Change cipher functions to static where appropriate. Removed some unused functions, which may have to be added back later through a proper public API if downstream projects need these.
diff --git a/crypto/cipher/aes_gcm_ossl.c b/crypto/cipher/aes_gcm_ossl.c
index 08d66e4..6438bac 100644
--- a/crypto/cipher/aes_gcm_ossl.c
+++ b/crypto/cipher/aes_gcm_ossl.c
@@ -82,7 +82,7 @@
* key length includes the 14 byte salt value that is used when
* initializing the KDF.
*/
-srtp_err_status_t srtp_aes_gcm_openssl_alloc (srtp_cipher_t **c, int key_len, int tlen)
+static srtp_err_status_t srtp_aes_gcm_openssl_alloc (srtp_cipher_t **c, int key_len, int tlen)
{
srtp_aes_gcm_ctx_t *gcm;
int tmp;
@@ -143,7 +143,7 @@
/*
* This function deallocates a GCM session
*/
-srtp_err_status_t srtp_aes_gcm_openssl_dealloc (srtp_cipher_t *c)
+static srtp_err_status_t srtp_aes_gcm_openssl_dealloc (srtp_cipher_t *c)
{
srtp_aes_gcm_ctx_t *ctx;
@@ -167,7 +167,7 @@
*
* the key is the secret key
*/
-srtp_err_status_t srtp_aes_gcm_openssl_context_init (srtp_aes_gcm_ctx_t *c, const uint8_t *key)
+static srtp_err_status_t srtp_aes_gcm_openssl_context_init (srtp_aes_gcm_ctx_t *c, const uint8_t *key)
{
c->dir = direction_any;
@@ -193,8 +193,7 @@
* aes_gcm_openssl_set_iv(c, iv) sets the counter value to the exor of iv with
* the offset
*/
-srtp_err_status_t srtp_aes_gcm_openssl_set_iv (srtp_aes_gcm_ctx_t *c, void *iv,
- int direction)
+static srtp_err_status_t srtp_aes_gcm_openssl_set_iv (srtp_aes_gcm_ctx_t *c, void *iv, int direction)
{
const EVP_CIPHER *evp;
@@ -244,8 +243,7 @@
* aad Additional data to process for AEAD cipher suites
* aad_len length of aad buffer
*/
-srtp_err_status_t srtp_aes_gcm_openssl_set_aad (srtp_aes_gcm_ctx_t *c, unsigned char *aad,
- unsigned int aad_len)
+static srtp_err_status_t srtp_aes_gcm_openssl_set_aad (srtp_aes_gcm_ctx_t *c, unsigned char *aad, unsigned int aad_len)
{
int rv;
@@ -271,8 +269,7 @@
* buf data to encrypt
* enc_len length of encrypt buffer
*/
-srtp_err_status_t srtp_aes_gcm_openssl_encrypt (srtp_aes_gcm_ctx_t *c, unsigned char *buf,
- unsigned int *enc_len)
+static srtp_err_status_t srtp_aes_gcm_openssl_encrypt (srtp_aes_gcm_ctx_t *c, unsigned char *buf, unsigned int *enc_len)
{
if (c->dir != direction_encrypt && c->dir != direction_decrypt) {
return (srtp_err_status_bad_param);
@@ -297,8 +294,7 @@
* buf data to encrypt
* len length of encrypt buffer
*/
-srtp_err_status_t srtp_aes_gcm_openssl_get_tag (srtp_aes_gcm_ctx_t *c, unsigned char *buf,
- int *len)
+static srtp_err_status_t srtp_aes_gcm_openssl_get_tag (srtp_aes_gcm_ctx_t *c, unsigned char *buf, int *len)
{
/*
* Calculate the tag
@@ -327,8 +323,7 @@
* buf data to encrypt
* enc_len length of encrypt buffer
*/
-srtp_err_status_t srtp_aes_gcm_openssl_decrypt (srtp_aes_gcm_ctx_t *c, unsigned char *buf,
- unsigned int *enc_len)
+static srtp_err_status_t srtp_aes_gcm_openssl_decrypt (srtp_aes_gcm_ctx_t *c, unsigned char *buf, unsigned int *enc_len)
{
if (c->dir != direction_encrypt && c->dir != direction_decrypt) {
return (srtp_err_status_bad_param);
@@ -362,8 +357,8 @@
/*
* Name of this crypto engine
*/
-char srtp_aes_gcm_128_openssl_description[] = "AES-128 GCM using openssl";
-char srtp_aes_gcm_256_openssl_description[] = "AES-256 GCM using openssl";
+static char srtp_aes_gcm_128_openssl_description[] = "AES-128 GCM using openssl";
+static char srtp_aes_gcm_256_openssl_description[] = "AES-256 GCM using openssl";
/*
@@ -371,19 +366,19 @@
* values we're derived from independent test code
* using OpenSSL.
*/
-uint8_t srtp_aes_gcm_test_case_0_key[SRTP_AES_128_GCM_KEYSIZE_WSALT] = {
+static uint8_t srtp_aes_gcm_test_case_0_key[SRTP_AES_128_GCM_KEYSIZE_WSALT] = {
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, 0x08,
0x09, 0x0a, 0x0b, 0x0c,
};
-uint8_t srtp_aes_gcm_test_case_0_iv[12] = {
+static uint8_t srtp_aes_gcm_test_case_0_iv[12] = {
0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
0xde, 0xca, 0xf8, 0x88
};
-uint8_t srtp_aes_gcm_test_case_0_plaintext[60] = {
+static uint8_t srtp_aes_gcm_test_case_0_plaintext[60] = {
0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
@@ -394,13 +389,13 @@
0xba, 0x63, 0x7b, 0x39
};
-uint8_t srtp_aes_gcm_test_case_0_aad[20] = {
+static uint8_t srtp_aes_gcm_test_case_0_aad[20] = {
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2
};
-uint8_t srtp_aes_gcm_test_case_0_ciphertext[76] = {
+static uint8_t srtp_aes_gcm_test_case_0_ciphertext[76] = {
0x42, 0x83, 0x1e, 0xc2, 0x21, 0x77, 0x74, 0x24,
0x4b, 0x72, 0x21, 0xb7, 0x84, 0xd0, 0xd4, 0x9c,
0xe3, 0xaa, 0x21, 0x2f, 0x2c, 0x02, 0xa4, 0xe0,
@@ -414,7 +409,7 @@
0x94, 0xfa, 0xe9, 0x5a, 0xe7, 0x12, 0x1a, 0x47,
};
-srtp_cipher_test_case_t srtp_aes_gcm_test_case_0a = {
+static srtp_cipher_test_case_t srtp_aes_gcm_test_case_0a = {
SRTP_AES_128_GCM_KEYSIZE_WSALT, /* octets in key */
srtp_aes_gcm_test_case_0_key, /* key */
srtp_aes_gcm_test_case_0_iv, /* packet index */
@@ -428,7 +423,7 @@
NULL /* pointer to next testcase */
};
-srtp_cipher_test_case_t srtp_aes_gcm_test_case_0 = {
+static srtp_cipher_test_case_t srtp_aes_gcm_test_case_0 = {
SRTP_AES_128_GCM_KEYSIZE_WSALT, /* octets in key */
srtp_aes_gcm_test_case_0_key, /* key */
srtp_aes_gcm_test_case_0_iv, /* packet index */
@@ -442,7 +437,7 @@
&srtp_aes_gcm_test_case_0a /* pointer to next testcase */
};
-uint8_t srtp_aes_gcm_test_case_1_key[SRTP_AES_256_GCM_KEYSIZE_WSALT] = {
+static uint8_t srtp_aes_gcm_test_case_1_key[SRTP_AES_256_GCM_KEYSIZE_WSALT] = {
0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
0xa5, 0x59, 0x09, 0xc5, 0x54, 0x66, 0x93, 0x1c,
0xaf, 0xf5, 0x26, 0x9a, 0x21, 0xd5, 0x14, 0xb2,
@@ -452,12 +447,12 @@
};
-uint8_t srtp_aes_gcm_test_case_1_iv[12] = {
+static uint8_t srtp_aes_gcm_test_case_1_iv[12] = {
0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
0xde, 0xca, 0xf8, 0x88
};
-uint8_t srtp_aes_gcm_test_case_1_plaintext[60] = {
+static uint8_t srtp_aes_gcm_test_case_1_plaintext[60] = {
0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
@@ -468,13 +463,13 @@
0xba, 0x63, 0x7b, 0x39
};
-uint8_t srtp_aes_gcm_test_case_1_aad[20] = {
+static uint8_t srtp_aes_gcm_test_case_1_aad[20] = {
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
0xab, 0xad, 0xda, 0xd2
};
-uint8_t srtp_aes_gcm_test_case_1_ciphertext[76] = {
+static uint8_t srtp_aes_gcm_test_case_1_ciphertext[76] = {
0x0b, 0x11, 0xcf, 0xaf, 0x68, 0x4d, 0xae, 0x46,
0xc7, 0x90, 0xb8, 0x8e, 0xb7, 0x6a, 0x76, 0x2a,
0x94, 0x82, 0xca, 0xab, 0x3e, 0x39, 0xd7, 0x86,
@@ -488,7 +483,7 @@
0x81, 0xcb, 0x8e, 0x5b, 0x46, 0x65, 0x63, 0x1d,
};
-srtp_cipher_test_case_t srtp_aes_gcm_test_case_1a = {
+static srtp_cipher_test_case_t srtp_aes_gcm_test_case_1a = {
SRTP_AES_256_GCM_KEYSIZE_WSALT, /* octets in key */
srtp_aes_gcm_test_case_1_key, /* key */
srtp_aes_gcm_test_case_1_iv, /* packet index */
@@ -502,7 +497,7 @@
NULL /* pointer to next testcase */
};
-srtp_cipher_test_case_t srtp_aes_gcm_test_case_1 = {
+static srtp_cipher_test_case_t srtp_aes_gcm_test_case_1 = {
SRTP_AES_256_GCM_KEYSIZE_WSALT, /* octets in key */
srtp_aes_gcm_test_case_1_key, /* key */
srtp_aes_gcm_test_case_1_iv, /* packet index */
diff --git a/crypto/cipher/aes_icm.c b/crypto/cipher/aes_icm.c
index 15b4b22..8f69464 100644
--- a/crypto/cipher/aes_icm.c
+++ b/crypto/cipher/aes_icm.c
@@ -92,7 +92,7 @@
*
*/
-srtp_err_status_t srtp_aes_icm_alloc_ismacryp (srtp_cipher_t **c, int key_len, int forIsmacryp)
+static srtp_err_status_t srtp_aes_icm_alloc_ismacryp (srtp_cipher_t **c, int key_len, int forIsmacryp)
{
extern srtp_cipher_type_t srtp_aes_icm;
uint8_t *pointer;
@@ -143,12 +143,12 @@
return srtp_err_status_ok;
}
-srtp_err_status_t srtp_aes_icm_alloc (srtp_cipher_t **c, int key_len, int forIsmacryp)
+static srtp_err_status_t srtp_aes_icm_alloc (srtp_cipher_t **c, int key_len, int forIsmacryp)
{
return srtp_aes_icm_alloc_ismacryp(c, key_len, 0);
}
-srtp_err_status_t srtp_aes_icm_dealloc (srtp_cipher_t *c)
+static srtp_err_status_t srtp_aes_icm_dealloc (srtp_cipher_t *c)
{
/* zeroize entire state*/
octet_string_set_to_zero((uint8_t*)c,
@@ -171,7 +171,7 @@
* randomizes the starting point in the keystream
*/
-srtp_err_status_t srtp_aes_icm_context_init (aes_icm_ctx_t *c, const uint8_t *key, int key_len)
+static srtp_err_status_t srtp_aes_icm_context_init (aes_icm_ctx_t *c, const uint8_t *key, int key_len)
{
srtp_err_status_t status;
int base_key_len, copy_len;
@@ -220,68 +220,11 @@
}
/*
- * aes_icm_set_octet(c, i) sets the counter of the context which it is
- * passed so that the next octet of keystream that will be generated
- * is the ith octet
- */
-
-srtp_err_status_t srtp_aes_icm_set_octet (aes_icm_ctx_t *c, uint64_t octet_num)
-{
-
-#ifdef NO_64BIT_MATH
- int tail_num = low32(octet_num) & 0x0f;
- /* 64-bit right-shift 4 */
- uint64_t block_num = make64(high32(octet_num) >> 4,
- ((high32(octet_num) & 0x0f) << (32 - 4)) |
- (low32(octet_num) >> 4));
-#else
- int tail_num = (int)(octet_num % 16);
- uint64_t block_num = octet_num / 16;
-#endif
-
-
- /* set counter value */
- /* FIX - There's no way this is correct */
- c->counter.v64[0] = c->offset.v64[0];
-#ifdef NO_64BIT_MATH
- c->counter.v64[0] = make64(high32(c->offset.v64[0]) ^ high32(block_num),
- low32(c->offset.v64[0]) ^ low32(block_num));
-#else
- c->counter.v64[0] = c->offset.v64[0] ^ block_num;
-#endif
-
- debug_print(srtp_mod_aes_icm,
- "set_octet: %s", v128_hex_string(&c->counter));
-
- /* fill keystream buffer, if needed */
- if (tail_num) {
- v128_copy(&c->keystream_buffer, &c->counter);
- srtp_aes_encrypt(&c->keystream_buffer, &c->expanded_key);
- c->bytes_in_buffer = sizeof(v128_t);
-
- debug_print(srtp_mod_aes_icm, "counter: %s",
- v128_hex_string(&c->counter));
- debug_print(srtp_mod_aes_icm, "ciphertext: %s",
- v128_hex_string(&c->keystream_buffer));
-
- /* indicate number of bytes in keystream_buffer */
- c->bytes_in_buffer = sizeof(v128_t) - tail_num;
-
- } else {
-
- /* indicate that keystream_buffer is empty */
- c->bytes_in_buffer = 0;
- }
-
- return srtp_err_status_ok;
-}
-
-/*
* aes_icm_set_iv(c, iv) sets the counter value to the exor of iv with
* the offset
*/
-srtp_err_status_t srtp_aes_icm_set_iv (aes_icm_ctx_t *c, void *iv, int direction)
+static srtp_err_status_t srtp_aes_icm_set_iv (aes_icm_ctx_t *c, void *iv, int direction)
{
v128_t nonce;
@@ -311,7 +254,7 @@
* this is an internal, hopefully inlined function
*/
-static inline void srtp_aes_icm_advance_ismacryp (aes_icm_ctx_t *c, uint8_t forIsmacryp)
+static void srtp_aes_icm_advance_ismacryp (aes_icm_ctx_t *c, uint8_t forIsmacryp)
{
/* fill buffer with new keystream */
v128_copy(&c->keystream_buffer, &c->counter);
@@ -350,7 +293,7 @@
* - fill buffer then add in remaining (< 16) bytes of keystream
*/
-srtp_err_status_t srtp_aes_icm_encrypt_ismacryp (aes_icm_ctx_t *c,
+static srtp_err_status_t srtp_aes_icm_encrypt_ismacryp (aes_icm_ctx_t *c,
unsigned char *buf, unsigned int *enc_len,
int forIsmacryp)
{
@@ -460,56 +403,40 @@
return srtp_err_status_ok;
}
-srtp_err_status_t srtp_aes_icm_encrypt (aes_icm_ctx_t *c, unsigned char *buf, unsigned int *enc_len)
+static srtp_err_status_t srtp_aes_icm_encrypt (aes_icm_ctx_t *c, unsigned char *buf, unsigned int *enc_len)
{
return srtp_aes_icm_encrypt_ismacryp(c, buf, enc_len, 0);
}
-srtp_err_status_t srtp_aes_icm_output (aes_icm_ctx_t *c, uint8_t *buffer, unsigned int num_octets_to_output)
-{
- unsigned int len = num_octets_to_output;
+static char srtp_aes_icm_description[] = "aes integer counter mode";
- /* zeroize the buffer */
- octet_string_set_to_zero(buffer, num_octets_to_output);
-
- /* exor keystream into buffer */
- return srtp_aes_icm_encrypt(c, buffer, &len);
-}
-
-uint16_t srtp_aes_icm_bytes_encrypted (aes_icm_ctx_t *c)
-{
- return htons(c->counter.v16[7]);
-}
-
-char srtp_aes_icm_description[] = "aes integer counter mode";
-
-uint8_t srtp_aes_icm_test_case_0_key[30] = {
+static uint8_t srtp_aes_icm_test_case_0_key[30] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
-uint8_t srtp_aes_icm_test_case_0_nonce[16] = {
+static uint8_t srtp_aes_icm_test_case_0_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
-uint8_t srtp_aes_icm_test_case_0_plaintext[32] = {
+static uint8_t srtp_aes_icm_test_case_0_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
-uint8_t srtp_aes_icm_test_case_0_ciphertext[32] = {
+static uint8_t srtp_aes_icm_test_case_0_ciphertext[32] = {
0xe0, 0x3e, 0xad, 0x09, 0x35, 0xc9, 0x5e, 0x80,
0xe1, 0x66, 0xb1, 0x6d, 0xd9, 0x2b, 0x4e, 0xb4,
0xd2, 0x35, 0x13, 0x16, 0x2b, 0x02, 0xd0, 0xf7,
0x2a, 0x43, 0xa2, 0xfe, 0x4a, 0x5f, 0x97, 0xab
};
-srtp_cipher_test_case_t srtp_aes_icm_test_case_0 = {
+static srtp_cipher_test_case_t srtp_aes_icm_test_case_0 = {
30, /* octets in key */
srtp_aes_icm_test_case_0_key, /* key */
srtp_aes_icm_test_case_0_nonce, /* packet index */
@@ -523,7 +450,7 @@
NULL /* pointer to next testcase */
};
-uint8_t srtp_aes_icm_test_case_1_key[46] = {
+static uint8_t srtp_aes_icm_test_case_1_key[46] = {
0x57, 0xf8, 0x2f, 0xe3, 0x61, 0x3f, 0xd1, 0x70,
0xa8, 0x5e, 0xc9, 0x3c, 0x40, 0xb1, 0xf0, 0x92,
0x2e, 0xc4, 0xcb, 0x0d, 0xc0, 0x25, 0xb5, 0x82,
@@ -532,26 +459,26 @@
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
-uint8_t srtp_aes_icm_test_case_1_nonce[16] = {
+static uint8_t srtp_aes_icm_test_case_1_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
-uint8_t srtp_aes_icm_test_case_1_plaintext[32] = {
+static uint8_t srtp_aes_icm_test_case_1_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
-uint8_t srtp_aes_icm_test_case_1_ciphertext[32] = {
+static uint8_t srtp_aes_icm_test_case_1_ciphertext[32] = {
0x92, 0xbd, 0xd2, 0x8a, 0x93, 0xc3, 0xf5, 0x25,
0x11, 0xc6, 0x77, 0xd0, 0x8b, 0x55, 0x15, 0xa4,
0x9d, 0xa7, 0x1b, 0x23, 0x78, 0xa8, 0x54, 0xf6,
0x70, 0x50, 0x75, 0x6d, 0xed, 0x16, 0x5b, 0xac
};
-srtp_cipher_test_case_t srtp_aes_icm_test_case_1 = {
+static srtp_cipher_test_case_t srtp_aes_icm_test_case_1 = {
46, /* octets in key */
srtp_aes_icm_test_case_1_key, /* key */
srtp_aes_icm_test_case_1_nonce, /* packet index */
diff --git a/crypto/cipher/aes_icm_ossl.c b/crypto/cipher/aes_icm_ossl.c
index 31df9fa..344ac14 100644
--- a/crypto/cipher/aes_icm_ossl.c
+++ b/crypto/cipher/aes_icm_ossl.c
@@ -63,7 +63,6 @@
0, /* debugging is off by default */
"aes icm ossl" /* printable module name */
};
-extern srtp_cipher_test_case_t srtp_aes_icm_test_case_0;
extern srtp_cipher_type_t srtp_aes_icm;
extern srtp_cipher_type_t srtp_aes_icm_192;
extern srtp_cipher_type_t srtp_aes_icm_256;
@@ -110,7 +109,7 @@
* value. The tlen argument is for the AEAD tag length, which
* isn't used in counter mode.
*/
-srtp_err_status_t srtp_aes_icm_openssl_alloc (srtp_cipher_t **c, int key_len, int tlen)
+static srtp_err_status_t srtp_aes_icm_openssl_alloc (srtp_cipher_t **c, int key_len, int tlen)
{
srtp_aes_icm_ctx_t *icm;
int tmp;
@@ -168,7 +167,7 @@
/*
* This function deallocates an instance of this engine
*/
-srtp_err_status_t srtp_aes_icm_openssl_dealloc (srtp_cipher_t *c)
+static srtp_err_status_t srtp_aes_icm_openssl_dealloc (srtp_cipher_t *c)
{
srtp_aes_icm_ctx_t *ctx;
@@ -203,7 +202,7 @@
* the salt is unpredictable (but not necessarily secret) data which
* randomizes the starting point in the keystream
*/
-srtp_err_status_t srtp_aes_icm_openssl_context_init (srtp_aes_icm_ctx_t *c, const uint8_t *key, int len)
+static srtp_err_status_t srtp_aes_icm_openssl_context_init (srtp_aes_icm_ctx_t *c, const uint8_t *key, int len)
{
/*
* set counter and initial values to 'offset' value, being careful not to
@@ -250,7 +249,7 @@
* aes_icm_set_iv(c, iv) sets the counter value to the exor of iv with
* the offset
*/
-srtp_err_status_t srtp_aes_icm_openssl_set_iv (srtp_aes_icm_ctx_t *c, void *iv, int dir)
+static srtp_err_status_t srtp_aes_icm_openssl_set_iv (srtp_aes_icm_ctx_t *c, void *iv, int dir)
{
const EVP_CIPHER *evp;
v128_t nonce;
@@ -295,7 +294,7 @@
* buf data to encrypt
* enc_len length of encrypt buffer
*/
-srtp_err_status_t srtp_aes_icm_openssl_encrypt (srtp_aes_icm_ctx_t *c, unsigned char *buf, unsigned int *enc_len)
+static srtp_err_status_t srtp_aes_icm_openssl_encrypt (srtp_aes_icm_ctx_t *c, unsigned char *buf, unsigned int *enc_len)
{
int len = 0;
@@ -314,50 +313,45 @@
return srtp_err_status_ok;
}
-uint16_t srtp_aes_icm_bytes_encrypted(srtp_aes_icm_ctx_t *c)
-{
- return htons(c->counter.v16[7]);
-}
-
/*
* Name of this crypto engine
*/
-char srtp_aes_icm_openssl_description[] = "AES-128 counter mode using openssl";
-char srtp_aes_icm_192_openssl_description[] = "AES-192 counter mode using openssl";
-char srtp_aes_icm_256_openssl_description[] = "AES-256 counter mode using openssl";
+static char srtp_aes_icm_openssl_description[] = "AES-128 counter mode using openssl";
+static char srtp_aes_icm_192_openssl_description[] = "AES-192 counter mode using openssl";
+static char srtp_aes_icm_256_openssl_description[] = "AES-256 counter mode using openssl";
/*
* KAT values for AES self-test. These
* values came from the legacy libsrtp code.
*/
-uint8_t srtp_aes_icm_test_case_0_key[SRTP_AES_128_KEYSIZE_WSALT] = {
+static uint8_t srtp_aes_icm_test_case_0_key[SRTP_AES_128_KEYSIZE_WSALT] = {
0x2b, 0x7e, 0x15, 0x16, 0x28, 0xae, 0xd2, 0xa6,
0xab, 0xf7, 0x15, 0x88, 0x09, 0xcf, 0x4f, 0x3c,
0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
-uint8_t srtp_aes_icm_test_case_0_nonce[16] = {
+static uint8_t srtp_aes_icm_test_case_0_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
-uint8_t srtp_aes_icm_test_case_0_plaintext[32] = {
+static uint8_t srtp_aes_icm_test_case_0_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
-uint8_t srtp_aes_icm_test_case_0_ciphertext[32] = {
+static uint8_t srtp_aes_icm_test_case_0_ciphertext[32] = {
0xe0, 0x3e, 0xad, 0x09, 0x35, 0xc9, 0x5e, 0x80,
0xe1, 0x66, 0xb1, 0x6d, 0xd9, 0x2b, 0x4e, 0xb4,
0xd2, 0x35, 0x13, 0x16, 0x2b, 0x02, 0xd0, 0xf7,
0x2a, 0x43, 0xa2, 0xfe, 0x4a, 0x5f, 0x97, 0xab
};
-srtp_cipher_test_case_t srtp_aes_icm_test_case_0 = {
+static srtp_cipher_test_case_t srtp_aes_icm_test_case_0 = {
SRTP_AES_128_KEYSIZE_WSALT, /* octets in key */
srtp_aes_icm_test_case_0_key, /* key */
srtp_aes_icm_test_case_0_nonce, /* packet index */
@@ -375,7 +369,7 @@
* KAT values for AES-192-CTR self-test. These
* values came from section 7 of RFC 6188.
*/
-uint8_t srtp_aes_icm_192_test_case_1_key[SRTP_AES_192_KEYSIZE_WSALT] = {
+static uint8_t srtp_aes_icm_192_test_case_1_key[SRTP_AES_192_KEYSIZE_WSALT] = {
0xea, 0xb2, 0x34, 0x76, 0x4e, 0x51, 0x7b, 0x2d,
0x3d, 0x16, 0x0d, 0x58, 0x7d, 0x8c, 0x86, 0x21,
0x97, 0x40, 0xf6, 0x5f, 0x99, 0xb6, 0xbc, 0xf7,
@@ -383,26 +377,26 @@
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
-uint8_t srtp_aes_icm_192_test_case_1_nonce[16] = {
+static uint8_t srtp_aes_icm_192_test_case_1_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
-uint8_t srtp_aes_icm_192_test_case_1_plaintext[32] = {
+static uint8_t srtp_aes_icm_192_test_case_1_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
-uint8_t srtp_aes_icm_192_test_case_1_ciphertext[32] = {
+static uint8_t srtp_aes_icm_192_test_case_1_ciphertext[32] = {
0x35, 0x09, 0x6c, 0xba, 0x46, 0x10, 0x02, 0x8d,
0xc1, 0xb5, 0x75, 0x03, 0x80, 0x4c, 0xe3, 0x7c,
0x5d, 0xe9, 0x86, 0x29, 0x1d, 0xcc, 0xe1, 0x61,
0xd5, 0x16, 0x5e, 0xc4, 0x56, 0x8f, 0x5c, 0x9a
};
-srtp_cipher_test_case_t srtp_aes_icm_192_test_case_1 = {
+static srtp_cipher_test_case_t srtp_aes_icm_192_test_case_1 = {
SRTP_AES_192_KEYSIZE_WSALT, /* octets in key */
srtp_aes_icm_192_test_case_1_key, /* key */
srtp_aes_icm_192_test_case_1_nonce, /* packet index */
@@ -421,7 +415,7 @@
* KAT values for AES-256-CTR self-test. These
* values came from section 7 of RFC 6188.
*/
-uint8_t srtp_aes_icm_256_test_case_2_key[SRTP_AES_256_KEYSIZE_WSALT] = {
+static uint8_t srtp_aes_icm_256_test_case_2_key[SRTP_AES_256_KEYSIZE_WSALT] = {
0x57, 0xf8, 0x2f, 0xe3, 0x61, 0x3f, 0xd1, 0x70,
0xa8, 0x5e, 0xc9, 0x3c, 0x40, 0xb1, 0xf0, 0x92,
0x2e, 0xc4, 0xcb, 0x0d, 0xc0, 0x25, 0xb5, 0x82,
@@ -430,26 +424,26 @@
0xf8, 0xf9, 0xfa, 0xfb, 0xfc, 0xfd
};
-uint8_t srtp_aes_icm_256_test_case_2_nonce[16] = {
+static uint8_t srtp_aes_icm_256_test_case_2_nonce[16] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
-uint8_t srtp_aes_icm_256_test_case_2_plaintext[32] = {
+static uint8_t srtp_aes_icm_256_test_case_2_plaintext[32] = {
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
};
-uint8_t srtp_aes_icm_256_test_case_2_ciphertext[32] = {
+static uint8_t srtp_aes_icm_256_test_case_2_ciphertext[32] = {
0x92, 0xbd, 0xd2, 0x8a, 0x93, 0xc3, 0xf5, 0x25,
0x11, 0xc6, 0x77, 0xd0, 0x8b, 0x55, 0x15, 0xa4,
0x9d, 0xa7, 0x1b, 0x23, 0x78, 0xa8, 0x54, 0xf6,
0x70, 0x50, 0x75, 0x6d, 0xed, 0x16, 0x5b, 0xac
};
-srtp_cipher_test_case_t srtp_aes_icm_256_test_case_2 = {
+static srtp_cipher_test_case_t srtp_aes_icm_256_test_case_2 = {
SRTP_AES_256_KEYSIZE_WSALT, /* octets in key */
srtp_aes_icm_256_test_case_2_key, /* key */
srtp_aes_icm_256_test_case_2_nonce, /* packet index */
diff --git a/crypto/include/aes_icm.h b/crypto/include/aes_icm.h
index 89b39eb..c263d62 100644
--- a/crypto/include/aes_icm.h
+++ b/crypto/include/aes_icm.h
@@ -22,27 +22,5 @@
int bytes_in_buffer; /* number of unused bytes in buffer */
} aes_icm_ctx_t;
-
-srtp_err_status_t aes_icm_context_init(aes_icm_ctx_t *c,
- const unsigned char *key,
- int key_len);
-
-srtp_err_status_t aes_icm_set_iv(aes_icm_ctx_t *c, void *iv, int direction);
-
-srtp_err_status_t aes_icm_encrypt(aes_icm_ctx_t *c, unsigned char *buf, unsigned int *bytes_to_encr);
-
-srtp_err_status_t aes_icm_output(aes_icm_ctx_t *c, unsigned char *buf, unsigned int bytes_to_output);
-
-srtp_err_status_t aes_icm_dealloc(srtp_cipher_t *c);
-
-srtp_err_status_t aes_icm_encrypt_ismacryp(aes_icm_ctx_t *c,
- unsigned char *buf,
- unsigned int *enc_len,
- int forIsmacryp);
-
-srtp_err_status_t aes_icm_alloc_ismacryp(srtp_cipher_t **c, int key_len, int forIsmacryp);
-
-uint16_t aes_icm_bytes_encrypted(aes_icm_ctx_t *c);
-
#endif /* AES_ICM_H */
diff --git a/crypto/include/aes_icm_ossl.h b/crypto/include/aes_icm_ossl.h
index 2da8d48..cd7f729 100644
--- a/crypto/include/aes_icm_ossl.h
+++ b/crypto/include/aes_icm_ossl.h
@@ -66,11 +66,5 @@
EVP_CIPHER_CTX ctx;
} srtp_aes_icm_ctx_t;
-srtp_err_status_t srtp_aes_icm_openssl_set_iv(srtp_aes_icm_ctx_t *c, void *iv, int dir);
-srtp_err_status_t srtp_aes_icm_openssl_context_init(srtp_aes_icm_ctx_t *c, const uint8_t *key, int len);
-srtp_err_status_t srtp_aes_icm_output(srtp_aes_icm_ctx_t *c, uint8_t *buffer, int num_octets_to_output);
-uint16_t srtp_aes_icm_bytes_encrypted(srtp_aes_icm_ctx_t *c);
-
-
#endif /* AES_ICM_H */