  310. }
  311. policy++;
  312. }
  313. /* loop over invalid policy array, testing that an SRTP context cannot
  314. * be created with the policy */
  315. policy = invalid_policy_array;
  316. while (*policy != NULL) {
  317. printf("testing srtp_create fails with invalid policy\n");
  318. if (srtp_create(&srtp_sender, *policy) != srtp_err_status_ok) {
  319. printf("passed\n\n");
  320. } else {
  321. printf("failed\n");
  322. exit(1);
  323. }
  324. policy++;
  325. }
  326. /* create a big policy list and run tests on it */
  327. status = srtp_create_big_policy(&big_policy);
  328. if (status) {
  329. printf("unexpected failure with error code %d\n", status);
  330. exit(1);
  331. }
  332. printf("testing srtp_protect and srtp_unprotect with big policy\n");
  333. if (srtp_test(big_policy, 0, -1) == srtp_err_status_ok) {
  334. printf("passed\n\n");
  335. } else {
  336. printf("failed\n");
  337. exit(1);
  338. }
  339. printf("testing srtp_protect and srtp_unprotect with big policy and "
  340. "encrypted extensions headers\n");
  341. if (srtp_test(big_policy, 1, -1) == srtp_err_status_ok) {
  342. printf("passed\n\n");
  343. } else {
  344. printf("failed\n");
  345. exit(1);
  346. }
  347. status = srtp_dealloc_big_policy(big_policy);
  348. if (status) {
  349. printf("unexpected failure with error code %d\n", status);
  350. exit(1);
  351. }
  352. /* run test on wildcard policy */
  353. printf("testing srtp_protect and srtp_unprotect on "
  354. "wildcard ssrc policy\n");
  355. if (srtp_test(&wildcard_policy, 0, -1) == srtp_err_status_ok) {
  356. printf("passed\n\n");
  357. } else {
  358. printf("failed\n");
  359. exit(1);
  360. }
  361. printf("testing srtp_protect and srtp_unprotect on "
  362. "wildcard ssrc policy and encrypted extensions headers\n");
  363. if (srtp_test(&wildcard_policy, 1, -1) == srtp_err_status_ok) {
  364. printf("passed\n\n");
  365. } else {
  366. printf("failed\n");
  367. exit(1);
  368. }
  369. /*
  370. * run validation test against the reference packets - note
  371. * that this test only covers the default policy
  372. */
  373. printf("testing srtp_protect and srtp_unprotect against "
  374. "reference packet\n");
  375. if (srtp_validate() == srtp_err_status_ok) {
  376. printf("passed\n\n");
  377. } else {
  378. printf("failed\n");
  379. exit(1);
  380. }
  381. #ifdef GCM
  382. printf("testing srtp_protect and srtp_unprotect against "
  383. "reference packet using GCM\n");
  384. if (srtp_validate_gcm() == srtp_err_status_ok) {
  385. printf("passed\n\n");
  386. } else {
  387. printf("failed\n");
  388. exit(1);
  389. }
  390. #endif
  391. printf("testing srtp_protect and srtp_unprotect against "
  392. "reference packet with encrypted extensions headers\n");
  393. if (srtp_validate_encrypted_extensions_headers() == srtp_err_status_ok)
  394. printf("passed\n\n");
  395. else {
  396. printf("failed\n");
  397. exit(1);
  398. }
  399. #ifdef GCM
  400. printf("testing srtp_protect and srtp_unprotect against "
  401. "reference packet with encrypted extension headers (GCM)\n");
  402. if (srtp_validate_encrypted_extensions_headers_gcm() ==
  403. srtp_err_status_ok) {
  404. printf("passed\n\n");
  405. } else {
  406. printf("failed\n");
  407. exit(1);
  408. }
  409. #endif
  410. /*
  411. * run validation test against the reference packets for
  412. * AES-256
  413. */
  414. printf("testing srtp_protect and srtp_unprotect against "
  415. "reference packet (AES-256)\n");
  416. if (srtp_validate_aes_256() == srtp_err_status_ok) {
  417. printf("passed\n\n");
  418. } else {
  419. printf("failed\n");
  420. exit(1);
  421. }
  422. /*
  423. * test packets with empty payload
  424. */
  425. printf("testing srtp_protect and srtp_unprotect against "
  426. "packet with empty payload\n");
  427. if (srtp_test_empty_payload() == srtp_err_status_ok) {
  428. printf("passed\n");
  429. } else {
  430. printf("failed\n");
  431. exit(1);
  432. }
  433. #ifdef GCM
  434. printf("testing srtp_protect and srtp_unprotect against "
  435. "packet with empty payload (GCM)\n");
  436. if (srtp_test_empty_payload_gcm() == srtp_err_status_ok) {
  437. printf("passed\n");
  438. } else {
  439. printf("failed\n");
  440. exit(1);
  441. }
  442. #endif
  443. /*
  444. * test the function srtp_remove_stream()
  445. */
  446. printf("testing srtp_remove_stream()...");
  447. if (srtp_test_remove_stream() == srtp_err_status_ok) {
  448. printf("passed\n");
  449. } else {
  450. printf("failed\n");
  451. exit(1);
  452. }
  453. /*
  454. * test the function srtp_update()
  455. */
  456. printf("testing srtp_update()...");
  457. if (srtp_test_update() == srtp_err_status_ok) {
  458. printf("passed\n");
  459. } else {
  460. printf("failed\n");
  461. exit(1);
  462. }
  463. /*
  464. * test the functions srtp_get_protect_trailer_length
  465. * and srtp_get_protect_rtcp_trailer_length
  466. */
  467. printf("testing srtp_get_protect_trailer_length()...");
  468. if (srtp_test_protect_trailer_length() == srtp_err_status_ok) {
  469. printf("passed\n");
  470. } else {
  471. printf("failed\n");
  472. exit(1);
  473. }
  474. printf("testing srtp_get_protect_rtcp_trailer_length()...");
  475. if (srtp_test_protect_rtcp_trailer_length() == srtp_err_status_ok) {
  476. printf("passed\n");
  477. } else {
  478. printf("failed\n");
  479. exit(1);
  480. }
  481. printf("testing srtp_test_get_roc()...");
  482. if (srtp_test_get_roc() == srtp_err_status_ok) {
  483. printf("passed\n");
  484. } else {
  485. printf("failed\n");
  486. exit(1);
  487. }
  488. printf("testing srtp_test_set_receiver_roc()...");
  489. if (srtp_test_set_receiver_roc() == srtp_err_status_ok) {
  490. printf("passed\n");
  491. } else {
  492. printf("failed\n");
  493. exit(1);
  494. }
  495. printf("testing srtp_test_set_sender_roc()...");
  496. if (srtp_test_set_sender_roc() == srtp_err_status_ok) {
  497. printf("passed\n");
  498. } else {
  499. printf("failed\n");
  500. exit(1);
  501. }
  502. }
  503. if (do_timing_test) {
  504. const srtp_policy_t **policy = policy_array;
  505. /* loop over policies, run timing test for each */
  506. while (*policy != NULL) {
  507. srtp_print_policy(*policy);
  508. srtp_do_timing(*policy);
  509. policy++;
  510. }
  511. }
  512. if (do_rejection_test) {
  513. const srtp_policy_t **policy = policy_array;
  514. /* loop over policies, run rejection timing test for each */
  515. while (*policy != NULL) {
  516. srtp_print_policy(*policy);
  517. srtp_do_rejection_timing(*policy);
  518. policy++;
  519. }
  520. }
  521. if (do_codec_timing) {
  522. srtp_policy_t policy;
  523. int ignore;
  524. double mips_value = mips_estimate(1000000000, &ignore);
  525. memset(&policy, 0, sizeof(policy));
  526. srtp_crypto_policy_set_rtp_default(&policy.rtp);
  527. srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
  528. policy.ssrc.type = ssrc_specific;
  529. policy.ssrc.value = 0xdecafbad;
  530. policy.key = test_key;
  531. policy.deprecated_ekt = NULL;
  532. policy.window_size = 128;
  533. policy.allow_repeat_tx = 0;
  534. policy.next = NULL;
  535. printf("mips estimate: %e\n", mips_value);
  536. printf("testing srtp processing time for voice codecs:\n");
  537. printf("codec\t\tlength (octets)\t\tsrtp instructions/second\n");
  538. printf("G.711\t\t%d\t\t\t%e\n", 80,
  539. (double)mips_value * (80 * 8) /
  540. srtp_bits_per_second(80, &policy) / .01);
  541. printf("G.711\t\t%d\t\t\t%e\n", 160,
  542. (double)mips_value * (160 * 8) /
  543. srtp_bits_per_second(160, &policy) / .02);
  544. printf("G.726-32\t%d\t\t\t%e\n", 40,
  545. (double)mips_value * (40 * 8) /
  546. srtp_bits_per_second(40, &policy) / .01);
  547. printf("G.726-32\t%d\t\t\t%e\n", 80,
  548. (double)mips_value * (80 * 8) /
  549. srtp_bits_per_second(80, &policy) / .02);
  550. printf("G.729\t\t%d\t\t\t%e\n", 10,
  551. (double)mips_value * (10 * 8) /
  552. srtp_bits_per_second(10, &policy) / .01);
  553. printf("G.729\t\t%d\t\t\t%e\n", 20,
  554. (double)mips_value * (20 * 8) /
  555. srtp_bits_per_second(20, &policy) / .02);
  556. printf("Wideband\t%d\t\t\t%e\n", 320,
  557. (double)mips_value * (320 * 8) /
  558. srtp_bits_per_second(320, &policy) / .01);
  559. printf("Wideband\t%d\t\t\t%e\n", 640,
  560. (double)mips_value * (640 * 8) /
  561. srtp_bits_per_second(640, &policy) / .02);
  562. }
  563. status = srtp_shutdown();
  564. if (status) {
  565. printf("error: srtp shutdown failed with error code %d\n", status);
  566. exit(1);
  567. }
  568. return 0;
  569. }
  570. /*
  571. * srtp_create_test_packet(len, ssrc) returns a pointer to a
  572. * (malloced) example RTP packet whose data field has the length given
  573. * by pkt_octet_len and the SSRC value ssrc. The total length of the
  574. * packet is twelve octets longer, since the header is at the
  575. * beginning. There is room at the end of the packet for a trailer,
  576. * and the four octets following the packet are filled with 0xff
  577. * values to enable testing for overwrites.
  578. *
  579. * note that the location of the test packet can (and should) be
  580. * deallocated with the free() call once it is no longer needed.
  581. */
  582. srtp_hdr_t *srtp_create_test_packet(int pkt_octet_len,
  583. uint32_t ssrc,
  584. int *pkt_len)
  585. {
  586. int i;
  587. uint8_t *buffer;
  588. srtp_hdr_t *hdr;
  589. int bytes_in_hdr = 12;
  590. /* allocate memory for test packet */
  591. hdr = (srtp_hdr_t *)malloc(pkt_octet_len + bytes_in_hdr +
  592. SRTP_MAX_TRAILER_LEN + 4);
  593. if (!hdr) {
  594. return NULL;
  595. }
  596. hdr->version = 2; /* RTP version two */
  597. hdr->p = 0; /* no padding needed */
  598. hdr->x = 0; /* no header extension */
  599. hdr->cc = 0; /* no CSRCs */
  600. hdr->m = 0; /* marker bit */
  601. hdr->pt = 0xf; /* payload type */
  602. hdr->seq = htons(0x1234); /* sequence number */
  603. hdr->ts = htonl(0xdecafbad); /* timestamp */
  604. hdr->ssrc = htonl(ssrc); /* synch. source */
  605. buffer = (uint8_t *)hdr;
  606. buffer += bytes_in_hdr;
  607. /* set RTP data to 0xab */
  608. for (i = 0; i < pkt_octet_len; i++) {
  609. *buffer++ = 0xab;
  610. }
  611. /* set post-data value to 0xffff to enable overrun checking */
  612. for (i = 0; i < SRTP_MAX_TRAILER_LEN + 4; i++) {
  613. *buffer++ = 0xff;
  614. }
  615. *pkt_len = bytes_in_hdr + pkt_octet_len;
  616. return hdr;
  617. }
  618. static srtp_hdr_t *srtp_create_test_packet_extended(int pkt_octet_len,
  619. uint32_t ssrc,
  620. uint16_t seq,
  621. uint32_t ts,
  622. int *pkt_len)
  623. {
  624. srtp_hdr_t *hdr;
  625. hdr = srtp_create_test_packet(pkt_octet_len, ssrc, pkt_len);
  626. if (hdr == NULL)
  627. return hdr;
  628. hdr->seq = htons(seq);
  629. hdr->ts = htonl(ts);
  630. return hdr;
  631. }
  632. srtp_hdr_t *srtp_create_test_packet_ext_hdr(int pkt_octet_len,
  633. uint32_t ssrc,
  634. int *pkt_len)
  635. {
  636. int i;
  637. uint8_t *buffer;
  638. srtp_hdr_t *hdr;
  639. int bytes_in_hdr = 12;
  640. uint8_t extension_header[12] = { /* one-byte header */
  641. 0xbe, 0xde,
  642. /* size */
  643. 0x00, 0x02,
  644. /* id 1, length 1 (i.e. 2 bytes) */
  645. 0x11,
  646. /* payload */
  647. 0xca, 0xfe,
  648. /* padding */
  649. 0x00,
  650. /* id 2, length 0 (i.e. 1 byte) */
  651. 0x20,
  652. /* payload */
  653. 0xba,
  654. /* padding */
  655. 0x00, 0x00
  656. };
  657. /* allocate memory for test packet */
  658. hdr = (srtp_hdr_t *)malloc(pkt_octet_len + bytes_in_hdr +
  659. sizeof(extension_header) + SRTP_MAX_TRAILER_LEN +
  660. 4);
  661. if (!hdr)
  662. return NULL;
  663. hdr->version = 2; /* RTP version two */
  664. hdr->p = 0; /* no padding needed */
  665. hdr->x = 1; /* no header extension */
  666. hdr->cc = 0; /* no CSRCs */
  667. hdr->m = 0; /* marker bit */
  668. hdr->pt = 0xf; /* payload type */
  669. hdr->seq = htons(0x1234); /* sequence number */
  670. hdr->ts = htonl(0xdecafbad); /* timestamp */
  671. hdr->ssrc = htonl(ssrc); /* synch. source */
  672. buffer = (uint8_t *)hdr;
  673. buffer += bytes_in_hdr;
  674. memcpy(buffer, extension_header, sizeof(extension_header));
  675. buffer += sizeof(extension_header);
  676. /* set RTP data to 0xab */
  677. for (i = 0; i < pkt_octet_len; i++)
  678. *buffer++ = 0xab;
  679. /* set post-data value to 0xffff to enable overrun checking */
  680. for (i = 0; i < SRTP_MAX_TRAILER_LEN + 4; i++)
  681. *buffer++ = 0xff;
  682. *pkt_len = bytes_in_hdr + sizeof(extension_header) + pkt_octet_len;
  683. return hdr;
  684. }
  685. void srtp_do_timing(const srtp_policy_t *policy)
  686. {
  687. int len;
  688. /*
  689. * note: the output of this function is formatted so that it
  690. * can be used in gnuplot. '#' indicates a comment, and "\r\n"
  691. * terminates a record
  692. */
  693. printf("# testing srtp throughput:\r\n");
  694. printf("# mesg length (octets)\tthroughput (megabits per second)\r\n");
  695. for (len = 16; len <= 2048; len *= 2) {
  696. printf("%d\t\t\t%f\r\n", len,
  697. srtp_bits_per_second(len, policy) / 1.0E6);
  698. }
  699. /* these extra linefeeds let gnuplot know that a dataset is done */
  700. printf("\r\n\r\n");
  701. }
  702. void srtp_do_rejection_timing(const srtp_policy_t *policy)
  703. {
  704. int len;
  705. /*
  706. * note: the output of this function is formatted so that it
  707. * can be used in gnuplot. '#' indicates a comment, and "\r\n"
  708. * terminates a record
  709. */
  710. printf("# testing srtp rejection throughput:\r\n");
  711. printf("# mesg length (octets)\trejections per second\r\n");
  712. for (len = 8; len <= 2048; len *= 2) {
  713. printf("%d\t\t\t%e\r\n", len, srtp_rejections_per_second(len, policy));
  714. }
  715. /* these extra linefeeds let gnuplot know that a dataset is done */
  716. printf("\r\n\r\n");
  717. }
  718. #define MAX_MSG_LEN 1024
  719. double srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy)
  720. {
  721. srtp_t srtp;
  722. srtp_hdr_t *mesg;
  723. int i;
  724. clock_t timer;
  725. int num_trials = 100000;
  726. int input_len, len;
  727. uint32_t ssrc;
  728. srtp_err_status_t status;
  729. /*
  730. * allocate and initialize an srtp session
  731. */
  732. status = srtp_create(&srtp, policy);
  733. if (status) {
  734. printf("error: srtp_create() failed with error code %d\n", status);
  735. exit(1);
  736. }
  737. /*
  738. * if the ssrc is unspecified, use a predetermined one
  739. */
  740. if (policy->ssrc.type != ssrc_specific) {
  741. ssrc = 0xdeadbeef;
  742. } else {
  743. ssrc = policy->ssrc.value;
  744. }
  745. /*
  746. * create a test packet
  747. */
  748. mesg = srtp_create_test_packet(msg_len_octets, ssrc, &input_len);
  749. if (mesg == NULL) {
  750. return 0.0; /* indicate failure by returning zero */
  751. }
  752. timer = clock();
  753. for (i = 0; i < num_trials; i++) {
  754. len = input_len;
  755. /* srtp protect message */
  756. status = srtp_protect(srtp, mesg, &len);
  757. if (status) {
  758. printf("error: srtp_protect() failed with error code %d\n", status);
  759. exit(1);
  760. }
  761. /* increment message number */
  762. {
  763. /* hack sequence to avoid problems with macros for htons/ntohs on
  764. * some systems */
  765. short new_seq = ntohs(mesg->seq) + 1;
  766. mesg->seq = htons(new_seq);
  767. }
  768. }
  769. timer = clock() - timer;
  770. free(mesg);
  771. status = srtp_dealloc(srtp);
  772. if (status) {
  773. printf("error: srtp_dealloc() failed with error code %d\n", status);
  774. exit(1);
  775. }
  776. return (double)(msg_len_octets)*8 * num_trials * CLOCKS_PER_SEC / timer;
  777. }
  778. double srtp_rejections_per_second(int msg_len_octets,
  779. const srtp_policy_t *policy)
  780. {
  781. srtp_ctx_t *srtp;
  782. srtp_hdr_t *mesg;
  783. int i;
  784. int len;
  785. clock_t timer;
  786. int num_trials = 1000000;
  787. uint32_t ssrc = policy->ssrc.value;
  788. srtp_err_status_t status;
  789. /*
  790. * allocate and initialize an srtp session
  791. */
  792. status = srtp_create(&srtp, policy);
  793. if (status) {
  794. printf("error: srtp_create() failed with error code %d\n", status);
  795. exit(1);
  796. }
  797. mesg = srtp_create_test_packet(msg_len_octets, ssrc, &len);
  798. if (mesg == NULL) {
  799. return 0.0; /* indicate failure by returning zero */
  800. }
  801. srtp_protect(srtp, (srtp_hdr_t *)mesg, &len);
  802. timer = clock();
  803. for (i = 0; i < num_trials; i++) {
  804. len = msg_len_octets;
  805. srtp_unprotect(srtp, (srtp_hdr_t *)mesg, &len);
  806. }
  807. timer = clock() - timer;
  808. free(mesg);
  809. status = srtp_dealloc(srtp);
  810. if (status) {
  811. printf("error: srtp_dealloc() failed with error code %d\n", status);
  812. exit(1);
  813. }
  814. return (double)num_trials * CLOCKS_PER_SEC / timer;
  815. }
  816. void err_check(srtp_err_status_t s)
  817. {
  818. if (s != srtp_err_status_ok) {
  819. fprintf(stderr, "error: unexpected srtp failure (code %d)\n", s);
  820. exit(1);
  821. }
  822. }
  823. srtp_err_status_t srtp_test_call_protect(srtp_t srtp_sender,
  824. srtp_hdr_t *hdr,
  825. int *len,
  826. int mki_index)
  827. {
  828. if (mki_index == -1) {
  829. return srtp_protect(srtp_sender, hdr, len);
  830. } else {
  831. return srtp_protect_mki(srtp_sender, hdr, len, 1, mki_index);
  832. }
  833. }
  834. srtp_err_status_t srtp_test_call_protect_rtcp(srtp_t srtp_sender,
  835. srtp_hdr_t *hdr,
  836. int *len,
  837. int mki_index)
  838. {
  839. if (mki_index == -1) {
  840. return srtp_protect_rtcp(srtp_sender, hdr, len);
  841. } else {
  842. return srtp_protect_rtcp_mki(srtp_sender, hdr, len, 1, mki_index);
  843. }
  844. }
  845. srtp_err_status_t srtp_test_call_unprotect(srtp_t srtp_sender,
  846. srtp_hdr_t *hdr,
  847. int *len,
  848. int use_mki)
  849. {
  850. if (use_mki == -1) {
  851. return srtp_unprotect(srtp_sender, hdr, len);
  852. } else {
  853. return srtp_unprotect_mki(srtp_sender, hdr, len, use_mki);
  854. }
  855. }
  856. srtp_err_status_t srtp_test_call_unprotect_rtcp(srtp_t srtp_sender,
  857. srtp_hdr_t *hdr,
  858. int *len,
  859. int use_mki)
  860. {
  861. if (use_mki == -1) {
  862. return srtp_unprotect_rtcp(srtp_sender, hdr, len);
  863. } else {
  864. return srtp_unprotect_rtcp_mki(srtp_sender, hdr, len, use_mki);
  865. }
  866. }
  867. srtp_err_status_t srtp_test(const srtp_policy_t *policy,
  868. int extension_header,
  869. int mki_index)
  870. {
  871. int i;
  872. srtp_t srtp_sender;
  873. srtp_t srtp_rcvr;
  874. srtp_err_status_t status = srtp_err_status_ok;
  875. srtp_hdr_t *hdr, *hdr2;
  876. uint8_t hdr_enc[64];
  877. uint8_t *pkt_end;
  878. int msg_len_octets, msg_len_enc, msg_len;
  879. int len, len2;
  880. uint32_t tag_length;
  881. uint32_t ssrc;
  882. srtp_policy_t *rcvr_policy;
  883. srtp_policy_t tmp_policy;
  884. int header = 1;
  885. int use_mki = 0;
  886. if (mki_index >= 0)
  887. use_mki = 1;
  888. if (extension_header) {
  889. memcpy(&tmp_policy, policy, sizeof(srtp_policy_t));
  890. tmp_policy.enc_xtn_hdr = &header;
  891. tmp_policy.enc_xtn_hdr_count = 1;
  892. err_check(srtp_create(&srtp_sender, &tmp_policy));
  893. } else {
  894. err_check(srtp_create(&srtp_sender, policy));
  895. }
  896. /* print out policy */
  897. err_check(srtp_session_print_policy(srtp_sender));
  898. /*
  899. * initialize data buffer, using the ssrc in the policy unless that
  900. * value is a wildcard, in which case we'll just use an arbitrary
  901. * one
  902. */
  903. if (policy->ssrc.type != ssrc_specific) {
  904. ssrc = 0xdecafbad;
  905. } else {
  906. ssrc = policy->ssrc.value;
  907. }
  908. msg_len_octets = 28;
  909. if (extension_header) {
  910. hdr = srtp_create_test_packet_ext_hdr(msg_len_octets, ssrc, &len);
  911. hdr2 = srtp_create_test_packet_ext_hdr(msg_len_octets, ssrc, &len2);
  912. } else {
  913. hdr = srtp_create_test_packet(msg_len_octets, ssrc, &len);
  914. hdr2 = srtp_create_test_packet(msg_len_octets, ssrc, &len2);
  915. }
  916. /* save original msg len */
  917. msg_len = len;
  918. if (hdr == NULL) {
  919. free(hdr2);
  920. return srtp_err_status_alloc_fail;
  921. }
  922. if (hdr2 == NULL) {
  923. free(hdr);
  924. return srtp_err_status_alloc_fail;
  925. }
  926. debug_print(mod_driver, "before protection:\n%s",
  927. srtp_packet_to_string(hdr, len));
  928. #if PRINT_REFERENCE_PACKET
  929. debug_print(mod_driver, "reference packet before protection:\n%s",
  930. octet_string_hex_string((uint8_t *)hdr, len));
  931. #endif
  932. err_check(srtp_test_call_protect(srtp_sender, hdr, &len, mki_index));
  933. debug_print(mod_driver, "after protection:\n%s",
  934. srtp_packet_to_string(hdr, len));
  935. #if PRINT_REFERENCE_PACKET
  936. debug_print(mod_driver, "after protection:\n%s",
  937. octet_string_hex_string((uint8_t *)hdr, len));
  938. #endif
  939. /* save protected message and length */
  940. memcpy(hdr_enc, hdr, len);
  941. msg_len_enc = len;
  942. /*
  943. * check for overrun of the srtp_protect() function
  944. *
  945. * The packet is followed by a value of 0xfffff; if the value of the
  946. * data following the packet is different, then we know that the
  947. * protect function is overwriting the end of the packet.
  948. */
  949. err_check(srtp_get_protect_trailer_length(srtp_sender, use_mki, mki_index,
  950. &tag_length));
  951. pkt_end = (uint8_t *)hdr + msg_len + tag_length;
  952. for (i = 0; i < 4; i++) {
  953. if (pkt_end[i] != 0xff) {
  954. fprintf(stdout, "overwrite in srtp_protect() function "
  955. "(expected %x, found %x in trailing octet %d)\n",
  956. 0xff, ((uint8_t *)hdr)[i], i);
  957. free(hdr);
  958. free(hdr2);
  959. return srtp_err_status_algo_fail;
  960. }
  961. }
  962. /*
  963. * if the policy includes confidentiality, check that ciphertext is
  964. * different than plaintext
  965. *
  966. * Note that this check will give false negatives, with some small
  967. * probability, especially if the packets are short. For that
  968. * reason, we skip this check if the plaintext is less than four
  969. * octets long.
  970. */
  971. if ((policy->rtp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) {
  972. printf("testing that ciphertext is distinct from plaintext...");
  973. status = srtp_err_status_algo_fail;
  974. for (i = 12; i < msg_len_octets + 12; i++) {
  975. if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) {
  976. status = srtp_err_status_ok;
  977. }
  978. }
  979. if (status) {
  980. printf("failed\n");
  981. free(hdr);
  982. free(hdr2);
  983. return status;
  984. }
  985. printf("passed\n");
  986. }
  987. /*
  988. * if the policy uses a 'wildcard' ssrc, then we need to make a copy
  989. * of the policy that changes the direction to inbound
  990. *
  991. * we always copy the policy into the rcvr_policy, since otherwise
  992. * the compiler would fret about the constness of the policy
  993. */
  994. rcvr_policy = (srtp_policy_t *)malloc(sizeof(srtp_policy_t));
  995. if (rcvr_policy == NULL) {
  996. free(hdr);
  997. free(hdr2);
  998. return srtp_err_status_alloc_fail;
  999. }
  1000. if (extension_header) {
  1001. memcpy(rcvr_policy, &tmp_policy, sizeof(srtp_policy_t));
  1002. if (tmp_policy.ssrc.type == ssrc_any_outbound) {
  1003. rcvr_policy->ssrc.type = ssrc_any_inbound;
  1004. }
  1005. } else {
  1006. memcpy(rcvr_policy, policy, sizeof(srtp_policy_t));
  1007. if (policy->ssrc.type == ssrc_any_outbound) {
  1008. rcvr_policy->ssrc.type = ssrc_any_inbound;
  1009. }
  1010. }
  1011. err_check(srtp_create(&srtp_rcvr, rcvr_policy));
  1012. err_check(srtp_test_call_unprotect(srtp_rcvr, hdr, &len, use_mki));
  1013. debug_print(mod_driver, "after unprotection:\n%s",
  1014. srtp_packet_to_string(hdr, len));
  1015. /* verify that the unprotected packet matches the origial one */
  1016. for (i = 0; i < len; i++) {
  1017. if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) {
  1018. fprintf(stdout, "mismatch at octet %d\n", i);
  1019. status = srtp_err_status_algo_fail;
  1020. }
  1021. }
  1022. if (status) {
  1023. free(hdr);
  1024. free(hdr2);
  1025. free(rcvr_policy);
  1026. return status;
  1027. }
  1028. /*
  1029. * if the policy includes authentication, then test for false positives
  1030. */
  1031. if (policy->rtp.sec_serv & sec_serv_auth) {
  1032. char *data = ((char *)hdr) + (extension_header ? 24 : 12);
  1033. printf("testing for false positives in replay check...");
  1034. /* unprotect a second time - should fail with a replay error */
  1035. status =
  1036. srtp_test_call_unprotect(srtp_rcvr, hdr, &msg_len_enc, use_mki);
  1037. if (status != srtp_err_status_replay_fail) {
  1038. printf("failed with error code %d\n", status);
  1039. free(hdr);
  1040. free(hdr2);
  1041. free(rcvr_policy);
  1042. return status;
  1043. } else {
  1044. printf("passed\n");
  1045. }
  1046. printf("testing for false positives in auth check...");
  1047. /* increment sequence number in header */
  1048. hdr->seq++;
  1049. /* apply protection */
  1050. err_check(srtp_test_call_protect(srtp_sender, hdr, &len, mki_index));
  1051. /* flip bits in packet */
  1052. data[0] ^= 0xff;
  1053. /* unprotect, and check for authentication failure */
  1054. status = srtp_test_call_unprotect(srtp_rcvr, hdr, &len, use_mki);
  1055. if (status != srtp_err_status_auth_fail) {
  1056. printf("failed\n");
  1057. free(hdr);
  1058. free(hdr2);
  1059. free(rcvr_policy);
  1060. return status;
  1061. } else {
  1062. printf("passed\n");
  1063. }
  1064. }
  1065. err_check(srtp_dealloc(srtp_sender));
  1066. err_check(srtp_dealloc(srtp_rcvr));
  1067. free(hdr);
  1068. free(hdr2);
  1069. free(rcvr_policy);
  1070. return srtp_err_status_ok;
  1071. }
  1072. srtp_err_status_t srtcp_test(const srtp_policy_t *policy, int mki_index)
  1073. {
  1074. int i;
  1075. srtp_t srtcp_sender;
  1076. srtp_t srtcp_rcvr;
  1077. srtp_err_status_t status = srtp_err_status_ok;
  1078. srtp_hdr_t *hdr, *hdr2;
  1079. uint8_t hdr_enc[64];
  1080. uint8_t *pkt_end;
  1081. int msg_len_octets, msg_len_enc, msg_len;
  1082. int len, len2;
  1083. uint32_t tag_length;
  1084. uint32_t ssrc;
  1085. srtp_policy_t *rcvr_policy;
  1086. int use_mki = 0;
  1087. if (mki_index >= 0)
  1088. use_mki = 1;
  1089. err_check(srtp_create(&srtcp_sender, policy));
  1090. /* print out policy */
  1091. err_check(srtp_session_print_policy(srtcp_sender));
  1092. /*
  1093. * initialize data buffer, using the ssrc in the policy unless that
  1094. * value is a wildcard, in which case we'll just use an arbitrary
  1095. * one
  1096. */
  1097. if (policy->ssrc.type != ssrc_specific) {
  1098. ssrc = 0xdecafbad;
  1099. } else {
  1100. ssrc = policy->ssrc.value;
  1101. }
  1102. msg_len_octets = 28;
  1103. hdr = srtp_create_test_packet(msg_len_octets, ssrc, &len);
  1104. /* save message len */
  1105. msg_len = len;
  1106. if (hdr == NULL) {
  1107. return srtp_err_status_alloc_fail;
  1108. }
  1109. hdr2 = srtp_create_test_packet(msg_len_octets, ssrc, &len2);
  1110. if (hdr2 == NULL) {
  1111. free(hdr);
  1112. return srtp_err_status_alloc_fail;
  1113. }
  1114. debug_print(mod_driver, "before protection:\n%s",
  1115. srtp_packet_to_string(hdr, len));
  1116. #if PRINT_REFERENCE_PACKET
  1117. debug_print(mod_driver, "reference packet before protection:\n%s",
  1118. octet_string_hex_string((uint8_t *)hdr, len));
  1119. #endif
  1120. err_check(srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, mki_index));
  1121. debug_print(mod_driver, "after protection:\n%s",
  1122. srtp_packet_to_string(hdr, len));
  1123. #if PRINT_REFERENCE_PACKET
  1124. debug_print(mod_driver, "after protection:\n%s",
  1125. octet_string_hex_string((uint8_t *)hdr, len));
  1126. #endif
  1127. /* save protected message and length */
  1128. memcpy(hdr_enc, hdr, len);
  1129. msg_len_enc = len;
  1130. /*
  1131. * check for overrun of the srtp_protect() function
  1132. *
  1133. * The packet is followed by a value of 0xfffff; if the value of the
  1134. * data following the packet is different, then we know that the
  1135. * protect function is overwriting the end of the packet.
  1136. */
  1137. srtp_get_protect_rtcp_trailer_length(srtcp_sender, use_mki, mki_index,
  1138. &tag_length);
  1139. pkt_end = (uint8_t *)hdr + msg_len + tag_length;
  1140. for (i = 0; i < 4; i++) {
  1141. if (pkt_end[i] != 0xff) {
  1142. fprintf(stdout, "overwrite in srtp_protect_rtcp() function "
  1143. "(expected %x, found %x in trailing octet %d)\n",
  1144. 0xff, ((uint8_t *)hdr)[i], i);
  1145. free(hdr);
  1146. free(hdr2);
  1147. return srtp_err_status_algo_fail;
  1148. }
  1149. }
  1150. /*
  1151. * if the policy includes confidentiality, check that ciphertext is
  1152. * different than plaintext
  1153. *
  1154. * Note that this check will give false negatives, with some small
  1155. * probability, especially if the packets are short. For that
  1156. * reason, we skip this check if the plaintext is less than four
  1157. * octets long.
  1158. */
  1159. if ((policy->rtcp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) {
  1160. printf("testing that ciphertext is distinct from plaintext...");
  1161. status = srtp_err_status_algo_fail;
  1162. for (i = 12; i < msg_len_octets + 12; i++) {
  1163. if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) {
  1164. status = srtp_err_status_ok;
  1165. }
  1166. }
  1167. if (status) {
  1168. printf("failed\n");
  1169. free(hdr);
  1170. free(hdr2);
  1171. return status;
  1172. }
  1173. printf("passed\n");
  1174. }
  1175. /*
  1176. * if the policy uses a 'wildcard' ssrc, then we need to make a copy
  1177. * of the policy that changes the direction to inbound
  1178. *
  1179. * we always copy the policy into the rcvr_policy, since otherwise
  1180. * the compiler would fret about the constness of the policy
  1181. */
  1182. rcvr_policy = (srtp_policy_t *)malloc(sizeof(srtp_policy_t));
  1183. if (rcvr_policy == NULL) {
  1184. free(hdr);
  1185. free(hdr2);
  1186. return srtp_err_status_alloc_fail;
  1187. }
  1188. memcpy(rcvr_policy, policy, sizeof(srtp_policy_t));
  1189. if (policy->ssrc.type == ssrc_any_outbound) {
  1190. rcvr_policy->ssrc.type = ssrc_any_inbound;
  1191. }
  1192. err_check(srtp_create(&srtcp_rcvr, rcvr_policy));
  1193. err_check(srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &len, use_mki));
  1194. debug_print(mod_driver, "after unprotection:\n%s",
  1195. srtp_packet_to_string(hdr, len));
  1196. /* verify that the unprotected packet matches the origial one */
  1197. for (i = 0; i < len; i++) {
  1198. if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) {
  1199. fprintf(stdout, "mismatch at octet %d\n", i);
  1200. status = srtp_err_status_algo_fail;
  1201. }
  1202. }
  1203. if (status) {
  1204. free(hdr);
  1205. free(hdr2);
  1206. free(rcvr_policy);
  1207. return status;
  1208. }
  1209. /*
  1210. * if the policy includes authentication, then test for false positives
  1211. */
  1212. if (policy->rtp.sec_serv & sec_serv_auth) {
  1213. char *data = ((char *)hdr) + 12;
  1214. printf("testing for false positives in replay check...");
  1215. /* unprotect a second time - should fail with a replay error */
  1216. status = srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &msg_len_enc,
  1217. use_mki);
  1218. if (status != srtp_err_status_replay_fail) {
  1219. printf("failed with error code %d\n", status);
  1220. free(hdr);
  1221. free(hdr2);
  1222. free(rcvr_policy);
  1223. return status;
  1224. } else {
  1225. printf("passed\n");
  1226. }
  1227. printf("testing for false positives in auth check...");
  1228. /* increment sequence number in header */
  1229. hdr->seq++;
  1230. /* apply protection */
  1231. err_check(
  1232. srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, mki_index));
  1233. /* flip bits in packet */
  1234. data[0] ^= 0xff;
  1235. /* unprotect, and check for authentication failure */
  1236. status = srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &len, use_mki);
  1237. if (status != srtp_err_status_auth_fail) {
  1238. printf("failed\n");
  1239. free(hdr);
  1240. free(hdr2);
  1241. free(rcvr_policy);
  1242. return status;
  1243. } else {
  1244. printf("passed\n");
  1245. }
  1246. }
  1247. err_check(srtp_dealloc(srtcp_sender));
  1248. err_check(srtp_dealloc(srtcp_rcvr));
  1249. free(hdr);
  1250. free(hdr2);
  1251. free(rcvr_policy);
  1252. return srtp_err_status_ok;
  1253. }
  1254. srtp_err_status_t srtp_session_print_policy(srtp_t srtp)
  1255. {
  1256. char *serv_descr[4] = { "none", "confidentiality", "authentication",
  1257. "confidentiality and authentication" };
  1258. char *direction[3] = { "unknown", "outbound", "inbound" };
  1259. srtp_stream_t stream;
  1260. srtp_session_keys_t *session_keys = NULL;
  1261. /* sanity checking */
  1262. if (srtp == NULL) {
  1263. return srtp_err_status_fail;
  1264. }
  1265. /* if there's a template stream, print it out */
  1266. if (srtp->stream_template != NULL) {
  1267. stream = srtp->stream_template;
  1268. session_keys = &stream->session_keys[0];
  1269. printf("# SSRC: any %s\r\n"
  1270. "# rtp cipher: %s\r\n"
  1271. "# rtp auth: %s\r\n"
  1272. "# rtp services: %s\r\n"
  1273. "# rtcp cipher: %s\r\n"
  1274. "# rtcp auth: %s\r\n"
  1275. "# rtcp services: %s\r\n"
  1276. "# window size: %lu\r\n"
  1277. "# tx rtx allowed:%s\r\n",
  1278. direction[stream->direction],
  1279. session_keys->rtp_cipher->type->description,
  1280. session_keys->rtp_auth->type->description,
  1281. serv_descr[stream->rtp_services],
  1282. session_keys->rtcp_cipher->type->description,
  1283. session_keys->rtcp_auth->type->description,
  1284. serv_descr[stream->rtcp_services],
  1285. srtp_rdbx_get_window_size(&stream->rtp_rdbx),
  1286. stream->allow_repeat_tx ? "true" : "false");
  1287. printf("# Encrypted extension headers: ");
  1288. if (stream->enc_xtn_hdr && stream->enc_xtn_hdr_count > 0) {
  1289. int *enc_xtn_hdr = stream->enc_xtn_hdr;
  1290. int count = stream->enc_xtn_hdr_count;
  1291. while (count > 0) {
  1292. printf("%d ", *enc_xtn_hdr);
  1293. enc_xtn_hdr++;
  1294. count--;
  1295. }
  1296. printf("\n");
  1297. } else {
  1298. printf("none\n");
  1299. }
  1300. }
  1301. /* loop over streams in session, printing the policy of each */
  1302. stream = srtp->stream_list;
  1303. while (stream != NULL) {
  1304. if (stream->rtp_services > sec_serv_conf_and_auth) {
  1305. return srtp_err_status_bad_param;
  1306. }
  1307. session_keys = &stream->session_keys[0];
  1308. printf("# SSRC: 0x%08x\r\n"
  1309. "# rtp cipher: %s\r\n"
  1310. "# rtp auth: %s\r\n"
  1311. "# rtp services: %s\r\n"
  1312. "# rtcp cipher: %s\r\n"
  1313. "# rtcp auth: %s\r\n"
  1314. "# rtcp services: %s\r\n"
  1315. "# window size: %lu\r\n"
  1316. "# tx rtx allowed:%s\r\n",
  1317. stream->ssrc, session_keys->rtp_cipher->type->description,
  1318. session_keys->rtp_auth->type->description,
  1319. serv_descr[stream->rtp_services],
  1320. session_keys->rtcp_cipher->type->description,
  1321. session_keys->rtcp_auth->type->description,
  1322. serv_descr[stream->rtcp_services],
  1323. srtp_rdbx_get_window_size(&stream->rtp_rdbx),
  1324. stream->allow_repeat_tx ? "true" : "false");
  1325. printf("# Encrypted extension headers: ");
  1326. if (stream->enc_xtn_hdr && stream->enc_xtn_hdr_count > 0) {
  1327. int *enc_xtn_hdr = stream->enc_xtn_hdr;
  1328. int count = stream->enc_xtn_hdr_count;
  1329. while (count > 0) {
  1330. printf("%d ", *enc_xtn_hdr);
  1331. enc_xtn_hdr++;
  1332. count--;
  1333. }
  1334. printf("\n");
  1335. } else {
  1336. printf("none\n");
  1337. }
  1338. /* advance to next stream in the list */
  1339. stream = stream->next;
  1340. }
  1341. return srtp_err_status_ok;
  1342. }
  1343. srtp_err_status_t srtp_print_policy(const srtp_policy_t *policy)
  1344. {
  1345. srtp_err_status_t status;
  1346. srtp_t session;
  1347. status = srtp_create(&session, policy);
  1348. if (status) {
  1349. return status;
  1350. }
  1351. status = srtp_session_print_policy(session);
  1352. if (status) {
  1353. return status;
  1354. }
  1355. status = srtp_dealloc(session);
  1356. if (status) {
  1357. return status;
  1358. }
  1359. return srtp_err_status_ok;
  1360. }
  1361. /*
  1362. * srtp_print_packet(...) is for debugging only
  1363. * it prints an RTP packet to the stdout
  1364. *
  1365. * note that this function is *not* threadsafe
  1366. */
  1367. #include <stdio.h>
  1368. #define MTU 2048
  1369. char packet_string[MTU];
  1370. char *srtp_packet_to_string(srtp_hdr_t *hdr, int pkt_octet_len)
  1371. {
  1372. int octets_in_rtp_header = 12;
  1373. uint8_t *data = ((uint8_t *)hdr) + octets_in_rtp_header;
  1374. int hex_len = pkt_octet_len - octets_in_rtp_header;
  1375. /* sanity checking */
  1376. if ((hdr == NULL) || (pkt_octet_len > MTU)) {
  1377. return NULL;
  1378. }
  1379. /* write packet into string */
  1380. sprintf(packet_string, "(s)rtp packet: {\n"
  1381. " version:\t%d\n"
  1382. " p:\t\t%d\n"
  1383. " x:\t\t%d\n"
  1384. " cc:\t\t%d\n"
  1385. " m:\t\t%d\n"
  1386. " pt:\t\t%x\n"
  1387. " seq:\t\t%x\n"
  1388. " ts:\t\t%x\n"
  1389. " ssrc:\t%x\n"
  1390. " data:\t%s\n"
  1391. "} (%d octets in total)\n",
  1392. hdr->version, hdr->p, hdr->x, hdr->cc, hdr->m, hdr->pt, hdr->seq,
  1393. hdr->ts, hdr->ssrc, octet_string_hex_string(data, hex_len),
  1394. pkt_octet_len);
  1395. return packet_string;
  1396. }
  1397. /*
  1398. * mips_estimate() is a simple function to estimate the number of
  1399. * instructions per second that the host can perform. note that this
  1400. * function can be grossly wrong; you may want to have a manual sanity
  1401. * check of its output!
  1402. *
  1403. * the 'ignore' pointer is there to convince the compiler to not just
  1404. * optimize away the function
  1405. */
  1406. double mips_estimate(int num_trials, int *ignore)
  1407. {
  1408. clock_t t;
  1409. volatile int i, sum;
  1410. sum = 0;
  1411. t = clock();
  1412. for (i = 0; i < num_trials; i++) {
  1413. sum += i;
  1414. }
  1415. t = clock() - t;
  1416. if (t < 1) {
  1417. t = 1;
  1418. }
  1419. /* printf("%d\n", sum); */
  1420. *ignore = sum;
  1421. return (double)num_trials * CLOCKS_PER_SEC / t;
  1422. }
  1423. /*
  1424. * srtp_validate() verifies the correctness of libsrtp by comparing
  1425. * some computed packets against some pre-computed reference values.
  1426. * These packets were made with the default SRTP policy.
  1427. */
  1428. srtp_err_status_t srtp_validate()
  1429. {
  1430. // clang-format off
  1431. uint8_t srtp_plaintext_ref[28] = {
  1432. 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1433. 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
  1434. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1435. 0xab, 0xab, 0xab, 0xab
  1436. };
  1437. uint8_t srtp_plaintext[38] = {
  1438. 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1439. 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
  1440. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1441. 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00,
  1442. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
  1443. };
  1444. uint8_t srtp_ciphertext[38] = {
  1445. 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1446. 0xca, 0xfe, 0xba, 0xbe, 0x4e, 0x55, 0xdc, 0x4c,
  1447. 0xe7, 0x99, 0x78, 0xd8, 0x8c, 0xa4, 0xd2, 0x15,
  1448. 0x94, 0x9d, 0x24, 0x02, 0xb7, 0x8d, 0x6a, 0xcc,
  1449. 0x99, 0xea, 0x17, 0x9b, 0x8d, 0xbb
  1450. };
  1451. uint8_t rtcp_plaintext_ref[24] = {
  1452. 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
  1453. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1454. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1455. };
  1456. uint8_t rtcp_plaintext[38] = {
  1457. 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
  1458. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1459. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1460. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1461. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
  1462. };
  1463. uint8_t srtcp_ciphertext[38] = {
  1464. 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
  1465. 0x71, 0x28, 0x03, 0x5b, 0xe4, 0x87, 0xb9, 0xbd,
  1466. 0xbe, 0xf8, 0x90, 0x41, 0xf9, 0x77, 0xa5, 0xa8,
  1467. 0x80, 0x00, 0x00, 0x01, 0x99, 0x3e, 0x08, 0xcd,
  1468. 0x54, 0xd6, 0xc1, 0x23, 0x07, 0x98
  1469. };
  1470. // clang-format on
  1471. srtp_t srtp_snd, srtp_recv;
  1472. srtp_err_status_t status;
  1473. int len;
  1474. srtp_policy_t policy;
  1475. /*
  1476. * create a session with a single stream using the default srtp
  1477. * policy and with the SSRC value 0xcafebabe
  1478. */
  1479. memset(&policy, 0, sizeof(policy));
  1480. srtp_crypto_policy_set_rtp_default(&policy.rtp);
  1481. srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
  1482. policy.ssrc.type = ssrc_specific;
  1483. policy.ssrc.value = 0xcafebabe;
  1484. policy.key = test_key;
  1485. policy.deprecated_ekt = NULL;
  1486. policy.window_size = 128;
  1487. policy.allow_repeat_tx = 0;
  1488. policy.next = NULL;
  1489. status = srtp_create(&srtp_snd, &policy);
  1490. if (status) {
  1491. return status;
  1492. }
  1493. /*
  1494. * protect plaintext, then compare with ciphertext
  1495. */
  1496. len = 28;
  1497. status = srtp_protect(srtp_snd, srtp_plaintext, &len);
  1498. if (status || (len != 38)) {
  1499. return srtp_err_status_fail;
  1500. }
  1501. debug_print(mod_driver, "ciphertext:\n %s",
  1502. octet_string_hex_string(srtp_plaintext, len));
  1503. debug_print(mod_driver, "ciphertext reference:\n %s",
  1504. octet_string_hex_string(srtp_ciphertext, len));
  1505. if (srtp_octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) {
  1506. return srtp_err_status_fail;
  1507. }
  1508. /*
  1509. * protect plaintext rtcp, then compare with srtcp ciphertext
  1510. */
  1511. len = 24;
  1512. status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len);
  1513. if (status || (len != 38)) {
  1514. return srtp_err_status_fail;
  1515. }
  1516. debug_print(mod_driver, "srtcp ciphertext:\n %s",
  1517. octet_string_hex_string(rtcp_plaintext, len));
  1518. debug_print(mod_driver, "srtcp ciphertext reference:\n %s",
  1519. octet_string_hex_string(srtcp_ciphertext, len));
  1520. if (srtp_octet_string_is_eq(rtcp_plaintext, srtcp_ciphertext, len)) {
  1521. return srtp_err_status_fail;
  1522. }
  1523. /*
  1524. * create a receiver session context comparable to the one created
  1525. * above - we need to do this so that the replay checking doesn't
  1526. * complain
  1527. */
  1528. status = srtp_create(&srtp_recv, &policy);
  1529. if (status) {
  1530. return status;
  1531. }
  1532. /*
  1533. * unprotect ciphertext, then compare with plaintext
  1534. */
  1535. status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
  1536. if (status || (len != 28)) {
  1537. return status;
  1538. }
  1539. if (srtp_octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) {
  1540. return srtp_err_status_fail;
  1541. }
  1542. /*
  1543. * unprotect srtcp ciphertext, then compare with rtcp plaintext
  1544. */
  1545. len = 38;
  1546. status = srtp_unprotect_rtcp(srtp_recv, srtcp_ciphertext, &len);
  1547. if (status || (len != 24)) {
  1548. return status;
  1549. }
  1550. if (srtp_octet_string_is_eq(srtcp_ciphertext, rtcp_plaintext_ref, len)) {
  1551. return srtp_err_status_fail;
  1552. }
  1553. status = srtp_dealloc(srtp_snd);
  1554. if (status) {
  1555. return status;
  1556. }
  1557. status = srtp_dealloc(srtp_recv);
  1558. if (status) {
  1559. return status;
  1560. }
  1561. return srtp_err_status_ok;
  1562. }
  1563. #ifdef GCM
  1564. /*
  1565. * srtp_validate_gcm() verifies the correctness of libsrtp by comparing
  1566. * an computed packet against the known ciphertext for the plaintext.
  1567. */
  1568. srtp_err_status_t srtp_validate_gcm()
  1569. {
  1570. // clang-format off
  1571. unsigned char test_key_gcm[28] = {
  1572. 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
  1573. 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
  1574. 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
  1575. 0xa8, 0xa9, 0xaa, 0xab
  1576. };
  1577. uint8_t rtp_plaintext_ref[28] = {
  1578. 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1579. 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
  1580. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1581. 0xab, 0xab, 0xab, 0xab
  1582. };
  1583. uint8_t rtp_plaintext[44] = {
  1584. 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1585. 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
  1586. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1587. 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00,
  1588. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1589. 0x00, 0x00, 0x00, 0x00
  1590. };
  1591. uint8_t srtp_ciphertext[44] = {
  1592. 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1593. 0xca, 0xfe, 0xba, 0xbe, 0xc5, 0x00, 0x2e, 0xde,
  1594. 0x04, 0xcf, 0xdd, 0x2e, 0xb9, 0x11, 0x59, 0xe0,
  1595. 0x88, 0x0a, 0xa0, 0x6e, 0xd2, 0x97, 0x68, 0x26,
  1596. 0xf7, 0x96, 0xb2, 0x01, 0xdf, 0x31, 0x31, 0xa1,
  1597. 0x27, 0xe8, 0xa3, 0x92
  1598. };
  1599. uint8_t rtcp_plaintext_ref[24] = {
  1600. 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
  1601. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1602. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1603. };
  1604. uint8_t rtcp_plaintext[44] = {
  1605. 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
  1606. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1607. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1608. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1609. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1610. 0x00, 0x00, 0x00, 0x00
  1611. };
  1612. uint8_t srtcp_ciphertext[44] = {
  1613. 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
  1614. 0xc9, 0x8b, 0x8b, 0x5d, 0xf0, 0x39, 0x2a, 0x55,
  1615. 0x85, 0x2b, 0x6c, 0x21, 0xac, 0x8e, 0x70, 0x25,
  1616. 0xc5, 0x2c, 0x6f, 0xbe, 0xa2, 0xb3, 0xb4, 0x46,
  1617. 0xea, 0x31, 0x12, 0x3b, 0xa8, 0x8c, 0xe6, 0x1e,
  1618. 0x80, 0x00, 0x00, 0x01
  1619. };
  1620. // clang-format on
  1621. srtp_t srtp_snd, srtp_recv;
  1622. srtp_err_status_t status;
  1623. int len;
  1624. srtp_policy_t policy;
  1625. /*
  1626. * create a session with a single stream using the default srtp
  1627. * policy and with the SSRC value 0xcafebabe
  1628. */
  1629. memset(&policy, 0, sizeof(policy));
  1630. srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);
  1631. srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp);
  1632. policy.ssrc.type = ssrc_specific;
  1633. policy.ssrc.value = 0xcafebabe;
  1634. policy.key = test_key_gcm;
  1635. policy.deprecated_ekt = NULL;
  1636. policy.window_size = 128;
  1637. policy.allow_repeat_tx = 0;
  1638. policy.next = NULL;
  1639. status = srtp_create(&srtp_snd, &policy);
  1640. if (status) {
  1641. return status;
  1642. }
  1643. /*
  1644. * protect plaintext rtp, then compare with srtp ciphertext
  1645. */
  1646. len = 28;
  1647. status = srtp_protect(srtp_snd, rtp_plaintext, &len);
  1648. if (status || (len != 44)) {
  1649. return srtp_err_status_fail;
  1650. }
  1651. debug_print(mod_driver, "srtp ciphertext:\n %s",
  1652. octet_string_hex_string(rtp_plaintext, len));
  1653. debug_print(mod_driver, "srtp ciphertext reference:\n %s",
  1654. octet_string_hex_string(srtp_ciphertext, len));
  1655. if (srtp_octet_string_is_eq(rtp_plaintext, srtp_ciphertext, len)) {
  1656. return srtp_err_status_fail;
  1657. }
  1658. /*
  1659. * protect plaintext rtcp, then compare with srtcp ciphertext
  1660. */
  1661. len = 24;
  1662. status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len);
  1663. if (status || (len != 44)) {
  1664. return srtp_err_status_fail;
  1665. }
  1666. debug_print(mod_driver, "srtcp ciphertext:\n %s",
  1667. octet_string_hex_string(rtcp_plaintext, len));
  1668. debug_print(mod_driver, "srtcp ciphertext reference:\n %s",
  1669. octet_string_hex_string(srtcp_ciphertext, len));
  1670. if (srtp_octet_string_is_eq(rtcp_plaintext, srtcp_ciphertext, len)) {
  1671. return srtp_err_status_fail;
  1672. }
  1673. /*
  1674. * create a receiver session context comparable to the one created
  1675. * above - we need to do this so that the replay checking doesn't
  1676. * complain
  1677. */
  1678. status = srtp_create(&srtp_recv, &policy);
  1679. if (status) {
  1680. return status;
  1681. }
  1682. /*
  1683. * unprotect srtp ciphertext, then compare with rtp plaintext
  1684. */
  1685. len = 44;
  1686. status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
  1687. if (status || (len != 28)) {
  1688. return status;
  1689. }
  1690. if (srtp_octet_string_is_eq(srtp_ciphertext, rtp_plaintext_ref, len)) {
  1691. return srtp_err_status_fail;
  1692. }
  1693. /*
  1694. * unprotect srtcp ciphertext, then compare with rtcp plaintext
  1695. */
  1696. len = 44;
  1697. status = srtp_unprotect_rtcp(srtp_recv, srtcp_ciphertext, &len);
  1698. if (status || (len != 24)) {
  1699. return status;
  1700. }
  1701. if (srtp_octet_string_is_eq(srtcp_ciphertext, rtcp_plaintext_ref, len)) {
  1702. return srtp_err_status_fail;
  1703. }
  1704. status = srtp_dealloc(srtp_snd);
  1705. if (status) {
  1706. return status;
  1707. }
  1708. status = srtp_dealloc(srtp_recv);
  1709. if (status) {
  1710. return status;
  1711. }
  1712. return srtp_err_status_ok;
  1713. }
  1714. #endif
  1715. /*
  1716. * Test vectors taken from RFC 6904, Appendix A
  1717. */
  1718. srtp_err_status_t srtp_validate_encrypted_extensions_headers()
  1719. {
  1720. // clang-format off
  1721. unsigned char test_key_ext_headers[30] = {
  1722. 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
  1723. 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
  1724. 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
  1725. 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
  1726. };
  1727. uint8_t srtp_plaintext_ref[56] = {
  1728. 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1729. 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
  1730. 0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
  1731. 0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
  1732. 0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
  1733. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1734. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab
  1735. };
  1736. uint8_t srtp_plaintext[66] = {
  1737. 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1738. 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
  1739. 0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
  1740. 0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
  1741. 0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
  1742. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1743. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1744. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
  1745. 0x00, 0x00
  1746. };
  1747. uint8_t srtp_ciphertext[66] = {
  1748. 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1749. 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
  1750. 0x17, 0x58, 0x8A, 0x92, 0x70, 0xF4, 0xE1, 0x5E,
  1751. 0x1C, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x95, 0x46,
  1752. 0xA9, 0x94, 0xF0, 0xBC, 0x54, 0x78, 0x97, 0x00,
  1753. 0x4e, 0x55, 0xdc, 0x4c, 0xe7, 0x99, 0x78, 0xd8,
  1754. 0x8c, 0xa4, 0xd2, 0x15, 0x94, 0x9d, 0x24, 0x02,
  1755. 0x5a, 0x46, 0xb3, 0xca, 0x35, 0xc5, 0x35, 0xa8,
  1756. 0x91, 0xc7
  1757. };
  1758. // clang-format on
  1759. srtp_t srtp_snd, srtp_recv;
  1760. srtp_err_status_t status;
  1761. int len;
  1762. srtp_policy_t policy;
  1763. int headers[3] = { 1, 3, 4 };
  1764. /*
  1765. * create a session with a single stream using the default srtp
  1766. * policy and with the SSRC value 0xcafebabe
  1767. */
  1768. memset(&policy, 0, sizeof(policy));
  1769. srtp_crypto_policy_set_rtp_default(&policy.rtp);
  1770. srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
  1771. policy.ssrc.type = ssrc_specific;
  1772. policy.ssrc.value = 0xcafebabe;
  1773. policy.key = test_key_ext_headers;
  1774. policy.deprecated_ekt = NULL;
  1775. policy.window_size = 128;
  1776. policy.allow_repeat_tx = 0;
  1777. policy.enc_xtn_hdr = headers;
  1778. policy.enc_xtn_hdr_count = sizeof(headers) / sizeof(headers[0]);
  1779. policy.next = NULL;
  1780. status = srtp_create(&srtp_snd, &policy);
  1781. if (status)
  1782. return status;
  1783. /*
  1784. * protect plaintext, then compare with ciphertext
  1785. */
  1786. len = sizeof(srtp_plaintext_ref);
  1787. status = srtp_protect(srtp_snd, srtp_plaintext, &len);
  1788. if (status || (len != sizeof(srtp_plaintext)))
  1789. return srtp_err_status_fail;
  1790. debug_print(mod_driver, "ciphertext:\n %s",
  1791. srtp_octet_string_hex_string(srtp_plaintext, len));
  1792. debug_print(mod_driver, "ciphertext reference:\n %s",
  1793. srtp_octet_string_hex_string(srtp_ciphertext, len));
  1794. if (srtp_octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len))
  1795. return srtp_err_status_fail;
  1796. /*
  1797. * create a receiver session context comparable to the one created
  1798. * above - we need to do this so that the replay checking doesn't
  1799. * complain
  1800. */
  1801. status = srtp_create(&srtp_recv, &policy);
  1802. if (status)
  1803. return status;
  1804. /*
  1805. * unprotect ciphertext, then compare with plaintext
  1806. */
  1807. status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
  1808. if (status) {
  1809. return status;
  1810. } else if (len != sizeof(srtp_plaintext_ref)) {
  1811. return srtp_err_status_fail;
  1812. }
  1813. if (srtp_octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len))
  1814. return srtp_err_status_fail;
  1815. status = srtp_dealloc(srtp_snd);
  1816. if (status)
  1817. return status;
  1818. status = srtp_dealloc(srtp_recv);
  1819. if (status)
  1820. return status;
  1821. return srtp_err_status_ok;
  1822. }
  1823. #ifdef GCM
  1824. /*
  1825. * Headers of test vectors taken from RFC 6904, Appendix A
  1826. */
  1827. srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm()
  1828. {
  1829. // clang-format off
  1830. unsigned char test_key_ext_headers[30] = {
  1831. 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
  1832. 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
  1833. 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
  1834. 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
  1835. };
  1836. uint8_t srtp_plaintext_ref[56] = {
  1837. 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1838. 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
  1839. 0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
  1840. 0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
  1841. 0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
  1842. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1843. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab
  1844. };
  1845. uint8_t srtp_plaintext[64] = {
  1846. 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1847. 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
  1848. 0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
  1849. 0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
  1850. 0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
  1851. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1852. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1853. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
  1854. };
  1855. uint8_t srtp_ciphertext[64] = {
  1856. 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1857. 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
  1858. 0x17, 0x12, 0xe0, 0x20, 0x5b, 0xfa, 0x94, 0x9b,
  1859. 0x1C, 0x22, 0x00, 0x00, 0xC8, 0x30, 0xbb, 0x46,
  1860. 0x73, 0x27, 0x78, 0xd9, 0x92, 0x9a, 0xab, 0x00,
  1861. 0x0e, 0xca, 0x0c, 0xf9, 0x5e, 0xe9, 0x55, 0xb2,
  1862. 0x6c, 0xd3, 0xd2, 0x88, 0xb4, 0x9f, 0x6c, 0xa9,
  1863. 0xf4, 0xb1, 0xb7, 0x59, 0x71, 0x9e, 0xb5, 0xbc
  1864. };
  1865. // clang-format on
  1866. srtp_t srtp_snd, srtp_recv;
  1867. srtp_err_status_t status;
  1868. int len;
  1869. srtp_policy_t policy;
  1870. int headers[3] = { 1, 3, 4 };
  1871. /*
  1872. * create a session with a single stream using the default srtp
  1873. * policy and with the SSRC value 0xcafebabe
  1874. */
  1875. memset(&policy, 0, sizeof(policy));
  1876. srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp);
  1877. srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp);
  1878. policy.ssrc.type = ssrc_specific;
  1879. policy.ssrc.value = 0xcafebabe;
  1880. policy.key = test_key_ext_headers;
  1881. policy.deprecated_ekt = NULL;
  1882. policy.window_size = 128;
  1883. policy.allow_repeat_tx = 0;
  1884. policy.enc_xtn_hdr = headers;
  1885. policy.enc_xtn_hdr_count = sizeof(headers) / sizeof(headers[0]);
  1886. policy.next = NULL;
  1887. status = srtp_create(&srtp_snd, &policy);
  1888. if (status)
  1889. return status;
  1890. /*
  1891. * protect plaintext, then compare with ciphertext
  1892. */
  1893. len = sizeof(srtp_plaintext_ref);
  1894. status = srtp_protect(srtp_snd, srtp_plaintext, &len);
  1895. if (status || (len != sizeof(srtp_plaintext)))
  1896. return srtp_err_status_fail;
  1897. debug_print(mod_driver, "ciphertext:\n %s",
  1898. srtp_octet_string_hex_string(srtp_plaintext, len));
  1899. debug_print(mod_driver, "ciphertext reference:\n %s",
  1900. srtp_octet_string_hex_string(srtp_ciphertext, len));
  1901. if (srtp_octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len))
  1902. return srtp_err_status_fail;
  1903. /*
  1904. * create a receiver session context comparable to the one created
  1905. * above - we need to do this so that the replay checking doesn't
  1906. * complain
  1907. */
  1908. status = srtp_create(&srtp_recv, &policy);
  1909. if (status)
  1910. return status;
  1911. /*
  1912. * unprotect ciphertext, then compare with plaintext
  1913. */
  1914. status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
  1915. if (status) {
  1916. return status;
  1917. } else if (len != sizeof(srtp_plaintext_ref)) {
  1918. return srtp_err_status_fail;
  1919. }
  1920. if (srtp_octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len))
  1921. return srtp_err_status_fail;
  1922. status = srtp_dealloc(srtp_snd);
  1923. if (status)
  1924. return status;
  1925. status = srtp_dealloc(srtp_recv);
  1926. if (status)
  1927. return status;
  1928. return srtp_err_status_ok;
  1929. }
  1930. #endif
  1931. /*
  1932. * srtp_validate_aes_256() verifies the correctness of libsrtp by comparing
  1933. * some computed packets against some pre-computed reference values.
  1934. * These packets were made with the AES-CM-256/HMAC-SHA-1-80 policy.
  1935. */
  1936. srtp_err_status_t srtp_validate_aes_256()
  1937. {
  1938. // clang-format off
  1939. unsigned char aes_256_test_key[46] = {
  1940. 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76,
  1941. 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29,
  1942. 0x98, 0xf6, 0xf6, 0xe4, 0x3e, 0x43, 0x09, 0xd1,
  1943. 0xe6, 0x22, 0xa0, 0xe3, 0x32, 0xb9, 0xf1, 0xb6,
  1944. 0x3b, 0x04, 0x80, 0x3d, 0xe5, 0x1e, 0xe7, 0xc9,
  1945. 0x64, 0x23, 0xab, 0x5b, 0x78, 0xd2
  1946. };
  1947. uint8_t srtp_plaintext_ref[28] = {
  1948. 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1949. 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
  1950. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1951. 0xab, 0xab, 0xab, 0xab
  1952. };
  1953. uint8_t srtp_plaintext[38] = {
  1954. 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1955. 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
  1956. 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
  1957. 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00,
  1958. 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
  1959. };
  1960. uint8_t srtp_ciphertext[38] = {
  1961. 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
  1962. 0xca, 0xfe, 0xba, 0xbe, 0xf1, 0xd9, 0xde, 0x17,
  1963. 0xff, 0x25, 0x1f, 0xf1, 0xaa, 0x00, 0x77, 0x74,
  1964. 0xb0, 0xb4, 0xb4, 0x0d, 0xa0, 0x8d, 0x9d, 0x9a,
  1965. 0x5b, 0x3a, 0x55, 0xd8, 0x87, 0x3b
  1966. };
  1967. // clang-format on
  1968. srtp_t srtp_snd, srtp_recv;
  1969. srtp_err_status_t status;
  1970. int len;
  1971. srtp_policy_t policy;
  1972. /*
  1973. * create a session with a single stream using the default srtp
  1974. * policy and with the SSRC value 0xcafebabe
  1975. */
  1976. memset(&policy, 0, sizeof(policy));
  1977. srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtp);
  1978. srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtcp);
  1979. policy.ssrc.type = ssrc_specific;
  1980. policy.ssrc.value = 0xcafebabe;
  1981. policy.key = aes_256_test_key;
  1982. policy.deprecated_ekt = NULL;
  1983. policy.window_size = 128;
  1984. policy.allow_repeat_tx = 0;
  1985. policy.next = NULL;
  1986. status = srtp_create(&srtp_snd, &policy);
  1987. if (status) {
  1988. return status;
  1989. }
  1990. /*
  1991. * protect plaintext, then compare with ciphertext
  1992. */
  1993. len = 28;
  1994. status = srtp_protect(srtp_snd, srtp_plaintext, &len);
  1995. if (status || (len != 38)) {
  1996. return srtp_err_status_fail;
  1997. }
  1998. debug_print(mod_driver, "ciphertext:\n %s",
  1999. octet_string_hex_string(srtp_plaintext, len));
  2000. debug_print(mod_driver, "ciphertext reference:\n %s",
  2001. octet_string_hex_string(srtp_ciphertext, len));
  2002. if (srtp_octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) {
  2003. return srtp_err_status_fail;
  2004. }
  2005. /*
  2006. * create a receiver session context comparable to the one created
  2007. * above - we need to do this so that the replay checking doesn't
  2008. * complain
  2009. */
  2010. status = srtp_create(&srtp_recv, &policy);
  2011. if (status) {
  2012. return status;
  2013. }
  2014. /*
  2015. * unprotect ciphertext, then compare with plaintext
  2016. */
  2017. status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
  2018. if (status || (len != 28)) {
  2019. return status;
  2020. }
  2021. if (srtp_octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) {
  2022. return srtp_err_status_fail;
  2023. }
  2024. status = srtp_dealloc(srtp_snd);
  2025. if (status) {
  2026. return status;
  2027. }
  2028. status = srtp_dealloc(srtp_recv);
  2029. if (status) {
  2030. return status;
  2031. }
  2032. return srtp_err_status_ok;
  2033. }
  2034. srtp_err_status_t srtp_create_big_policy(srtp_policy_t **list)
  2035. {
  2036. extern const srtp_policy_t *policy_array[];
  2037. srtp_policy_t *p = NULL;
  2038. srtp_policy_t *tmp;
  2039. int i = 0;
  2040. uint32_t ssrc = 0;
  2041. /* sanity checking */
  2042. if ((list == NULL) || (policy_array[0] == NULL)) {
  2043. return srtp_err_status_bad_param;
  2044. }
  2045. /*
  2046. * loop over policy list, mallocing a new list and copying values
  2047. * into it (and incrementing the SSRC value as we go along)
  2048. */
  2049. tmp = NULL;
  2050. while (policy_array[i] != NULL) {
  2051. p = (srtp_policy_t *)malloc(sizeof(srtp_policy_t));
  2052. if (p == NULL) {
  2053. return srtp_err_status_bad_param;
  2054. }
  2055. memcpy(p, policy_array[i], sizeof(srtp_policy_t));
  2056. p->ssrc.type = ssrc_specific;
  2057. p->ssrc.value = ssrc++;
  2058. p->next = tmp;
  2059. tmp = p;
  2060. i++;
  2061. }
  2062. *list = p;
  2063. return srtp_err_status_ok;
  2064. }
  2065. srtp_err_status_t srtp_dealloc_big_policy(srtp_policy_t *list)
  2066. {
  2067. srtp_policy_t *p, *next;
  2068. for (p = list; p != NULL; p = next) {
  2069. next = p->next;
  2070. free(p);
  2071. }
  2072. return srtp_err_status_ok;
  2073. }
  2074. srtp_err_status_t srtp_test_empty_payload()
  2075. {
  2076. srtp_t srtp_snd, srtp_recv;
  2077. srtp_err_status_t status;
  2078. int len;
  2079. srtp_policy_t policy;
  2080. srtp_hdr_t *mesg;
  2081. /*
  2082. * create a session with a single stream using the default srtp
  2083. * policy and with the SSRC value 0xcafebabe
  2084. */
  2085. memset(&policy, 0, sizeof(policy));
  2086. srtp_crypto_policy_set_rtp_default(&policy.rtp);
  2087. srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
  2088. policy.ssrc.type = ssrc_specific;
  2089. policy.ssrc.value = 0xcafebabe;
  2090. policy.key = test_key;
  2091. policy.deprecated_ekt = NULL;
  2092. policy.window_size = 128;
  2093. policy.allow_repeat_tx = 0;
  2094. policy.next = NULL;
  2095. status = srtp_create(&srtp_snd, &policy);
  2096. if (status) {
  2097. return status;
  2098. }
  2099. mesg = srtp_create_test_packet(0, policy.ssrc.value, &len);
  2100. if (mesg == NULL) {
  2101. return srtp_err_status_fail;
  2102. }
  2103. status = srtp_protect(srtp_snd, mesg, &len);
  2104. if (status) {
  2105. return status;
  2106. } else if (len != 12 + 10) {
  2107. return srtp_err_status_fail;
  2108. }
  2109. /*
  2110. * create a receiver session context comparable to the one created
  2111. * above - we need to do this so that the replay checking doesn't
  2112. * complain
  2113. */
  2114. status = srtp_create(&srtp_recv, &policy);
  2115. if (status) {
  2116. return status;
  2117. }
  2118. /*
  2119. * unprotect ciphertext, then compare with plaintext
  2120. */
  2121. status = srtp_unprotect(srtp_recv, mesg, &len);
  2122. if (status) {
  2123. return status;
  2124. } else if (len != 12) {
  2125. return srtp_err_status_fail;
  2126. }
  2127. status = srtp_dealloc(srtp_snd);
  2128. if (status) {
  2129. return status;
  2130. }
  2131. status = srtp_dealloc(srtp_recv);
  2132. if (status) {
  2133. return status;
  2134. }
  2135. free(mesg);
  2136. return srtp_err_status_ok;
  2137. }
  2138. #ifdef GCM
  2139. srtp_err_status_t srtp_test_empty_payload_gcm()
  2140. {
  2141. srtp_t srtp_snd, srtp_recv;
  2142. srtp_err_status_t status;
  2143. int len;
  2144. srtp_policy_t policy;
  2145. srtp_hdr_t *mesg;
  2146. /*
  2147. * create a session with a single stream using the default srtp
  2148. * policy and with the SSRC value 0xcafebabe
  2149. */
  2150. memset(&policy, 0, sizeof(policy));
  2151. srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp);
  2152. srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp);
  2153. policy.ssrc.type = ssrc_specific;
  2154. policy.ssrc.value = 0xcafebabe;
  2155. policy.key = test_key;
  2156. policy.deprecated_ekt = NULL;
  2157. policy.window_size = 128;
  2158. policy.allow_repeat_tx = 0;
  2159. policy.next = NULL;
  2160. status = srtp_create(&srtp_snd, &policy);
  2161. if (status) {
  2162. return status;
  2163. }
  2164. mesg = srtp_create_test_packet(0, policy.ssrc.value, &len);
  2165. if (mesg == NULL) {
  2166. return srtp_err_status_fail;
  2167. }
  2168. status = srtp_protect(srtp_snd, mesg, &len);
  2169. if (status) {
  2170. return status;
  2171. } else if (len != 12 + 8) {
  2172. return srtp_err_status_fail;
  2173. }
  2174. /*
  2175. * create a receiver session context comparable to the one created
  2176. * above - we need to do this so that the replay checking doesn't
  2177. * complain
  2178. */
  2179. status = srtp_create(&srtp_recv, &policy);
  2180. if (status) {
  2181. return status;
  2182. }
  2183. /*
  2184. * unprotect ciphertext, then compare with plaintext
  2185. */
  2186. status = srtp_unprotect(srtp_recv, mesg, &len);
  2187. if (status) {
  2188. return status;
  2189. } else if (len != 12) {
  2190. return srtp_err_status_fail;
  2191. }
  2192. status = srtp_dealloc(srtp_snd);
  2193. if (status) {
  2194. return status;
  2195. }
  2196. status = srtp_dealloc(srtp_recv);
  2197. if (status) {
  2198. return status;
  2199. }
  2200. free(mesg);
  2201. return srtp_err_status_ok;
  2202. }
  2203. #endif // GCM
  2204. srtp_err_status_t srtp_test_remove_stream()
  2205. {
  2206. srtp_err_status_t status;
  2207. srtp_policy_t *policy_list, policy;
  2208. srtp_t session;
  2209. srtp_stream_t stream;
  2210. /*
  2211. * srtp_get_stream() is a libSRTP internal function that we declare
  2212. * here so that we can use it to verify the correct operation of the
  2213. * library
  2214. */
  2215. extern srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc);
  2216. status = srtp_create_big_policy(&policy_list);
  2217. if (status) {
  2218. return status;
  2219. }
  2220. status = srtp_create(&session, policy_list);
  2221. if (status) {
  2222. return status;
  2223. }
  2224. /*
  2225. * check for false positives by trying to remove a stream that's not
  2226. * in the session
  2227. */
  2228. status = srtp_remove_stream(session, htonl(0xaaaaaaaa));
  2229. if (status != srtp_err_status_no_ctx) {
  2230. return srtp_err_status_fail;
  2231. }
  2232. /*
  2233. * check for false negatives by removing stream 0x1, then
  2234. * searching for streams 0x0 and 0x2
  2235. */
  2236. status = srtp_remove_stream(session, htonl(0x1));
  2237. if (status != srtp_err_status_ok) {
  2238. return srtp_err_status_fail;
  2239. }
  2240. stream = srtp_get_stream(session, htonl(0x0));
  2241. if (stream == NULL) {
  2242. return srtp_err_status_fail;
  2243. }
  2244. stream = srtp_get_stream(session, htonl(0x2));
  2245. if (stream == NULL) {
  2246. return srtp_err_status_fail;
  2247. }
  2248. status = srtp_dealloc(session);
  2249. if (status != srtp_err_status_ok) {
  2250. return status;
  2251. }
  2252. status = srtp_dealloc_big_policy(policy_list);
  2253. if (status != srtp_err_status_ok) {
  2254. return status;
  2255. }
  2256. /* Now test adding and removing a single stream */
  2257. memset(&policy, 0, sizeof(policy));
  2258. srtp_crypto_policy_set_rtp_default(&policy.rtp);
  2259. srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
  2260. policy.ssrc.type = ssrc_specific;
  2261. policy.ssrc.value = 0xcafebabe;
  2262. policy.key = test_key;
  2263. policy.deprecated_ekt = NULL;
  2264. policy.window_size = 128;
  2265. policy.allow_repeat_tx = 0;
  2266. policy.next = NULL;
  2267. status = srtp_create(&session, NULL);
  2268. if (status != srtp_err_status_ok) {
  2269. return status;
  2270. }
  2271. status = srtp_add_stream(session, &policy);
  2272. if (status != srtp_err_status_ok) {
  2273. return status;
  2274. }
  2275. status = srtp_remove_stream(session, htonl(0xcafebabe));
  2276. if (status != srtp_err_status_ok) {
  2277. return status;
  2278. }
  2279. status = srtp_dealloc(session);
  2280. if (status != srtp_err_status_ok) {
  2281. return status;
  2282. }
  2283. return srtp_err_status_ok;
  2284. }
  2285. // clang-format off
  2286. unsigned char test_alt_key[46] = {
  2287. 0xe5, 0x19, 0x6f, 0x01, 0x5e, 0xf1, 0x9b, 0xe1,
  2288. 0xd7, 0x47, 0xa7, 0x27, 0x07, 0xd7, 0x47, 0x33,
  2289. 0x01, 0xc2, 0x35, 0x4d, 0x59, 0x6a, 0xf7, 0x84,
  2290. 0x96, 0x98, 0xeb, 0xaa, 0xac, 0xf6, 0xa1, 0x45,
  2291. 0xc7, 0x15, 0xe2, 0xea, 0xfe, 0x55, 0x67, 0x96,
  2292. 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
  2293. };
  2294. // clang-format on
  2295. /*
  2296. * srtp_test_update() verifies updating/rekeying exsisting streams.
  2297. * As stated in https://tools.ietf.org/html/rfc3711#section-3.3.1
  2298. * the value of the ROC must not be reset after a rekey, this test
  2299. * atempts to prove that srtp_update does not reset the ROC.
  2300. */
  2301. srtp_err_status_t srtp_test_update()
  2302. {
  2303. srtp_err_status_t status;
  2304. uint32_t ssrc = 0x12121212;
  2305. int msg_len_octets = 32;
  2306. int protected_msg_len_octets;
  2307. srtp_hdr_t *msg;
  2308. srtp_t srtp_snd, srtp_recv;
  2309. srtp_policy_t policy;
  2310. memset(&policy, 0, sizeof(policy));
  2311. srtp_crypto_policy_set_rtp_default(&policy.rtp);
  2312. srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
  2313. policy.deprecated_ekt = NULL;
  2314. policy.window_size = 128;
  2315. policy.allow_repeat_tx = 0;
  2316. policy.next = NULL;
  2317. policy.ssrc.type = ssrc_any_outbound;
  2318. policy.key = test_key;
  2319. /* create a send and recive ctx with defualt profile and test_key */
  2320. status = srtp_create(&srtp_recv, &policy);
  2321. if (status)
  2322. return status;
  2323. policy.ssrc.type = ssrc_any_inbound;
  2324. status = srtp_create(&srtp_snd, &policy);
  2325. if (status)
  2326. return status;
  2327. /* protect and unprotect two msg's that will cause the ROC to be equal to 1
  2328. */
  2329. msg = srtp_create_test_packet(msg_len_octets, ssrc,
  2330. &protected_msg_len_octets);
  2331. if (msg == NULL)
  2332. return srtp_err_status_alloc_fail;
  2333. msg->seq = htons(65535);
  2334. status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets);
  2335. if (status)
  2336. return srtp_err_status_fail;
  2337. status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
  2338. if (status)
  2339. return status;
  2340. free(msg);
  2341. msg = srtp_create_test_packet(msg_len_octets, ssrc,
  2342. &protected_msg_len_octets);
  2343. if (msg == NULL)
  2344. return srtp_err_status_alloc_fail;
  2345. msg->seq = htons(1);
  2346. status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets);
  2347. if (status)
  2348. return srtp_err_status_fail;
  2349. status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
  2350. if (status)
  2351. return status;
  2352. free(msg);
  2353. /* update send ctx with same test_key t verify update works*/
  2354. policy.ssrc.type = ssrc_any_outbound;
  2355. policy.key = test_key;
  2356. status = srtp_update(srtp_snd, &policy);
  2357. if (status)
  2358. return status;
  2359. msg = srtp_create_test_packet(msg_len_octets, ssrc,
  2360. &protected_msg_len_octets);
  2361. if (msg == NULL)
  2362. return srtp_err_status_alloc_fail;
  2363. msg->seq = htons(2);
  2364. status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets);
  2365. if (status)
  2366. return srtp_err_status_fail;
  2367. status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
  2368. if (status)
  2369. return status;
  2370. free(msg);
  2371. /* update send ctx to use test_alt_key */
  2372. policy.ssrc.type = ssrc_any_outbound;
  2373. policy.key = test_alt_key;
  2374. status = srtp_update(srtp_snd, &policy);
  2375. if (status)
  2376. return status;
  2377. /* create and protect msg with new key and ROC still equal to 1 */
  2378. msg = srtp_create_test_packet(msg_len_octets, ssrc,
  2379. &protected_msg_len_octets);
  2380. if (msg == NULL)
  2381. return srtp_err_status_alloc_fail;
  2382. msg->seq = htons(3);
  2383. status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets);
  2384. if (status)
  2385. return srtp_err_status_fail;
  2386. /* verify that recive ctx will fail to unprotect as it still uses test_key
  2387. */
  2388. status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
  2389. if (status == srtp_err_status_ok)
  2390. return srtp_err_status_fail;
  2391. /* create a new recvieve ctx with test_alt_key but since it is new it will
  2392. * have ROC equal to 1
  2393. * and therefore should fail to unprotected */
  2394. {
  2395. srtp_t srtp_recv_roc_0;
  2396. policy.ssrc.type = ssrc_any_inbound;
  2397. policy.key = test_alt_key;
  2398. status = srtp_create(&srtp_recv_roc_0, &policy);
  2399. if (status)
  2400. return status;
  2401. status =
  2402. srtp_unprotect(srtp_recv_roc_0, msg, &protected_msg_len_octets);
  2403. if (status == srtp_err_status_ok)
  2404. return srtp_err_status_fail;
  2405. status = srtp_dealloc(srtp_recv_roc_0);
  2406. if (status)
  2407. return status;
  2408. }
  2409. /* update recive ctx to use test_alt_key */
  2410. policy.ssrc.type = ssrc_any_inbound;
  2411. policy.key = test_alt_key;
  2412. status = srtp_update(srtp_recv, &policy);
  2413. if (status)
  2414. return status;
  2415. /* verify that can still unprotect, therfore key is updated and ROC value is
  2416. * preserved */
  2417. status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
  2418. if (status)
  2419. return status;
  2420. free(msg);
  2421. status = srtp_dealloc(srtp_snd);
  2422. if (status)
  2423. return status;
  2424. status = srtp_dealloc(srtp_recv);
  2425. if (status)
  2426. return status;
  2427. return srtp_err_status_ok;
  2428. }
  2429. srtp_err_status_t srtp_test_setup_protect_trailer_streams(
  2430. srtp_t *srtp_send,
  2431. srtp_t *srtp_send_mki,
  2432. srtp_t *srtp_send_aes_gcm,
  2433. srtp_t *srtp_send_aes_gcm_mki)
  2434. {
  2435. srtp_err_status_t status;
  2436. srtp_policy_t policy;
  2437. srtp_policy_t policy_mki;
  2438. #ifdef GCM
  2439. srtp_policy_t policy_aes_gcm;
  2440. srtp_policy_t policy_aes_gcm_mki;
  2441. #endif // GCM
  2442. memset(&policy, 0, sizeof(policy));
  2443. srtp_crypto_policy_set_rtp_default(&policy.rtp);
  2444. srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
  2445. policy.deprecated_ekt = NULL;
  2446. policy.window_size = 128;
  2447. policy.allow_repeat_tx = 0;
  2448. policy.next = NULL;
  2449. policy.ssrc.type = ssrc_any_outbound;
  2450. policy.key = test_key;
  2451. memset(&policy_mki, 0, sizeof(policy_mki));
  2452. srtp_crypto_policy_set_rtp_default(&policy_mki.rtp);
  2453. srtp_crypto_policy_set_rtcp_default(&policy_mki.rtcp);
  2454. policy_mki.deprecated_ekt = NULL;
  2455. policy_mki.window_size = 128;
  2456. policy_mki.allow_repeat_tx = 0;
  2457. policy_mki.next = NULL;
  2458. policy_mki.ssrc.type = ssrc_any_outbound;
  2459. policy_mki.key = NULL;
  2460. policy_mki.keys = test_keys;
  2461. policy_mki.num_master_keys = 2;
  2462. #ifdef GCM
  2463. memset(&policy_aes_gcm, 0, sizeof(policy_aes_gcm));
  2464. srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm.rtp);
  2465. srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm.rtcp);
  2466. policy_aes_gcm.deprecated_ekt = NULL;
  2467. policy_aes_gcm.window_size = 128;
  2468. policy_aes_gcm.allow_repeat_tx = 0;
  2469. policy_aes_gcm.next = NULL;
  2470. policy_aes_gcm.ssrc.type = ssrc_any_outbound;
  2471. policy_aes_gcm.key = test_key;
  2472. memset(&policy_aes_gcm_mki, 0, sizeof(policy_aes_gcm_mki));
  2473. srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm_mki.rtp);
  2474. srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm_mki.rtcp);
  2475. policy_aes_gcm_mki.deprecated_ekt = NULL;
  2476. policy_aes_gcm_mki.window_size = 128;
  2477. policy_aes_gcm_mki.allow_repeat_tx = 0;
  2478. policy_aes_gcm_mki.next = NULL;
  2479. policy_aes_gcm_mki.ssrc.type = ssrc_any_outbound;
  2480. policy_aes_gcm_mki.key = NULL;
  2481. policy_aes_gcm_mki.keys = test_keys;
  2482. policy_aes_gcm_mki.num_master_keys = 2;
  2483. #endif // GCM
  2484. /* create a send ctx with defualt profile and test_key */
  2485. status = srtp_create(srtp_send, &policy);
  2486. if (status)
  2487. return status;
  2488. status = srtp_create(srtp_send_mki, &policy_mki);
  2489. if (status)
  2490. return status;
  2491. #ifdef GCM
  2492. status = srtp_create(srtp_send_aes_gcm, &policy_aes_gcm);
  2493. if (status)
  2494. return status;
  2495. status = srtp_create(srtp_send_aes_gcm_mki, &policy_aes_gcm_mki);
  2496. if (status)
  2497. return status;
  2498. #endif // GCM
  2499. return srtp_err_status_ok;
  2500. }
  2501. srtp_err_status_t srtp_test_protect_trailer_length()
  2502. {
  2503. srtp_t srtp_send;
  2504. srtp_t srtp_send_mki;
  2505. srtp_t srtp_send_aes_gcm;
  2506. srtp_t srtp_send_aes_gcm_mki;
  2507. uint32_t length = 0;
  2508. srtp_err_status_t status;
  2509. srtp_test_setup_protect_trailer_streams(
  2510. &srtp_send, &srtp_send_mki, &srtp_send_aes_gcm, &srtp_send_aes_gcm_mki);
  2511. status = srtp_get_protect_trailer_length(srtp_send, 0, 0, &length);
  2512. if (status)
  2513. return status;
  2514. /* TAG Length: 10 bytes */
  2515. if (length != 10)
  2516. return srtp_err_status_fail;
  2517. status = srtp_get_protect_trailer_length(srtp_send_mki, 1, 1, &length);
  2518. if (status)
  2519. return status;
  2520. /* TAG Length: 10 bytes + MKI length: 4 bytes*/
  2521. if (length != 14)
  2522. return srtp_err_status_fail;
  2523. #ifdef GCM
  2524. status = srtp_get_protect_trailer_length(srtp_send_aes_gcm, 0, 0, &length);
  2525. if (status)
  2526. return status;
  2527. /* TAG Length: 16 bytes */
  2528. if (length != 16)
  2529. return srtp_err_status_fail;
  2530. status =
  2531. srtp_get_protect_trailer_length(srtp_send_aes_gcm_mki, 1, 1, &length);
  2532. if (status)
  2533. return status;
  2534. /* TAG Length: 16 bytes + MKI length: 4 bytes*/
  2535. if (length != 20)
  2536. return srtp_err_status_fail;
  2537. #endif // GCM
  2538. srtp_dealloc(srtp_send);
  2539. srtp_dealloc(srtp_send_mki);
  2540. #ifdef GCM
  2541. srtp_dealloc(srtp_send_aes_gcm);
  2542. srtp_dealloc(srtp_send_aes_gcm_mki);
  2543. #endif
  2544. return srtp_err_status_ok;
  2545. }
  2546. srtp_err_status_t srtp_test_protect_rtcp_trailer_length()
  2547. {
  2548. srtp_t srtp_send;
  2549. srtp_t srtp_send_mki;
  2550. srtp_t srtp_send_aes_gcm;
  2551. srtp_t srtp_send_aes_gcm_mki;
  2552. uint32_t length = 0;
  2553. srtp_err_status_t status;
  2554. srtp_test_setup_protect_trailer_streams(
  2555. &srtp_send, &srtp_send_mki, &srtp_send_aes_gcm, &srtp_send_aes_gcm_mki);
  2556. status = srtp_get_protect_rtcp_trailer_length(srtp_send, 0, 0, &length);
  2557. if (status)
  2558. return status;
  2559. /* TAG Length: 10 bytes + SRTCP Trailer 4 bytes*/
  2560. if (length != 14)
  2561. return srtp_err_status_fail;
  2562. status = srtp_get_protect_rtcp_trailer_length(srtp_send_mki, 1, 1, &length);
  2563. if (status)
  2564. return status;
  2565. /* TAG Length: 10 bytes + SRTCP Trailer 4 bytes + MKI 4 bytes*/
  2566. if (length != 18)
  2567. return srtp_err_status_fail;
  2568. #ifdef GCM
  2569. status =
  2570. srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm, 0, 0, &length);
  2571. if (status)
  2572. return status;
  2573. /* TAG Length: 16 bytes + SRTCP Trailer 4 bytes*/
  2574. if (length != 20)
  2575. return srtp_err_status_fail;
  2576. status = srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm_mki, 1, 1,
  2577. &length);
  2578. if (status)
  2579. return status;
  2580. /* TAG Length: 16 bytes + SRTCP Trailer 4 bytes + MKI 4 bytes*/
  2581. if (length != 24)
  2582. return srtp_err_status_fail;
  2583. #endif // GCM
  2584. srtp_dealloc(srtp_send);
  2585. srtp_dealloc(srtp_send_mki);
  2586. #ifdef GCM
  2587. srtp_dealloc(srtp_send_aes_gcm);
  2588. srtp_dealloc(srtp_send_aes_gcm_mki);
  2589. #endif
  2590. return srtp_err_status_ok;
  2591. }
  2592. srtp_err_status_t srtp_test_get_roc()
  2593. {
  2594. srtp_err_status_t status;
  2595. srtp_policy_t policy;
  2596. srtp_t session;
  2597. srtp_hdr_t *pkt;
  2598. uint32_t i;
  2599. uint32_t roc;
  2600. uint32_t ts;
  2601. uint16_t seq;
  2602. int msg_len_octets = 32;
  2603. int protected_msg_len_octets;
  2604. memset(&policy, 0, sizeof(policy));
  2605. srtp_crypto_policy_set_rtp_default(&policy.rtp);
  2606. srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
  2607. policy.ssrc.type = ssrc_specific;
  2608. policy.ssrc.value = 0xcafebabe;
  2609. policy.key = test_key;
  2610. policy.window_size = 128;
  2611. /* Create a sender session */
  2612. status = srtp_create(&session, &policy);
  2613. if (status) {
  2614. return status;
  2615. }
  2616. /* Set start sequence so we roll over */
  2617. seq = 65535;
  2618. ts = 0;
  2619. for (i = 0; i < 2; i++) {
  2620. pkt = srtp_create_test_packet_extended(msg_len_octets,
  2621. policy.ssrc.value, seq, ts,
  2622. &protected_msg_len_octets);
  2623. status = srtp_protect(session, pkt, &protected_msg_len_octets);
  2624. free(pkt);
  2625. if (status) {
  2626. return status;
  2627. }
  2628. status = srtp_get_stream_roc(session, policy.ssrc.value, &roc);
  2629. if (status) {
  2630. return status;
  2631. }
  2632. if (roc != i) {
  2633. return srtp_err_status_fail;
  2634. }
  2635. seq++;
  2636. ts++;
  2637. }
  2638. /* Cleanup */
  2639. status = srtp_dealloc(session);
  2640. if (status) {
  2641. return status;
  2642. }
  2643. return srtp_err_status_ok;
  2644. }
  2645. static srtp_err_status_t test_set_receiver_roc(uint32_t packets,
  2646. uint32_t roc_to_set)
  2647. {
  2648. srtp_err_status_t status;
  2649. srtp_policy_t sender_policy;
  2650. srtp_t sender_session;
  2651. srtp_policy_t receiver_policy;
  2652. srtp_t receiver_session;
  2653. srtp_hdr_t *pkt_1;
  2654. unsigned char *recv_pkt_1;
  2655. srtp_hdr_t *pkt_2;
  2656. unsigned char *recv_pkt_2;
  2657. uint32_t i;
  2658. uint32_t ts;
  2659. uint16_t seq;
  2660. int msg_len_octets = 32;
  2661. int protected_msg_len_octets_1;
  2662. int protected_msg_len_octets_2;
  2663. /* Create sender */
  2664. memset(&sender_policy, 0, sizeof(sender_policy));
  2665. srtp_crypto_policy_set_rtp_default(&sender_policy.rtp);
  2666. srtp_crypto_policy_set_rtcp_default(&sender_policy.rtcp);
  2667. sender_policy.ssrc.type = ssrc_specific;
  2668. sender_policy.ssrc.value = 0xcafebabe;
  2669. sender_policy.key = test_key;
  2670. sender_policy.window_size = 128;
  2671. status = srtp_create(&sender_session, &sender_policy);
  2672. if (status) {
  2673. return status;
  2674. }
  2675. /* Create and protect packets */
  2676. seq = 0;
  2677. ts = 0;
  2678. for (i = 0; i < packets; i++) {
  2679. srtp_hdr_t *tmp_pkt;
  2680. int tmp_len;
  2681. tmp_pkt = srtp_create_test_packet_extended(
  2682. msg_len_octets, sender_policy.ssrc.value, seq, ts, &tmp_len);
  2683. status = srtp_protect(sender_session, tmp_pkt, &tmp_len);
  2684. free(tmp_pkt);
  2685. if (status) {
  2686. return status;
  2687. }
  2688. seq++;
  2689. ts++;
  2690. }
  2691. /* Create the first packet to decrypt and test for ROC change */
  2692. pkt_1 = srtp_create_test_packet_extended(msg_len_octets,
  2693. sender_policy.ssrc.value, seq, ts,
  2694. &protected_msg_len_octets_1);
  2695. status = srtp_protect(sender_session, pkt_1, &protected_msg_len_octets_1);
  2696. if (status) {
  2697. return status;
  2698. }
  2699. /* Create the second packet to decrypt and test for ROC change */
  2700. seq++;
  2701. ts++;
  2702. pkt_2 = srtp_create_test_packet_extended(msg_len_octets,
  2703. sender_policy.ssrc.value, seq, ts,
  2704. &protected_msg_len_octets_2);
  2705. status = srtp_protect(sender_session, pkt_2, &protected_msg_len_octets_2);
  2706. if (status) {
  2707. return status;
  2708. }
  2709. /* Create the receiver */
  2710. memset(&receiver_policy, 0, sizeof(receiver_policy));
  2711. srtp_crypto_policy_set_rtp_default(&receiver_policy.rtp);
  2712. srtp_crypto_policy_set_rtcp_default(&receiver_policy.rtcp);
  2713. receiver_policy.ssrc.type = ssrc_specific;
  2714. receiver_policy.ssrc.value = sender_policy.ssrc.value;
  2715. receiver_policy.key = test_key;
  2716. receiver_policy.window_size = 128;
  2717. status = srtp_create(&receiver_session, &receiver_policy);
  2718. if (status) {
  2719. return status;
  2720. }
  2721. /* Make a copy of the first sent protected packet */
  2722. recv_pkt_1 = malloc(protected_msg_len_octets_1);
  2723. if (recv_pkt_1 == NULL) {
  2724. return srtp_err_status_fail;
  2725. }
  2726. memcpy(recv_pkt_1, pkt_1, protected_msg_len_octets_1);
  2727. /* Make a copy of the second sent protected packet */
  2728. recv_pkt_2 = malloc(protected_msg_len_octets_2);
  2729. if (recv_pkt_2 == NULL) {
  2730. return srtp_err_status_fail;
  2731. }
  2732. memcpy(recv_pkt_2, pkt_2, protected_msg_len_octets_2);
  2733. /* Set the ROC to the wanted value */
  2734. status = srtp_set_stream_roc(receiver_session, receiver_policy.ssrc.value,
  2735. roc_to_set);
  2736. if (status) {
  2737. return status;
  2738. }
  2739. /* Unprotect the first packet */
  2740. status = srtp_unprotect(receiver_session, recv_pkt_1,
  2741. &protected_msg_len_octets_1);
  2742. if (status) {
  2743. return status;
  2744. }
  2745. /* Unprotect the second packet */
  2746. status = srtp_unprotect(receiver_session, recv_pkt_2,
  2747. &protected_msg_len_octets_2);
  2748. if (status) {
  2749. return status;
  2750. }
  2751. /* Cleanup */
  2752. status = srtp_dealloc(sender_session);
  2753. if (status) {
  2754. return status;
  2755. }
  2756. status = srtp_dealloc(receiver_session);
  2757. if (status) {
  2758. return status;
  2759. }
  2760. free(pkt_1);
  2761. free(recv_pkt_1);
  2762. free(pkt_2);
  2763. free(recv_pkt_2);
  2764. return srtp_err_status_ok;
  2765. }
  2766. static srtp_err_status_t test_set_sender_roc(uint16_t seq, uint32_t roc_to_set)
  2767. {
  2768. srtp_err_status_t status;
  2769. srtp_policy_t sender_policy;
  2770. srtp_t sender_session;
  2771. srtp_policy_t receiver_policy;
  2772. srtp_t receiver_session;
  2773. srtp_hdr_t *pkt;
  2774. unsigned char *recv_pkt;
  2775. uint32_t ts;
  2776. int msg_len_octets = 32;
  2777. int protected_msg_len_octets;
  2778. /* Create sender */
  2779. memset(&sender_policy, 0, sizeof(sender_policy));
  2780. srtp_crypto_policy_set_rtp_default(&sender_policy.rtp);
  2781. srtp_crypto_policy_set_rtcp_default(&sender_policy.rtcp);
  2782. sender_policy.ssrc.type = ssrc_specific;
  2783. sender_policy.ssrc.value = 0xcafebabe;
  2784. sender_policy.key = test_key;
  2785. sender_policy.window_size = 128;
  2786. status = srtp_create(&sender_session, &sender_policy);
  2787. if (status) {
  2788. return status;
  2789. }
  2790. /* Set the ROC before encrypting the first packet */
  2791. status = srtp_set_stream_roc(sender_session, sender_policy.ssrc.value,
  2792. roc_to_set);
  2793. if (status != srtp_err_status_ok) {
  2794. return status;
  2795. }
  2796. /* Create the packet to decrypt */
  2797. ts = 0;
  2798. pkt = srtp_create_test_packet_extended(msg_len_octets,
  2799. sender_policy.ssrc.value, seq, ts,
  2800. &protected_msg_len_octets);
  2801. status = srtp_protect(sender_session, pkt, &protected_msg_len_octets);
  2802. if (status) {
  2803. return status;
  2804. }
  2805. /* Create the receiver */
  2806. memset(&receiver_policy, 0, sizeof(receiver_policy));
  2807. srtp_crypto_policy_set_rtp_default(&receiver_policy.rtp);
  2808. srtp_crypto_policy_set_rtcp_default(&receiver_policy.rtcp);
  2809. receiver_policy.ssrc.type = ssrc_specific;
  2810. receiver_policy.ssrc.value = sender_policy.ssrc.value;
  2811. receiver_policy.key = test_key;
  2812. receiver_policy.window_size = 128;
  2813. status = srtp_create(&receiver_session, &receiver_policy);
  2814. if (status) {
  2815. return status;
  2816. }
  2817. /* Make a copy of the sent protected packet */
  2818. recv_pkt = malloc(protected_msg_len_octets);
  2819. if (recv_pkt == NULL) {
  2820. return srtp_err_status_fail;
  2821. }
  2822. memcpy(recv_pkt, pkt, protected_msg_len_octets);
  2823. /* Set the ROC to the wanted value */
  2824. status = srtp_set_stream_roc(receiver_session, receiver_policy.ssrc.value,
  2825. roc_to_set);
  2826. if (status) {
  2827. return status;
  2828. }
  2829. status =
  2830. srtp_unprotect(receiver_session, recv_pkt, &protected_msg_len_octets);
  2831. if (status) {
  2832. return status;
  2833. }
  2834. /* Cleanup */
  2835. status = srtp_dealloc(sender_session);
  2836. if (status) {
  2837. return status;
  2838. }
  2839. status = srtp_dealloc(receiver_session);
  2840. if (status) {
  2841. return status;
  2842. }
  2843. free(pkt);
  2844. free(recv_pkt);
  2845. return srtp_err_status_ok;
  2846. }
  2847. srtp_err_status_t srtp_test_set_receiver_roc()
  2848. {
  2849. int packets;
  2850. uint32_t roc;
  2851. srtp_err_status_t status;
  2852. /* First test does not rollover */
  2853. packets = 1;
  2854. roc = 0;
  2855. status = test_set_receiver_roc(packets - 1, roc);
  2856. if (status) {
  2857. return status;
  2858. }
  2859. status = test_set_receiver_roc(packets, roc);
  2860. if (status) {
  2861. return status;
  2862. }
  2863. status = test_set_receiver_roc(packets + 1, roc);
  2864. if (status) {
  2865. return status;
  2866. }
  2867. status = test_set_receiver_roc(packets + 60000, roc);
  2868. if (status) {
  2869. return status;
  2870. }
  2871. /* Second test should rollover */
  2872. packets = 65535;
  2873. roc = 0;
  2874. status = test_set_receiver_roc(packets - 1, roc);
  2875. if (status) {
  2876. return status;
  2877. }
  2878. status = test_set_receiver_roc(packets, roc);
  2879. if (status) {
  2880. return status;
  2881. }
  2882. /* Now the rollover counter should be 1 */
  2883. roc = 1;
  2884. status = test_set_receiver_roc(packets + 1, roc);
  2885. if (status) {
  2886. return status;
  2887. }
  2888. status = test_set_receiver_roc(packets + 60000, roc);
  2889. if (status) {
  2890. return status;
  2891. }
  2892. return srtp_err_status_ok;
  2893. }
  2894. srtp_err_status_t srtp_test_set_sender_roc()
  2895. {
  2896. uint32_t roc;
  2897. uint16_t seq;
  2898. srtp_err_status_t status;
  2899. seq = 43210;
  2900. roc = 0;
  2901. status = test_set_sender_roc(seq, roc);
  2902. if (status) {
  2903. return status;
  2904. }
  2905. roc = 65535;
  2906. status = test_set_sender_roc(seq, roc);
  2907. if (status) {
  2908. return status;
  2909. }
  2910. roc = 0xffff;
  2911. status = test_set_sender_roc(seq, roc);
  2912. if (status) {
  2913. return status;
  2914. }
  2915. roc = 0xffff00;
  2916. status = test_set_sender_roc(seq, roc);
  2917. if (status) {
  2918. return status;
  2919. }
  2920. roc = 0xfffffff0;
  2921. status = test_set_sender_roc(seq, roc);
  2922. if (status) {
  2923. return status;
  2924. }
  2925. return srtp_err_status_ok;
  2926. }
  2927. /*
  2928. * srtp policy definitions - these definitions are used above
  2929. */
  2930. // clang-format off
  2931. unsigned char test_key[46] = {
  2932. 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
  2933. 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
  2934. 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
  2935. 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6, 0xc1, 0x73,
  2936. 0xc3, 0x17, 0xf2, 0xda, 0xbe, 0x35, 0x77, 0x93,
  2937. 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
  2938. };
  2939. unsigned char test_key_2[46] = {
  2940. 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76,
  2941. 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29,
  2942. 0x98, 0xf6, 0xf6, 0xe4, 0x3e, 0x43, 0x09, 0xd1,
  2943. 0xe6, 0x22, 0xa0, 0xe3, 0x32, 0xb9, 0xf1, 0xb6,
  2944. 0xc3, 0x17, 0xf2, 0xda, 0xbe, 0x35, 0x77, 0x93,
  2945. 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
  2946. };
  2947. unsigned char test_mki_id[TEST_MKI_ID_SIZE] = {
  2948. 0xe1, 0xf9, 0x7a, 0x0d
  2949. };
  2950. unsigned char test_mki_id_2[TEST_MKI_ID_SIZE] = {
  2951. 0xf3, 0xa1, 0x46, 0x71
  2952. };
  2953. // clang-format on
  2954. const srtp_policy_t default_policy = {
  2955. { ssrc_any_outbound, 0 }, /* SSRC */
  2956. {
  2957. /* SRTP policy */
  2958. SRTP_AES_ICM_128, /* cipher type */
  2959. SRTP_AES_ICM_128_KEY_LEN_WSALT, /* cipher key length in octets */
  2960. SRTP_HMAC_SHA1, /* authentication func type */
  2961. 16, /* auth key length in octets */
  2962. 10, /* auth tag length in octets */
  2963. sec_serv_conf_and_auth /* security services flag */
  2964. },
  2965. {
  2966. /* SRTCP policy */
  2967. SRTP_AES_ICM_128, /* cipher type */
  2968. SRTP_AES_ICM_128_KEY_LEN_WSALT, /* cipher key length in octets */
  2969. SRTP_HMAC_SHA1, /* authentication func type */
  2970. 16, /* auth key length in octets */
  2971. 10, /* auth tag length in octets */
  2972. sec_serv_conf_and_auth /* security services flag */
  2973. },
  2974. NULL,
  2975. (srtp_master_key_t **)test_keys,
  2976. 2, /* indicates the number of Master keys */
  2977. NULL, /* indicates that EKT is not in use */
  2978. 128, /* replay window size */
  2979. 0, /* retransmission not allowed */
  2980. NULL, /* no encrypted extension headers */
  2981. 0, /* list of encrypted extension headers is empty */
  2982. NULL
  2983. };
  2984. const srtp_policy_t aes_only_policy = {
  2985. { ssrc_any_outbound, 0 }, /* SSRC */
  2986. {
  2987. SRTP_AES_ICM_128, /* cipher type */
  2988. SRTP_AES_ICM_128_KEY_LEN_WSALT, /* cipher key length in octets */
  2989. SRTP_NULL_AUTH, /* authentication func type */
  2990. 0, /* auth key length in octets */
  2991. 0, /* auth tag length in octets */
  2992. sec_serv_conf /* security services flag */
  2993. },
  2994. {
  2995. SRTP_AES_ICM_128, /* cipher type */
  2996. SRTP_AES_ICM_128_KEY_LEN_WSALT, /* cipher key length in octets */
  2997. SRTP_NULL_AUTH, /* authentication func type */
  2998. 0, /* auth key length in octets */
  2999. 0, /* auth tag length in octets */
  3000. sec_serv_conf /* security services flag */
  3001. },
  3002. NULL,
  3003. (srtp_master_key_t **)test_keys,
  3004. 2, /* indicates the number of Master keys */
  3005. NULL, /* indicates that EKT is not in use */
  3006. 128, /* replay window size */
  3007. 0, /* retransmission not allowed */
  3008. NULL, /* no encrypted extension headers */
  3009. 0, /* list of encrypted extension headers is empty */
  3010. NULL
  3011. };
  3012. const srtp_policy_t hmac_only_policy = {
  3013. { ssrc_any_outbound, 0 }, /* SSRC */
  3014. {
  3015. SRTP_NULL_CIPHER, /* cipher type */
  3016. 0, /* cipher key length in octets */
  3017. SRTP_HMAC_SHA1, /* authentication func type */
  3018. 20, /* auth key length in octets */
  3019. 4, /* auth tag length in octets */
  3020. sec_serv_auth /* security services flag */
  3021. },
  3022. {
  3023. SRTP_NULL_CIPHER, /* cipher type */
  3024. 0, /* cipher key length in octets */
  3025. SRTP_HMAC_SHA1, /* authentication func type */
  3026. 20, /* auth key length in octets */
  3027. 4, /* auth tag length in octets */
  3028. sec_serv_auth /* security services flag */
  3029. },
  3030. NULL,
  3031. (srtp_master_key_t **)test_keys,
  3032. 2, /* Number of Master keys associated with the policy */
  3033. NULL, /* indicates that EKT is not in use */
  3034. 128, /* replay window size */
  3035. 0, /* retransmission not allowed */
  3036. NULL, /* no encrypted extension headers */
  3037. 0, /* list of encrypted extension headers is empty */
  3038. NULL
  3039. };
  3040. #ifdef GCM
  3041. const srtp_policy_t aes128_gcm_8_policy = {
  3042. { ssrc_any_outbound, 0 }, /* SSRC */
  3043. {
  3044. /* SRTP policy */
  3045. SRTP_AES_GCM_128, /* cipher type */
  3046. SRTP_AES_GCM_128_KEY_LEN_WSALT, /* cipher key length in octets */
  3047. SRTP_NULL_AUTH, /* authentication func type */
  3048. 0, /* auth key length in octets */
  3049. 8, /* auth tag length in octets */
  3050. sec_serv_conf_and_auth /* security services flag */
  3051. },
  3052. {
  3053. /* SRTCP policy */
  3054. SRTP_AES_GCM_128, /* cipher type */
  3055. SRTP_AES_GCM_128_KEY_LEN_WSALT, /* cipher key length in octets */
  3056. SRTP_NULL_AUTH, /* authentication func type */
  3057. 0, /* auth key length in octets */
  3058. 8, /* auth tag length in octets */
  3059. sec_serv_conf_and_auth /* security services flag */
  3060. },
  3061. NULL,
  3062. (srtp_master_key_t **)test_keys,
  3063. 2, /* indicates the number of Master keys */
  3064. NULL, /* indicates that EKT is not in use */
  3065. 128, /* replay window size */
  3066. 0, /* retransmission not allowed */
  3067. NULL, /* no encrypted extension headers */
  3068. 0, /* list of encrypted extension headers is empty */
  3069. NULL
  3070. };
  3071. const srtp_policy_t aes128_gcm_8_cauth_policy = {
  3072. { ssrc_any_outbound, 0 }, /* SSRC */
  3073. {
  3074. /* SRTP policy */
  3075. SRTP_AES_GCM_128, /* cipher type */
  3076. SRTP_AES_GCM_128_KEY_LEN_WSALT, /* cipher key length in octets */
  3077. SRTP_NULL_AUTH, /* authentication func type */
  3078. 0, /* auth key length in octets */
  3079. 8, /* auth tag length in octets */
  3080. sec_serv_conf_and_auth /* security services flag */
  3081. },
  3082. {
  3083. /* SRTCP policy */
  3084. SRTP_AES_GCM_128, /* cipher type */
  3085. SRTP_AES_GCM_128_KEY_LEN_WSALT, /* cipher key length in octets */
  3086. SRTP_NULL_AUTH, /* authentication func type */
  3087. 0, /* auth key length in octets */
  3088. 8, /* auth tag length in octets */
  3089. sec_serv_auth /* security services flag */
  3090. },
  3091. NULL,
  3092. (srtp_master_key_t **)test_keys,
  3093. 2, /* indicates the number of Master keys */
  3094. NULL, /* indicates that EKT is not in use */
  3095. 128, /* replay window size */
  3096. 0, /* retransmission not allowed */
  3097. NULL, /* no encrypted extension headers */
  3098. 0, /* list of encrypted extension headers is empty */
  3099. NULL
  3100. };
  3101. const srtp_policy_t aes256_gcm_8_policy = {
  3102. { ssrc_any_outbound, 0 }, /* SSRC */
  3103. {
  3104. /* SRTP policy */
  3105. SRTP_AES_GCM_256, /* cipher type */
  3106. SRTP_AES_GCM_256_KEY_LEN_WSALT, /* cipher key length in octets */
  3107. SRTP_NULL_AUTH, /* authentication func type */
  3108. 0, /* auth key length in octets */
  3109. 8, /* auth tag length in octets */
  3110. sec_serv_conf_and_auth /* security services flag */
  3111. },
  3112. {
  3113. /* SRTCP policy */
  3114. SRTP_AES_GCM_256, /* cipher type */
  3115. SRTP_AES_GCM_256_KEY_LEN_WSALT, /* cipher key length in octets */
  3116. SRTP_NULL_AUTH, /* authentication func type */
  3117. 0, /* auth key length in octets */
  3118. 8, /* auth tag length in octets */
  3119. sec_serv_conf_and_auth /* security services flag */
  3120. },
  3121. NULL,
  3122. (srtp_master_key_t **)test_keys,
  3123. 2, /* indicates the number of Master keys */
  3124. NULL, /* indicates that EKT is not in use */
  3125. 128, /* replay window size */
  3126. 0, /* retransmission not allowed */
  3127. NULL, /* no encrypted extension headers */
  3128. 0, /* list of encrypted extension headers is empty */
  3129. NULL
  3130. };
  3131. const srtp_policy_t aes256_gcm_8_cauth_policy = {
  3132. { ssrc_any_outbound, 0 }, /* SSRC */
  3133. {
  3134. /* SRTP policy */
  3135. SRTP_AES_GCM_256, /* cipher type */
  3136. SRTP_AES_GCM_256_KEY_LEN_WSALT, /* cipher key length in octets */
  3137. SRTP_NULL_AUTH, /* authentication func type */
  3138. 0, /* auth key length in octets */
  3139. 8, /* auth tag length in octets */
  3140. sec_serv_conf_and_auth /* security services flag */
  3141. },
  3142. {
  3143. /* SRTCP policy */
  3144. SRTP_AES_GCM_256, /* cipher type */
  3145. SRTP_AES_GCM_256_KEY_LEN_WSALT, /* cipher key length in octets */
  3146. SRTP_NULL_AUTH, /* authentication func type */
  3147. 0, /* auth key length in octets */
  3148. 8, /* auth tag length in octets */
  3149. sec_serv_auth /* security services flag */
  3150. },
  3151. NULL,
  3152. (srtp_master_key_t **)test_keys,
  3153. 2, /* indicates the number of Master keys */
  3154. NULL, /* indicates that EKT is not in use */
  3155. 128, /* replay window size */
  3156. 0, /* retransmission not allowed */
  3157. NULL, /* no encrypted extension headers */
  3158. 0, /* list of encrypted extension headers is empty */
  3159. NULL
  3160. };
  3161. #endif
  3162. const srtp_policy_t null_policy = {
  3163. { ssrc_any_outbound, 0 }, /* SSRC */
  3164. {
  3165. SRTP_NULL_CIPHER, /* cipher type */
  3166. 0, /* cipher key length in octets */
  3167. SRTP_NULL_AUTH, /* authentication func type */
  3168. 0, /* auth key length in octets */
  3169. 0, /* auth tag length in octets */
  3170. sec_serv_none /* security services flag */
  3171. },
  3172. {
  3173. SRTP_NULL_CIPHER, /* cipher type */
  3174. 0, /* cipher key length in octets */
  3175. SRTP_NULL_AUTH, /* authentication func type */
  3176. 0, /* auth key length in octets */
  3177. 0, /* auth tag length in octets */
  3178. sec_serv_none /* security services flag */
  3179. },
  3180. NULL,
  3181. (srtp_master_key_t **)test_keys,
  3182. 2, /* indicates the number of Master keys */
  3183. NULL, /* indicates that EKT is not in use */
  3184. 128, /* replay window size */
  3185. 0, /* retransmission not allowed */
  3186. NULL, /* no encrypted extension headers */
  3187. 0, /* list of encrypted extension headers is empty */
  3188. NULL
  3189. };
  3190. // clang-format off
  3191. unsigned char test_256_key[46] = {
  3192. 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76,
  3193. 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29,
  3194. 0x98, 0xf6, 0xf6, 0xe4, 0x3e, 0x43, 0x09, 0xd1,
  3195. 0xe6, 0x22, 0xa0, 0xe3, 0x32, 0xb9, 0xf1, 0xb6,
  3196. 0x3b, 0x04, 0x80, 0x3d, 0xe5, 0x1e, 0xe7, 0xc9,
  3197. 0x64, 0x23, 0xab, 0x5b, 0x78, 0xd2
  3198. };
  3199. unsigned char test_256_key_2[46] = {
  3200. 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
  3201. 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
  3202. 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
  3203. 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6, 0xc1, 0x73,
  3204. 0x3b, 0x04, 0x80, 0x3d, 0xe5, 0x1e, 0xe7, 0xc9,
  3205. 0x64, 0x23, 0xab, 0x5b, 0x78, 0xd2
  3206. };
  3207. srtp_master_key_t master_256_key_1 = {
  3208. test_256_key,
  3209. test_mki_id,
  3210. TEST_MKI_ID_SIZE
  3211. };
  3212. srtp_master_key_t master_256_key_2 = {
  3213. test_256_key_2,
  3214. test_mki_id_2,
  3215. TEST_MKI_ID_SIZE
  3216. };
  3217. srtp_master_key_t *test_256_keys[2] = {
  3218. &master_key_1,
  3219. &master_key_2
  3220. };
  3221. // clang-format on
  3222. const srtp_policy_t aes_256_hmac_policy = {
  3223. { ssrc_any_outbound, 0 }, /* SSRC */
  3224. {
  3225. /* SRTP policy */
  3226. SRTP_AES_ICM_256, /* cipher type */
  3227. SRTP_AES_ICM_256_KEY_LEN_WSALT, /* cipher key length in octets */
  3228. SRTP_HMAC_SHA1, /* authentication func type */
  3229. 20, /* auth key length in octets */
  3230. 10, /* auth tag length in octets */
  3231. sec_serv_conf_and_auth /* security services flag */
  3232. },
  3233. {
  3234. /* SRTCP policy */
  3235. SRTP_AES_ICM_256, /* cipher type */
  3236. SRTP_AES_ICM_256_KEY_LEN_WSALT, /* cipher key length in octets */
  3237. SRTP_HMAC_SHA1, /* authentication func type */
  3238. 20, /* auth key length in octets */
  3239. 10, /* auth tag length in octets */
  3240. sec_serv_conf_and_auth /* security services flag */
  3241. },
  3242. NULL,
  3243. (srtp_master_key_t **)test_256_keys,
  3244. 2, /* indicates the number of Master keys */
  3245. NULL, /* indicates that EKT is not in use */
  3246. 128, /* replay window size */
  3247. 0, /* retransmission not allowed */
  3248. NULL, /* no encrypted extension headers */
  3249. 0, /* list of encrypted extension headers is empty */
  3250. NULL
  3251. };
  3252. char ekt_test_policy = 'x';
  3253. const srtp_policy_t hmac_only_with_ekt_policy = {
  3254. { ssrc_any_outbound, 0 }, /* SSRC */
  3255. {
  3256. SRTP_NULL_CIPHER, /* cipher type */
  3257. 0, /* cipher key length in octets */
  3258. SRTP_HMAC_SHA1, /* authentication func type */
  3259. 20, /* auth key length in octets */
  3260. 4, /* auth tag length in octets */
  3261. sec_serv_auth /* security services flag */
  3262. },
  3263. {
  3264. SRTP_NULL_CIPHER, /* cipher type */
  3265. 0, /* cipher key length in octets */
  3266. SRTP_HMAC_SHA1, /* authentication func type */
  3267. 20, /* auth key length in octets */
  3268. 4, /* auth tag length in octets */
  3269. sec_serv_auth /* security services flag */
  3270. },
  3271. NULL,
  3272. (srtp_master_key_t **)test_keys,
  3273. 2, /* indicates the number of Master keys */
  3274. &ekt_test_policy, /* requests deprecated EKT functionality */
  3275. 128, /* replay window size */
  3276. 0, /* retransmission not allowed */
  3277. NULL, /* no encrypted extension headers */
  3278. 0, /* list of encrypted extension headers is empty */
  3279. NULL
  3280. };
  3281. /*
  3282. * an array of pointers to the policies listed above
  3283. *
  3284. * This array is used to test various aspects of libSRTP for
  3285. * different cryptographic policies. The order of the elements
  3286. * matters - the timing test generates output that can be used
  3287. * in a plot (see the gnuplot script file 'timing'). If you
  3288. * add to this list, you should do it at the end.
  3289. */
  3290. // clang-format off
  3291. const srtp_policy_t *policy_array[] = {
  3292. &hmac_only_policy,
  3293. &aes_only_policy,
  3294. &default_policy,
  3295. #ifdef GCM
  3296. &aes128_gcm_8_policy,
  3297. &aes128_gcm_8_cauth_policy,
  3298. &aes256_gcm_8_policy,
  3299. &aes256_gcm_8_cauth_policy,
  3300. #endif
  3301. &null_policy,
  3302. &aes_256_hmac_policy,
  3303. NULL
  3304. };
  3305. // clang-format on
  3306. // clang-format off
  3307. const srtp_policy_t *invalid_policy_array[] = {
  3308. &hmac_only_with_ekt_policy,
  3309. NULL
  3310. };
  3311. // clang-format on
  3312. const srtp_policy_t wildcard_policy = {
  3313. { ssrc_any_outbound, 0 }, /* SSRC */
  3314. {
  3315. /* SRTP policy */
  3316. SRTP_AES_ICM_128, /* cipher type */
  3317. SRTP_AES_ICM_128_KEY_LEN_WSALT, /* cipher key length in octets */
  3318. SRTP_HMAC_SHA1, /* authentication func type */
  3319. 16, /* auth key length in octets */
  3320. 10, /* auth tag length in octets */
  3321. sec_serv_conf_and_auth /* security services flag */
  3322. },
  3323. {
  3324. /* SRTCP policy */
  3325. SRTP_AES_ICM_128, /* cipher type */
  3326. SRTP_AES_ICM_128_KEY_LEN_WSALT, /* cipher key length in octets */
  3327. SRTP_HMAC_SHA1, /* authentication func type */
  3328. 16, /* auth key length in octets */
  3329. 10, /* auth tag length in octets */
  3330. sec_serv_conf_and_auth /* security services flag */
  3331. },
  3332. test_key,
  3333. NULL,
  3334. 0,
  3335. NULL,
  3336. 128, /* replay window size */
  3337. 0, /* retransmission not allowed */
  3338. NULL, /* no encrypted extension headers */
  3339. 0, /* list of encrypted extension headers is empty */
  3340. NULL
  3341. };