More refactoring of internal cipher API. Eliminate usage of void* in set_iv function.
diff --git a/crypto/cipher/aes_gcm_ossl.c b/crypto/cipher/aes_gcm_ossl.c
index 5cb4f8d..08faba4 100644
--- a/crypto/cipher/aes_gcm_ossl.c
+++ b/crypto/cipher/aes_gcm_ossl.c
@@ -193,7 +193,7 @@
* aes_gcm_openssl_set_iv(c, iv) sets the counter value to the exor of iv with
* the offset
*/
-static srtp_err_status_t srtp_aes_gcm_openssl_set_iv (srtp_aes_gcm_ctx_t *c, void *iv, int direction)
+static srtp_err_status_t srtp_aes_gcm_openssl_set_iv (srtp_aes_gcm_ctx_t *c, const uint8_t *iv, int direction)
{
const EVP_CIPHER *evp;
@@ -202,7 +202,7 @@
}
c->dir = direction;
- debug_print(srtp_mod_aes_gcm, "setting iv: %s", v128_hex_string(iv));
+ debug_print(srtp_mod_aes_gcm, "setting iv: %s", v128_hex_string((v128_t*)iv));
switch (c->key_size) {
case SRTP_AES_256_KEYSIZE:
@@ -225,10 +225,10 @@
if (!EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_SET_IVLEN, 12, 0)) {
return (srtp_err_status_init_fail);
}
- if (!EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_SET_IV_FIXED, -1, iv)) {
+ if (!EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_SET_IV_FIXED, -1, (void*)iv)) {
return (srtp_err_status_init_fail);
}
- if (!EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_IV_GEN, 0, iv)) {
+ if (!EVP_CIPHER_CTX_ctrl(&c->ctx, EVP_CTRL_GCM_IV_GEN, 0, (void*)iv)) {
return (srtp_err_status_init_fail);
}
diff --git a/crypto/cipher/aes_icm.c b/crypto/cipher/aes_icm.c
index 8266218..c686b27 100644
--- a/crypto/cipher/aes_icm.c
+++ b/crypto/cipher/aes_icm.c
@@ -225,7 +225,7 @@
* the offset
*/
-static srtp_err_status_t srtp_aes_icm_set_iv (srtp_aes_icm_ctx_t *c, void *iv, int direction)
+static srtp_err_status_t srtp_aes_icm_set_iv (srtp_aes_icm_ctx_t *c, const uint8_t *iv, int direction)
{
v128_t nonce;
diff --git a/crypto/cipher/aes_icm_ossl.c b/crypto/cipher/aes_icm_ossl.c
index 9787c1f..7fd8f7c 100644
--- a/crypto/cipher/aes_icm_ossl.c
+++ b/crypto/cipher/aes_icm_ossl.c
@@ -245,7 +245,7 @@
* aes_icm_set_iv(c, iv) sets the counter value to the exor of iv with
* the offset
*/
-static srtp_err_status_t srtp_aes_icm_openssl_set_iv (srtp_aes_icm_ctx_t *c, void *iv, int dir)
+static srtp_err_status_t srtp_aes_icm_openssl_set_iv (srtp_aes_icm_ctx_t *c, const uint8_t *iv, int dir)
{
const EVP_CIPHER *evp;
v128_t nonce;
diff --git a/crypto/cipher/cipher.c b/crypto/cipher/cipher.c
index 2123603..bcf2ed3 100644
--- a/crypto/cipher/cipher.c
+++ b/crypto/cipher/cipher.c
@@ -82,6 +82,16 @@
return (((c)->type)->init(((c)->state), (key)));
}
+
+srtp_err_status_t srtp_cipher_set_iv (srtp_cipher_t *c, const uint8_t *iv, int direction)
+{
+ if (!c || !c->type || !c->state) {
+ return (srtp_err_status_bad_param);
+ }
+
+ return (((c)->type)->set_iv(((c)->state), iv, direction));
+}
+
srtp_err_status_t srtp_cipher_output (srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output)
{
@@ -176,7 +186,7 @@
test_case->plaintext_length_octets));
/* set the initialization vector */
- status = cipher_set_iv(c, test_case->idx, direction_encrypt);
+ status = srtp_cipher_set_iv(c, (const uint8_t*)test_case->idx, direction_encrypt);
if (status) {
srtp_cipher_dealloc(c);
return status;
@@ -276,7 +286,7 @@
test_case->plaintext_length_octets));
/* set the initialization vector */
- status = cipher_set_iv(c, test_case->idx, direction_decrypt);
+ status = srtp_cipher_set_iv(c, (const uint8_t*)test_case->idx, direction_decrypt);
if (status) {
srtp_cipher_dealloc(c);
return status;
@@ -404,7 +414,7 @@
}
/* set initialization vector */
- status = cipher_set_iv(c, test_case->idx, direction_encrypt);
+ status = srtp_cipher_set_iv(c, (const uint8_t*)test_case->idx, direction_encrypt);
if (status) {
srtp_cipher_dealloc(c);
return status;
@@ -455,7 +465,7 @@
srtp_cipher_dealloc(c);
return status;
}
- status = cipher_set_iv(c, test_case->idx, direction_decrypt);
+ status = srtp_cipher_set_iv(c, (const uint8_t*)test_case->idx, direction_decrypt);
if (status) {
srtp_cipher_dealloc(c);
return status;
@@ -547,7 +557,7 @@
v128_set_to_zero(&nonce);
timer = clock();
for (i = 0; i < num_trials; i++, nonce.v32[3] = i) {
- cipher_set_iv(c, &nonce, direction_encrypt);
+ srtp_cipher_set_iv(c, (const uint8_t*)&nonce, direction_encrypt);
srtp_cipher_encrypt(c, enc_buf, &len);
}
timer = clock() - timer;
diff --git a/crypto/cipher/null_cipher.c b/crypto/cipher/null_cipher.c
index a8183ae..4e71003 100644
--- a/crypto/cipher/null_cipher.c
+++ b/crypto/cipher/null_cipher.c
@@ -106,7 +106,7 @@
return srtp_err_status_ok;
}
-static srtp_err_status_t srtp_null_cipher_set_iv (srtp_null_cipher_ctx_t *c, void *iv)
+static srtp_err_status_t srtp_null_cipher_set_iv (srtp_null_cipher_ctx_t *c, const uint8_t *iv, int dir)
{
return srtp_err_status_ok;
}
diff --git a/crypto/include/cipher.h b/crypto/include/cipher.h
index 3f93e62..b14650a 100644
--- a/crypto/include/cipher.h
+++ b/crypto/include/cipher.h
@@ -110,7 +110,7 @@
* a cipher_set_iv_func_t function sets the current initialization vector
*/
typedef srtp_err_status_t (*cipher_set_iv_func_t)
- (srtp_cipher_pointer_t cp, void *iv, srtp_cipher_direction_t direction);
+ (srtp_cipher_pointer_t cp, const uint8_t *iv, srtp_cipher_direction_t direction);
/*
* a cipher_get_tag_funct_t function is used to get the authentication
@@ -171,9 +171,6 @@
#define cipher_get_tag(c, buf, len) \
(((c)->type)->get_tag(((c)->state), (buf), (len)))
-#define cipher_set_iv(c, n, dir) \
- ((c) ? (((c)->type)->set_iv(((srtp_cipher_pointer_t)(c)->state), (n), (dir))) : \
- srtp_err_status_no_such_op)
#define cipher_set_aad(c, a, l) \
(((c) && (((c)->type)->set_aad)) ? \
(((c)->type)->set_aad(((c)->state), (a), (l))) : \
@@ -215,6 +212,7 @@
srtp_err_status_t srtp_cipher_type_alloc(const srtp_cipher_type_t *ct, srtp_cipher_t **c, int key_len, int tlen);
srtp_err_status_t srtp_cipher_dealloc(srtp_cipher_t *c);
srtp_err_status_t srtp_cipher_init(srtp_cipher_t *c, const uint8_t *key);
+srtp_err_status_t srtp_cipher_set_iv(srtp_cipher_t *c, const uint8_t *iv, int direction);
srtp_err_status_t srtp_cipher_output(srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output);
srtp_err_status_t srtp_cipher_encrypt(srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output);
srtp_err_status_t srtp_cipher_decrypt(srtp_cipher_t *c, uint8_t *buffer, uint32_t *num_octets_to_output);
diff --git a/crypto/test/cipher_driver.c b/crypto/test/cipher_driver.c
index 9fb0d20..9e2d943 100644
--- a/crypto/test/cipher_driver.c
+++ b/crypto/test/cipher_driver.c
@@ -379,7 +379,7 @@
buffer0[j] = buffer1[j] = 0;
/* initialize cipher */
- status = cipher_set_iv(c, idx, direction_encrypt);
+ status = srtp_cipher_set_iv(c, (const uint8_t*)idx, direction_encrypt);
if (status)
return status;
@@ -389,7 +389,7 @@
return status;
/* re-initialize cipher */
- status = cipher_set_iv(c, idx, direction_encrypt);
+ status = srtp_cipher_set_iv(c, (const uint8_t*)idx, direction_encrypt);
if (status)
return status;
@@ -549,7 +549,7 @@
unsigned octets_to_encrypt = octets_in_buffer;
/* encrypt buffer with cipher */
- cipher_set_iv(cipher_array[cipher_index], &nonce, direction_encrypt);
+ srtp_cipher_set_iv(cipher_array[cipher_index], (const uint8_t*)&nonce, direction_encrypt);
srtp_cipher_encrypt(cipher_array[cipher_index], enc_buf, &octets_to_encrypt);
/* choose a cipher at random from the array*/
diff --git a/crypto/test/stat_driver.c b/crypto/test/stat_driver.c
index 70872f2..2db5e36 100644
--- a/crypto/test/stat_driver.c
+++ b/crypto/test/stat_driver.c
@@ -83,7 +83,7 @@
buffer[i] = 0;
err_check(srtp_cipher_type_alloc(&srtp_aes_icm, &c, 30, 0));
err_check(srtp_cipher_init(c, key));
- err_check(cipher_set_iv(c, &nonce, direction_encrypt));
+ err_check(srtp_cipher_set_iv(c, (const uint8_t*)&nonce, direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
/* run tests on cipher outout */
printf("monobit %d\n", stat_test_monobit(buffer));
@@ -98,7 +98,7 @@
for (i=0; i < 2500; i++)
buffer[i] = 0;
nonce.v32[3] = i;
- err_check(cipher_set_iv(c, &nonce, direction_encrypt));
+ err_check(srtp_cipher_set_iv(c, (const uint8_t*)&nonce, direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
if (stat_test_runs(buffer)) {
num_fail++;
@@ -117,7 +117,7 @@
buffer[i] = 0;
err_check(srtp_cipher_type_alloc(&srtp_aes_icm, &c, 46, 0));
err_check(srtp_cipher_init(c, key));
- err_check(cipher_set_iv(c, &nonce, direction_encrypt));
+ err_check(srtp_cipher_set_iv(c, (const uint8_t*)&nonce, direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
/* run tests on cipher outout */
printf("monobit %d\n", stat_test_monobit(buffer));
@@ -132,7 +132,7 @@
for (i=0; i < 2500; i++)
buffer[i] = 0;
nonce.v32[3] = i;
- err_check(cipher_set_iv(c, &nonce, direction_encrypt));
+ err_check(srtp_cipher_set_iv(c, (const uint8_t*)&nonce, direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
if (stat_test_runs(buffer)) {
num_fail++;
@@ -148,7 +148,7 @@
}
err_check(srtp_cipher_type_alloc(&srtp_aes_gcm_128_openssl, &c, SRTP_AES_128_GCM_KEYSIZE_WSALT, 8));
err_check(srtp_cipher_init(c, key));
- err_check(cipher_set_iv(c, &nonce, direction_encrypt));
+ err_check(srtp_cipher_set_iv(c, (const uint8_t*)&nonce, direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
/* run tests on cipher outout */
printf("monobit %d\n", stat_test_monobit(buffer));
@@ -162,7 +162,7 @@
buffer[i] = 0;
}
nonce.v32[3] = i;
- err_check(cipher_set_iv(c, &nonce, direction_encrypt));
+ err_check(srtp_cipher_set_iv(c, (const uint8_t*)&nonce, direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
buf_len = 2500;
if (stat_test_runs(buffer)) {
@@ -177,7 +177,7 @@
}
err_check(srtp_cipher_type_alloc(&srtp_aes_gcm_256_openssl, &c, SRTP_AES_256_GCM_KEYSIZE_WSALT, 16));
err_check(srtp_cipher_init(c, key));
- err_check(cipher_set_iv(c, &nonce, direction_encrypt));
+ err_check(srtp_cipher_set_iv(c, (const uint8_t*)&nonce, direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
/* run tests on cipher outout */
printf("monobit %d\n", stat_test_monobit(buffer));
@@ -191,7 +191,7 @@
buffer[i] = 0;
}
nonce.v32[3] = i;
- err_check(cipher_set_iv(c, &nonce, direction_encrypt));
+ err_check(srtp_cipher_set_iv(c, (const uint8_t*)&nonce, direction_encrypt));
err_check(srtp_cipher_encrypt(c, buffer, &buf_len));
buf_len = 2500;
if (stat_test_runs(buffer)) {
diff --git a/srtp/srtp.c b/srtp/srtp.c
index cd0f1b8..d483708 100644
--- a/srtp/srtp.c
+++ b/srtp/srtp.c
@@ -423,7 +423,7 @@
v128_set_to_zero(&nonce);
nonce.v8[7] = label;
- status = cipher_set_iv(kdf->cipher, &nonce, direction_encrypt);
+ status = srtp_cipher_set_iv(kdf->cipher, (const uint8_t*)&nonce, direction_encrypt);
if (status)
return status;
@@ -954,7 +954,7 @@
* AEAD uses a new IV formation method
*/
srtp_calc_aead_iv(stream, &iv, &est, hdr);
- status = cipher_set_iv(stream->rtp_cipher, &iv, direction_encrypt);
+ status = srtp_cipher_set_iv(stream->rtp_cipher, (const uint8_t*)&iv, direction_encrypt);
if (status) {
return srtp_err_status_cipher_fail;
}
@@ -1035,7 +1035,7 @@
* AEAD uses a new IV formation method
*/
srtp_calc_aead_iv(stream, &iv, &est, hdr);
- status = cipher_set_iv(stream->rtp_cipher, &iv, direction_decrypt);
+ status = srtp_cipher_set_iv(stream->rtp_cipher, (const uint8_t*)&iv, direction_decrypt);
if (status) {
return srtp_err_status_cipher_fail;
}
@@ -1332,7 +1332,7 @@
#else
iv.v64[1] = be64_to_cpu(est << 16);
#endif
- status = cipher_set_iv(stream->rtp_cipher, &iv, direction_encrypt);
+ status = srtp_cipher_set_iv(stream->rtp_cipher, (const uint8_t*)&iv, direction_encrypt);
} else {
v128_t iv;
@@ -1345,7 +1345,7 @@
iv.v64[0] = 0;
#endif
iv.v64[1] = be64_to_cpu(est);
- status = cipher_set_iv(stream->rtp_cipher, &iv, direction_encrypt);
+ status = srtp_cipher_set_iv(stream->rtp_cipher, (const uint8_t*)&iv, direction_encrypt);
}
if (status)
return srtp_err_status_cipher_fail;
@@ -1519,7 +1519,7 @@
#else
iv.v64[1] = be64_to_cpu(est << 16);
#endif
- status = cipher_set_iv(stream->rtp_cipher, &iv, direction_decrypt);
+ status = srtp_cipher_set_iv(stream->rtp_cipher, (const uint8_t*)&iv, direction_decrypt);
} else {
/* no particular format - set the iv to the pakcet index */
@@ -1530,7 +1530,7 @@
iv.v64[0] = 0;
#endif
iv.v64[1] = be64_to_cpu(est);
- status = cipher_set_iv(stream->rtp_cipher, &iv, direction_decrypt);
+ status = srtp_cipher_set_iv(stream->rtp_cipher, (const uint8_t*)&iv, direction_decrypt);
}
if (status)
return srtp_err_status_cipher_fail;
@@ -2325,7 +2325,7 @@
* Calculating the IV and pass it down to the cipher
*/
srtp_calc_aead_iv_srtcp(stream, &iv, seq_num, hdr);
- status = cipher_set_iv(stream->rtcp_cipher, &iv, direction_encrypt);
+ status = srtp_cipher_set_iv(stream->rtcp_cipher, (const uint8_t*)&iv, direction_encrypt);
if (status) {
return srtp_err_status_cipher_fail;
}
@@ -2475,7 +2475,7 @@
* Calculate and set the IV
*/
srtp_calc_aead_iv_srtcp(stream, &iv, seq_num, hdr);
- status = cipher_set_iv(stream->rtcp_cipher, &iv, direction_decrypt);
+ status = srtp_cipher_set_iv(stream->rtcp_cipher, (const uint8_t*)&iv, direction_decrypt);
if (status) {
return srtp_err_status_cipher_fail;
}
@@ -2720,7 +2720,7 @@
iv.v32[1] = hdr->ssrc; /* still in network order! */
iv.v32[2] = htonl(seq_num >> 16);
iv.v32[3] = htonl(seq_num << 16);
- status = cipher_set_iv(stream->rtcp_cipher, &iv, direction_encrypt);
+ status = srtp_cipher_set_iv(stream->rtcp_cipher, (const uint8_t*)&iv, direction_encrypt);
} else {
v128_t iv;
@@ -2730,7 +2730,7 @@
iv.v32[1] = 0;
iv.v32[2] = 0;
iv.v32[3] = htonl(seq_num);
- status = cipher_set_iv(stream->rtcp_cipher, &iv, direction_encrypt);
+ status = srtp_cipher_set_iv(stream->rtcp_cipher, (const uint8_t*)&iv, direction_encrypt);
}
if (status)
return srtp_err_status_cipher_fail;
@@ -2941,7 +2941,7 @@
iv.v32[1] = hdr->ssrc; /* still in network order! */
iv.v32[2] = htonl(seq_num >> 16);
iv.v32[3] = htonl(seq_num << 16);
- status = cipher_set_iv(stream->rtcp_cipher, &iv, direction_decrypt);
+ status = srtp_cipher_set_iv(stream->rtcp_cipher, (const uint8_t*)&iv, direction_decrypt);
} else {
v128_t iv;
@@ -2951,7 +2951,7 @@
iv.v32[1] = 0;
iv.v32[2] = 0;
iv.v32[3] = htonl(seq_num);
- status = cipher_set_iv(stream->rtcp_cipher, &iv, direction_decrypt);
+ status = srtp_cipher_set_iv(stream->rtcp_cipher, (const uint8_t*)&iv, direction_decrypt);
}
if (status)