Merge lastest from master.

commit: 6b71fb947b2182c74a25b2fbe27b862bcceb776c [log] [tgz]
author: jfigus <foleyj@cisco.com> Thu Feb 19 10:20:13 2015 -0500
committer: jfigus <foleyj@cisco.com> Thu Feb 19 10:20:13 2015 -0500
tree: 206797c2873cc1c58e0e64e10f3ceaee3a059b2f
parent: 724bb29870b7ddd23945ddc5451089c70921ed6b [diff]
parent: 750f6744f95fb12d578458e86df4be3e4fb7c580 [diff]
diff --git a/CHANGES b/CHANGES
index 12c0a84..86a5545 100644
--- a/CHANGES
+++ b/CHANGES

@@ -1,5 +1,31 @@
 Changelog
 
+1.5.1
+
+  Pull request 95 - Additional header check from Chromium
+
+  Pull request 94 - Add missing copyright headers. 
+
+  Pull request 90 - Fix out-of-source tree builds.
+
+  Pull request 89 - Introduce little endian RISC support
+
+  Pull request 86 - Add support for cross-compiling the shared library for Windows and OS X
+
+  Pull request 85 - Add -f <pcap filter> option to rtp_decoder
+
+  Pull request 84 - Avoid problems due to unsafe macros
+
+  Pull request 82 - Align the AES ICM nonce
+
+  Pull request 80 - Take advantage of base64 conversion in testapps
+
+  Pull request 75 - Cleanup: miscellaneous cleanup of initial OpenSSL AES support
+
+  Pull request 74 - Allow testing with pcap file or capture - Issue #45
+
+  Other trivial fixes are included as well.  Please see github for details.
+
 1.5.0
  
   Add support for using OpenSSL crypto using the --enable-openssl 

diff --git a/crypto/cipher/aes_icm_ossl.c b/crypto/cipher/aes_icm_ossl.c
index a9f432c..32effbb 100644
--- a/crypto/cipher/aes_icm_ossl.c
+++ b/crypto/cipher/aes_icm_ossl.c

@@ -64,7 +64,9 @@
     "aes icm ossl"   /* printable module name       */
 };
 extern srtp_cipher_type_t srtp_aes_icm;
+#ifndef SRTP_NO_AES192
 extern srtp_cipher_type_t srtp_aes_icm_192;
+#endif
 extern srtp_cipher_type_t srtp_aes_icm_256;
 
 /*
@@ -123,6 +125,14 @@
         return srtp_err_status_bad_param;
     }
 
+    if (key_len != SRTP_AES_128_KEYSIZE_WSALT &&
+#ifndef SRTP_NO_AES192
+        key_len != SRTP_AES_192_KEYSIZE_WSALT &&
+#endif
+        key_len != SRTP_AES_256_KEYSIZE_WSALT) {
+        return srtp_err_status_bad_param;
+    }
+
     /* allocate memory a cipher of type aes_icm */
     *c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t));
     if (*c == NULL) {
@@ -148,11 +158,13 @@
         (*c)->type = &srtp_aes_icm;
         icm->key_size = SRTP_AES_128_KEYSIZE;
         break;
+#ifndef SRTP_NO_AES192
     case SRTP_AES_192_KEYSIZE_WSALT:
         (*c)->algorithm = SRTP_AES_192_ICM;
         (*c)->type = &srtp_aes_icm_192;
         icm->key_size = SRTP_AES_192_KEYSIZE;
         break;
+#endif
     case SRTP_AES_256_KEYSIZE_WSALT:
         (*c)->algorithm = SRTP_AES_256_ICM;
         (*c)->type = &srtp_aes_icm_256;
@@ -229,7 +241,11 @@
      * key is statically allocated to handle a full 32 byte key
      * regardless of the cipher in use.
      */
-    if (c->key_size == SRTP_AES_256_KEYSIZE || c->key_size == SRTP_AES_192_KEYSIZE) {
+    if (c->key_size == SRTP_AES_256_KEYSIZE || 
+#ifndef SRTP_NO_AES192
+	    c->key_size == SRTP_AES_192_KEYSIZE
+#endif
+	    ) {
         debug_print(srtp_mod_aes_icm, "Copying last 16 bytes of key: %s",
                     v128_hex_string((v128_t*)(key + SRTP_AES_128_KEYSIZE)));
         v128_copy_octet_string(((v128_t*)(&c->key.v8)) + 1, key + SRTP_AES_128_KEYSIZE);
@@ -266,9 +282,11 @@
     case SRTP_AES_256_KEYSIZE:
         evp = EVP_aes_256_ctr();
         break;
+#ifndef SRTP_NO_AES192
     case SRTP_AES_192_KEYSIZE:
         evp = EVP_aes_192_ctr();
         break;
+#endif
     case SRTP_AES_128_KEYSIZE:
         evp = EVP_aes_128_ctr();
         break;
@@ -316,7 +334,9 @@
  * Name of this crypto engine
  */
 static char srtp_aes_icm_openssl_description[] = "AES-128 counter mode using openssl";
+#ifndef SRTP_NO_AES192
 static char srtp_aes_icm_192_openssl_description[] = "AES-192 counter mode using openssl";
+#endif
 static char srtp_aes_icm_256_openssl_description[] = "AES-256 counter mode using openssl";
 
 
@@ -364,6 +384,7 @@
     NULL                                   /* pointer to next testcase */
 };
 
+#ifndef SRTP_NO_AES192
 /*
  * KAT values for AES-192-CTR self-test.  These
  * values came from section 7 of RFC 6188.
@@ -408,7 +429,7 @@
     0,
     NULL                                   /* pointer to next testcase */
 };
-
+#endif
 
 /*
  * KAT values for AES-256-CTR self-test.  These
@@ -475,6 +496,7 @@
     (srtp_cipher_type_id_t)        SRTP_AES_ICM
 };
 
+#ifndef SRTP_NO_AES192
 /*
  * This is the function table for this crypto engine.
  * note: the encrypt function is identical to the decrypt function
@@ -493,6 +515,7 @@
     (srtp_debug_module_t*)              &srtp_mod_aes_icm,
     (srtp_cipher_type_id_t)        SRTP_AES_192_ICM
 };
+#endif
 
 /*
  * This is the function table for this crypto engine.

diff --git a/crypto/include/aes_icm_ossl.h b/crypto/include/aes_icm_ossl.h
index cd7f729..4751d9e 100644
--- a/crypto/include/aes_icm_ossl.h
+++ b/crypto/include/aes_icm_ossl.h

@@ -50,13 +50,20 @@
 #include <openssl/evp.h>
 #include <openssl/aes.h>
 
+#ifdef OPENSSL_IS_BORINGSSL
+// BoringSSL doesn't support AES-192, cipher will be disabled
+#define SRTP_NO_AES192
+#endif
+
 #define     SRTP_SALT_SIZE               14
 #define     SRTP_AES_128_KEYSIZE         AES_BLOCK_SIZE
-#define     SRTP_AES_192_KEYSIZE         AES_BLOCK_SIZE + AES_BLOCK_SIZE / 2
 #define     SRTP_AES_256_KEYSIZE         AES_BLOCK_SIZE * 2
 #define     SRTP_AES_128_KEYSIZE_WSALT   SRTP_AES_128_KEYSIZE + SRTP_SALT_SIZE
-#define     SRTP_AES_192_KEYSIZE_WSALT   SRTP_AES_192_KEYSIZE + SRTP_SALT_SIZE
 #define     SRTP_AES_256_KEYSIZE_WSALT   SRTP_AES_256_KEYSIZE + SRTP_SALT_SIZE
+#ifndef SRTP_NO_AES192
+#define     SRTP_AES_192_KEYSIZE         AES_BLOCK_SIZE + AES_BLOCK_SIZE / 2
+#define     SRTP_AES_192_KEYSIZE_WSALT   SRTP_AES_192_KEYSIZE + SRTP_SALT_SIZE
+#endif
 
 typedef struct {
     v128_t counter;                /* holds the counter value          */

diff --git a/crypto/test/cipher_driver.c b/crypto/test/cipher_driver.c
index 21d5289..c5af657 100644
--- a/crypto/test/cipher_driver.c
+++ b/crypto/test/cipher_driver.c

@@ -123,7 +123,9 @@
 extern srtp_cipher_type_t srtp_null_cipher;
 extern srtp_cipher_type_t srtp_aes_icm;
 #ifdef OPENSSL
+#ifndef SRTP_NO_AES192
 extern srtp_cipher_type_t srtp_aes_icm_192;
+#endif
 extern srtp_cipher_type_t srtp_aes_icm_256;
 extern srtp_cipher_type_t srtp_aes_gcm_128_openssl;
 extern srtp_cipher_type_t srtp_aes_gcm_256_openssl;
@@ -188,9 +190,11 @@
     for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
       cipher_driver_test_array_throughput(&srtp_aes_icm, 46, num_cipher); 
 #else
+#ifndef SRTP_NO_AES192
     for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
       cipher_driver_test_array_throughput(&srtp_aes_icm_192, 38, num_cipher); 
 
+#endif
     for (num_cipher=1; num_cipher < max_num_cipher; num_cipher *=8)
       cipher_driver_test_array_throughput(&srtp_aes_icm_256, 46, num_cipher); 
 
@@ -208,7 +212,9 @@
     cipher_driver_self_test(&srtp_null_cipher);
     cipher_driver_self_test(&srtp_aes_icm);
 #ifdef OPENSSL
+#ifndef SRTP_NO_AES192
     cipher_driver_self_test(&srtp_aes_icm_192);
+#endif
     cipher_driver_self_test(&srtp_aes_icm_256);
     cipher_driver_self_test(&srtp_aes_gcm_128_openssl);
     cipher_driver_self_test(&srtp_aes_gcm_256_openssl);
commit	6b71fb947b2182c74a25b2fbe27b862bcceb776c	[log] [tgz]
author	jfigus <foleyj@cisco.com>	Thu Feb 19 10:20:13 2015 -0500
committer	jfigus <foleyj@cisco.com>	Thu Feb 19 10:20:13 2015 -0500
tree	206797c2873cc1c58e0e64e10f3ceaee3a059b2f
parent	724bb29870b7ddd23945ddc5451089c70921ed6b [diff]
parent	750f6744f95fb12d578458e86df4be3e4fb7c580 [diff]