Merge lastest from master.
diff --git a/CHANGES b/CHANGES
index 12c0a84..86a5545 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,31 @@
Changelog
+1.5.1
+
+ Pull request 95 - Additional header check from Chromium
+
+ Pull request 94 - Add missing copyright headers.
+
+ Pull request 90 - Fix out-of-source tree builds.
+
+ Pull request 89 - Introduce little endian RISC support
+
+ Pull request 86 - Add support for cross-compiling the shared library for Windows and OS X
+
+ Pull request 85 - Add -f <pcap filter> option to rtp_decoder
+
+ Pull request 84 - Avoid problems due to unsafe macros
+
+ Pull request 82 - Align the AES ICM nonce
+
+ Pull request 80 - Take advantage of base64 conversion in testapps
+
+ Pull request 75 - Cleanup: miscellaneous cleanup of initial OpenSSL AES support
+
+ Pull request 74 - Allow testing with pcap file or capture - Issue #45
+
+ Other trivial fixes are included as well. Please see github for details.
+
1.5.0
Add support for using OpenSSL crypto using the --enable-openssl
diff --git a/crypto/cipher/aes_icm_ossl.c b/crypto/cipher/aes_icm_ossl.c
index a9f432c..32effbb 100644
--- a/crypto/cipher/aes_icm_ossl.c
+++ b/crypto/cipher/aes_icm_ossl.c
@@ -64,7 +64,9 @@
"aes icm ossl" /* printable module name */
};
extern srtp_cipher_type_t srtp_aes_icm;
+#ifndef SRTP_NO_AES192
extern srtp_cipher_type_t srtp_aes_icm_192;
+#endif
extern srtp_cipher_type_t srtp_aes_icm_256;
/*
@@ -123,6 +125,14 @@
return srtp_err_status_bad_param;
}
+ if (key_len != SRTP_AES_128_KEYSIZE_WSALT &&
+#ifndef SRTP_NO_AES192
+ key_len != SRTP_AES_192_KEYSIZE_WSALT &&
+#endif
+ key_len != SRTP_AES_256_KEYSIZE_WSALT) {
+ return srtp_err_status_bad_param;
+ }
+
/* allocate memory a cipher of type aes_icm */
*c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t));
if (*c == NULL) {
@@ -148,11 +158,13 @@
(*c)->type = &srtp_aes_icm;
icm->key_size = SRTP_AES_128_KEYSIZE;
break;
+#ifndef SRTP_NO_AES192
case SRTP_AES_192_KEYSIZE_WSALT:
(*c)->algorithm = SRTP_AES_192_ICM;
(*c)->type = &srtp_aes_icm_192;
icm->key_size = SRTP_AES_192_KEYSIZE;
break;
+#endif
case SRTP_AES_256_KEYSIZE_WSALT:
(*c)->algorithm = SRTP_AES_256_ICM;
(*c)->type = &srtp_aes_icm_256;
@@ -229,7 +241,11 @@
* key is statically allocated to handle a full 32 byte key
* regardless of the cipher in use.
*/
- if (c->key_size == SRTP_AES_256_KEYSIZE || c->key_size == SRTP_AES_192_KEYSIZE) {
+ if (c->key_size == SRTP_AES_256_KEYSIZE ||
+#ifndef SRTP_NO_AES192
+ c->key_size == SRTP_AES_192_KEYSIZE
+#endif
+ ) {
debug_print(srtp_mod_aes_icm, "Copying last 16 bytes of key: %s",
v128_hex_string((v128_t*)(key + SRTP_AES_128_KEYSIZE)));
v128_copy_octet_string(((v128_t*)(&c->key.v8)) + 1, key + SRTP_AES_128_KEYSIZE);
@@ -266,9 +282,11 @@
case SRTP_AES_256_KEYSIZE:
evp = EVP_aes_256_ctr();
break;
+#ifndef SRTP_NO_AES192
case SRTP_AES_192_KEYSIZE:
evp = EVP_aes_192_ctr();
break;
+#endif
case SRTP_AES_128_KEYSIZE:
evp = EVP_aes_128_ctr();
break;
@@ -316,7 +334,9 @@
* Name of this crypto engine
*/
static char srtp_aes_icm_openssl_description[] = "AES-128 counter mode using openssl";
+#ifndef SRTP_NO_AES192
static char srtp_aes_icm_192_openssl_description[] = "AES-192 counter mode using openssl";
+#endif
static char srtp_aes_icm_256_openssl_description[] = "AES-256 counter mode using openssl";
@@ -364,6 +384,7 @@
NULL /* pointer to next testcase */
};
+#ifndef SRTP_NO_AES192
/*
* KAT values for AES-192-CTR self-test. These
* values came from section 7 of RFC 6188.
@@ -408,7 +429,7 @@
0,
NULL /* pointer to next testcase */
};
-
+#endif
/*
* KAT values for AES-256-CTR self-test. These
@@ -475,6 +496,7 @@
(srtp_cipher_type_id_t) SRTP_AES_ICM
};
+#ifndef SRTP_NO_AES192
/*
* This is the function table for this crypto engine.
* note: the encrypt function is identical to the decrypt function
@@ -493,6 +515,7 @@
(srtp_debug_module_t*) &srtp_mod_aes_icm,
(srtp_cipher_type_id_t) SRTP_AES_192_ICM
};
+#endif
/*
* This is the function table for this crypto engine.
diff --git a/crypto/include/aes_icm_ossl.h b/crypto/include/aes_icm_ossl.h
index cd7f729..4751d9e 100644
--- a/crypto/include/aes_icm_ossl.h
+++ b/crypto/include/aes_icm_ossl.h
@@ -50,13 +50,20 @@
#include <openssl/evp.h>
#include <openssl/aes.h>
+#ifdef OPENSSL_IS_BORINGSSL
+// BoringSSL doesn't support AES-192, cipher will be disabled
+#define SRTP_NO_AES192
+#endif
+
#define SRTP_SALT_SIZE 14
#define SRTP_AES_128_KEYSIZE AES_BLOCK_SIZE
-#define SRTP_AES_192_KEYSIZE AES_BLOCK_SIZE + AES_BLOCK_SIZE / 2
#define SRTP_AES_256_KEYSIZE AES_BLOCK_SIZE * 2
#define SRTP_AES_128_KEYSIZE_WSALT SRTP_AES_128_KEYSIZE + SRTP_SALT_SIZE
-#define SRTP_AES_192_KEYSIZE_WSALT SRTP_AES_192_KEYSIZE + SRTP_SALT_SIZE
#define SRTP_AES_256_KEYSIZE_WSALT SRTP_AES_256_KEYSIZE + SRTP_SALT_SIZE
+#ifndef SRTP_NO_AES192
+#define SRTP_AES_192_KEYSIZE AES_BLOCK_SIZE + AES_BLOCK_SIZE / 2
+#define SRTP_AES_192_KEYSIZE_WSALT SRTP_AES_192_KEYSIZE + SRTP_SALT_SIZE
+#endif
typedef struct {
v128_t counter; /* holds the counter value */
diff --git a/crypto/test/cipher_driver.c b/crypto/test/cipher_driver.c
index 21d5289..c5af657 100644
--- a/crypto/test/cipher_driver.c
+++ b/crypto/test/cipher_driver.c
@@ -123,7 +123,9 @@
extern srtp_cipher_type_t srtp_null_cipher;
extern srtp_cipher_type_t srtp_aes_icm;
#ifdef OPENSSL
+#ifndef SRTP_NO_AES192
extern srtp_cipher_type_t srtp_aes_icm_192;
+#endif
extern srtp_cipher_type_t srtp_aes_icm_256;
extern srtp_cipher_type_t srtp_aes_gcm_128_openssl;
extern srtp_cipher_type_t srtp_aes_gcm_256_openssl;
@@ -188,9 +190,11 @@
for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
cipher_driver_test_array_throughput(&srtp_aes_icm, 46, num_cipher);
#else
+#ifndef SRTP_NO_AES192
for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
cipher_driver_test_array_throughput(&srtp_aes_icm_192, 38, num_cipher);
+#endif
for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
cipher_driver_test_array_throughput(&srtp_aes_icm_256, 46, num_cipher);
@@ -208,7 +212,9 @@
cipher_driver_self_test(&srtp_null_cipher);
cipher_driver_self_test(&srtp_aes_icm);
#ifdef OPENSSL
+#ifndef SRTP_NO_AES192
cipher_driver_self_test(&srtp_aes_icm_192);
+#endif
cipher_driver_self_test(&srtp_aes_icm_256);
cipher_driver_self_test(&srtp_aes_gcm_128_openssl);
cipher_driver_self_test(&srtp_aes_gcm_256_openssl);