Rename cipher functions to comply with library name.
diff --git a/crypto/cipher/aes_gcm_ossl.c b/crypto/cipher/aes_gcm_ossl.c
index c352563..08d66e4 100644
--- a/crypto/cipher/aes_gcm_ossl.c
+++ b/crypto/cipher/aes_gcm_ossl.c
@@ -64,8 +64,8 @@
* The following are the global singleton instances for the
* 128-bit and 256-bit GCM ciphers.
*/
-extern cipher_type_t srtp_aes_gcm_128_openssl;
-extern cipher_type_t srtp_aes_gcm_256_openssl;
+extern srtp_cipher_type_t srtp_aes_gcm_128_openssl;
+extern srtp_cipher_type_t srtp_aes_gcm_256_openssl;
/*
* For now we only support 8 and 16 octet tags. The spec allows for
@@ -82,7 +82,7 @@
* key length includes the 14 byte salt value that is used when
* initializing the KDF.
*/
-srtp_err_status_t srtp_aes_gcm_openssl_alloc (cipher_t **c, int key_len, int tlen)
+srtp_err_status_t srtp_aes_gcm_openssl_alloc (srtp_cipher_t **c, int key_len, int tlen)
{
srtp_aes_gcm_ctx_t *gcm;
int tmp;
@@ -105,15 +105,15 @@
}
/* allocate memory a cipher of type aes_gcm */
- tmp = sizeof(cipher_t) + sizeof(srtp_aes_gcm_ctx_t);
+ tmp = sizeof(srtp_cipher_t) + sizeof(srtp_aes_gcm_ctx_t);
allptr = srtp_crypto_alloc(tmp);
if (allptr == NULL) {
return (srtp_err_status_alloc_fail);
}
/* set pointers */
- *c = (cipher_t*)allptr;
- (*c)->state = allptr + sizeof(cipher_t);
+ *c = (srtp_cipher_t*)allptr;
+ (*c)->state = allptr + sizeof(srtp_cipher_t);
gcm = (srtp_aes_gcm_ctx_t*)(*c)->state;
/* setup cipher attributes */
@@ -143,7 +143,7 @@
/*
* This function deallocates a GCM session
*/
-srtp_err_status_t srtp_aes_gcm_openssl_dealloc (cipher_t *c)
+srtp_err_status_t srtp_aes_gcm_openssl_dealloc (srtp_cipher_t *c)
{
srtp_aes_gcm_ctx_t *ctx;
@@ -153,7 +153,7 @@
}
/* zeroize entire state*/
- octet_string_set_to_zero((uint8_t*)c, sizeof(cipher_t) + sizeof(srtp_aes_gcm_ctx_t));
+ octet_string_set_to_zero((uint8_t*)c, sizeof(srtp_cipher_t) + sizeof(srtp_aes_gcm_ctx_t));
/* free memory */
srtp_crypto_free(c);
@@ -414,7 +414,7 @@
0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47,
};
-cipher_test_case_t srtp_aes_gcm_test_case_0a = {
+srtp_cipher_test_case_t srtp_aes_gcm_test_case_0a = {
SRTP_AES_128_GCM_KEYSIZE_WSALT, /* octets in key */
srtp_aes_gcm_test_case_0_key, /* key */
srtp_aes_gcm_test_case_0_iv, /* packet index */
@@ -428,7 +428,7 @@
NULL /* pointer to next testcase */
};
-cipher_test_case_t srtp_aes_gcm_test_case_0 = {
+srtp_cipher_test_case_t srtp_aes_gcm_test_case_0 = {
SRTP_AES_128_GCM_KEYSIZE_WSALT, /* octets in key */
srtp_aes_gcm_test_case_0_key, /* key */
srtp_aes_gcm_test_case_0_iv, /* packet index */
@@ -488,7 +488,7 @@
0x81, 0xcb, 0x8e, 0x5b, 0x46, 0x65, 0x63, 0x1d,
};
-cipher_test_case_t srtp_aes_gcm_test_case_1a = {
+srtp_cipher_test_case_t srtp_aes_gcm_test_case_1a = {
SRTP_AES_256_GCM_KEYSIZE_WSALT, /* octets in key */
srtp_aes_gcm_test_case_1_key, /* key */
srtp_aes_gcm_test_case_1_iv, /* packet index */
@@ -502,7 +502,7 @@
NULL /* pointer to next testcase */
};
-cipher_test_case_t srtp_aes_gcm_test_case_1 = {
+srtp_cipher_test_case_t srtp_aes_gcm_test_case_1 = {
SRTP_AES_256_GCM_KEYSIZE_WSALT, /* octets in key */
srtp_aes_gcm_test_case_1_key, /* key */
srtp_aes_gcm_test_case_1_iv, /* packet index */
@@ -519,7 +519,7 @@
/*
* This is the vector function table for this crypto engine.
*/
-cipher_type_t srtp_aes_gcm_128_openssl = {
+srtp_cipher_type_t srtp_aes_gcm_128_openssl = {
(cipher_alloc_func_t)srtp_aes_gcm_openssl_alloc,
(cipher_dealloc_func_t)srtp_aes_gcm_openssl_dealloc,
(cipher_init_func_t)srtp_aes_gcm_openssl_context_init,
@@ -529,7 +529,7 @@
(cipher_set_iv_func_t)srtp_aes_gcm_openssl_set_iv,
(cipher_get_tag_func_t)srtp_aes_gcm_openssl_get_tag,
(char*)srtp_aes_gcm_128_openssl_description,
- (cipher_test_case_t*)&srtp_aes_gcm_test_case_0,
+ (srtp_cipher_test_case_t*)&srtp_aes_gcm_test_case_0,
(debug_module_t*)&srtp_mod_aes_gcm,
(srtp_cipher_type_id_t)AES_128_GCM
};
@@ -537,7 +537,7 @@
/*
* This is the vector function table for this crypto engine.
*/
-cipher_type_t srtp_aes_gcm_256_openssl = {
+srtp_cipher_type_t srtp_aes_gcm_256_openssl = {
(cipher_alloc_func_t)srtp_aes_gcm_openssl_alloc,
(cipher_dealloc_func_t)srtp_aes_gcm_openssl_dealloc,
(cipher_init_func_t)srtp_aes_gcm_openssl_context_init,
@@ -547,7 +547,7 @@
(cipher_set_iv_func_t)srtp_aes_gcm_openssl_set_iv,
(cipher_get_tag_func_t)srtp_aes_gcm_openssl_get_tag,
(char*)srtp_aes_gcm_256_openssl_description,
- (cipher_test_case_t*)&srtp_aes_gcm_test_case_1,
+ (srtp_cipher_test_case_t*)&srtp_aes_gcm_test_case_1,
(debug_module_t*)&srtp_mod_aes_gcm,
(srtp_cipher_type_id_t)AES_256_GCM
};
diff --git a/crypto/cipher/aes_icm.c b/crypto/cipher/aes_icm.c
index c05e53b..15b4b22 100644
--- a/crypto/cipher/aes_icm.c
+++ b/crypto/cipher/aes_icm.c
@@ -92,9 +92,9 @@
*
*/
-srtp_err_status_t srtp_aes_icm_alloc_ismacryp (cipher_t **c, int key_len, int forIsmacryp)
+srtp_err_status_t srtp_aes_icm_alloc_ismacryp (srtp_cipher_t **c, int key_len, int forIsmacryp)
{
- extern cipher_type_t srtp_aes_icm;
+ extern srtp_cipher_type_t srtp_aes_icm;
uint8_t *pointer;
int tmp;
@@ -115,14 +115,14 @@
}
/* allocate memory a cipher of type aes_icm */
- tmp = (sizeof(aes_icm_ctx_t) + sizeof(cipher_t));
+ tmp = (sizeof(aes_icm_ctx_t) + sizeof(srtp_cipher_t));
pointer = (uint8_t*)srtp_crypto_alloc(tmp);
if (pointer == NULL) {
return srtp_err_status_alloc_fail;
}
/* set pointers */
- *c = (cipher_t*)pointer;
+ *c = (srtp_cipher_t*)pointer;
switch (key_len) {
case 46:
(*c)->algorithm = AES_256_ICM;
@@ -135,7 +135,7 @@
break;
}
(*c)->type = &srtp_aes_icm;
- (*c)->state = pointer + sizeof(cipher_t);
+ (*c)->state = pointer + sizeof(srtp_cipher_t);
/* set key size */
(*c)->key_len = key_len;
@@ -143,16 +143,16 @@
return srtp_err_status_ok;
}
-srtp_err_status_t srtp_aes_icm_alloc (cipher_t **c, int key_len, int forIsmacryp)
+srtp_err_status_t srtp_aes_icm_alloc (srtp_cipher_t **c, int key_len, int forIsmacryp)
{
return srtp_aes_icm_alloc_ismacryp(c, key_len, 0);
}
-srtp_err_status_t srtp_aes_icm_dealloc (cipher_t *c)
+srtp_err_status_t srtp_aes_icm_dealloc (srtp_cipher_t *c)
{
/* zeroize entire state*/
octet_string_set_to_zero((uint8_t*)c,
- sizeof(aes_icm_ctx_t) + sizeof(cipher_t));
+ sizeof(aes_icm_ctx_t) + sizeof(srtp_cipher_t));
/* free memory */
srtp_crypto_free(c);
@@ -509,7 +509,7 @@
0x2a, 0x43, 0xa2, 0xfe, 0x4a, 0x5f, 0x97, 0xab
};
-cipher_test_case_t srtp_aes_icm_test_case_0 = {
+srtp_cipher_test_case_t srtp_aes_icm_test_case_0 = {
30, /* octets in key */
srtp_aes_icm_test_case_0_key, /* key */
srtp_aes_icm_test_case_0_nonce, /* packet index */
@@ -551,7 +551,7 @@
0x70, 0x50, 0x75, 0x6d, 0xed, 0x16, 0x5b, 0xac
};
-cipher_test_case_t srtp_aes_icm_test_case_1 = {
+srtp_cipher_test_case_t srtp_aes_icm_test_case_1 = {
46, /* octets in key */
srtp_aes_icm_test_case_1_key, /* key */
srtp_aes_icm_test_case_1_nonce, /* packet index */
@@ -571,7 +571,7 @@
* note: the encrypt function is identical to the decrypt function
*/
-cipher_type_t srtp_aes_icm = {
+srtp_cipher_type_t srtp_aes_icm = {
(cipher_alloc_func_t)srtp_aes_icm_alloc,
(cipher_dealloc_func_t)srtp_aes_icm_dealloc,
(cipher_init_func_t)srtp_aes_icm_context_init,
@@ -581,7 +581,7 @@
(cipher_set_iv_func_t)srtp_aes_icm_set_iv,
(cipher_get_tag_func_t)0,
(char*)srtp_aes_icm_description,
- (cipher_test_case_t*)&srtp_aes_icm_test_case_1,
+ (srtp_cipher_test_case_t*)&srtp_aes_icm_test_case_1,
(debug_module_t*)&srtp_mod_aes_icm,
(srtp_cipher_type_id_t)AES_ICM
};
diff --git a/crypto/cipher/aes_icm_ossl.c b/crypto/cipher/aes_icm_ossl.c
index 990bdc4..31df9fa 100644
--- a/crypto/cipher/aes_icm_ossl.c
+++ b/crypto/cipher/aes_icm_ossl.c
@@ -63,10 +63,10 @@
0, /* debugging is off by default */
"aes icm ossl" /* printable module name */
};
-extern cipher_test_case_t srtp_aes_icm_test_case_0;
-extern cipher_type_t srtp_aes_icm;
-extern cipher_type_t srtp_aes_icm_192;
-extern cipher_type_t srtp_aes_icm_256;
+extern srtp_cipher_test_case_t srtp_aes_icm_test_case_0;
+extern srtp_cipher_type_t srtp_aes_icm;
+extern srtp_cipher_type_t srtp_aes_icm_192;
+extern srtp_cipher_type_t srtp_aes_icm_256;
/*
* integer counter mode works as follows:
@@ -110,7 +110,7 @@
* value. The tlen argument is for the AEAD tag length, which
* isn't used in counter mode.
*/
-srtp_err_status_t srtp_aes_icm_openssl_alloc (cipher_t **c, int key_len, int tlen)
+srtp_err_status_t srtp_aes_icm_openssl_alloc (srtp_cipher_t **c, int key_len, int tlen)
{
srtp_aes_icm_ctx_t *icm;
int tmp;
@@ -127,15 +127,15 @@
}
/* allocate memory a cipher of type aes_icm */
- tmp = sizeof(cipher_t) + sizeof(srtp_aes_icm_ctx_t);
+ tmp = sizeof(srtp_cipher_t) + sizeof(srtp_aes_icm_ctx_t);
allptr = (uint8_t*)srtp_crypto_alloc(tmp);
if (allptr == NULL) {
return srtp_err_status_alloc_fail;
}
/* set pointers */
- *c = (cipher_t*)allptr;
- (*c)->state = allptr + sizeof(cipher_t);
+ *c = (srtp_cipher_t*)allptr;
+ (*c)->state = allptr + sizeof(srtp_cipher_t);
icm = (srtp_aes_icm_ctx_t*)(*c)->state;
/* setup cipher parameters */
@@ -168,7 +168,7 @@
/*
* This function deallocates an instance of this engine
*/
-srtp_err_status_t srtp_aes_icm_openssl_dealloc (cipher_t *c)
+srtp_err_status_t srtp_aes_icm_openssl_dealloc (srtp_cipher_t *c)
{
srtp_aes_icm_ctx_t *ctx;
@@ -186,7 +186,7 @@
/* zeroize entire state*/
octet_string_set_to_zero((uint8_t*)c,
- sizeof(cipher_t) + sizeof(srtp_aes_icm_ctx_t));
+ sizeof(srtp_cipher_t) + sizeof(srtp_aes_icm_ctx_t));
/* free memory */
srtp_crypto_free(c);
@@ -357,7 +357,7 @@
0x2a, 0x43, 0xa2, 0xfe, 0x4a, 0x5f, 0x97, 0xab
};
-cipher_test_case_t srtp_aes_icm_test_case_0 = {
+srtp_cipher_test_case_t srtp_aes_icm_test_case_0 = {
SRTP_AES_128_KEYSIZE_WSALT, /* octets in key */
srtp_aes_icm_test_case_0_key, /* key */
srtp_aes_icm_test_case_0_nonce, /* packet index */
@@ -402,7 +402,7 @@
0xd5, 0x16, 0x5e, 0xc4, 0x56, 0x8f, 0x5c, 0x9a
};
-cipher_test_case_t srtp_aes_icm_192_test_case_1 = {
+srtp_cipher_test_case_t srtp_aes_icm_192_test_case_1 = {
SRTP_AES_192_KEYSIZE_WSALT, /* octets in key */
srtp_aes_icm_192_test_case_1_key, /* key */
srtp_aes_icm_192_test_case_1_nonce, /* packet index */
@@ -449,7 +449,7 @@
0x70, 0x50, 0x75, 0x6d, 0xed, 0x16, 0x5b, 0xac
};
-cipher_test_case_t srtp_aes_icm_256_test_case_2 = {
+srtp_cipher_test_case_t srtp_aes_icm_256_test_case_2 = {
SRTP_AES_256_KEYSIZE_WSALT, /* octets in key */
srtp_aes_icm_256_test_case_2_key, /* key */
srtp_aes_icm_256_test_case_2_nonce, /* packet index */
@@ -467,7 +467,7 @@
* This is the function table for this crypto engine.
* note: the encrypt function is identical to the decrypt function
*/
-cipher_type_t srtp_aes_icm = {
+srtp_cipher_type_t srtp_aes_icm = {
(cipher_alloc_func_t) srtp_aes_icm_openssl_alloc,
(cipher_dealloc_func_t) srtp_aes_icm_openssl_dealloc,
(cipher_init_func_t) srtp_aes_icm_openssl_context_init,
@@ -477,7 +477,7 @@
(cipher_set_iv_func_t) srtp_aes_icm_openssl_set_iv,
(cipher_get_tag_func_t) 0,
(char*) srtp_aes_icm_openssl_description,
- (cipher_test_case_t*) &srtp_aes_icm_test_case_0,
+ (srtp_cipher_test_case_t*) &srtp_aes_icm_test_case_0,
(debug_module_t*) &srtp_mod_aes_icm,
(srtp_cipher_type_id_t) AES_ICM
};
@@ -486,7 +486,7 @@
* This is the function table for this crypto engine.
* note: the encrypt function is identical to the decrypt function
*/
-cipher_type_t srtp_aes_icm_192 = {
+srtp_cipher_type_t srtp_aes_icm_192 = {
(cipher_alloc_func_t) srtp_aes_icm_openssl_alloc,
(cipher_dealloc_func_t) srtp_aes_icm_openssl_dealloc,
(cipher_init_func_t) srtp_aes_icm_openssl_context_init,
@@ -496,7 +496,7 @@
(cipher_set_iv_func_t) srtp_aes_icm_openssl_set_iv,
(cipher_get_tag_func_t) 0,
(char*) srtp_aes_icm_192_openssl_description,
- (cipher_test_case_t*) &srtp_aes_icm_192_test_case_1,
+ (srtp_cipher_test_case_t*) &srtp_aes_icm_192_test_case_1,
(debug_module_t*) &srtp_mod_aes_icm,
(srtp_cipher_type_id_t) AES_192_ICM
};
@@ -505,7 +505,7 @@
* This is the function table for this crypto engine.
* note: the encrypt function is identical to the decrypt function
*/
-cipher_type_t srtp_aes_icm_256 = {
+srtp_cipher_type_t srtp_aes_icm_256 = {
(cipher_alloc_func_t) srtp_aes_icm_openssl_alloc,
(cipher_dealloc_func_t) srtp_aes_icm_openssl_dealloc,
(cipher_init_func_t) srtp_aes_icm_openssl_context_init,
@@ -515,7 +515,7 @@
(cipher_set_iv_func_t) srtp_aes_icm_openssl_set_iv,
(cipher_get_tag_func_t) 0,
(char*) srtp_aes_icm_256_openssl_description,
- (cipher_test_case_t*) &srtp_aes_icm_256_test_case_2,
+ (srtp_cipher_test_case_t*) &srtp_aes_icm_256_test_case_2,
(debug_module_t*) &srtp_mod_aes_icm,
(srtp_cipher_type_id_t) AES_256_ICM
};
diff --git a/crypto/cipher/cipher.c b/crypto/cipher/cipher.c
index 84325d2..5882dcf 100644
--- a/crypto/cipher/cipher.c
+++ b/crypto/cipher/cipher.c
@@ -5,30 +5,30 @@
*
* David A. McGrew
* Cisco Systems, Inc.
- *
+ *
*/
/*
- *
+ *
* Copyright (c) 2001-2006,2013 Cisco Systems, Inc.
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
- *
+ *
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
- *
+ *
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
- *
+ *
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
@@ -53,460 +53,477 @@
#include "rand_source.h" /* used in invertibiltiy tests */
#include "alloc.h" /* for crypto_alloc(), crypto_free() */
-debug_module_t mod_cipher = {
- 0, /* debugging is off by default */
- "cipher" /* printable module name */
+debug_module_t srtp_mod_cipher = {
+ 0, /* debugging is off by default */
+ "cipher" /* printable module name */
};
-srtp_err_status_t
-cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output) {
-
- /* zeroize the buffer */
- octet_string_set_to_zero(buffer, num_octets_to_output);
-
- /* exor keystream into buffer */
- return cipher_encrypt(c, buffer, (unsigned int *) &num_octets_to_output);
+srtp_err_status_t srtp_cipher_output (srtp_cipher_t *c, uint8_t *buffer, int num_octets_to_output)
+{
+
+ /* zeroize the buffer */
+ octet_string_set_to_zero(buffer, num_octets_to_output);
+
+ /* exor keystream into buffer */
+ return cipher_encrypt(c, buffer, (unsigned int*)&num_octets_to_output);
}
/* some bookkeeping functions */
-int
-cipher_get_key_length(const cipher_t *c) {
- return c->key_len;
+int srtp_cipher_get_key_length (const srtp_cipher_t *c)
+{
+ return c->key_len;
}
-/*
- * cipher_type_test(ct, test_data) tests a cipher of type ct against
- * test cases provided in a list test_data of values of key, salt, iv,
- * plaintext, and ciphertext that is known to be good
- */
-
#define SELF_TEST_BUF_OCTETS 128
#define NUM_RAND_TESTS 128
#define MAX_KEY_LEN 64
+/*
+ * srtp_cipher_type_test(ct, test_data) tests a cipher of type ct against
+ * test cases provided in a list test_data of values of key, salt, iv,
+ * plaintext, and ciphertext that is known to be good
+ */
+srtp_err_status_t srtp_cipher_type_test (const srtp_cipher_type_t *ct, const srtp_cipher_test_case_t *test_data)
+{
+ const srtp_cipher_test_case_t *test_case = test_data;
+ srtp_cipher_t *c;
+ srtp_err_status_t status;
+ uint8_t buffer[SELF_TEST_BUF_OCTETS];
+ uint8_t buffer2[SELF_TEST_BUF_OCTETS];
+ int tag_len;
+ unsigned int len;
+ int i, j, case_num = 0;
-srtp_err_status_t
-cipher_type_test(const cipher_type_t *ct, const cipher_test_case_t *test_data) {
- const cipher_test_case_t *test_case = test_data;
- cipher_t *c;
- srtp_err_status_t status;
- uint8_t buffer[SELF_TEST_BUF_OCTETS];
- uint8_t buffer2[SELF_TEST_BUF_OCTETS];
- int tag_len;
- unsigned int len;
- int i, j, case_num = 0;
+ debug_print(srtp_mod_cipher, "running self-test for cipher %s",
+ ct->description);
- debug_print(mod_cipher, "running self-test for cipher %s",
- ct->description);
-
- /*
- * check to make sure that we have at least one test case, and
- * return an error if we don't - we need to be paranoid here
- */
- if (test_case == NULL)
- return srtp_err_status_cant_check;
+ /*
+ * check to make sure that we have at least one test case, and
+ * return an error if we don't - we need to be paranoid here
+ */
+ if (test_case == NULL) {
+ return srtp_err_status_cant_check;
+ }
- /*
- * loop over all test cases, perform known-answer tests of both the
- * encryption and decryption functions
- */
- while (test_case != NULL) {
- /* allocate cipher */
+ /*
+ * loop over all test cases, perform known-answer tests of both the
+ * encryption and decryption functions
+ */
+ while (test_case != NULL) {
+ /* allocate cipher */
+ status = cipher_type_alloc(ct, &c, test_case->key_length_octets, test_case->tag_length_octets);
+ if (status) {
+ return status;
+ }
+
+ /*
+ * test the encrypt function
+ */
+ debug_print(srtp_mod_cipher, "testing encryption", NULL);
+
+ /* initialize cipher */
+ status = cipher_init(c, test_case->key);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ /* copy plaintext into test buffer */
+ if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
+ cipher_dealloc(c);
+ return srtp_err_status_bad_param;
+ }
+ for (i = 0; i < test_case->plaintext_length_octets; i++) {
+ buffer[i] = test_case->plaintext[i];
+ }
+
+ debug_print(srtp_mod_cipher, "plaintext: %s",
+ srtp_octet_string_hex_string(buffer,
+ test_case->plaintext_length_octets));
+
+ /* set the initialization vector */
+ status = cipher_set_iv(c, test_case->idx, direction_encrypt);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ if (c->algorithm == AES_128_GCM || c->algorithm == AES_256_GCM) {
+ debug_print(srtp_mod_cipher, "IV: %s",
+ srtp_octet_string_hex_string(test_case->idx, 12));
+
+ /*
+ * Set the AAD
+ */
+ status = cipher_set_aad(c, test_case->aad,
+ test_case->aad_length_octets);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+ debug_print(srtp_mod_cipher, "AAD: %s",
+ srtp_octet_string_hex_string(test_case->aad,
+ test_case->aad_length_octets));
+ }
+
+ /* encrypt */
+ len = test_case->plaintext_length_octets;
+ status = cipher_encrypt(c, buffer, &len);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ if (c->algorithm == AES_128_GCM || c->algorithm == AES_256_GCM) {
+ /*
+ * Get the GCM tag
+ */
+ status = cipher_get_tag(c, buffer + len, &tag_len);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+ len += tag_len;
+ }
+
+ debug_print(srtp_mod_cipher, "ciphertext: %s",
+ srtp_octet_string_hex_string(buffer,
+ test_case->ciphertext_length_octets));
+
+ /* compare the resulting ciphertext with that in the test case */
+ if (len != test_case->ciphertext_length_octets) {
+ return srtp_err_status_algo_fail;
+ }
+ status = srtp_err_status_ok;
+ for (i = 0; i < test_case->ciphertext_length_octets; i++) {
+ if (buffer[i] != test_case->ciphertext[i]) {
+ status = srtp_err_status_algo_fail;
+ debug_print(srtp_mod_cipher, "test case %d failed", case_num);
+ debug_print(srtp_mod_cipher, "(failure at byte %d)", i);
+ break;
+ }
+ }
+ if (status) {
+
+ debug_print(srtp_mod_cipher, "c computed: %s",
+ srtp_octet_string_hex_string(buffer,
+ 2 * test_case->plaintext_length_octets));
+ debug_print(srtp_mod_cipher, "c expected: %s",
+ srtp_octet_string_hex_string(test_case->ciphertext,
+ 2 * test_case->plaintext_length_octets));
+
+ cipher_dealloc(c);
+ return srtp_err_status_algo_fail;
+ }
+
+ /*
+ * test the decrypt function
+ */
+ debug_print(srtp_mod_cipher, "testing decryption", NULL);
+
+ /* re-initialize cipher for decryption */
+ status = cipher_init(c, test_case->key);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ /* copy ciphertext into test buffer */
+ if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
+ cipher_dealloc(c);
+ return srtp_err_status_bad_param;
+ }
+ for (i = 0; i < test_case->ciphertext_length_octets; i++) {
+ buffer[i] = test_case->ciphertext[i];
+ }
+
+ debug_print(srtp_mod_cipher, "ciphertext: %s",
+ srtp_octet_string_hex_string(buffer,
+ test_case->plaintext_length_octets));
+
+ /* set the initialization vector */
+ status = cipher_set_iv(c, test_case->idx, direction_decrypt);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ if (c->algorithm == AES_128_GCM || c->algorithm == AES_256_GCM) {
+ /*
+ * Set the AAD
+ */
+ status = cipher_set_aad(c, test_case->aad,
+ test_case->aad_length_octets);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+ debug_print(srtp_mod_cipher, "AAD: %s",
+ srtp_octet_string_hex_string(test_case->aad,
+ test_case->aad_length_octets));
+ }
+
+ /* decrypt */
+ len = test_case->ciphertext_length_octets;
+ status = cipher_decrypt(c, buffer, &len);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ debug_print(srtp_mod_cipher, "plaintext: %s",
+ srtp_octet_string_hex_string(buffer,
+ test_case->plaintext_length_octets));
+
+ /* compare the resulting plaintext with that in the test case */
+ if (len != test_case->plaintext_length_octets) {
+ return srtp_err_status_algo_fail;
+ }
+ status = srtp_err_status_ok;
+ for (i = 0; i < test_case->plaintext_length_octets; i++) {
+ if (buffer[i] != test_case->plaintext[i]) {
+ status = srtp_err_status_algo_fail;
+ debug_print(srtp_mod_cipher, "test case %d failed", case_num);
+ debug_print(srtp_mod_cipher, "(failure at byte %d)", i);
+ }
+ }
+ if (status) {
+
+ debug_print(srtp_mod_cipher, "p computed: %s",
+ srtp_octet_string_hex_string(buffer,
+ 2 * test_case->plaintext_length_octets));
+ debug_print(srtp_mod_cipher, "p expected: %s",
+ srtp_octet_string_hex_string(test_case->plaintext,
+ 2 * test_case->plaintext_length_octets));
+
+ cipher_dealloc(c);
+ return srtp_err_status_algo_fail;
+ }
+
+ /* deallocate the cipher */
+ status = cipher_dealloc(c);
+ if (status) {
+ return status;
+ }
+
+ /*
+ * the cipher passed the test case, so move on to the next test
+ * case in the list; if NULL, we'l proceed to the next test
+ */
+ test_case = test_case->next_test_case;
+ ++case_num;
+ }
+
+ /* now run some random invertibility tests */
+
+ /* allocate cipher, using paramaters from the first test case */
+ test_case = test_data;
status = cipher_type_alloc(ct, &c, test_case->key_length_octets, test_case->tag_length_octets);
- if (status)
- return status;
-
- /*
- * test the encrypt function
- */
- debug_print(mod_cipher, "testing encryption", NULL);
-
- /* initialize cipher */
- status = cipher_init(c, test_case->key);
if (status) {
- cipher_dealloc(c);
- return status;
+ return status;
}
-
- /* copy plaintext into test buffer */
- if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
- cipher_dealloc(c);
- return srtp_err_status_bad_param;
- }
- for (i=0; i < test_case->plaintext_length_octets; i++)
- buffer[i] = test_case->plaintext[i];
- debug_print(mod_cipher, "plaintext: %s",
- srtp_octet_string_hex_string(buffer,
- test_case->plaintext_length_octets));
+ rand_source_init();
- /* set the initialization vector */
- status = cipher_set_iv(c, test_case->idx, direction_encrypt);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- if (c->algorithm == AES_128_GCM || c->algorithm == AES_256_GCM) {
- debug_print(mod_cipher, "IV: %s",
- srtp_octet_string_hex_string(test_case->idx, 12));
+ for (j = 0; j < NUM_RAND_TESTS; j++) {
+ unsigned length;
+ int plaintext_len;
+ uint8_t key[MAX_KEY_LEN];
+ uint8_t iv[MAX_KEY_LEN];
- /*
- * Set the AAD
- */
- status = cipher_set_aad(c, test_case->aad,
- test_case->aad_length_octets);
+ /* choose a length at random (leaving room for IV and padding) */
+ length = rand() % (SELF_TEST_BUF_OCTETS - 64);
+ debug_print(srtp_mod_cipher, "random plaintext length %d\n", length);
+ status = rand_source_get_octet_string(buffer, length);
if (status) {
- cipher_dealloc(c);
- return status;
- }
- debug_print(mod_cipher, "AAD: %s",
- srtp_octet_string_hex_string(test_case->aad,
- test_case->aad_length_octets));
- }
+ return status;
+ }
- /* encrypt */
- len = test_case->plaintext_length_octets;
- status = cipher_encrypt(c, buffer, &len);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- if (c->algorithm == AES_128_GCM || c->algorithm == AES_256_GCM) {
- /*
- * Get the GCM tag
- */
- status = cipher_get_tag(c, buffer + len, &tag_len);
+ debug_print(srtp_mod_cipher, "plaintext: %s",
+ srtp_octet_string_hex_string(buffer, length));
+
+ /* copy plaintext into second buffer */
+ for (i = 0; (unsigned int)i < length; i++) {
+ buffer2[i] = buffer[i];
+ }
+
+ /* choose a key at random */
+ if (test_case->key_length_octets > MAX_KEY_LEN) {
+ return srtp_err_status_cant_check;
+ }
+ status = rand_source_get_octet_string(key, test_case->key_length_octets);
+ if (status) {
+ return status;
+ }
+
+ /* chose a random initialization vector */
+ status = rand_source_get_octet_string(iv, MAX_KEY_LEN);
+ if (status) {
+ return status;
+ }
+
+ /* initialize cipher */
+ status = cipher_init(c, key);
if (status) {
cipher_dealloc(c);
return status;
}
- len += tag_len;
- }
- debug_print(mod_cipher, "ciphertext: %s",
- srtp_octet_string_hex_string(buffer,
- test_case->ciphertext_length_octets));
-
- /* compare the resulting ciphertext with that in the test case */
- if (len != test_case->ciphertext_length_octets)
- return srtp_err_status_algo_fail;
- status = srtp_err_status_ok;
- for (i=0; i < test_case->ciphertext_length_octets; i++)
- if (buffer[i] != test_case->ciphertext[i]) {
- status = srtp_err_status_algo_fail;
- debug_print(mod_cipher, "test case %d failed", case_num);
- debug_print(mod_cipher, "(failure at byte %d)", i);
- break;
- }
- if (status) {
-
- debug_print(mod_cipher, "c computed: %s",
- srtp_octet_string_hex_string(buffer,
- 2*test_case->plaintext_length_octets));
- debug_print(mod_cipher, "c expected: %s",
- srtp_octet_string_hex_string(test_case->ciphertext,
- 2*test_case->plaintext_length_octets));
-
- cipher_dealloc(c);
- return srtp_err_status_algo_fail;
- }
-
- /*
- * test the decrypt function
- */
- debug_print(mod_cipher, "testing decryption", NULL);
-
- /* re-initialize cipher for decryption */
- status = cipher_init(c, test_case->key);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- /* copy ciphertext into test buffer */
- if (test_case->ciphertext_length_octets > SELF_TEST_BUF_OCTETS) {
- cipher_dealloc(c);
- return srtp_err_status_bad_param;
- }
- for (i=0; i < test_case->ciphertext_length_octets; i++)
- buffer[i] = test_case->ciphertext[i];
-
- debug_print(mod_cipher, "ciphertext: %s",
- srtp_octet_string_hex_string(buffer,
- test_case->plaintext_length_octets));
-
- /* set the initialization vector */
- status = cipher_set_iv(c, test_case->idx, direction_decrypt);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- if (c->algorithm == AES_128_GCM || c->algorithm == AES_256_GCM) {
- /*
- * Set the AAD
- */
- status = cipher_set_aad(c, test_case->aad,
- test_case->aad_length_octets);
+ /* set initialization vector */
+ status = cipher_set_iv(c, test_case->idx, direction_encrypt);
if (status) {
cipher_dealloc(c);
return status;
- }
- debug_print(mod_cipher, "AAD: %s",
- srtp_octet_string_hex_string(test_case->aad,
- test_case->aad_length_octets));
+ }
+
+ if (c->algorithm == AES_128_GCM || c->algorithm == AES_256_GCM) {
+ /*
+ * Set the AAD
+ */
+ status = cipher_set_aad(c, test_case->aad,
+ test_case->aad_length_octets);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+ debug_print(srtp_mod_cipher, "AAD: %s",
+ srtp_octet_string_hex_string(test_case->aad,
+ test_case->aad_length_octets));
+ }
+
+ /* encrypt buffer with cipher */
+ plaintext_len = length;
+ status = cipher_encrypt(c, buffer, &length);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+ if (c->algorithm == AES_128_GCM || c->algorithm == AES_256_GCM) {
+ /*
+ * Get the GCM tag
+ */
+ status = cipher_get_tag(c, buffer + length, &tag_len);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+ length += tag_len;
+ }
+ debug_print(srtp_mod_cipher, "ciphertext: %s",
+ srtp_octet_string_hex_string(buffer, length));
+
+ /*
+ * re-initialize cipher for decryption, re-set the iv, then
+ * decrypt the ciphertext
+ */
+ status = cipher_init(c, key);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+ status = cipher_set_iv(c, test_case->idx, direction_decrypt);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+ if (c->algorithm == AES_128_GCM || c->algorithm == AES_256_GCM) {
+ /*
+ * Set the AAD
+ */
+ status = cipher_set_aad(c, test_case->aad,
+ test_case->aad_length_octets);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+ debug_print(srtp_mod_cipher, "AAD: %s",
+ srtp_octet_string_hex_string(test_case->aad,
+ test_case->aad_length_octets));
+ }
+ status = cipher_decrypt(c, buffer, &length);
+ if (status) {
+ cipher_dealloc(c);
+ return status;
+ }
+
+ debug_print(srtp_mod_cipher, "plaintext[2]: %s",
+ srtp_octet_string_hex_string(buffer, length));
+
+ /* compare the resulting plaintext with the original one */
+ if (length != plaintext_len) {
+ return srtp_err_status_algo_fail;
+ }
+ status = srtp_err_status_ok;
+ for (i = 0; i < plaintext_len; i++) {
+ if (buffer[i] != buffer2[i]) {
+ status = srtp_err_status_algo_fail;
+ debug_print(srtp_mod_cipher, "random test case %d failed", case_num);
+ debug_print(srtp_mod_cipher, "(failure at byte %d)", i);
+ }
+ }
+ if (status) {
+ cipher_dealloc(c);
+ return srtp_err_status_algo_fail;
+ }
+
}
- /* decrypt */
- len = test_case->ciphertext_length_octets;
- status = cipher_decrypt(c, buffer, &len);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- debug_print(mod_cipher, "plaintext: %s",
- srtp_octet_string_hex_string(buffer,
- test_case->plaintext_length_octets));
-
- /* compare the resulting plaintext with that in the test case */
- if (len != test_case->plaintext_length_octets)
- return srtp_err_status_algo_fail;
- status = srtp_err_status_ok;
- for (i=0; i < test_case->plaintext_length_octets; i++)
- if (buffer[i] != test_case->plaintext[i]) {
- status = srtp_err_status_algo_fail;
- debug_print(mod_cipher, "test case %d failed", case_num);
- debug_print(mod_cipher, "(failure at byte %d)", i);
- }
- if (status) {
-
- debug_print(mod_cipher, "p computed: %s",
- srtp_octet_string_hex_string(buffer,
- 2*test_case->plaintext_length_octets));
- debug_print(mod_cipher, "p expected: %s",
- srtp_octet_string_hex_string(test_case->plaintext,
- 2*test_case->plaintext_length_octets));
-
- cipher_dealloc(c);
- return srtp_err_status_algo_fail;
- }
-
- /* deallocate the cipher */
status = cipher_dealloc(c);
- if (status)
- return status;
-
- /*
- * the cipher passed the test case, so move on to the next test
- * case in the list; if NULL, we'l proceed to the next test
- */
- test_case = test_case->next_test_case;
- ++case_num;
- }
-
- /* now run some random invertibility tests */
-
- /* allocate cipher, using paramaters from the first test case */
- test_case = test_data;
- status = cipher_type_alloc(ct, &c, test_case->key_length_octets, test_case->tag_length_octets);
- if (status)
- return status;
-
- rand_source_init();
-
- for (j=0; j < NUM_RAND_TESTS; j++) {
- unsigned length;
- int plaintext_len;
- uint8_t key[MAX_KEY_LEN];
- uint8_t iv[MAX_KEY_LEN];
-
- /* choose a length at random (leaving room for IV and padding) */
- length = rand() % (SELF_TEST_BUF_OCTETS - 64);
- debug_print(mod_cipher, "random plaintext length %d\n", length);
- status = rand_source_get_octet_string(buffer, length);
- if (status) return status;
-
- debug_print(mod_cipher, "plaintext: %s",
- srtp_octet_string_hex_string(buffer, length));
-
- /* copy plaintext into second buffer */
- for (i=0; (unsigned int)i < length; i++)
- buffer2[i] = buffer[i];
-
- /* choose a key at random */
- if (test_case->key_length_octets > MAX_KEY_LEN)
- return srtp_err_status_cant_check;
- status = rand_source_get_octet_string(key, test_case->key_length_octets);
- if (status) return status;
-
- /* chose a random initialization vector */
- status = rand_source_get_octet_string(iv, MAX_KEY_LEN);
- if (status) return status;
-
- /* initialize cipher */
- status = cipher_init(c, key);
if (status) {
- cipher_dealloc(c);
- return status;
+ return status;
}
- /* set initialization vector */
- status = cipher_set_iv(c, test_case->idx, direction_encrypt);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- if (c->algorithm == AES_128_GCM || c->algorithm == AES_256_GCM) {
- /*
- * Set the AAD
- */
- status = cipher_set_aad(c, test_case->aad,
- test_case->aad_length_octets);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
- debug_print(mod_cipher, "AAD: %s",
- srtp_octet_string_hex_string(test_case->aad,
- test_case->aad_length_octets));
- }
-
- /* encrypt buffer with cipher */
- plaintext_len = length;
- status = cipher_encrypt(c, buffer, &length);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
- if (c->algorithm == AES_128_GCM || c->algorithm == AES_256_GCM) {
- /*
- * Get the GCM tag
- */
- status = cipher_get_tag(c, buffer + length, &tag_len);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
- length += tag_len;
- }
- debug_print(mod_cipher, "ciphertext: %s",
- srtp_octet_string_hex_string(buffer, length));
-
- /*
- * re-initialize cipher for decryption, re-set the iv, then
- * decrypt the ciphertext
- */
- status = cipher_init(c, key);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
- status = cipher_set_iv(c, test_case->idx, direction_decrypt);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
- if (c->algorithm == AES_128_GCM || c->algorithm == AES_256_GCM) {
- /*
- * Set the AAD
- */
- status = cipher_set_aad(c, test_case->aad,
- test_case->aad_length_octets);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
- debug_print(mod_cipher, "AAD: %s",
- srtp_octet_string_hex_string(test_case->aad,
- test_case->aad_length_octets));
- }
- status = cipher_decrypt(c, buffer, &length);
- if (status) {
- cipher_dealloc(c);
- return status;
- }
-
- debug_print(mod_cipher, "plaintext[2]: %s",
- srtp_octet_string_hex_string(buffer, length));
-
- /* compare the resulting plaintext with the original one */
- if (length != plaintext_len) {
- return srtp_err_status_algo_fail;
- }
- status = srtp_err_status_ok;
- for (i=0; i < plaintext_len; i++)
- if (buffer[i] != buffer2[i]) {
- status = srtp_err_status_algo_fail;
- debug_print(mod_cipher, "random test case %d failed", case_num);
- debug_print(mod_cipher, "(failure at byte %d)", i);
- }
- if (status) {
- cipher_dealloc(c);
- return srtp_err_status_algo_fail;
- }
-
- }
-
- status = cipher_dealloc(c);
- if (status)
- return status;
-
- return srtp_err_status_ok;
+ return srtp_err_status_ok;
}
-/*
- * cipher_type_self_test(ct) performs cipher_type_test on ct's internal
+/*
+ * srtp_cipher_type_self_test(ct) performs srtp_cipher_type_test on ct's internal
* list of test data.
*/
-
-srtp_err_status_t
-cipher_type_self_test(const cipher_type_t *ct) {
- return cipher_type_test(ct, ct->test_data);
+srtp_err_status_t srtp_cipher_type_self_test (const srtp_cipher_type_t *ct)
+{
+ return srtp_cipher_type_test(ct, ct->test_data);
}
/*
* cipher_bits_per_second(c, l, t) computes (an estimate of) the
* number of bits that a cipher implementation can encrypt in a second
- *
+ *
* c is a cipher (which MUST be allocated and initialized already), l
* is the length in octets of the test data to be encrypted, and t is
* the number of trials
*
* if an error is encountered, the value 0 is returned
*/
+uint64_t srtp_cipher_bits_per_second (srtp_cipher_t *c, int octets_in_buffer, int num_trials)
+{
+ int i;
+ v128_t nonce;
+ clock_t timer;
+ unsigned char *enc_buf;
+ unsigned int len = octets_in_buffer;
-uint64_t
-cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials) {
- int i;
- v128_t nonce;
- clock_t timer;
- unsigned char *enc_buf;
- unsigned int len = octets_in_buffer;
+ enc_buf = (unsigned char*)srtp_crypto_alloc(octets_in_buffer);
+ if (enc_buf == NULL) {
+ return 0; /* indicate bad parameters by returning null */
- enc_buf = (unsigned char*) srtp_crypto_alloc(octets_in_buffer);
- if (enc_buf == NULL)
- return 0; /* indicate bad parameters by returning null */
-
- /* time repeated trials */
- v128_set_to_zero(&nonce);
- timer = clock();
- for(i=0; i < num_trials; i++, nonce.v32[3] = i) {
- cipher_set_iv(c, &nonce, direction_encrypt);
- cipher_encrypt(c, enc_buf, &len);
- }
- timer = clock() - timer;
+ }
+ /* time repeated trials */
+ v128_set_to_zero(&nonce);
+ timer = clock();
+ for (i = 0; i < num_trials; i++, nonce.v32[3] = i) {
+ cipher_set_iv(c, &nonce, direction_encrypt);
+ cipher_encrypt(c, enc_buf, &len);
+ }
+ timer = clock() - timer;
- srtp_crypto_free(enc_buf);
+ srtp_crypto_free(enc_buf);
- if (timer == 0) {
- /* Too fast! */
- return 0;
- }
-
- return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
+ if (timer == 0) {
+ /* Too fast! */
+ return 0;
+ }
+
+ return (uint64_t)CLOCKS_PER_SEC * num_trials * 8 * octets_in_buffer / timer;
}
diff --git a/crypto/cipher/null_cipher.c b/crypto/cipher/null_cipher.c
index 065f924..9875ddc 100644
--- a/crypto/cipher/null_cipher.c
+++ b/crypto/cipher/null_cipher.c
@@ -54,26 +54,26 @@
/* the null_cipher uses the cipher debug module */
-extern debug_module_t mod_cipher;
+extern debug_module_t srtp_mod_cipher;
srtp_err_status_t
-null_cipher_alloc(cipher_t **c, int key_len, int tlen) {
- extern cipher_type_t null_cipher;
+null_cipher_alloc(srtp_cipher_t **c, int key_len, int tlen) {
+ extern srtp_cipher_type_t null_cipher;
uint8_t *pointer;
- debug_print(mod_cipher,
+ debug_print(srtp_mod_cipher,
"allocating cipher with key length %d", key_len);
/* allocate memory a cipher of type null_cipher */
- pointer = (uint8_t*)srtp_crypto_alloc(sizeof(null_cipher_ctx_t) + sizeof(cipher_t));
+ pointer = (uint8_t*)srtp_crypto_alloc(sizeof(null_cipher_ctx_t) + sizeof(srtp_cipher_t));
if (pointer == NULL)
return srtp_err_status_alloc_fail;
/* set pointers */
- *c = (cipher_t *)pointer;
+ *c = (srtp_cipher_t *)pointer;
(*c)->algorithm = NULL_CIPHER;
(*c)->type = &null_cipher;
- (*c)->state = pointer + sizeof(cipher_t);
+ (*c)->state = pointer + sizeof(srtp_cipher_t);
/* set key size */
(*c)->key_len = key_len;
@@ -83,12 +83,12 @@
}
srtp_err_status_t
-null_cipher_dealloc(cipher_t *c) {
- extern cipher_type_t null_cipher;
+null_cipher_dealloc(srtp_cipher_t *c) {
+ extern srtp_cipher_type_t null_cipher;
/* zeroize entire state*/
octet_string_set_to_zero((uint8_t *)c,
- sizeof(null_cipher_ctx_t) + sizeof(cipher_t));
+ sizeof(null_cipher_ctx_t) + sizeof(srtp_cipher_t));
/* free memory of type null_cipher */
srtp_crypto_free(c);
@@ -100,7 +100,7 @@
srtp_err_status_t
null_cipher_init(null_cipher_ctx_t *ctx, const uint8_t *key, int key_len) {
- debug_print(mod_cipher, "initializing null cipher", NULL);
+ debug_print(srtp_mod_cipher, "initializing null cipher", NULL);
return srtp_err_status_ok;
}
@@ -119,7 +119,7 @@
char
null_cipher_description[] = "null cipher";
-cipher_test_case_t
+srtp_cipher_test_case_t
null_cipher_test_0 = {
0, /* octets in key */
NULL, /* key */
@@ -139,7 +139,7 @@
* note: the decrypt function is idential to the encrypt function
*/
-cipher_type_t null_cipher = {
+srtp_cipher_type_t null_cipher = {
(cipher_alloc_func_t) null_cipher_alloc,
(cipher_dealloc_func_t) null_cipher_dealloc,
(cipher_init_func_t) null_cipher_init,
@@ -149,7 +149,7 @@
(cipher_set_iv_func_t) null_cipher_set_iv,
(cipher_get_tag_func_t) 0,
(char *) null_cipher_description,
- (cipher_test_case_t *) &null_cipher_test_0,
+ (srtp_cipher_test_case_t *) &null_cipher_test_0,
(debug_module_t *) NULL,
(srtp_cipher_type_id_t) NULL_CIPHER
};
diff --git a/crypto/include/aes_gcm_ossl.h b/crypto/include/aes_gcm_ossl.h
index 4be36dc..0575571 100644
--- a/crypto/include/aes_gcm_ossl.h
+++ b/crypto/include/aes_gcm_ossl.h
@@ -56,7 +56,7 @@
int key_size;
int tag_len;
EVP_CIPHER_CTX ctx;
- cipher_direction_t dir;
+ srtp_cipher_direction_t dir;
} srtp_aes_gcm_ctx_t;
#endif /* AES_GCM_OSSL_H */
diff --git a/crypto/include/aes_icm.h b/crypto/include/aes_icm.h
index bee61a3..89b39eb 100644
--- a/crypto/include/aes_icm.h
+++ b/crypto/include/aes_icm.h
@@ -33,14 +33,14 @@
srtp_err_status_t aes_icm_output(aes_icm_ctx_t *c, unsigned char *buf, unsigned int bytes_to_output);
-srtp_err_status_t aes_icm_dealloc(cipher_t *c);
+srtp_err_status_t aes_icm_dealloc(srtp_cipher_t *c);
srtp_err_status_t aes_icm_encrypt_ismacryp(aes_icm_ctx_t *c,
unsigned char *buf,
unsigned int *enc_len,
int forIsmacryp);
-srtp_err_status_t aes_icm_alloc_ismacryp(cipher_t **c, int key_len, int forIsmacryp);
+srtp_err_status_t aes_icm_alloc_ismacryp(srtp_cipher_t **c, int key_len, int forIsmacryp);
uint16_t aes_icm_bytes_encrypted(aes_icm_ctx_t *c);
diff --git a/crypto/include/cipher.h b/crypto/include/cipher.h
index 2db7183..c12c6a3 100644
--- a/crypto/include/cipher.h
+++ b/crypto/include/cipher.h
@@ -7,26 +7,26 @@
* Cisco Systems, Inc.
*/
/*
- *
+ *
* Copyright (c) 2001-2006,2013 Cisco Systems, Inc.
* All rights reserved.
- *
+ *
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
- *
+ *
* Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
- *
+ *
* Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
- *
+ *
* Neither the name of the Cisco Systems, Inc. nor the names of its
* contributors may be used to endorse or promote products derived
* from this software without specific prior written permission.
- *
+ *
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
@@ -47,78 +47,77 @@
#define CIPHER_H
#include "srtp.h"
-#include "datatypes.h"
+#include "datatypes.h"
#include "rdbx.h" /* for xtd_seq_num_t */
#include "err.h" /* for error codes */
-#include "crypto_types.h" /* for values of cipher_type_id_t */
+#include "crypto_types.h" /* for values of cipher_type_id_t */
/*
- * cipher_direction_t defines a particular cipher operation.
+ * cipher_direction_t defines a particular cipher operation.
*
* A cipher_direction_t is an enum that describes a particular cipher
* operation, i.e. encryption or decryption. For some ciphers, this
* distinction does not matter, but for others, it is essential.
*/
-typedef enum {
- direction_encrypt, /**< encryption (convert plaintext to ciphertext) */
- direction_decrypt, /**< decryption (convert ciphertext to plaintext) */
- direction_any /**< encryption or decryption */
-} cipher_direction_t;
+typedef enum {
+ direction_encrypt, /**< encryption (convert plaintext to ciphertext) */
+ direction_decrypt, /**< decryption (convert ciphertext to plaintext) */
+ direction_any /**< encryption or decryption */
+} srtp_cipher_direction_t;
/*
* the cipher_pointer and cipher_type_pointer definitions are needed
* as cipher_t and cipher_type_t are not yet defined
*/
-typedef struct cipher_type_t *cipher_type_pointer_t;
-typedef struct cipher_t *cipher_pointer_t;
+typedef struct srtp_cipher_t *srtp_cipher_pointer_t;
/*
- * a cipher_alloc_func_t allocates (but does not initialize) a cipher_t
+ * a cipher_alloc_func_t allocates (but does not initialize) a cipher_t
*/
typedef srtp_err_status_t (*cipher_alloc_func_t)
- (cipher_pointer_t *cp, int key_len, int tag_len);
+ (srtp_cipher_pointer_t *cp, int key_len, int tag_len);
-/*
+/*
* a cipher_init_func_t [re-]initializes a cipher_t with a given key
*/
typedef srtp_err_status_t (*cipher_init_func_t)
-(void *state, const uint8_t *key, int key_len);
+ (void *state, const uint8_t *key, int key_len);
/* a cipher_dealloc_func_t de-allocates a cipher_t */
-typedef srtp_err_status_t (*cipher_dealloc_func_t)(cipher_pointer_t cp);
+typedef srtp_err_status_t (*cipher_dealloc_func_t)(srtp_cipher_pointer_t cp);
/* a cipher_set_segment_func_t sets the segment index of a cipher_t */
typedef srtp_err_status_t (*cipher_set_segment_func_t)
- (void *state, xtd_seq_num_t idx);
+ (void *state, xtd_seq_num_t idx);
-/*
- * a cipher_set_aad_func_t processes the AAD data for AEAD ciphers
+/*
+ * a cipher_set_aad_func_t processes the AAD data for AEAD ciphers
*/
typedef srtp_err_status_t (*cipher_set_aad_func_t)
- (void *state, uint8_t *aad, unsigned int aad_len);
+ (void *state, uint8_t *aad, unsigned int aad_len);
/* a cipher_encrypt_func_t encrypts data in-place */
typedef srtp_err_status_t (*cipher_encrypt_func_t)
- (void *state, uint8_t *buffer, unsigned int *octets_to_encrypt);
+ (void *state, uint8_t *buffer, unsigned int *octets_to_encrypt);
/* a cipher_decrypt_func_t decrypts data in-place */
typedef srtp_err_status_t (*cipher_decrypt_func_t)
- (void *state, uint8_t *buffer, unsigned int *octets_to_decrypt);
+ (void *state, uint8_t *buffer, unsigned int *octets_to_decrypt);
-/*
+/*
* a cipher_set_iv_func_t function sets the current initialization vector
*/
typedef srtp_err_status_t (*cipher_set_iv_func_t)
- (cipher_pointer_t cp, void *iv, cipher_direction_t direction);
+ (srtp_cipher_pointer_t cp, void *iv, srtp_cipher_direction_t direction);
/*
* a cipher_get_tag_funct_t function is used to get the authentication
* tag that was calculated by an AEAD cipher.
*/
typedef srtp_err_status_t (*cipher_get_tag_func_t)
- (void *state, void *tag, int *len);
+ (void *state, void *tag, int *len);
/*
@@ -128,46 +127,46 @@
* in an on-the-fly self test of the correcness of the implementation.
* (see the cipher_type_self_test() function below)
*/
-typedef struct cipher_test_case_t {
- int key_length_octets; /* octets in key */
- uint8_t *key; /* key */
- uint8_t *idx; /* packet index */
- int plaintext_length_octets; /* octets in plaintext */
- uint8_t *plaintext; /* plaintext */
- int ciphertext_length_octets; /* octets in plaintext */
- uint8_t *ciphertext; /* ciphertext */
- int aad_length_octets; /* octets in AAD */
- uint8_t *aad; /* AAD */
- int tag_length_octets; /* Length of AEAD tag */
- struct cipher_test_case_t *next_test_case; /* pointer to next testcase */
-} cipher_test_case_t;
+typedef struct srtp_cipher_test_case_t {
+ int key_length_octets; /* octets in key */
+ uint8_t *key; /* key */
+ uint8_t *idx; /* packet index */
+ int plaintext_length_octets; /* octets in plaintext */
+ uint8_t *plaintext; /* plaintext */
+ int ciphertext_length_octets; /* octets in plaintext */
+ uint8_t *ciphertext; /* ciphertext */
+ int aad_length_octets; /* octets in AAD */
+ uint8_t *aad; /* AAD */
+ int tag_length_octets; /* Length of AEAD tag */
+ struct srtp_cipher_test_case_t *next_test_case; /* pointer to next testcase */
+} srtp_cipher_test_case_t;
/* cipher_type_t defines the 'metadata' for a particular cipher type */
-typedef struct cipher_type_t {
- cipher_alloc_func_t alloc;
- cipher_dealloc_func_t dealloc;
- cipher_init_func_t init;
- cipher_set_aad_func_t set_aad;
- cipher_encrypt_func_t encrypt;
- cipher_encrypt_func_t decrypt;
- cipher_set_iv_func_t set_iv;
- cipher_get_tag_func_t get_tag;
- char *description;
- cipher_test_case_t *test_data;
- debug_module_t *debug;
- srtp_cipher_type_id_t id;
-} cipher_type_t;
+typedef struct srtp_cipher_type_t {
+ cipher_alloc_func_t alloc;
+ cipher_dealloc_func_t dealloc;
+ cipher_init_func_t init;
+ cipher_set_aad_func_t set_aad;
+ cipher_encrypt_func_t encrypt;
+ cipher_encrypt_func_t decrypt;
+ cipher_set_iv_func_t set_iv;
+ cipher_get_tag_func_t get_tag;
+ char *description;
+ srtp_cipher_test_case_t *test_data;
+ debug_module_t *debug;
+ srtp_cipher_type_id_t id;
+} srtp_cipher_type_t;
/*
* cipher_t defines an instantiation of a particular cipher, with fixed
* key length, key and salt values
*/
-typedef struct cipher_t {
- cipher_type_t *type;
- void *state;
- int key_len;
- int algorithm;
-} cipher_t;
+typedef struct srtp_cipher_t {
+ srtp_cipher_type_t *type;
+ void *state;
+ int key_len;
+ int algorithm;
+} srtp_cipher_t;
/* some syntactic sugar on these function types */
#define cipher_type_alloc(ct, c, klen, tlen) ((ct)->alloc((c), (klen), (tlen)))
@@ -177,55 +176,57 @@
#define cipher_init(c, k) (((c)->type)->init(((c)->state), (k), ((c)->key_len)))
#define cipher_encrypt(c, buf, len) \
- (((c)->type)->encrypt(((c)->state), (buf), (len)))
+ (((c)->type)->encrypt(((c)->state), (buf), (len)))
#define cipher_get_tag(c, buf, len) \
- (((c)->type)->get_tag(((c)->state), (buf), (len)))
+ (((c)->type)->get_tag(((c)->state), (buf), (len)))
#define cipher_decrypt(c, buf, len) \
- (((c)->type)->decrypt(((c)->state), (buf), (len)))
+ (((c)->type)->decrypt(((c)->state), (buf), (len)))
#define cipher_set_iv(c, n, dir) \
- ((c) ? (((c)->type)->set_iv(((cipher_pointer_t)(c)->state), (n), (dir))) : \
- srtp_err_status_no_such_op)
+ ((c) ? (((c)->type)->set_iv(((srtp_cipher_pointer_t)(c)->state), (n), (dir))) : \
+ srtp_err_status_no_such_op)
#define cipher_set_aad(c, a, l) \
- (((c) && (((c)->type)->set_aad)) ? \
- (((c)->type)->set_aad(((c)->state), (a), (l))) : \
- srtp_err_status_no_such_op)
+ (((c) && (((c)->type)->set_aad)) ? \
+ (((c)->type)->set_aad(((c)->state), (a), (l))) : \
+ srtp_err_status_no_such_op)
-srtp_err_status_t cipher_output(cipher_t *c, uint8_t *buffer, int num_octets_to_output);
+srtp_err_status_t srtp_cipher_output(srtp_cipher_t *c, uint8_t *buffer, int num_octets_to_output);
/* some bookkeeping functions */
-int cipher_get_key_length(const cipher_t *c);
+int srtp_cipher_get_key_length(const srtp_cipher_t *c);
-/*
- * cipher_type_self_test() tests a cipher against test cases provided in
- * an array of values of key/xtd_seq_num_t/plaintext/ciphertext
+/*
+ * cipher_type_self_test() tests a cipher against test cases provided in
+ * an array of values of key/xtd_seq_num_t/plaintext/ciphertext
* that is known to be good
*/
-srtp_err_status_t cipher_type_self_test(const cipher_type_t *ct);
+srtp_err_status_t srtp_cipher_type_self_test(const srtp_cipher_type_t *ct);
-/*
- * cipher_type_test() tests a cipher against external test cases provided in
- * an array of values of key/xtd_seq_num_t/plaintext/ciphertext
+/*
+ * cipher_type_test() tests a cipher against external test cases provided in
+ * an array of values of key/xtd_seq_num_t/plaintext/ciphertext
* that is known to be good
*/
-srtp_err_status_t cipher_type_test(const cipher_type_t *ct, const cipher_test_case_t *test_data);
+srtp_err_status_t srtp_cipher_type_test(const srtp_cipher_type_t *ct, const srtp_cipher_test_case_t *test_data);
/*
* cipher_bits_per_second(c, l, t) computes (and estimate of) the
* number of bits that a cipher implementation can encrypt in a second
- *
+ *
* c is a cipher (which MUST be allocated and initialized already), l
* is the length in octets of the test data to be encrypted, and t is
* the number of trials
*
* if an error is encountered, then the value 0 is returned
*/
-uint64_t cipher_bits_per_second(cipher_t *c, int octets_in_buffer, int num_trials);
+uint64_t srtp_cipher_bits_per_second(srtp_cipher_t *c, int octets_in_buffer, int num_trials);
+
+srtp_err_status_t srtp_cipher_output(srtp_cipher_t *c, uint8_t *buffer, int num_octets_to_output);
#endif /* CIPHER_H */
diff --git a/crypto/include/crypto_kernel.h b/crypto/include/crypto_kernel.h
index 62f0bd7..b0c9655 100644
--- a/crypto/include/crypto_kernel.h
+++ b/crypto/include/crypto_kernel.h
@@ -71,7 +71,7 @@
*/
typedef struct kernel_cipher_type {
srtp_cipher_type_id_t id;
- cipher_type_t *cipher_type;
+ srtp_cipher_type_t *cipher_type;
struct kernel_cipher_type *next;
} kernel_cipher_type_t;
@@ -160,7 +160,7 @@
* crypto_kernel_load_cipher_type()
*
*/
-srtp_err_status_t crypto_kernel_load_cipher_type(cipher_type_t *ct, srtp_cipher_type_id_t id);
+srtp_err_status_t crypto_kernel_load_cipher_type(srtp_cipher_type_t *ct, srtp_cipher_type_id_t id);
srtp_err_status_t crypto_kernel_load_auth_type(srtp_auth_type_t *ct, srtp_auth_type_id_t id);
@@ -171,7 +171,7 @@
* with a new one passed in externally. The new cipher must pass all the
* existing cipher_type's self tests as well as its own.
*/
-srtp_err_status_t crypto_kernel_replace_cipher_type(cipher_type_t *ct, srtp_cipher_type_id_t id);
+srtp_err_status_t crypto_kernel_replace_cipher_type(srtp_cipher_type_t *ct, srtp_cipher_type_id_t id);
/*
@@ -196,7 +196,7 @@
* err_status_alloc_fail an allocation failure occured
* err_status_fail couldn't find cipher with identifier 'id'
*/
-srtp_err_status_t crypto_kernel_alloc_cipher(srtp_cipher_type_id_t id, cipher_pointer_t *cp, int key_len, int tag_len);
+srtp_err_status_t crypto_kernel_alloc_cipher(srtp_cipher_type_id_t id, srtp_cipher_pointer_t *cp, int key_len, int tag_len);
/*
* crypto_kernel_alloc_auth(id, ap, key_len, tag_len);
diff --git a/crypto/kernel/crypto_kernel.c b/crypto/kernel/crypto_kernel.c
index ad05dfc..c2d2e1b 100644
--- a/crypto/kernel/crypto_kernel.c
+++ b/crypto/kernel/crypto_kernel.c
@@ -63,7 +63,7 @@
*/
extern debug_module_t srtp_mod_auth;
-extern debug_module_t mod_cipher;
+extern debug_module_t srtp_mod_cipher;
extern debug_module_t mod_stat;
extern debug_module_t mod_alloc;
@@ -71,11 +71,11 @@
* cipher types that can be included in the kernel
*/
-extern cipher_type_t null_cipher;
-extern cipher_type_t srtp_aes_icm;
+extern srtp_cipher_type_t null_cipher;
+extern srtp_cipher_type_t srtp_aes_icm;
#ifdef OPENSSL
-extern cipher_type_t srtp_aes_gcm_128_openssl;
-extern cipher_type_t srtp_aes_gcm_256_openssl;
+extern srtp_cipher_type_t srtp_aes_gcm_128_openssl;
+extern srtp_cipher_type_t srtp_aes_gcm_256_openssl;
#endif
@@ -124,7 +124,7 @@
status = crypto_kernel_load_debug_module(&srtp_mod_auth);
if (status)
return status;
- status = crypto_kernel_load_debug_module(&mod_cipher);
+ status = crypto_kernel_load_debug_module(&srtp_mod_cipher);
if (status)
return status;
status = crypto_kernel_load_debug_module(&mod_stat);
@@ -197,7 +197,7 @@
while(ctype != NULL) {
printf("cipher: %s\n", ctype->cipher_type->description);
printf(" self-test: ");
- status = cipher_type_self_test(ctype->cipher_type);
+ status = srtp_cipher_type_self_test(ctype->cipher_type);
if (status) {
printf("failed with error code %d\n", status);
exit(status);
@@ -300,7 +300,7 @@
}
static inline srtp_err_status_t
-crypto_kernel_do_load_cipher_type(cipher_type_t *new_ct, srtp_cipher_type_id_t id,
+crypto_kernel_do_load_cipher_type(srtp_cipher_type_t *new_ct, srtp_cipher_type_id_t id,
int replace) {
kernel_cipher_type_t *ctype, *new_ctype;
srtp_err_status_t status;
@@ -313,7 +313,7 @@
return srtp_err_status_bad_param;
/* check cipher type by running self-test */
- status = cipher_type_self_test(new_ct);
+ status = srtp_cipher_type_self_test(new_ct);
if (status) {
return status;
}
@@ -324,7 +324,7 @@
if (id == ctype->id) {
if (!replace)
return srtp_err_status_bad_param;
- status = cipher_type_test(new_ct, ctype->cipher_type->test_data);
+ status = srtp_cipher_type_test(new_ct, ctype->cipher_type->test_data);
if (status)
return status;
new_ctype = ctype;
@@ -360,12 +360,12 @@
}
srtp_err_status_t
-crypto_kernel_load_cipher_type(cipher_type_t *new_ct, srtp_cipher_type_id_t id) {
+crypto_kernel_load_cipher_type(srtp_cipher_type_t *new_ct, srtp_cipher_type_id_t id) {
return crypto_kernel_do_load_cipher_type(new_ct, id, 0);
}
srtp_err_status_t
-crypto_kernel_replace_cipher_type(cipher_type_t *new_ct, srtp_cipher_type_id_t id) {
+crypto_kernel_replace_cipher_type(srtp_cipher_type_t *new_ct, srtp_cipher_type_id_t id) {
return crypto_kernel_do_load_cipher_type(new_ct, id, 1);
}
@@ -441,7 +441,7 @@
}
-cipher_type_t *
+srtp_cipher_type_t *
crypto_kernel_get_cipher_type(srtp_cipher_type_id_t id) {
kernel_cipher_type_t *ctype;
@@ -460,10 +460,10 @@
srtp_err_status_t
crypto_kernel_alloc_cipher(srtp_cipher_type_id_t id,
- cipher_pointer_t *cp,
+ srtp_cipher_pointer_t *cp,
int key_len,
int tag_len) {
- cipher_type_t *ct;
+ srtp_cipher_type_t *ct;
/*
* if the crypto_kernel is not yet initialized, we refuse to allocate
diff --git a/crypto/test/cipher_driver.c b/crypto/test/cipher_driver.c
index 5c9decd..db6be58 100644
--- a/crypto/test/cipher_driver.c
+++ b/crypto/test/cipher_driver.c
@@ -63,10 +63,10 @@
#define PRINT_DEBUG 0
void
-cipher_driver_test_throughput(cipher_t *c);
+cipher_driver_test_throughput(srtp_cipher_t *c);
srtp_err_status_t
-cipher_driver_self_test(cipher_type_t *ct);
+cipher_driver_self_test(srtp_cipher_type_t *ct);
/*
@@ -76,29 +76,29 @@
*/
srtp_err_status_t
-cipher_driver_test_buffering(cipher_t *c);
+cipher_driver_test_buffering(srtp_cipher_t *c);
/*
* functions for testing cipher cache thrash
*/
srtp_err_status_t
-cipher_driver_test_array_throughput(cipher_type_t *ct,
+cipher_driver_test_array_throughput(srtp_cipher_type_t *ct,
int klen, int num_cipher);
void
-cipher_array_test_throughput(cipher_t *ca[], int num_cipher);
+cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher);
uint64_t
-cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher,
+cipher_array_bits_per_second(srtp_cipher_t *cipher_array[], int num_cipher,
unsigned octets_in_buffer, int num_trials);
srtp_err_status_t
-cipher_array_delete(cipher_t *cipher_array[], int num_cipher);
+cipher_array_delete(srtp_cipher_t *cipher_array[], int num_cipher);
srtp_err_status_t
-cipher_array_alloc_init(cipher_t ***cipher_array, int num_ciphers,
- cipher_type_t *ctype, int klen);
+cipher_array_alloc_init(srtp_cipher_t ***cipher_array, int num_ciphers,
+ srtp_cipher_type_t *ctype, int klen);
void
usage(char *prog_name) {
@@ -121,18 +121,18 @@
* declared external so that we can use these cipher types here
*/
-extern cipher_type_t null_cipher;
-extern cipher_type_t srtp_aes_icm;
+extern srtp_cipher_type_t null_cipher;
+extern srtp_cipher_type_t srtp_aes_icm;
#ifdef OPENSSL
-extern cipher_type_t srtp_aes_icm_192;
-extern cipher_type_t srtp_aes_icm_256;
-extern cipher_type_t srtp_aes_gcm_128_openssl;
-extern cipher_type_t srtp_aes_gcm_256_openssl;
+extern srtp_cipher_type_t srtp_aes_icm_192;
+extern srtp_cipher_type_t srtp_aes_icm_256;
+extern srtp_cipher_type_t srtp_aes_gcm_128_openssl;
+extern srtp_cipher_type_t srtp_aes_gcm_256_openssl;
#endif
int
main(int argc, char *argv[]) {
- cipher_t *c = NULL;
+ srtp_cipher_t *c = NULL;
srtp_err_status_t status;
unsigned char test_key[48] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
@@ -323,7 +323,7 @@
}
void
-cipher_driver_test_throughput(cipher_t *c) {
+cipher_driver_test_throughput(srtp_cipher_t *c) {
int i;
int min_enc_len = 32;
int max_enc_len = 2048; /* should be a power of two */
@@ -333,16 +333,16 @@
fflush(stdout);
for (i=min_enc_len; i <= max_enc_len; i = i * 2)
printf("msg len: %d\tgigabits per second: %f\n",
- i, cipher_bits_per_second(c, i, num_trials) / 1e9);
+ i, srtp_cipher_bits_per_second(c, i, num_trials) / 1e9);
}
srtp_err_status_t
-cipher_driver_self_test(cipher_type_t *ct) {
+cipher_driver_self_test(srtp_cipher_type_t *ct) {
srtp_err_status_t status;
printf("running cipher self-test for %s...", ct->description);
- status = cipher_type_self_test(ct);
+ status = srtp_cipher_type_self_test(ct);
if (status) {
printf("failed with error code %d\n", status);
exit(status);
@@ -359,7 +359,7 @@
*/
srtp_err_status_t
-cipher_driver_test_buffering(cipher_t *c) {
+cipher_driver_test_buffering(srtp_cipher_t *c) {
int i, j, num_trials = 1000;
unsigned len, buflen = 1024;
uint8_t buffer0[buflen], buffer1[buflen], *current, *end;
@@ -440,22 +440,22 @@
* cache thrash on cipher throughput.
*
* cipher_array_alloc_init(ctype, array, num_ciphers) creates an array
- * of cipher_t of type ctype
+ * of srtp_cipher_t of type ctype
*/
srtp_err_status_t
-cipher_array_alloc_init(cipher_t ***ca, int num_ciphers,
- cipher_type_t *ctype, int klen) {
+cipher_array_alloc_init(srtp_cipher_t ***ca, int num_ciphers,
+ srtp_cipher_type_t *ctype, int klen) {
int i, j;
srtp_err_status_t status;
uint8_t *key;
- cipher_t **cipher_array;
+ srtp_cipher_t **cipher_array;
/* pad klen allocation, to handle aes_icm reading 16 bytes for the
14-byte salt */
int klen_pad = ((klen + 15) >> 4) << 4;
/* allocate array of pointers to ciphers */
- cipher_array = (cipher_t **) malloc(sizeof(cipher_t *) * num_ciphers);
+ cipher_array = (srtp_cipher_t **) malloc(sizeof(srtp_cipher_t *) * num_ciphers);
if (cipher_array == NULL)
return srtp_err_status_alloc_fail;
@@ -500,7 +500,7 @@
}
srtp_err_status_t
-cipher_array_delete(cipher_t *cipher_array[], int num_cipher) {
+cipher_array_delete(srtp_cipher_t *cipher_array[], int num_cipher) {
int i;
for (i=0; i < num_cipher; i++) {
@@ -526,7 +526,7 @@
*/
uint64_t
-cipher_array_bits_per_second(cipher_t *cipher_array[], int num_cipher,
+cipher_array_bits_per_second(srtp_cipher_t *cipher_array[], int num_cipher,
unsigned octets_in_buffer, int num_trials) {
int i;
v128_t nonce;
@@ -568,7 +568,7 @@
}
void
-cipher_array_test_throughput(cipher_t *ca[], int num_cipher) {
+cipher_array_test_throughput(srtp_cipher_t *ca[], int num_cipher) {
int i;
int min_enc_len = 16;
int max_enc_len = 2048; /* should be a power of two */
@@ -584,9 +584,9 @@
}
srtp_err_status_t
-cipher_driver_test_array_throughput(cipher_type_t *ct,
+cipher_driver_test_array_throughput(srtp_cipher_type_t *ct,
int klen, int num_cipher) {
- cipher_t **ca = NULL;
+ srtp_cipher_t **ca = NULL;
srtp_err_status_t status;
status = cipher_array_alloc_init(&ca, num_cipher, ct, klen);
diff --git a/crypto/test/stat_driver.c b/crypto/test/stat_driver.c
index ea54adc..4f90303 100644
--- a/crypto/test/stat_driver.c
+++ b/crypto/test/stat_driver.c
@@ -40,12 +40,12 @@
uint8_t buffer[2532];
unsigned int buf_len = 2500;
int i, j;
- extern cipher_type_t srtp_aes_icm;
+ extern srtp_cipher_type_t srtp_aes_icm;
#ifdef OPENSSL
- extern cipher_type_t srtp_aes_gcm_128_openssl;
- extern cipher_type_t srtp_aes_gcm_256_openssl;
+ extern srtp_cipher_type_t srtp_aes_gcm_128_openssl;
+ extern srtp_cipher_type_t srtp_aes_gcm_256_openssl;
#endif
- cipher_t *c;
+ srtp_cipher_t *c;
uint8_t key[46] = {
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
diff --git a/include/srtp_priv.h b/include/srtp_priv.h
index 46b8216..b7ef4f3 100644
--- a/include/srtp_priv.h
+++ b/include/srtp_priv.h
@@ -98,16 +98,16 @@
* key, sequence number, and replay database
*
* note that the keys might not actually be unique, in which case the
- * cipher_t and srtp_auth_t pointers will point to the same structures
+ * srtp_cipher_t and srtp_auth_t pointers will point to the same structures
*/
typedef struct srtp_stream_ctx_t_ {
uint32_t ssrc;
- cipher_t *rtp_cipher;
+ srtp_cipher_t *rtp_cipher;
srtp_auth_t *rtp_auth;
rdbx_t rtp_rdbx;
srtp_sec_serv_t rtp_services;
- cipher_t *rtcp_cipher;
+ srtp_cipher_t *rtcp_cipher;
srtp_auth_t *rtcp_auth;
rdb_t rtcp_rdb;
srtp_sec_serv_t rtcp_services;
diff --git a/srtp/srtp.c b/srtp/srtp.c
index 58fef0f..b443178 100644
--- a/srtp/srtp.c
+++ b/srtp/srtp.c
@@ -394,7 +394,7 @@
*/
typedef struct {
- cipher_t *cipher; /* cipher used for key derivation */
+ srtp_cipher_t *cipher; /* cipher used for key derivation */
} srtp_kdf_t;
srtp_err_status_t
@@ -461,7 +461,7 @@
* Assumption is that for AES-ICM a key length < 30 is Ismacryp using
* AES-128 and short salts; everything else uses a salt length of 14.
* TODO: key and salt lengths should be separate fields in the policy. */
-static inline int base_key_length(const cipher_type_t *cipher, int key_length)
+static inline int base_key_length(const srtp_cipher_type_t *cipher, int key_length)
{
switch (cipher->id) {
case AES_128_ICM:
@@ -495,8 +495,8 @@
/* If RTP or RTCP have a key length > AES-128, assume matching kdf. */
/* TODO: kdf algorithm, master key length, and master salt length should
* be part of srtp_policy_t. */
- rtp_keylen = cipher_get_key_length(srtp->rtp_cipher);
- rtcp_keylen = cipher_get_key_length(srtp->rtcp_cipher);
+ rtp_keylen = srtp_cipher_get_key_length(srtp->rtp_cipher);
+ rtcp_keylen = srtp_cipher_get_key_length(srtp->rtcp_cipher);
rtp_base_key_len = base_key_length(srtp->rtp_cipher->type, rtp_keylen);
rtp_salt_len = rtp_keylen - rtp_base_key_len;
@@ -1370,7 +1370,7 @@
prefix_len = srtp_auth_get_prefix_length(stream->rtp_auth);
if (prefix_len) {
- status = cipher_output(stream->rtp_cipher, auth_tag, prefix_len);
+ status = srtp_cipher_output(stream->rtp_cipher, auth_tag, prefix_len);
if (status)
return srtp_err_status_cipher_fail;
debug_print(mod_srtp, "keystream prefix: %s",
@@ -1598,7 +1598,7 @@
if (stream->rtp_auth->prefix_len != 0) {
prefix_len = srtp_auth_get_prefix_length(stream->rtp_auth);
- status = cipher_output(stream->rtp_cipher, tmp_tag, prefix_len);
+ status = srtp_cipher_output(stream->rtp_cipher, tmp_tag, prefix_len);
debug_print(mod_srtp, "keystream prefix: %s",
srtp_octet_string_hex_string(tmp_tag, prefix_len));
if (status)
@@ -2751,7 +2751,7 @@
/* put keystream prefix into auth_tag */
prefix_len = srtp_auth_get_prefix_length(stream->rtcp_auth);
- status = cipher_output(stream->rtcp_cipher, auth_tag, prefix_len);
+ status = srtp_cipher_output(stream->rtcp_cipher, auth_tag, prefix_len);
debug_print(mod_srtp, "keystream prefix: %s",
srtp_octet_string_hex_string(auth_tag, prefix_len));
@@ -2986,7 +2986,7 @@
*/
prefix_len = srtp_auth_get_prefix_length(stream->rtcp_auth);
if (prefix_len) {
- status = cipher_output(stream->rtcp_cipher, auth_tag, prefix_len);
+ status = srtp_cipher_output(stream->rtcp_cipher, auth_tag, prefix_len);
debug_print(mod_srtp, "keystream prefix: %s",
srtp_octet_string_hex_string(auth_tag, prefix_len));
if (status)