Add support for [draft-ietf-avtcore-srtp-aes-gcm-07]
diff --git a/test/srtp_driver.c b/test/srtp_driver.c
index 6f7e9d1..783d518 100644
--- a/test/srtp_driver.c
+++ b/test/srtp_driver.c
@@ -104,7 +104,7 @@
double
mips_estimate(int num_trials, int *ignore);
-extern uint8_t test_key[30];
+extern uint8_t test_key[46];
void
usage(char *prog_name) {
@@ -1530,10 +1530,12 @@
* srtp policy definitions - these definitions are used above
*/
-unsigned char test_key[30] = {
+unsigned char test_key[46] = {
0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
+ 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6, 0xc1, 0x73,
+ 0xc3, 0x17, 0xf2, 0xda, 0xbe, 0x35, 0x77, 0x93,
0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
};
@@ -1663,6 +1665,108 @@
NULL
};
+#ifdef OPENSSL
+const srtp_policy_t aes128_gcm_8_policy = {
+ { ssrc_any_outbound, 0 }, /* SSRC */
+ { /* SRTP policy */
+ AES_128_GCM, /* cipher type */
+ 30, /* cipher key length in octets */
+ NULL_AUTH, /* authentication func type */
+ 0, /* auth key length in octets */
+ 8, /* auth tag length in octets */
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ { /* SRTCP policy */
+ AES_128_GCM, /* cipher type */
+ 30, /* cipher key length in octets */
+ NULL_AUTH, /* authentication func type */
+ 0, /* auth key length in octets */
+ 8, /* auth tag length in octets */
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ test_key,
+ NULL, /* indicates that EKT is not in use */
+ 128, /* replay window size */
+ 0, /* retransmission not allowed */
+ NULL
+};
+
+const srtp_policy_t aes128_gcm_8_cauth_policy = {
+ { ssrc_any_outbound, 0 }, /* SSRC */
+ { /* SRTP policy */
+ AES_128_GCM, /* cipher type */
+ 30, /* cipher key length in octets */
+ NULL_AUTH, /* authentication func type */
+ 0, /* auth key length in octets */
+ 8, /* auth tag length in octets */
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ { /* SRTCP policy */
+ AES_128_GCM, /* cipher type */
+ 30, /* cipher key length in octets */
+ NULL_AUTH, /* authentication func type */
+ 0, /* auth key length in octets */
+ 8, /* auth tag length in octets */
+ sec_serv_auth /* security services flag */
+ },
+ test_key,
+ NULL, /* indicates that EKT is not in use */
+ 128, /* replay window size */
+ 0, /* retransmission not allowed */
+ NULL
+};
+
+const srtp_policy_t aes256_gcm_8_policy = {
+ { ssrc_any_outbound, 0 }, /* SSRC */
+ { /* SRTP policy */
+ AES_256_GCM, /* cipher type */
+ 46, /* cipher key length in octets */
+ NULL_AUTH, /* authentication func type */
+ 0, /* auth key length in octets */
+ 8, /* auth tag length in octets */
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ { /* SRTCP policy */
+ AES_256_GCM, /* cipher type */
+ 46, /* cipher key length in octets */
+ NULL_AUTH, /* authentication func type */
+ 0, /* auth key length in octets */
+ 8, /* auth tag length in octets */
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ test_key,
+ NULL, /* indicates that EKT is not in use */
+ 128, /* replay window size */
+ 0, /* retransmission not allowed */
+ NULL
+};
+
+const srtp_policy_t aes256_gcm_8_cauth_policy = {
+ { ssrc_any_outbound, 0 }, /* SSRC */
+ { /* SRTP policy */
+ AES_256_GCM, /* cipher type */
+ 46, /* cipher key length in octets */
+ NULL_AUTH, /* authentication func type */
+ 0, /* auth key length in octets */
+ 8, /* auth tag length in octets */
+ sec_serv_conf_and_auth /* security services flag */
+ },
+ { /* SRTCP policy */
+ AES_256_GCM, /* cipher type */
+ 46, /* cipher key length in octets */
+ NULL_AUTH, /* authentication func type */
+ 0, /* auth key length in octets */
+ 8, /* auth tag length in octets */
+ sec_serv_auth /* security services flag */
+ },
+ test_key,
+ NULL, /* indicates that EKT is not in use */
+ 128, /* replay window size */
+ 0, /* retransmission not allowed */
+ NULL
+};
+#endif
+
const srtp_policy_t null_policy = {
{ ssrc_any_outbound, 0 }, /* SSRC */
{
@@ -1786,6 +1890,12 @@
&aes_tmmh_policy,
#endif
&default_policy,
+#ifdef OPENSSL
+ &aes128_gcm_8_policy,
+ &aes128_gcm_8_cauth_policy,
+ &aes256_gcm_8_policy,
+ &aes256_gcm_8_cauth_policy,
+#endif
&null_policy,
&aes_256_hmac_policy,
&hmac_only_with_ekt_policy,