Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / libsrtp2 / ab0345b241133e894a326136b4b2a3b1f7e70e74 / . / test / srtp_driver.c
blob: ab521ebb0725f2597b1336c2a7e30283f892f211 [file] [log] [blame]
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]1
Ryan Hooperab0345b2017-02-07 16:07:59 -0500[diff] [blame^]2
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3/*
4 * srtp_driver.c
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]5 *
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]6 * a test driver for libSRTP
7 *
8 * David A. McGrew
9 * Cisco Systems, Inc.
10 */
11/*
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]12 *
David McGrew7629bf22006-06-08 17:00:25 +0000[diff] [blame]13 * Copyright (c) 2001-2006, Cisco Systems, Inc.
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]14 * All rights reserved.
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]15 *
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]16 * Redistribution and use in source and binary forms, with or without
17 * modification, are permitted provided that the following conditions
18 * are met:
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]19 *
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]20 * Redistributions of source code must retain the above copyright
21 * notice, this list of conditions and the following disclaimer.
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]22 *
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]23 * Redistributions in binary form must reproduce the above
24 * copyright notice, this list of conditions and the following
25 * disclaimer in the documentation and/or other materials provided
26 * with the distribution.
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]27 *
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]28 * Neither the name of the Cisco Systems, Inc. nor the names of its
29 * contributors may be used to endorse or promote products derived
30 * from this software without specific prior written permission.
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]31 *
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]32 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
33 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
34 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
35 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
36 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
37 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
38 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
39 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
40 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
41 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
42 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
43 * OF THE POSSIBILITY OF SUCH DAMAGE.
44 *
45 */
46
47
48#include <string.h> /* for memcpy() */
49#include <time.h> /* for clock() */
50#include <stdlib.h> /* for malloc(), free() */
51#include <stdio.h> /* for print(), fflush() */
David McGrew79bd3012006-07-17 20:41:21 +0000[diff] [blame]52#include "getopt_s.h" /* for local getopt() */
jfigus46d6b472014-11-14 16:42:01 -0500[diff] [blame]53#include "util.h"
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]54
David McGrew3c45e0c2006-07-12 00:50:56 +0000[diff] [blame]55#include "srtp_priv.h"
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]56#include "util.h"
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]57
Marcus Sundberg1cbca882005-10-02 20:50:06 +0000[diff] [blame]58#ifdef HAVE_NETINET_IN_H
59# include <netinet/in.h>
60#elif defined HAVE_WINSOCK2_H
61# include <winsock2.h>
62#endif
63
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]64#define PRINT_REFERENCE_PACKET 1
65
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]66srtp_err_status_t
Marcus Sundberga3f95fe2005-09-29 12:48:41 +0000[diff] [blame]67srtp_validate(void);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]68
Paul E. Jones9fc018c2016-06-03 02:56:56 -0400[diff] [blame]69#ifdef OPENSSL
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]70srtp_err_status_t
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]71srtp_validate_gcm(void);
Paul E. Jones9fc018c2016-06-03 02:56:56 -0400[diff] [blame]72#endif
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]73
74srtp_err_status_t
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]75srtp_validate_encrypted_extensions_headers(void);
76
Joachim Bauch80a45b52015-12-06 22:57:58 +0100[diff] [blame]77#ifdef OPENSSL
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]78srtp_err_status_t
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]79srtp_validate_encrypted_extensions_headers_gcm(void);
Joachim Bauch80a45b52015-12-06 22:57:58 +0100[diff] [blame]80#endif
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]81
82srtp_err_status_t
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]83srtp_validate_aes_256(void);
84
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]85srtp_err_status_t
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]86srtp_create_big_policy(srtp_policy_t **list);
87
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]88srtp_err_status_t
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]89srtp_dealloc_big_policy(srtp_policy_t *list);
90
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]91srtp_err_status_t
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]92srtp_test_empty_payload(void);
93
94#ifdef OPENSSL
95srtp_err_status_t
96srtp_test_empty_payload_gcm(void);
97#endif
98
99srtp_err_status_t
Marcus Sundberga3f95fe2005-09-29 12:48:41 +0000[diff] [blame]100srtp_test_remove_stream(void);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]101
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]102srtp_err_status_t
103srtp_test_update(void);
104
Ryan Hooperab0345b2017-02-07 16:07:59 -0500[diff] [blame^]105srtp_err_status_t
106srtp_test_protect_trailer_length(void);
107
108srtp_err_status_t
109srtp_test_protect_rtcp_trailer_length(void);
110
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]111double
112srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy);
113
114double
115srtp_rejections_per_second(int msg_len_octets, const srtp_policy_t *policy);
116
117void
118srtp_do_timing(const srtp_policy_t *policy);
119
120void
121srtp_do_rejection_timing(const srtp_policy_t *policy);
122
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]123srtp_err_status_t
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]124srtp_test(const srtp_policy_t *policy, int extension_header, int mki_index);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]125
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]126srtp_err_status_t
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]127srtcp_test(const srtp_policy_t *policy, int mki_index);
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]128
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]129srtp_err_status_t
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]130srtp_session_print_policy(srtp_t srtp);
131
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]132srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]133srtp_print_policy(const srtp_policy_t *policy);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]134
135char *
136srtp_packet_to_string(srtp_hdr_t *hdr, int packet_len);
137
138double
139mips_estimate(int num_trials, int *ignore);
140
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]141#define TEST_MKI_ID_SIZE 4
142
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]143extern uint8_t test_key[46];
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]144extern uint8_t test_key_2[46];
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]145extern uint8_t test_mki_id[TEST_MKI_ID_SIZE];
146extern uint8_t test_mki_id_2[TEST_MKI_ID_SIZE];
147
148srtp_master_key_t master_key_1 = {
149 test_key,
150 test_mki_id,
151 TEST_MKI_ID_SIZE
152};
153
154srtp_master_key_t master_key_2 = {
155 test_key_2,
156 test_mki_id_2,
157 TEST_MKI_ID_SIZE
158};
159
160srtp_master_key_t *test_keys[2] = {
161 &master_key_1,
162 &master_key_2
163};
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]164
165void
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]166usage (char *prog_name)
167{
168 printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n"
169 " -t run timing test\n"
170 " -r run rejection timing test\n"
171 " -c run codec timing test\n"
172 " -v run validation tests\n"
173 " -d <mod> turn on debugging module <mod>\n"
174 " -l list debugging modules\n", prog_name);
175 exit(1);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]176}
177
178/*
179 * The policy_array is a null-terminated array of policy structs. it
180 * is declared at the end of this file
181 */
182
183extern const srtp_policy_t *policy_array[];
184
185
186/* the wildcard_policy is declared below; it has a wildcard ssrc */
187
188extern const srtp_policy_t wildcard_policy;
189
190/*
191 * mod_driver debug module - debugging module for this test driver
192 *
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]193 * we use the crypto_kernel debugging system in this driver, which
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]194 * makes the interface uniform and increases portability
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]195 */
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]196
jfigus02d6f032014-11-21 10:56:42 -0500[diff] [blame]197srtp_debug_module_t mod_driver = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]198 0, /* debugging is off by default */
199 "driver" /* printable name for module */
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]200};
201
202int
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]203main (int argc, char *argv[])
204{
205 int q;
206 unsigned do_timing_test = 0;
207 unsigned do_rejection_test = 0;
208 unsigned do_codec_timing = 0;
209 unsigned do_validation = 0;
210 unsigned do_list_mods = 0;
211 srtp_err_status_t status;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]212
213 /*
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]214 * verify that the compiler has interpreted the header data
215 * structure srtp_hdr_t correctly
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]216 */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]217 if (sizeof(srtp_hdr_t) != 12) {
218 printf("error: srtp_hdr_t has incorrect size"
219 "(size is %ld bytes, expected 12)\n",
220 (long)sizeof(srtp_hdr_t));
221 exit(1);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]222 }
223
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]224 /* initialize srtp library */
225 status = srtp_init();
226 if (status) {
227 printf("error: srtp init failed with error code %d\n", status);
228 exit(1);
229 }
230
231 /* load srtp_driver debug module */
jfigus92736bc2014-11-21 10:30:54 -0500[diff] [blame]232 status = srtp_crypto_kernel_load_debug_module(&mod_driver);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]233 if (status) {
234 printf("error: load of srtp_driver debug module failed "
235 "with error code %d\n", status);
236 exit(1);
237 }
238
239 /* process input arguments */
240 while (1) {
241 q = getopt_s(argc, argv, "trcvld:");
242 if (q == -1) {
243 break;
244 }
245 switch (q) {
246 case 't':
247 do_timing_test = 1;
248 break;
249 case 'r':
250 do_rejection_test = 1;
251 break;
252 case 'c':
253 do_codec_timing = 1;
254 break;
255 case 'v':
256 do_validation = 1;
257 break;
258 case 'l':
259 do_list_mods = 1;
260 break;
261 case 'd':
jfigus92736bc2014-11-21 10:30:54 -0500[diff] [blame]262 status = srtp_crypto_kernel_set_debug_module(optarg_s, 1);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]263 if (status) {
264 printf("error: set debug module (%s) failed\n", optarg_s);
265 exit(1);
266 }
267 break;
268 default:
269 usage(argv[0]);
270 }
271 }
272
273 if (!do_validation && !do_timing_test && !do_codec_timing
274 && !do_list_mods && !do_rejection_test) {
275 usage(argv[0]);
276 }
277
278 if (do_list_mods) {
jfigus92736bc2014-11-21 10:30:54 -0500[diff] [blame]279 status = srtp_crypto_kernel_list_debug_modules();
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]280 if (status) {
281 printf("error: list of debug modules failed\n");
282 exit(1);
283 }
284 }
285
286 if (do_validation) {
287 const srtp_policy_t **policy = policy_array;
288 srtp_policy_t *big_policy;
289
290 /* loop over policy array, testing srtp and srtcp for each policy */
291 while (*policy != NULL) {
292 printf("testing srtp_protect and srtp_unprotect\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]293 if (srtp_test(*policy, 0, -1) == srtp_err_status_ok) {
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]294 printf("passed\n\n");
295 } else{
296 printf("failed\n");
297 exit(1);
298 }
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]299
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]300 printf("testing srtp_protect and srtp_unprotect with encrypted extensions headers\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]301 if (srtp_test(*policy, 1, -1) == srtp_err_status_ok) {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]302 printf("passed\n\n");
303 } else{
304 printf("failed\n");
305 exit(1);
306 }
307 printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]308 if (srtcp_test(*policy, -1) == srtp_err_status_ok) {
309 printf("passed\n\n");
310 } else{
311 printf("failed\n");
312 exit(1);
313 }
314 printf("testing srtp_protect_rtp and srtp_unprotect_rtp with MKI index set to 0\n");
315 if (srtp_test(*policy, 0, 0) == srtp_err_status_ok) {
316 printf("passed\n\n");
317 } else{
318 printf("failed\n");
319 exit(1);
320 }
321 printf("testing srtp_protect_rtp and srtp_unprotect_rtp with MKI index set to 1\n");
322 if (srtp_test(*policy, 0, 1) == srtp_err_status_ok) {
323 printf("passed\n\n");
324 } else{
325 printf("failed\n");
326 exit(1);
327 }
328
329 printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp with MKI index set to 0\n");
330 if (srtcp_test(*policy, 0) == srtp_err_status_ok) {
331 printf("passed\n\n");
332 } else{
333 printf("failed\n");
334 exit(1);
335 }
336 printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp with MKI index set to 1\n");
337 if (srtcp_test(*policy, 1) == srtp_err_status_ok) {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]338 printf("passed\n\n");
339 } else{
340 printf("failed\n");
341 exit(1);
342 }
343 policy++;
344 }
345
346 /* create a big policy list and run tests on it */
347 status = srtp_create_big_policy(&big_policy);
348 if (status) {
349 printf("unexpected failure with error code %d\n", status);
350 exit(1);
351 }
352 printf("testing srtp_protect and srtp_unprotect with big policy\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]353 if (srtp_test(big_policy, 0, -1) == srtp_err_status_ok) {
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]354 printf("passed\n\n");
355 } else{
356 printf("failed\n");
357 exit(1);
358 }
359 printf("testing srtp_protect and srtp_unprotect with big policy and encrypted extensions headers\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]360 if (srtp_test(big_policy, 1, -1) == srtp_err_status_ok) {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]361 printf("passed\n\n");
362 } else{
363 printf("failed\n");
364 exit(1);
365 }
366 status = srtp_dealloc_big_policy(big_policy);
367 if (status) {
368 printf("unexpected failure with error code %d\n", status);
369 exit(1);
370 }
371
372 /* run test on wildcard policy */
373 printf("testing srtp_protect and srtp_unprotect on "
374 "wildcard ssrc policy\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]375 if (srtp_test(&wildcard_policy, 0, -1) == srtp_err_status_ok) {
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]376 printf("passed\n\n");
377 } else{
378 printf("failed\n");
379 exit(1);
380 }
381 printf("testing srtp_protect and srtp_unprotect on "
382 "wildcard ssrc policy and encrypted extensions headers\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]383 if (srtp_test(&wildcard_policy, 1, -1) == srtp_err_status_ok) {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]384 printf("passed\n\n");
385 } else{
386 printf("failed\n");
387 exit(1);
388 }
389
390 /*
391 * run validation test against the reference packets - note
392 * that this test only covers the default policy
393 */
394 printf("testing srtp_protect and srtp_unprotect against "
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]395 "reference packet\n");
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]396 if (srtp_validate() == srtp_err_status_ok) {
397 printf("passed\n\n");
398 } else{
399 printf("failed\n");
400 exit(1);
401 }
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]402
403#ifdef OPENSSL
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]404 printf("testing srtp_protect and srtp_unprotect against "
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]405 "reference packet using GCM\n");
406 if (srtp_validate_gcm() == srtp_err_status_ok) {
407 printf("passed\n\n");
408 } else{
409 printf("failed\n");
410 exit(1);
411 }
412#endif
413
414 printf("testing srtp_protect and srtp_unprotect against "
415 "reference packet with encrypted extensions headers\n");
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]416 if (srtp_validate_encrypted_extensions_headers() == srtp_err_status_ok)
417 printf("passed\n\n");
418 else {
419 printf("failed\n");
420 exit(1);
421 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]422
Joachim Bauchb8cb5772015-11-24 21:46:25 +0100[diff] [blame]423#ifdef OPENSSL
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]424 printf("testing srtp_protect and srtp_unprotect against "
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]425 "reference packet with encrypted extension headers (GCM)\n");
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]426 if (srtp_validate_encrypted_extensions_headers_gcm() == srtp_err_status_ok) {
427 printf("passed\n\n");
428 } else{
429 printf("failed\n");
430 exit(1);
431 }
Joachim Bauch80a45b52015-12-06 22:57:58 +0100[diff] [blame]432#endif
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]433
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]434 /*
435 * run validation test against the reference packets for
436 * AES-256
437 */
438 printf("testing srtp_protect and srtp_unprotect against "
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]439 "reference packet (AES-256)\n");
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]440 if (srtp_validate_aes_256() == srtp_err_status_ok) {
441 printf("passed\n\n");
442 } else{
443 printf("failed\n");
444 exit(1);
445 }
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]446
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]447 /*
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]448 * test packets with empty payload
449 */
450 printf("testing srtp_protect and srtp_unprotect against "
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]451 "packet with empty payload\n");
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]452 if (srtp_test_empty_payload() == srtp_err_status_ok) {
453 printf("passed\n");
454 } else{
455 printf("failed\n");
456 exit(1);
457 }
458#ifdef OPENSSL
459 printf("testing srtp_protect and srtp_unprotect against "
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]460 "packet with empty payload (GCM)\n");
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]461 if (srtp_test_empty_payload_gcm() == srtp_err_status_ok) {
462 printf("passed\n");
463 } else{
464 printf("failed\n");
465 exit(1);
466 }
467#endif
468
469 /*
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]470 * test the function srtp_remove_stream()
471 */
472 printf("testing srtp_remove_stream()...");
473 if (srtp_test_remove_stream() == srtp_err_status_ok) {
474 printf("passed\n");
475 } else{
476 printf("failed\n");
477 exit(1);
478 }
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]479
480 /*
481 * test the function srtp_update()
482 */
483 printf("testing srtp_update()...");
484 if (srtp_test_update() == srtp_err_status_ok) {
485 printf("passed\n");
486 } else {
487 printf("failed\n");
488 exit(1);
489 }
Ryan Hooperab0345b2017-02-07 16:07:59 -0500[diff] [blame^]490
491 /*
492 * test the functions srtp_get_protect_trailer_length
493 * and srtp_get_protect_rtcp_trailer_length
494 */
495 printf("testing srtp_get_protect_trailer_length()...");
496 if (srtp_test_protect_trailer_length() == srtp_err_status_ok) {
497 printf("passed\n");
498 } else {
499 printf("failed\n");
500 exit(1);
501 }
502
503 printf("testing srtp_get_protect_rtcp_trailer_length()...");
504 if (srtp_test_protect_rtcp_trailer_length() == srtp_err_status_ok) {
505 printf("passed\n");
506 } else {
507 printf("failed\n");
508 exit(1);
509 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]510 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]511
512 if (do_timing_test) {
513 const srtp_policy_t **policy = policy_array;
514
515 /* loop over policies, run timing test for each */
516 while (*policy != NULL) {
517 srtp_print_policy(*policy);
518 srtp_do_timing(*policy);
519 policy++;
520 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]521 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]522
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]523 if (do_rejection_test) {
524 const srtp_policy_t **policy = policy_array;
525
526 /* loop over policies, run rejection timing test for each */
527 while (*policy != NULL) {
528 srtp_print_policy(*policy);
529 srtp_do_rejection_timing(*policy);
530 policy++;
531 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]532 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]533
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]534 if (do_codec_timing) {
535 srtp_policy_t policy;
536 int ignore;
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]537 double mips_value = mips_estimate(1000000000, &ignore);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]538
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]539 memset(&policy, 0, sizeof(policy));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]540 srtp_crypto_policy_set_rtp_default(&policy.rtp);
541 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
542 policy.ssrc.type = ssrc_specific;
543 policy.ssrc.value = 0xdecafbad;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]544 policy.key = test_key;
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]545 policy.ekt = NULL;
546 policy.window_size = 128;
547 policy.allow_repeat_tx = 0;
548 policy.next = NULL;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]549
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]550 printf("mips estimate: %e\n", mips_value);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]551
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]552 printf("testing srtp processing time for voice codecs:\n");
553 printf("codec\t\tlength (octets)\t\tsrtp instructions/second\n");
554 printf("G.711\t\t%d\t\t\t%e\n", 80,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]555 (double)mips_value * (80 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]556 srtp_bits_per_second(80, &policy) / .01 );
557 printf("G.711\t\t%d\t\t\t%e\n", 160,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]558 (double)mips_value * (160 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]559 srtp_bits_per_second(160, &policy) / .02);
560 printf("G.726-32\t%d\t\t\t%e\n", 40,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]561 (double)mips_value * (40 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]562 srtp_bits_per_second(40, &policy) / .01 );
563 printf("G.726-32\t%d\t\t\t%e\n", 80,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]564 (double)mips_value * (80 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]565 srtp_bits_per_second(80, &policy) / .02);
566 printf("G.729\t\t%d\t\t\t%e\n", 10,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]567 (double)mips_value * (10 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]568 srtp_bits_per_second(10, &policy) / .01 );
569 printf("G.729\t\t%d\t\t\t%e\n", 20,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]570 (double)mips_value * (20 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]571 srtp_bits_per_second(20, &policy) / .02 );
572 printf("Wideband\t%d\t\t\t%e\n", 320,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]573 (double)mips_value * (320 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]574 srtp_bits_per_second(320, &policy) / .01 );
575 printf("Wideband\t%d\t\t\t%e\n", 640,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]576 (double)mips_value * (640 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]577 srtp_bits_per_second(640, &policy) / .02 );
578 }
Jonathan Lennoxdfb30842010-05-15 04:52:01 +0000[diff] [blame]579
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]580 status = srtp_shutdown();
581 if (status) {
582 printf("error: srtp shutdown failed with error code %d\n", status);
583 exit(1);
584 }
585
586 return 0;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]587}
588
589
590
591/*
592 * srtp_create_test_packet(len, ssrc) returns a pointer to a
593 * (malloced) example RTP packet whose data field has the length given
594 * by pkt_octet_len and the SSRC value ssrc. The total length of the
595 * packet is twelve octets longer, since the header is at the
596 * beginning. There is room at the end of the packet for a trailer,
597 * and the four octets following the packet are filled with 0xff
598 * values to enable testing for overwrites.
599 *
600 * note that the location of the test packet can (and should) be
601 * deallocated with the free() call once it is no longer needed.
602 */
603
604srtp_hdr_t *
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]605srtp_create_test_packet (int pkt_octet_len, uint32_t ssrc)
606{
607 int i;
608 uint8_t *buffer;
609 srtp_hdr_t *hdr;
610 int bytes_in_hdr = 12;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]611
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]612 /* allocate memory for test packet */
613 hdr = (srtp_hdr_t*)malloc(pkt_octet_len + bytes_in_hdr
614 + SRTP_MAX_TRAILER_LEN + 4);
615 if (!hdr) {
616 return NULL;
617 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]618
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]619 hdr->version = 2; /* RTP version two */
620 hdr->p = 0; /* no padding needed */
621 hdr->x = 0; /* no header extension */
622 hdr->cc = 0; /* no CSRCs */
623 hdr->m = 0; /* marker bit */
624 hdr->pt = 0xf; /* payload type */
625 hdr->seq = htons(0x1234); /* sequence number */
626 hdr->ts = htonl(0xdecafbad); /* timestamp */
627 hdr->ssrc = htonl(ssrc); /* synch. source */
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]628
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]629 buffer = (uint8_t*)hdr;
630 buffer += bytes_in_hdr;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]631
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]632 /* set RTP data to 0xab */
633 for (i = 0; i < pkt_octet_len; i++) {
634 *buffer++ = 0xab;
635 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]636
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]637 /* set post-data value to 0xffff to enable overrun checking */
638 for (i = 0; i < SRTP_MAX_TRAILER_LEN + 4; i++) {
639 *buffer++ = 0xff;
640 }
641
642 return hdr;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]643}
644
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]645srtp_hdr_t *
646srtp_create_test_packet_ext_hdr(int pkt_octet_len, uint32_t ssrc) {
647 int i;
648 uint8_t *buffer;
649 srtp_hdr_t *hdr;
650 int bytes_in_hdr = 12;
651 uint8_t extension_header[12] = {
652 /* one-byte header */
653 0xbe, 0xde,
654 /* size */
655 0x00, 0x02,
656 /* id 1, length 1 (i.e. 2 bytes) */
657 0x11,
658 /* payload */
659 0xca,
660 0xfe,
661 /* padding */
662 0x00,
663 /* id 2, length 0 (i.e. 1 byte) */
664 0x20,
665 /* payload */
666 0xba,
667 /* padding */
668 0x00,
669 0x00
670 };
671
672 /* allocate memory for test packet */
673 hdr = (srtp_hdr_t*) malloc(pkt_octet_len + bytes_in_hdr
674 + sizeof(extension_header) + SRTP_MAX_TRAILER_LEN + 4);
675 if (!hdr)
676 return NULL;
677
678 hdr->version = 2; /* RTP version two */
679 hdr->p = 0; /* no padding needed */
680 hdr->x = 1; /* no header extension */
681 hdr->cc = 0; /* no CSRCs */
682 hdr->m = 0; /* marker bit */
683 hdr->pt = 0xf; /* payload type */
684 hdr->seq = htons(0x1234); /* sequence number */
685 hdr->ts = htonl(0xdecafbad); /* timestamp */
686 hdr->ssrc = htonl(ssrc); /* synch. source */
687
688 buffer = (uint8_t *)hdr;
689 buffer += bytes_in_hdr;
690
691 memcpy(buffer, extension_header, sizeof(extension_header));
692 buffer += sizeof(extension_header);
693
694 /* set RTP data to 0xab */
695 for (i=0; i < pkt_octet_len; i++)
696 *buffer++ = 0xab;
697
698 /* set post-data value to 0xffff to enable overrun checking */
699 for (i=0; i < SRTP_MAX_TRAILER_LEN+4; i++)
700 *buffer++ = 0xff;
701
702 return hdr;
703}
704
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]705void
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]706srtp_do_timing (const srtp_policy_t *policy)
707{
708 int len;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]709
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]710 /*
711 * note: the output of this function is formatted so that it
712 * can be used in gnuplot. '#' indicates a comment, and "\r\n"
713 * terminates a record
714 */
715
716 printf("# testing srtp throughput:\r\n");
717 printf("# mesg length (octets)\tthroughput (megabits per second)\r\n");
718
719 for (len = 16; len <= 2048; len *= 2) {
720 printf("%d\t\t\t%f\r\n", len,
721 srtp_bits_per_second(len, policy) / 1.0E6);
722 }
723
724 /* these extra linefeeds let gnuplot know that a dataset is done */
725 printf("\r\n\r\n");
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]726
727}
728
729void
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]730srtp_do_rejection_timing (const srtp_policy_t *policy)
731{
732 int len;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]733
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]734 /*
735 * note: the output of this function is formatted so that it
736 * can be used in gnuplot. '#' indicates a comment, and "\r\n"
737 * terminates a record
738 */
739
740 printf("# testing srtp rejection throughput:\r\n");
741 printf("# mesg length (octets)\trejections per second\r\n");
742
743 for (len = 8; len <= 2048; len *= 2) {
744 printf("%d\t\t\t%e\r\n", len, srtp_rejections_per_second(len, policy));
745 }
746
747 /* these extra linefeeds let gnuplot know that a dataset is done */
748 printf("\r\n\r\n");
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]749
750}
751
752
753#define MAX_MSG_LEN 1024
754
755double
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]756srtp_bits_per_second (int msg_len_octets, const srtp_policy_t *policy)
757{
758 srtp_t srtp;
759 srtp_hdr_t *mesg;
760 int i;
761 clock_t timer;
762 int num_trials = 100000;
763 int len;
764 uint32_t ssrc;
765 srtp_err_status_t status;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]766
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]767 /*
768 * allocate and initialize an srtp session
769 */
770 status = srtp_create(&srtp, policy);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]771 if (status) {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]772 printf("error: srtp_create() failed with error code %d\n", status);
773 exit(1);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]774 }
775
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]776 /*
777 * if the ssrc is unspecified, use a predetermined one
778 */
779 if (policy->ssrc.type != ssrc_specific) {
780 ssrc = 0xdeadbeef;
781 } else {
782 ssrc = policy->ssrc.value;
Jonathan Lennox75b36872010-05-21 00:30:21 +0000[diff] [blame]783 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]784
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]785 /*
786 * create a test packet
787 */
788 mesg = srtp_create_test_packet(msg_len_octets, ssrc);
789 if (mesg == NULL) {
790 return 0.0; /* indicate failure by returning zero */
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]791
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]792 }
793 timer = clock();
794 for (i = 0; i < num_trials; i++) {
795 len = msg_len_octets + 12; /* add in rtp header length */
796
797 /* srtp protect message */
798 status = srtp_protect(srtp, mesg, &len);
799 if (status) {
800 printf("error: srtp_protect() failed with error code %d\n", status);
801 exit(1);
802 }
803
804 /* increment message number */
805 {
806 /* hack sequence to avoid problems with macros for htons/ntohs on some systems */
807 short new_seq = ntohs(mesg->seq) + 1;
808 mesg->seq = htons(new_seq);
809 }
810 }
811 timer = clock() - timer;
812
813 free(mesg);
814
815 status = srtp_dealloc(srtp);
816 if (status) {
817 printf("error: srtp_dealloc() failed with error code %d\n", status);
818 exit(1);
819 }
820
821 return (double)(msg_len_octets) * 8 *
822 num_trials * CLOCKS_PER_SEC / timer;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]823}
824
825double
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]826srtp_rejections_per_second (int msg_len_octets, const srtp_policy_t *policy)
827{
828 srtp_ctx_t *srtp;
829 srtp_hdr_t *mesg;
830 int i;
831 int len;
832 clock_t timer;
833 int num_trials = 1000000;
834 uint32_t ssrc = policy->ssrc.value;
835 srtp_err_status_t status;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]836
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]837 /*
838 * allocate and initialize an srtp session
839 */
840 status = srtp_create(&srtp, policy);
841 if (status) {
842 printf("error: srtp_create() failed with error code %d\n", status);
843 exit(1);
844 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]845
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]846 mesg = srtp_create_test_packet(msg_len_octets, ssrc);
847 if (mesg == NULL) {
848 return 0.0; /* indicate failure by returning zero */
849
850 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]851 len = msg_len_octets;
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]852 srtp_protect(srtp, (srtp_hdr_t*)mesg, &len);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]853
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]854 timer = clock();
855 for (i = 0; i < num_trials; i++) {
856 len = msg_len_octets;
857 srtp_unprotect(srtp, (srtp_hdr_t*)mesg, &len);
858 }
859 timer = clock() - timer;
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]860
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]861 free(mesg);
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]862
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]863 status = srtp_dealloc(srtp);
864 if (status) {
865 printf("error: srtp_dealloc() failed with error code %d\n", status);
866 exit(1);
867 }
868
869 return (double)num_trials * CLOCKS_PER_SEC / timer;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]870}
871
872
873void
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]874err_check (srtp_err_status_t s)
875{
876 if (s == srtp_err_status_ok) {
877 return;
878 } else{
879 fprintf(stderr, "error: unexpected srtp failure (code %d)\n", s);
880 }
881 exit(1);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]882}
883
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]884srtp_err_status_t
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]885srtp_test_call_protect(srtp_t srtp_sender, srtp_hdr_t *hdr, int *len, int mki_index) {
886 if (mki_index == -1) {
887 return srtp_protect(srtp_sender, hdr, len);
888 } else {
889 return srtp_protect_mki(srtp_sender, hdr, len, 1, mki_index);
890 }
891}
892
893srtp_err_status_t
894srtp_test_call_protect_rtcp(srtp_t srtp_sender, srtp_hdr_t *hdr, int *len, int mki_index) {
895 if (mki_index == -1) {
896 return srtp_protect_rtcp(srtp_sender, hdr, len);
897 } else {
898 return srtp_protect_rtcp_mki(srtp_sender, hdr, len, 1, mki_index);
899 }
900}
901
902srtp_err_status_t
903srtp_test_call_unprotect(srtp_t srtp_sender, srtp_hdr_t *hdr, int *len, int use_mki) {
904 if (use_mki == -1) {
905 return srtp_unprotect(srtp_sender, hdr, len);
906 } else {
907 return srtp_unprotect_mki(srtp_sender, hdr, len, use_mki);
908 }
909}
910
911srtp_err_status_t
912srtp_test_call_unprotect_rtcp(srtp_t srtp_sender, srtp_hdr_t *hdr, int *len, int use_mki) {
913 if (use_mki == -1) {
914 return srtp_unprotect_rtcp(srtp_sender, hdr, len);
915 } else {
916 return srtp_unprotect_rtcp_mki(srtp_sender, hdr, len, use_mki);
917 }
918}
919
920srtp_err_status_t
921srtp_test (const srtp_policy_t *policy, int extension_header, int mki_index)
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]922{
923 int i;
924 srtp_t srtp_sender;
925 srtp_t srtp_rcvr;
926 srtp_err_status_t status = srtp_err_status_ok;
927 srtp_hdr_t *hdr, *hdr2;
928 uint8_t hdr_enc[64];
929 uint8_t *pkt_end;
930 int msg_len_octets, msg_len_enc;
931 int len;
932 int tag_length = policy->rtp.auth_tag_len;
933 uint32_t ssrc;
934 srtp_policy_t *rcvr_policy;
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]935 srtp_policy_t tmp_policy;
936 int header = 1;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]937 int use_mki = 0;
938
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]939 if (mki_index >= 0)
940 use_mki = 1;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]941
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]942 if (extension_header) {
943 memcpy(&tmp_policy, policy, sizeof(srtp_policy_t));
944 tmp_policy.enc_xtn_hdr = &header;
945 tmp_policy.enc_xtn_hdr_count = 1;
946 err_check(srtp_create(&srtp_sender, &tmp_policy));
947 } else {
948 err_check(srtp_create(&srtp_sender, policy));
949 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]950
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]951 /* print out policy */
952 err_check(srtp_session_print_policy(srtp_sender));
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]953
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]954 /*
955 * initialize data buffer, using the ssrc in the policy unless that
956 * value is a wildcard, in which case we'll just use an arbitrary
957 * one
958 */
959 if (policy->ssrc.type != ssrc_specific) {
960 ssrc = 0xdecafbad;
961 } else{
962 ssrc = policy->ssrc.value;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]963 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]964 msg_len_octets = 28;
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]965 if (extension_header) {
966 hdr = srtp_create_test_packet_ext_hdr(msg_len_octets, ssrc);
967 hdr2 = srtp_create_test_packet_ext_hdr(msg_len_octets, ssrc);
968 } else {
969 hdr = srtp_create_test_packet(msg_len_octets, ssrc);
970 hdr2 = srtp_create_test_packet(msg_len_octets, ssrc);
971 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]972
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]973 if (hdr == NULL) {
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]974 free(hdr2);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]975 return srtp_err_status_alloc_fail;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]976 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]977 if (hdr2 == NULL) {
978 free(hdr);
979 return srtp_err_status_alloc_fail;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]980 }
981
Marcus Sundberg5c40da82005-10-08 18:15:00 +0000[diff] [blame]982 /* set message length */
983 len = msg_len_octets;
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]984 if (extension_header) {
985 len += 12;
986 }
Marcus Sundberg5c40da82005-10-08 18:15:00 +0000[diff] [blame]987
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]988 debug_print(mod_driver, "before protection:\n%s",
989 srtp_packet_to_string(hdr, len));
990
991#if PRINT_REFERENCE_PACKET
992 debug_print(mod_driver, "reference packet before protection:\n%s",
993 octet_string_hex_string((uint8_t*)hdr, len));
994#endif
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]995 err_check(srtp_test_call_protect(srtp_sender, hdr, &len, mki_index));
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]996
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]997 debug_print(mod_driver, "after protection:\n%s",
998 srtp_packet_to_string(hdr, len));
999#if PRINT_REFERENCE_PACKET
1000 debug_print(mod_driver, "after protection:\n%s",
1001 octet_string_hex_string((uint8_t*)hdr, len));
1002#endif
1003
1004 /* save protected message and length */
1005 memcpy(hdr_enc, hdr, len);
1006 msg_len_enc = len;
1007
1008 /*
1009 * check for overrun of the srtp_protect() function
1010 *
1011 * The packet is followed by a value of 0xfffff; if the value of the
1012 * data following the packet is different, then we know that the
1013 * protect function is overwriting the end of the packet.
1014 */
1015 pkt_end = (uint8_t*)hdr + sizeof(srtp_hdr_t)
1016 + msg_len_octets + tag_length;
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1017 if (extension_header) {
1018 pkt_end += 12;
1019 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1020 for (i = 0; i < 4; i++) {
1021 if (pkt_end[i] != 0xff) {
1022 fprintf(stdout, "overwrite in srtp_protect() function "
1023 "(expected %x, found %x in trailing octet %d)\n",
1024 0xff, ((uint8_t*)hdr)[i], i);
1025 free(hdr);
1026 free(hdr2);
1027 return srtp_err_status_algo_fail;
1028 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1029 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1030
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1031 /*
1032 * if the policy includes confidentiality, check that ciphertext is
1033 * different than plaintext
1034 *
1035 * Note that this check will give false negatives, with some small
1036 * probability, especially if the packets are short. For that
1037 * reason, we skip this check if the plaintext is less than four
1038 * octets long.
1039 */
1040 if ((policy->rtp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) {
1041 printf("testing that ciphertext is distinct from plaintext...");
1042 status = srtp_err_status_algo_fail;
1043 for (i = 12; i < msg_len_octets + 12; i++) {
1044 if (((uint8_t*)hdr)[i] != ((uint8_t*)hdr2)[i]) {
1045 status = srtp_err_status_ok;
1046 }
1047 }
1048 if (status) {
1049 printf("failed\n");
1050 free(hdr);
1051 free(hdr2);
1052 return status;
1053 }
1054 printf("passed\n");
1055 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1056
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1057 /*
1058 * if the policy uses a 'wildcard' ssrc, then we need to make a copy
1059 * of the policy that changes the direction to inbound
1060 *
1061 * we always copy the policy into the rcvr_policy, since otherwise
1062 * the compiler would fret about the constness of the policy
1063 */
1064 rcvr_policy = (srtp_policy_t*)malloc(sizeof(srtp_policy_t));
1065 if (rcvr_policy == NULL) {
1066 free(hdr);
1067 free(hdr2);
1068 return srtp_err_status_alloc_fail;
1069 }
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1070 if (extension_header) {
1071 memcpy(rcvr_policy, &tmp_policy, sizeof(srtp_policy_t));
1072 if (tmp_policy.ssrc.type == ssrc_any_outbound) {
1073 rcvr_policy->ssrc.type = ssrc_any_inbound;
1074 }
1075 } else {
1076 memcpy(rcvr_policy, policy, sizeof(srtp_policy_t));
1077 if (policy->ssrc.type == ssrc_any_outbound) {
1078 rcvr_policy->ssrc.type = ssrc_any_inbound;
1079 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1080 }
1081
1082 err_check(srtp_create(&srtp_rcvr, rcvr_policy));
1083
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1084 err_check(srtp_test_call_unprotect(srtp_rcvr, hdr, &len, use_mki));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1085
1086 debug_print(mod_driver, "after unprotection:\n%s",
1087 srtp_packet_to_string(hdr, len));
1088
1089 /* verify that the unprotected packet matches the origial one */
1090 for (i = 0; i < msg_len_octets; i++) {
1091 if (((uint8_t*)hdr)[i] != ((uint8_t*)hdr2)[i]) {
1092 fprintf(stdout, "mismatch at octet %d\n", i);
1093 status = srtp_err_status_algo_fail;
1094 }
1095 }
1096 if (status) {
1097 free(hdr);
1098 free(hdr2);
1099 free(rcvr_policy);
1100 return status;
1101 }
1102
1103 /*
1104 * if the policy includes authentication, then test for false positives
1105 */
1106 if (policy->rtp.sec_serv & sec_serv_auth) {
1107 char *data = ((char*)hdr) + 12;
1108
1109 printf("testing for false positives in replay check...");
1110
1111 /* set message length */
1112 len = msg_len_enc;
1113
1114 /* unprotect a second time - should fail with a replay error */
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1115 status = srtp_test_call_unprotect(srtp_rcvr, hdr, &len, use_mki);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1116 if (status != srtp_err_status_replay_fail) {
1117 printf("failed with error code %d\n", status);
1118 free(hdr);
1119 free(hdr2);
1120 free(rcvr_policy);
1121 return status;
1122 } else {
1123 printf("passed\n");
1124 }
1125
1126 printf("testing for false positives in auth check...");
1127
1128 /* increment sequence number in header */
1129 hdr->seq++;
1130
1131 /* set message length */
1132 len = msg_len_octets;
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1133 if (extension_header) {
1134 len += 12;
1135 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1136
1137 /* apply protection */
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1138 err_check(srtp_test_call_protect(srtp_sender, hdr, &len, mki_index));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1139
1140 /* flip bits in packet */
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]1141 data[extension_header ? 12 : 0] ^= 0xff;
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1142
1143 /* unprotect, and check for authentication failure */
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1144 status = srtp_test_call_unprotect(srtp_rcvr, hdr, &len, use_mki);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1145 if (status != srtp_err_status_auth_fail) {
1146 printf("failed\n");
1147 free(hdr);
1148 free(hdr2);
1149 free(rcvr_policy);
1150 return status;
1151 } else {
1152 printf("passed\n");
1153 }
1154
1155 }
1156
1157 err_check(srtp_dealloc(srtp_sender));
1158 err_check(srtp_dealloc(srtp_rcvr));
1159
1160 free(hdr);
1161 free(hdr2);
1162 free(rcvr_policy);
1163 return srtp_err_status_ok;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1164}
1165
1166
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]1167srtp_err_status_t
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1168srtcp_test (const srtp_policy_t *policy, int mki_index)
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1169{
1170 int i;
1171 srtp_t srtcp_sender;
1172 srtp_t srtcp_rcvr;
1173 srtp_err_status_t status = srtp_err_status_ok;
1174 srtp_hdr_t *hdr, *hdr2;
1175 uint8_t hdr_enc[64];
1176 uint8_t *pkt_end;
1177 int msg_len_octets, msg_len_enc;
1178 int len;
1179 int tag_length = policy->rtp.auth_tag_len;
1180 uint32_t ssrc;
1181 srtp_policy_t *rcvr_policy;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1182 int use_mki = 0;
1183
1184 if (mki_index >= 0)
1185 use_mki = 1;
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1186
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1187 err_check(srtp_create(&srtcp_sender, policy));
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1188
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1189 /* print out policy */
1190 err_check(srtp_session_print_policy(srtcp_sender));
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1191
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1192 /*
1193 * initialize data buffer, using the ssrc in the policy unless that
1194 * value is a wildcard, in which case we'll just use an arbitrary
1195 * one
1196 */
1197 if (policy->ssrc.type != ssrc_specific) {
1198 ssrc = 0xdecafbad;
1199 } else{
1200 ssrc = policy->ssrc.value;
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1201 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1202 msg_len_octets = 28;
1203 hdr = srtp_create_test_packet(msg_len_octets, ssrc);
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1204
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1205 if (hdr == NULL) {
1206 return srtp_err_status_alloc_fail;
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1207 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1208 hdr2 = srtp_create_test_packet(msg_len_octets, ssrc);
1209 if (hdr2 == NULL) {
1210 free(hdr);
1211 return srtp_err_status_alloc_fail;
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1212 }
1213
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1214 /* set message length */
1215 len = msg_len_octets;
1216
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1217 debug_print(mod_driver, "before protection:\n%s",
1218 srtp_packet_to_string(hdr, len));
1219
1220#if PRINT_REFERENCE_PACKET
1221 debug_print(mod_driver, "reference packet before protection:\n%s",
1222 octet_string_hex_string((uint8_t*)hdr, len));
1223#endif
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1224 err_check(srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, mki_index));
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1225
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1226 debug_print(mod_driver, "after protection:\n%s",
1227 srtp_packet_to_string(hdr, len));
1228#if PRINT_REFERENCE_PACKET
1229 debug_print(mod_driver, "after protection:\n%s",
1230 octet_string_hex_string((uint8_t*)hdr, len));
1231#endif
1232
1233 /* save protected message and length */
1234 memcpy(hdr_enc, hdr, len);
1235 msg_len_enc = len;
1236
1237 /*
1238 * check for overrun of the srtp_protect() function
1239 *
1240 * The packet is followed by a value of 0xfffff; if the value of the
1241 * data following the packet is different, then we know that the
1242 * protect function is overwriting the end of the packet.
1243 */
1244 pkt_end = (uint8_t*)hdr + sizeof(srtp_hdr_t)
1245 + msg_len_octets + tag_length;
1246 for (i = 0; i < 4; i++) {
1247 if (pkt_end[i] != 0xff) {
1248 fprintf(stdout, "overwrite in srtp_protect_rtcp() function "
1249 "(expected %x, found %x in trailing octet %d)\n",
1250 0xff, ((uint8_t*)hdr)[i], i);
1251 free(hdr);
1252 free(hdr2);
1253 return srtp_err_status_algo_fail;
1254 }
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1255 }
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1256
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1257 /*
1258 * if the policy includes confidentiality, check that ciphertext is
1259 * different than plaintext
1260 *
1261 * Note that this check will give false negatives, with some small
1262 * probability, especially if the packets are short. For that
1263 * reason, we skip this check if the plaintext is less than four
1264 * octets long.
1265 */
1266 if ((policy->rtp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) {
1267 printf("testing that ciphertext is distinct from plaintext...");
1268 status = srtp_err_status_algo_fail;
1269 for (i = 12; i < msg_len_octets + 12; i++) {
1270 if (((uint8_t*)hdr)[i] != ((uint8_t*)hdr2)[i]) {
1271 status = srtp_err_status_ok;
1272 }
1273 }
1274 if (status) {
1275 printf("failed\n");
1276 free(hdr);
1277 free(hdr2);
1278 return status;
1279 }
1280 printf("passed\n");
1281 }
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1282
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1283 /*
1284 * if the policy uses a 'wildcard' ssrc, then we need to make a copy
1285 * of the policy that changes the direction to inbound
1286 *
1287 * we always copy the policy into the rcvr_policy, since otherwise
1288 * the compiler would fret about the constness of the policy
1289 */
1290 rcvr_policy = (srtp_policy_t*)malloc(sizeof(srtp_policy_t));
1291 if (rcvr_policy == NULL) {
1292 return srtp_err_status_alloc_fail;
1293 }
1294 memcpy(rcvr_policy, policy, sizeof(srtp_policy_t));
1295 if (policy->ssrc.type == ssrc_any_outbound) {
1296 rcvr_policy->ssrc.type = ssrc_any_inbound;
1297 }
1298
1299 err_check(srtp_create(&srtcp_rcvr, rcvr_policy));
1300
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1301 err_check(srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &len, use_mki));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1302
1303 debug_print(mod_driver, "after unprotection:\n%s",
1304 srtp_packet_to_string(hdr, len));
1305
1306 /* verify that the unprotected packet matches the origial one */
1307 for (i = 0; i < msg_len_octets; i++) {
1308 if (((uint8_t*)hdr)[i] != ((uint8_t*)hdr2)[i]) {
1309 fprintf(stdout, "mismatch at octet %d\n", i);
1310 status = srtp_err_status_algo_fail;
1311 }
1312 }
1313 if (status) {
1314 free(hdr);
1315 free(hdr2);
1316 free(rcvr_policy);
1317 return status;
1318 }
1319
1320 /*
1321 * if the policy includes authentication, then test for false positives
1322 */
1323 if (policy->rtp.sec_serv & sec_serv_auth) {
1324 char *data = ((char*)hdr) + 12;
1325
1326 printf("testing for false positives in replay check...");
1327
1328 /* set message length */
1329 len = msg_len_enc;
1330
1331 /* unprotect a second time - should fail with a replay error */
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1332 status = srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &len, use_mki);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1333 if (status != srtp_err_status_replay_fail) {
1334 printf("failed with error code %d\n", status);
1335 free(hdr);
1336 free(hdr2);
1337 free(rcvr_policy);
1338 return status;
1339 } else {
1340 printf("passed\n");
1341 }
1342
1343 printf("testing for false positives in auth check...");
1344
1345 /* increment sequence number in header */
1346 hdr->seq++;
1347
1348 /* set message length */
1349 len = msg_len_octets;
1350
1351 /* apply protection */
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1352 err_check(srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, mki_index));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1353
1354 /* flip bits in packet */
1355 data[0] ^= 0xff;
1356
1357 /* unprotect, and check for authentication failure */
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1358 status = srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &len, use_mki);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1359 if (status != srtp_err_status_auth_fail) {
1360 printf("failed\n");
1361 free(hdr);
1362 free(hdr2);
1363 free(rcvr_policy);
1364 return status;
1365 } else {
1366 printf("passed\n");
1367 }
1368
1369 }
1370
1371 err_check(srtp_dealloc(srtcp_sender));
1372 err_check(srtp_dealloc(srtcp_rcvr));
1373
1374 free(hdr);
1375 free(hdr2);
1376 free(rcvr_policy);
1377 return srtp_err_status_ok;
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1378}
1379
1380
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]1381srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1382srtp_session_print_policy (srtp_t srtp)
1383{
1384 char *serv_descr[4] = {
1385 "none",
1386 "confidentiality",
1387 "authentication",
1388 "confidentiality and authentication"
1389 };
1390 char *direction[3] = {
1391 "unknown",
1392 "outbound",
1393 "inbound"
1394 };
1395 srtp_stream_t stream;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1396 srtp_session_keys_t *session_keys = NULL;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1397
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1398 /* sanity checking */
1399 if (srtp == NULL) {
1400 return srtp_err_status_fail;
1401 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1402
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1403 /* if there's a template stream, print it out */
1404 if (srtp->stream_template != NULL) {
1405 stream = srtp->stream_template;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1406 session_keys = &stream->session_keys[0];
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1407 printf("# SSRC: any %s\r\n"
1408 "# rtp cipher: %s\r\n"
1409 "# rtp auth: %s\r\n"
1410 "# rtp services: %s\r\n"
1411 "# rtcp cipher: %s\r\n"
1412 "# rtcp auth: %s\r\n"
1413 "# rtcp services: %s\r\n"
1414 "# window size: %lu\r\n"
1415 "# tx rtx allowed:%s\r\n",
1416 direction[stream->direction],
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1417 session_keys->rtp_cipher->type->description,
1418 session_keys->rtp_auth->type->description,
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1419 serv_descr[stream->rtp_services],
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1420 session_keys->rtcp_cipher->type->description,
1421 session_keys->rtcp_auth->type->description,
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1422 serv_descr[stream->rtcp_services],
jfigusde8deb32014-11-25 12:58:11 -0500[diff] [blame]1423 srtp_rdbx_get_window_size(&stream->rtp_rdbx),
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1424 stream->allow_repeat_tx ? "true" : "false");
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1425
1426 printf("# Encrypted extension headers: ");
1427 if (stream->enc_xtn_hdr && stream->enc_xtn_hdr_count > 0) {
1428 int* enc_xtn_hdr = stream->enc_xtn_hdr;
1429 int count = stream->enc_xtn_hdr_count;
1430 while (count > 0) {
1431 printf("%d ", *enc_xtn_hdr);
1432 enc_xtn_hdr++;
1433 count--;
1434 }
1435 printf("\n");
1436 } else {
1437 printf("none\n");
1438 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1439 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1440
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1441 /* loop over streams in session, printing the policy of each */
1442 stream = srtp->stream_list;
1443 while (stream != NULL) {
1444 if (stream->rtp_services > sec_serv_conf_and_auth) {
1445 return srtp_err_status_bad_param;
1446 }
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1447 session_keys = &stream->session_keys[0];
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1448
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1449 printf("# SSRC: 0x%08x\r\n"
1450 "# rtp cipher: %s\r\n"
1451 "# rtp auth: %s\r\n"
1452 "# rtp services: %s\r\n"
1453 "# rtcp cipher: %s\r\n"
1454 "# rtcp auth: %s\r\n"
1455 "# rtcp services: %s\r\n"
1456 "# window size: %lu\r\n"
1457 "# tx rtx allowed:%s\r\n",
1458 stream->ssrc,
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1459 session_keys->rtp_cipher->type->description,
1460 session_keys->rtp_auth->type->description,
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1461 serv_descr[stream->rtp_services],
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]1462 session_keys->rtcp_cipher->type->description,
1463 session_keys->rtcp_auth->type->description,
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1464 serv_descr[stream->rtcp_services],
jfigusde8deb32014-11-25 12:58:11 -0500[diff] [blame]1465 srtp_rdbx_get_window_size(&stream->rtp_rdbx),
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1466 stream->allow_repeat_tx ? "true" : "false");
1467
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1468 printf("# Encrypted extension headers: ");
1469 if (stream->enc_xtn_hdr && stream->enc_xtn_hdr_count > 0) {
1470 int* enc_xtn_hdr = stream->enc_xtn_hdr;
1471 int count = stream->enc_xtn_hdr_count;
1472 while (count > 0) {
1473 printf("%d ", *enc_xtn_hdr);
1474 enc_xtn_hdr++;
1475 count--;
1476 }
1477 printf("\n");
1478 } else {
1479 printf("none\n");
1480 }
1481
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1482 /* advance to next stream in the list */
1483 stream = stream->next;
1484 }
1485 return srtp_err_status_ok;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1486}
1487
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]1488srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1489srtp_print_policy (const srtp_policy_t *policy)
1490{
1491 srtp_err_status_t status;
1492 srtp_t session;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1493
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1494 status = srtp_create(&session, policy);
1495 if (status) {
1496 return status;
1497 }
1498 status = srtp_session_print_policy(session);
1499 if (status) {
1500 return status;
1501 }
1502 status = srtp_dealloc(session);
1503 if (status) {
1504 return status;
1505 }
1506 return srtp_err_status_ok;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1507}
1508
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1509/*
1510 * srtp_print_packet(...) is for debugging only
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1511 * it prints an RTP packet to the stdout
1512 *
1513 * note that this function is *not* threadsafe
1514 */
1515
1516#include <stdio.h>
1517
1518#define MTU 2048
1519
1520char packet_string[MTU];
1521
1522char *
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1523srtp_packet_to_string (srtp_hdr_t *hdr, int pkt_octet_len)
1524{
1525 int octets_in_rtp_header = 12;
1526 uint8_t *data = ((uint8_t*)hdr) + octets_in_rtp_header;
1527 int hex_len = pkt_octet_len - octets_in_rtp_header;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1528
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1529 /* sanity checking */
1530 if ((hdr == NULL) || (pkt_octet_len > MTU)) {
1531 return NULL;
1532 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1533
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1534 /* write packet into string */
1535 sprintf(packet_string,
1536 "(s)rtp packet: {\n"
1537 " version:\t%d\n"
1538 " p:\t\t%d\n"
1539 " x:\t\t%d\n"
1540 " cc:\t\t%d\n"
1541 " m:\t\t%d\n"
1542 " pt:\t\t%x\n"
1543 " seq:\t\t%x\n"
1544 " ts:\t\t%x\n"
1545 " ssrc:\t%x\n"
1546 " data:\t%s\n"
1547 "} (%d octets in total)\n",
1548 hdr->version,
1549 hdr->p,
1550 hdr->x,
1551 hdr->cc,
1552 hdr->m,
1553 hdr->pt,
1554 hdr->seq,
1555 hdr->ts,
1556 hdr->ssrc,
1557 octet_string_hex_string(data, hex_len),
1558 pkt_octet_len);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1559
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1560 return packet_string;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1561}
1562
1563/*
1564 * mips_estimate() is a simple function to estimate the number of
1565 * instructions per second that the host can perform. note that this
1566 * function can be grossly wrong; you may want to have a manual sanity
1567 * check of its output!
1568 *
1569 * the 'ignore' pointer is there to convince the compiler to not just
1570 * optimize away the function
1571 */
1572
1573double
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1574mips_estimate (int num_trials, int *ignore)
1575{
1576 clock_t t;
1577 volatile int i, sum;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1578
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1579 sum = 0;
1580 t = clock();
1581 for (i = 0; i < num_trials; i++) {
1582 sum += i;
1583 }
1584 t = clock() - t;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1585
1586/* printf("%d\n", sum); */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1587 *ignore = sum;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1588
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1589 return (double)num_trials * CLOCKS_PER_SEC / t;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1590}
1591
1592
1593/*
1594 * srtp_validate() verifies the correctness of libsrtp by comparing
1595 * some computed packets against some pre-computed reference values.
1596 * These packets were made with the default SRTP policy.
1597 */
1598
1599
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]1600srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1601srtp_validate ()
1602{
1603 uint8_t srtp_plaintext_ref[28] = {
1604 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1605 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
1606 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1607 0xab, 0xab, 0xab, 0xab
1608 };
1609 uint8_t srtp_plaintext[38] = {
1610 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1611 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
1612 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1613 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00,
1614 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1615 };
1616 uint8_t srtp_ciphertext[38] = {
1617 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1618 0xca, 0xfe, 0xba, 0xbe, 0x4e, 0x55, 0xdc, 0x4c,
1619 0xe7, 0x99, 0x78, 0xd8, 0x8c, 0xa4, 0xd2, 0x15,
1620 0x94, 0x9d, 0x24, 0x02, 0xb7, 0x8d, 0x6a, 0xcc,
1621 0x99, 0xea, 0x17, 0x9b, 0x8d, 0xbb
1622 };
Pascal Bühler941cf122016-06-10 09:30:52 +0200[diff] [blame]1623 uint8_t rtcp_plaintext_ref[24] = {
1624 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
1625 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1626 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1627 };
1628 uint8_t rtcp_plaintext[38] = {
1629 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
1630 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1631 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1632 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1633 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1634 };
1635 uint8_t srtcp_ciphertext[38] = {
1636 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
1637 0x71, 0x28, 0x03, 0x5b, 0xe4, 0x87, 0xb9, 0xbd,
1638 0xbe, 0xf8, 0x90, 0x41, 0xf9, 0x77, 0xa5, 0xa8,
1639 0x80, 0x00, 0x00, 0x01, 0x99, 0x3e, 0x08, 0xcd,
1640 0x54, 0xd6, 0xc1, 0x23, 0x07, 0x98
1641 };
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1642 srtp_t srtp_snd, srtp_recv;
1643 srtp_err_status_t status;
1644 int len;
1645 srtp_policy_t policy;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1646
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1647 /*
1648 * create a session with a single stream using the default srtp
1649 * policy and with the SSRC value 0xcafebabe
1650 */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1651 memset(&policy, 0, sizeof(policy));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1652 srtp_crypto_policy_set_rtp_default(&policy.rtp);
1653 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
1654 policy.ssrc.type = ssrc_specific;
1655 policy.ssrc.value = 0xcafebabe;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]1656 policy.key = test_key;
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1657 policy.ekt = NULL;
1658 policy.window_size = 128;
1659 policy.allow_repeat_tx = 0;
1660 policy.next = NULL;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1661
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1662 status = srtp_create(&srtp_snd, &policy);
1663 if (status) {
1664 return status;
1665 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1666
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1667 /*
1668 * protect plaintext, then compare with ciphertext
1669 */
1670 len = 28;
1671 status = srtp_protect(srtp_snd, srtp_plaintext, &len);
1672 if (status || (len != 38)) {
1673 return srtp_err_status_fail;
1674 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1675
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1676 debug_print(mod_driver, "ciphertext:\n %s",
1677 octet_string_hex_string(srtp_plaintext, len));
1678 debug_print(mod_driver, "ciphertext reference:\n %s",
1679 octet_string_hex_string(srtp_ciphertext, len));
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1680
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1681 if (octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) {
1682 return srtp_err_status_fail;
1683 }
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]1684
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1685 /*
Pascal Bühler941cf122016-06-10 09:30:52 +0200[diff] [blame]1686 * protect plaintext rtcp, then compare with srtcp ciphertext
1687 */
1688 len = 24;
1689 status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len);
1690 if (status || (len != 38)) {
1691 return srtp_err_status_fail;
1692 }
1693
1694 debug_print(mod_driver, "srtcp ciphertext:\n %s",
1695 octet_string_hex_string(rtcp_plaintext, len));
1696 debug_print(mod_driver, "srtcp ciphertext reference:\n %s",
1697 octet_string_hex_string(srtcp_ciphertext, len));
1698
1699 if (octet_string_is_eq(rtcp_plaintext, srtcp_ciphertext, len)) {
1700 return srtp_err_status_fail;
1701 }
1702
1703 /*
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1704 * create a receiver session context comparable to the one created
1705 * above - we need to do this so that the replay checking doesn't
1706 * complain
1707 */
1708 status = srtp_create(&srtp_recv, &policy);
1709 if (status) {
1710 return status;
1711 }
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]1712
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1713 /*
1714 * unprotect ciphertext, then compare with plaintext
1715 */
1716 status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
1717 if (status || (len != 28)) {
1718 return status;
1719 }
1720
1721 if (octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) {
1722 return srtp_err_status_fail;
1723 }
1724
Pascal Bühler941cf122016-06-10 09:30:52 +0200[diff] [blame]1725 /*
1726 * unprotect srtcp ciphertext, then compare with rtcp plaintext
1727 */
1728 len = 38;
1729 status = srtp_unprotect_rtcp(srtp_recv, srtcp_ciphertext, &len);
1730 if (status || (len != 24)) {
1731 return status;
1732 }
1733
1734 if (octet_string_is_eq(srtcp_ciphertext, rtcp_plaintext_ref, len)) {
1735 return srtp_err_status_fail;
1736 }
1737
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1738 status = srtp_dealloc(srtp_snd);
1739 if (status) {
1740 return status;
1741 }
1742
1743 status = srtp_dealloc(srtp_recv);
1744 if (status) {
1745 return status;
1746 }
1747
1748 return srtp_err_status_ok;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1749}
1750
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1751#ifdef OPENSSL
1752/*
1753 * srtp_validate_gcm() verifies the correctness of libsrtp by comparing
1754 * an computed packet against the known ciphertext for the plaintext.
1755 */
1756srtp_err_status_t
1757srtp_validate_gcm ()
1758{
1759 unsigned char test_key_gcm[28] = {
1760 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1761 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1762 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
1763 0xa8, 0xa9, 0xaa, 0xab
1764 };
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1765 uint8_t rtp_plaintext_ref[28] = {
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1766 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1767 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
1768 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1769 0xab, 0xab, 0xab, 0xab
1770 };
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1771 uint8_t rtp_plaintext[44] = {
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1772 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1773 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
1774 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1775 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00,
1776 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1777 0x00, 0x00, 0x00, 0x00
1778 };
1779 uint8_t srtp_ciphertext[44] = {
1780 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1781 0xca, 0xfe, 0xba, 0xbe, 0xc5, 0x00, 0x2e, 0xde,
1782 0x04, 0xcf, 0xdd, 0x2e, 0xb9, 0x11, 0x59, 0xe0,
1783 0x88, 0x0a, 0xa0, 0x6e, 0xd2, 0x97, 0x68, 0x26,
1784 0xf7, 0x96, 0xb2, 0x01, 0xdf, 0x31, 0x31, 0xa1,
1785 0x27, 0xe8, 0xa3, 0x92
1786 };
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1787 uint8_t rtcp_plaintext_ref[24] = {
1788 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
1789 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1790 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1791 };
1792 uint8_t rtcp_plaintext[44] = {
1793 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
1794 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1795 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1796 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1797 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1798 0x00, 0x00, 0x00, 0x00
1799 };
1800 uint8_t srtcp_ciphertext[44] = {
1801 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
1802 0xc9, 0x8b, 0x8b, 0x5d, 0xf0, 0x39, 0x2a, 0x55,
1803 0x85, 0x2b, 0x6c, 0x21, 0xac, 0x8e, 0x70, 0x25,
1804 0xc5, 0x2c, 0x6f, 0xbe, 0xa2, 0xb3, 0xb4, 0x46,
1805 0xea, 0x31, 0x12, 0x3b, 0xa8, 0x8c, 0xe6, 0x1e,
1806 0x80, 0x00, 0x00, 0x01
1807 };
1808
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1809 srtp_t srtp_snd, srtp_recv;
1810 srtp_err_status_t status;
1811 int len;
1812 srtp_policy_t policy;
1813
1814 /*
1815 * create a session with a single stream using the default srtp
1816 * policy and with the SSRC value 0xcafebabe
1817 */
1818 memset(&policy, 0, sizeof(policy));
1819 srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);
1820 srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp);
1821 policy.ssrc.type = ssrc_specific;
1822 policy.ssrc.value = 0xcafebabe;
1823 policy.key = test_key_gcm;
1824 policy.ekt = NULL;
1825 policy.window_size = 128;
1826 policy.allow_repeat_tx = 0;
1827 policy.next = NULL;
1828
1829 status = srtp_create(&srtp_snd, &policy);
1830 if (status) {
1831 return status;
1832 }
1833
1834 /*
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1835 * protect plaintext rtp, then compare with srtp ciphertext
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1836 */
1837 len = 28;
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1838 status = srtp_protect(srtp_snd, rtp_plaintext, &len);
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1839 if (status || (len != 44)) {
1840 return srtp_err_status_fail;
1841 }
1842
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1843 debug_print(mod_driver, "srtp ciphertext:\n %s",
1844 octet_string_hex_string(rtp_plaintext, len));
1845 debug_print(mod_driver, "srtp ciphertext reference:\n %s",
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1846 octet_string_hex_string(srtp_ciphertext, len));
1847
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1848 if (octet_string_is_eq(rtp_plaintext, srtp_ciphertext, len)) {
1849 return srtp_err_status_fail;
1850 }
1851
1852 /*
1853 * protect plaintext rtcp, then compare with srtcp ciphertext
1854 */
1855 len = 24;
1856 status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len);
1857 if (status || (len != 44)) {
1858 return srtp_err_status_fail;
1859 }
1860
1861 debug_print(mod_driver, "srtcp ciphertext:\n %s",
1862 octet_string_hex_string(rtcp_plaintext, len));
1863 debug_print(mod_driver, "srtcp ciphertext reference:\n %s",
1864 octet_string_hex_string(srtcp_ciphertext, len));
1865
1866 if (octet_string_is_eq(rtcp_plaintext, srtcp_ciphertext, len)) {
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1867 return srtp_err_status_fail;
1868 }
1869
1870 /*
1871 * create a receiver session context comparable to the one created
1872 * above - we need to do this so that the replay checking doesn't
1873 * complain
1874 */
1875 status = srtp_create(&srtp_recv, &policy);
1876 if (status) {
1877 return status;
1878 }
1879
1880 /*
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1881 * unprotect srtp ciphertext, then compare with rtp plaintext
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1882 */
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1883 len = 44;
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1884 status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
1885 if (status || (len != 28)) {
1886 return status;
1887 }
1888
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1889 if (octet_string_is_eq(srtp_ciphertext, rtp_plaintext_ref, len)) {
1890 return srtp_err_status_fail;
1891 }
1892
1893 /*
1894 * unprotect srtcp ciphertext, then compare with rtcp plaintext
1895 */
1896 len = 44;
1897 status = srtp_unprotect_rtcp(srtp_recv, srtcp_ciphertext, &len);
1898 if (status || (len != 24)) {
1899 return status;
1900 }
1901
1902 if (octet_string_is_eq(srtcp_ciphertext, rtcp_plaintext_ref, len)) {
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1903 return srtp_err_status_fail;
1904 }
1905
1906 status = srtp_dealloc(srtp_snd);
1907 if (status) {
1908 return status;
1909 }
1910
1911 status = srtp_dealloc(srtp_recv);
1912 if (status) {
1913 return status;
1914 }
1915
1916 return srtp_err_status_ok;
1917}
1918#endif
1919
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1920/*
1921 * Test vectors taken from RFC 6904, Appendix A
1922 */
1923srtp_err_status_t
1924srtp_validate_encrypted_extensions_headers() {
1925 unsigned char test_key_ext_headers[30] = {
1926 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
1927 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
1928 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
1929 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
1930 };
1931 uint8_t srtp_plaintext_ref[56] = {
1932 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1933 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
1934 0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
1935 0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
1936 0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
1937 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1938 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab
1939 };
1940 uint8_t srtp_plaintext[66] = {
1941 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1942 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
1943 0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
1944 0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
1945 0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
1946 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1947 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1948 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1949 0x00, 0x00
1950 };
1951 uint8_t srtp_ciphertext[66] = {
1952 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1953 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
1954 0x17, 0x58, 0x8A, 0x92, 0x70, 0xF4, 0xE1, 0x5E,
1955 0x1C, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x95, 0x46,
1956 0xA9, 0x94, 0xF0, 0xBC, 0x54, 0x78, 0x97, 0x00,
1957 0x4e, 0x55, 0xdc, 0x4c, 0xe7, 0x99, 0x78, 0xd8,
1958 0x8c, 0xa4, 0xd2, 0x15, 0x94, 0x9d, 0x24, 0x02,
1959 0x5a, 0x46, 0xb3, 0xca, 0x35, 0xc5, 0x35, 0xa8,
1960 0x91, 0xc7
1961 };
1962 srtp_t srtp_snd, srtp_recv;
1963 srtp_err_status_t status;
1964 int len;
1965 srtp_policy_t policy;
1966 int headers[3] = {1, 3, 4};
1967
1968 /*
1969 * create a session with a single stream using the default srtp
1970 * policy and with the SSRC value 0xcafebabe
1971 */
1972 memset(&policy, 0, sizeof(policy));
1973 srtp_crypto_policy_set_rtp_default(&policy.rtp);
1974 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
1975 policy.ssrc.type = ssrc_specific;
1976 policy.ssrc.value = 0xcafebabe;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]1977 policy.key = test_key_ext_headers;
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1978 policy.ekt = NULL;
1979 policy.window_size = 128;
1980 policy.allow_repeat_tx = 0;
1981 policy.enc_xtn_hdr = headers;
1982 policy.enc_xtn_hdr_count = sizeof(headers) / sizeof(headers[0]);
1983 policy.next = NULL;
1984
1985 status = srtp_create(&srtp_snd, &policy);
1986 if (status)
1987 return status;
1988
1989 /*
1990 * protect plaintext, then compare with ciphertext
1991 */
1992 len = sizeof(srtp_plaintext_ref);
1993 status = srtp_protect(srtp_snd, srtp_plaintext, &len);
1994 if (status || (len != sizeof(srtp_plaintext)))
1995 return srtp_err_status_fail;
1996
1997 debug_print(mod_driver, "ciphertext:\n %s",
1998 srtp_octet_string_hex_string(srtp_plaintext, len));
1999 debug_print(mod_driver, "ciphertext reference:\n %s",
2000 srtp_octet_string_hex_string(srtp_ciphertext, len));
2001
2002 if (octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len))
2003 return srtp_err_status_fail;
2004
2005 /*
2006 * create a receiver session context comparable to the one created
2007 * above - we need to do this so that the replay checking doesn't
2008 * complain
2009 */
2010 status = srtp_create(&srtp_recv, &policy);
2011 if (status)
2012 return status;
2013
2014 /*
2015 * unprotect ciphertext, then compare with plaintext
2016 */
2017 status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
Joachim Baucha9ecefe2015-12-14 21:40:42 +0100[diff] [blame]2018 if (status) {
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]2019 return status;
Joachim Baucha9ecefe2015-12-14 21:40:42 +0100[diff] [blame]2020 } else if (len != sizeof(srtp_plaintext_ref)) {
2021 return srtp_err_status_fail;
2022 }
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]2023
2024 if (octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len))
2025 return srtp_err_status_fail;
2026
2027 status = srtp_dealloc(srtp_snd);
2028 if (status)
2029 return status;
2030
2031 status = srtp_dealloc(srtp_recv);
2032 if (status)
2033 return status;
2034
2035 return srtp_err_status_ok;
2036}
2037
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2038
Joachim Bauch80a45b52015-12-06 22:57:58 +0100[diff] [blame]2039#ifdef OPENSSL
Joachim Baucha9ecefe2015-12-14 21:40:42 +0100[diff] [blame]2040
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2041/*
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]2042 * Headers of test vectors taken from RFC 6904, Appendix A
2043 */
2044srtp_err_status_t
2045srtp_validate_encrypted_extensions_headers_gcm() {
2046 unsigned char test_key_ext_headers[30] = {
2047 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
2048 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
2049 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
2050 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
2051 };
2052 uint8_t srtp_plaintext_ref[56] = {
2053 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
2054 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
2055 0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
2056 0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
2057 0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
2058 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
2059 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab
2060 };
2061 uint8_t srtp_plaintext[64] = {
2062 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
2063 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
2064 0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
2065 0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
2066 0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
2067 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
2068 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
2069 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
2070 };
2071 uint8_t srtp_ciphertext[64] = {
2072 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
2073 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
2074 0x17, 0x58, 0x8A, 0x92, 0x70, 0xF4, 0xE1, 0x5E,
2075 0x1C, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x95, 0x46,
2076 0xA9, 0x94, 0xF0, 0xBC, 0x54, 0x78, 0x97, 0x00,
2077 0x0e, 0xca, 0x0c, 0xf9, 0x5e, 0xe9, 0x55, 0xb2,
2078 0x6c, 0xd3, 0xd2, 0x88, 0xb4, 0x9f, 0x6c, 0xa9,
2079 0xbb, 0x4e, 0x15, 0xc2, 0xe9, 0xf2, 0x66, 0x78
2080 };
2081 srtp_t srtp_snd, srtp_recv;
2082 srtp_err_status_t status;
2083 int len;
2084 srtp_policy_t policy;
2085 int headers[3] = {1, 3, 4};
2086
2087 /*
2088 * create a session with a single stream using the default srtp
2089 * policy and with the SSRC value 0xcafebabe
2090 */
2091 memset(&policy, 0, sizeof(policy));
2092 srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp);
2093 srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp);
2094 policy.ssrc.type = ssrc_specific;
2095 policy.ssrc.value = 0xcafebabe;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]2096 policy.key = test_key_ext_headers;
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]2097 policy.ekt = NULL;
2098 policy.window_size = 128;
2099 policy.allow_repeat_tx = 0;
2100 policy.enc_xtn_hdr = headers;
2101 policy.enc_xtn_hdr_count = sizeof(headers) / sizeof(headers[0]);
2102 policy.next = NULL;
2103
2104 status = srtp_create(&srtp_snd, &policy);
2105 if (status)
2106 return status;
2107
2108 /*
2109 * protect plaintext, then compare with ciphertext
2110 */
2111 len = sizeof(srtp_plaintext_ref);
2112 status = srtp_protect(srtp_snd, srtp_plaintext, &len);
2113 if (status || (len != sizeof(srtp_plaintext)))
2114 return srtp_err_status_fail;
2115
2116 debug_print(mod_driver, "ciphertext:\n %s",
2117 srtp_octet_string_hex_string(srtp_plaintext, len));
2118 debug_print(mod_driver, "ciphertext reference:\n %s",
2119 srtp_octet_string_hex_string(srtp_ciphertext, len));
2120
2121 if (octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len))
2122 return srtp_err_status_fail;
2123
2124 /*
2125 * create a receiver session context comparable to the one created
2126 * above - we need to do this so that the replay checking doesn't
2127 * complain
2128 */
2129 status = srtp_create(&srtp_recv, &policy);
2130 if (status)
2131 return status;
2132
2133 /*
2134 * unprotect ciphertext, then compare with plaintext
2135 */
2136 status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
Joachim Baucha9ecefe2015-12-14 21:40:42 +0100[diff] [blame]2137 if (status) {
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]2138 return status;
Joachim Baucha9ecefe2015-12-14 21:40:42 +0100[diff] [blame]2139 } else if (len != sizeof(srtp_plaintext_ref)) {
2140 return srtp_err_status_fail;
2141 }
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]2142
2143 if (octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len))
2144 return srtp_err_status_fail;
2145
2146 status = srtp_dealloc(srtp_snd);
2147 if (status)
2148 return status;
2149
2150 status = srtp_dealloc(srtp_recv);
2151 if (status)
2152 return status;
2153
2154 return srtp_err_status_ok;
2155}
Joachim Bauch80a45b52015-12-06 22:57:58 +0100[diff] [blame]2156#endif
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2157
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2158/*
2159 * srtp_validate_aes_256() verifies the correctness of libsrtp by comparing
2160 * some computed packets against some pre-computed reference values.
2161 * These packets were made with the AES-CM-256/HMAC-SHA-1-80 policy.
2162 */
2163
2164
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]2165srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2166srtp_validate_aes_256 ()
2167{
2168 unsigned char aes_256_test_key[46] = {
2169 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76,
2170 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29,
2171 0x98, 0xf6, 0xf6, 0xe4, 0x3e, 0x43, 0x09, 0xd1,
2172 0xe6, 0x22, 0xa0, 0xe3, 0x32, 0xb9, 0xf1, 0xb6,
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2173
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2174 0x3b, 0x04, 0x80, 0x3d, 0xe5, 0x1e, 0xe7, 0xc9,
2175 0x64, 0x23, 0xab, 0x5b, 0x78, 0xd2
2176 };
2177 uint8_t srtp_plaintext_ref[28] = {
2178 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
2179 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
2180 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
2181 0xab, 0xab, 0xab, 0xab
2182 };
2183 uint8_t srtp_plaintext[38] = {
2184 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
2185 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
2186 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
2187 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00,
2188 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
2189 };
2190 uint8_t srtp_ciphertext[38] = {
2191 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
2192 0xca, 0xfe, 0xba, 0xbe, 0xf1, 0xd9, 0xde, 0x17,
2193 0xff, 0x25, 0x1f, 0xf1, 0xaa, 0x00, 0x77, 0x74,
2194 0xb0, 0xb4, 0xb4, 0x0d, 0xa0, 0x8d, 0x9d, 0x9a,
2195 0x5b, 0x3a, 0x55, 0xd8, 0x87, 0x3b
2196 };
2197 srtp_t srtp_snd, srtp_recv;
2198 srtp_err_status_t status;
2199 int len;
2200 srtp_policy_t policy;
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2201
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2202 /*
2203 * create a session with a single stream using the default srtp
2204 * policy and with the SSRC value 0xcafebabe
2205 */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]2206 memset(&policy, 0, sizeof(policy));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2207 srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtp);
2208 srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtcp);
2209 policy.ssrc.type = ssrc_specific;
2210 policy.ssrc.value = 0xcafebabe;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]2211 policy.key = aes_256_test_key;
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2212 policy.ekt = NULL;
2213 policy.window_size = 128;
2214 policy.allow_repeat_tx = 0;
2215 policy.next = NULL;
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2216
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2217 status = srtp_create(&srtp_snd, &policy);
2218 if (status) {
2219 return status;
2220 }
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2221
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2222 /*
2223 * protect plaintext, then compare with ciphertext
2224 */
2225 len = 28;
2226 status = srtp_protect(srtp_snd, srtp_plaintext, &len);
2227 if (status || (len != 38)) {
2228 return srtp_err_status_fail;
2229 }
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2230
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2231 debug_print(mod_driver, "ciphertext:\n %s",
2232 octet_string_hex_string(srtp_plaintext, len));
2233 debug_print(mod_driver, "ciphertext reference:\n %s",
2234 octet_string_hex_string(srtp_ciphertext, len));
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2235
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2236 if (octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) {
2237 return srtp_err_status_fail;
2238 }
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2239
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2240 /*
2241 * create a receiver session context comparable to the one created
2242 * above - we need to do this so that the replay checking doesn't
2243 * complain
2244 */
2245 status = srtp_create(&srtp_recv, &policy);
2246 if (status) {
2247 return status;
2248 }
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2249
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2250 /*
2251 * unprotect ciphertext, then compare with plaintext
2252 */
2253 status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
2254 if (status || (len != 28)) {
2255 return status;
2256 }
2257
2258 if (octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) {
2259 return srtp_err_status_fail;
2260 }
2261
2262 status = srtp_dealloc(srtp_snd);
2263 if (status) {
2264 return status;
2265 }
2266
2267 status = srtp_dealloc(srtp_recv);
2268 if (status) {
2269 return status;
2270 }
2271
2272 return srtp_err_status_ok;
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2273}
2274
2275
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]2276srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2277srtp_create_big_policy (srtp_policy_t **list)
2278{
2279 extern const srtp_policy_t *policy_array[];
2280 srtp_policy_t *p, *tmp;
2281 int i = 0;
2282 uint32_t ssrc = 0;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2283
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2284 /* sanity checking */
2285 if ((list == NULL) || (policy_array[0] == NULL)) {
2286 return srtp_err_status_bad_param;
2287 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2288
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2289 /*
2290 * loop over policy list, mallocing a new list and copying values
2291 * into it (and incrementing the SSRC value as we go along)
2292 */
2293 tmp = NULL;
2294 while (policy_array[i] != NULL) {
2295 p = (srtp_policy_t*)malloc(sizeof(srtp_policy_t));
2296 if (p == NULL) {
2297 return srtp_err_status_bad_param;
2298 }
2299 memcpy(p, policy_array[i], sizeof(srtp_policy_t));
2300 p->ssrc.type = ssrc_specific;
2301 p->ssrc.value = ssrc++;
2302 p->next = tmp;
2303 tmp = p;
2304 i++;
2305 }
2306 *list = p;
2307
2308 return srtp_err_status_ok;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2309}
2310
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]2311srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2312srtp_dealloc_big_policy (srtp_policy_t *list)
2313{
2314 srtp_policy_t *p, *next;
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]2315
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2316 for (p = list; p != NULL; p = next) {
2317 next = p->next;
2318 free(p);
2319 }
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]2320
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2321 return srtp_err_status_ok;
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]2322}
2323
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]2324srtp_err_status_t
2325srtp_test_empty_payload()
2326{
2327 srtp_t srtp_snd, srtp_recv;
2328 srtp_err_status_t status;
2329 int len;
2330 srtp_policy_t policy;
2331 srtp_hdr_t *mesg;
2332
2333 /*
2334 * create a session with a single stream using the default srtp
2335 * policy and with the SSRC value 0xcafebabe
2336 */
2337 memset(&policy, 0, sizeof(policy));
2338 srtp_crypto_policy_set_rtp_default(&policy.rtp);
2339 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
2340 policy.ssrc.type = ssrc_specific;
2341 policy.ssrc.value = 0xcafebabe;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]2342 policy.key = test_key;
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]2343 policy.ekt = NULL;
2344 policy.window_size = 128;
2345 policy.allow_repeat_tx = 0;
2346 policy.next = NULL;
2347
2348 status = srtp_create(&srtp_snd, &policy);
2349 if (status) {
2350 return status;
2351 }
2352
2353 mesg = srtp_create_test_packet(0, policy.ssrc.value);
2354 if (mesg == NULL) {
2355 return srtp_err_status_fail;
2356 }
2357
2358 len = 12; /* only the header */
2359 status = srtp_protect(srtp_snd, mesg, &len);
2360 if (status) {
2361 return status;
2362 } else if (len != 12 + 10) {
2363 return srtp_err_status_fail;
2364 }
2365
2366 /*
2367 * create a receiver session context comparable to the one created
2368 * above - we need to do this so that the replay checking doesn't
2369 * complain
2370 */
2371 status = srtp_create(&srtp_recv, &policy);
2372 if (status) {
2373 return status;
2374 }
2375
2376 /*
2377 * unprotect ciphertext, then compare with plaintext
2378 */
2379 status = srtp_unprotect(srtp_recv, mesg, &len);
2380 if (status) {
2381 return status;
2382 } else if (len != 12) {
2383 return srtp_err_status_fail;
2384 }
2385
2386 status = srtp_dealloc(srtp_snd);
2387 if (status) {
2388 return status;
2389 }
2390
2391 status = srtp_dealloc(srtp_recv);
2392 if (status) {
2393 return status;
2394 }
2395
2396 free(mesg);
2397
2398 return srtp_err_status_ok;
2399}
2400
2401#ifdef OPENSSL
2402srtp_err_status_t
2403srtp_test_empty_payload_gcm()
2404{
2405 srtp_t srtp_snd, srtp_recv;
2406 srtp_err_status_t status;
2407 int len;
2408 srtp_policy_t policy;
2409 srtp_hdr_t *mesg;
2410
2411 /*
2412 * create a session with a single stream using the default srtp
2413 * policy and with the SSRC value 0xcafebabe
2414 */
2415 memset(&policy, 0, sizeof(policy));
2416 srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp);
2417 srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp);
2418 policy.ssrc.type = ssrc_specific;
2419 policy.ssrc.value = 0xcafebabe;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]2420 policy.key = test_key;
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]2421 policy.ekt = NULL;
2422 policy.window_size = 128;
2423 policy.allow_repeat_tx = 0;
2424 policy.next = NULL;
2425
2426 status = srtp_create(&srtp_snd, &policy);
2427 if (status) {
2428 return status;
2429 }
2430
2431 mesg = srtp_create_test_packet(0, policy.ssrc.value);
2432 if (mesg == NULL) {
2433 return srtp_err_status_fail;
2434 }
2435
2436 len = 12; /* only the header */
2437 status = srtp_protect(srtp_snd, mesg, &len);
2438 if (status) {
2439 return status;
2440 } else if (len != 12 + 8) {
2441 return srtp_err_status_fail;
2442 }
2443
2444 /*
2445 * create a receiver session context comparable to the one created
2446 * above - we need to do this so that the replay checking doesn't
2447 * complain
2448 */
2449 status = srtp_create(&srtp_recv, &policy);
2450 if (status) {
2451 return status;
2452 }
2453
2454 /*
2455 * unprotect ciphertext, then compare with plaintext
2456 */
2457 status = srtp_unprotect(srtp_recv, mesg, &len);
2458 if (status) {
2459 return status;
2460 } else if (len != 12) {
2461 return srtp_err_status_fail;
2462 }
2463
2464 status = srtp_dealloc(srtp_snd);
2465 if (status) {
2466 return status;
2467 }
2468
2469 status = srtp_dealloc(srtp_recv);
2470 if (status) {
2471 return status;
2472 }
2473
2474 free(mesg);
2475
2476 return srtp_err_status_ok;
2477}
2478#endif // OPENSSL
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]2479
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]2480srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2481srtp_test_remove_stream ()
2482{
2483 srtp_err_status_t status;
2484 srtp_policy_t *policy_list, policy;
2485 srtp_t session;
2486 srtp_stream_t stream;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2487
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2488 /*
2489 * srtp_get_stream() is a libSRTP internal function that we declare
2490 * here so that we can use it to verify the correct operation of the
2491 * library
2492 */
2493 extern srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2494
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2495
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2496 status = srtp_create_big_policy(&policy_list);
2497 if (status) {
2498 return status;
2499 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2500
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2501 status = srtp_create(&session, policy_list);
2502 if (status) {
2503 return status;
2504 }
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]2505
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2506 /*
2507 * check for false positives by trying to remove a stream that's not
2508 * in the session
2509 */
2510 status = srtp_remove_stream(session, htonl(0xaaaaaaaa));
2511 if (status != srtp_err_status_no_ctx) {
2512 return srtp_err_status_fail;
2513 }
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]2514
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2515 /*
2516 * check for false negatives by removing stream 0x1, then
2517 * searching for streams 0x0 and 0x2
2518 */
2519 status = srtp_remove_stream(session, htonl(0x1));
2520 if (status != srtp_err_status_ok) {
2521 return srtp_err_status_fail;
2522 }
2523 stream = srtp_get_stream(session, htonl(0x0));
2524 if (stream == NULL) {
2525 return srtp_err_status_fail;
2526 }
2527 stream = srtp_get_stream(session, htonl(0x2));
2528 if (stream == NULL) {
2529 return srtp_err_status_fail;
2530 }
Jonathan Lennoxad741b22010-05-27 19:23:05 +0000[diff] [blame]2531
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2532 status = srtp_dealloc(session);
2533 if (status != srtp_err_status_ok) {
2534 return status;
2535 }
Jonathan Lennoxad741b22010-05-27 19:23:05 +0000[diff] [blame]2536
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2537 status = srtp_dealloc_big_policy(policy_list);
2538 if (status != srtp_err_status_ok) {
2539 return status;
2540 }
Jonathan Lennoxad741b22010-05-27 19:23:05 +0000[diff] [blame]2541
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2542 /* Now test adding and removing a single stream */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]2543 memset(&policy, 0, sizeof(policy));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2544 srtp_crypto_policy_set_rtp_default(&policy.rtp);
2545 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
2546 policy.ssrc.type = ssrc_specific;
2547 policy.ssrc.value = 0xcafebabe;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]2548 policy.key = test_key;
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2549 policy.ekt = NULL;
2550 policy.window_size = 128;
2551 policy.allow_repeat_tx = 0;
2552 policy.next = NULL;
Jonathan Lennoxad741b22010-05-27 19:23:05 +0000[diff] [blame]2553
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2554 status = srtp_create(&session, NULL);
2555 if (status != srtp_err_status_ok) {
2556 return status;
2557 }
2558
2559 status = srtp_add_stream(session, &policy);
2560 if (status != srtp_err_status_ok) {
2561 return status;
2562 }
2563
2564 status = srtp_remove_stream(session, htonl(0xcafebabe));
2565 if (status != srtp_err_status_ok) {
2566 return status;
2567 }
2568
2569 status = srtp_dealloc(session);
2570 if (status != srtp_err_status_ok) {
2571 return status;
2572 }
2573
2574 return srtp_err_status_ok;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2575}
2576
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2577
2578unsigned char test_alt_key[46] = {
2579 0xe5, 0x19, 0x6f, 0x01, 0x5e, 0xf1, 0x9b, 0xe1,
2580 0xd7, 0x47, 0xa7, 0x27, 0x07, 0xd7, 0x47, 0x33,
2581 0x01, 0xc2, 0x35, 0x4d, 0x59, 0x6a, 0xf7, 0x84,
2582 0x96, 0x98, 0xeb, 0xaa, 0xac, 0xf6, 0xa1, 0x45,
2583 0xc7, 0x15, 0xe2, 0xea, 0xfe, 0x55, 0x67, 0x96,
2584 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
2585};
2586
2587/*
2588 * srtp_test_update() verifies updating/rekeying exsisting streams.
2589 * As stated in https://tools.ietf.org/html/rfc3711#section-3.3.1
2590 * the value of the ROC must not be reset after a rekey, this test
2591 * atempts to prove that srtp_update does not reset the ROC.
2592 */
2593
2594srtp_err_status_t
2595srtp_test_update() {
2596
2597 srtp_err_status_t status;
2598 uint32_t ssrc = 0x12121212;
2599 int msg_len_octets = 32;
2600 int protected_msg_len_octets;
2601 srtp_hdr_t * msg;
2602 srtp_t srtp_snd, srtp_recv;
2603 srtp_policy_t policy;
2604
Joachim Bauch1b793352015-12-14 21:30:44 +0100[diff] [blame]2605 memset(&policy, 0, sizeof(policy));
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2606 srtp_crypto_policy_set_rtp_default(&policy.rtp);
2607 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
2608 policy.ekt = NULL;
2609 policy.window_size = 128;
2610 policy.allow_repeat_tx = 0;
2611 policy.next = NULL;
2612 policy.ssrc.type = ssrc_any_outbound;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]2613 policy.key = test_key;
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2614
2615 /* create a send and recive ctx with defualt profile and test_key */
2616 status = srtp_create(&srtp_recv, &policy);
2617 if (status)
2618 return status;
2619
2620 policy.ssrc.type = ssrc_any_inbound;
2621 status = srtp_create(&srtp_snd, &policy);
2622 if (status)
2623 return status;
2624
2625 /* protect and unprotect two msg's that will cause the ROC to be equal to 1 */
2626 msg = srtp_create_test_packet(msg_len_octets, ssrc);
2627 if (msg == NULL)
2628 return srtp_err_status_alloc_fail;
2629 msg->seq = htons(65535);
2630
2631 protected_msg_len_octets = msg_len_octets;
2632 status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets);
2633 if (status)
2634 return srtp_err_status_fail;
2635
2636 status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
2637 if (status)
2638 return status;
2639
2640 free(msg);
2641
2642 msg = srtp_create_test_packet(msg_len_octets, ssrc);
2643 if (msg == NULL)
2644 return srtp_err_status_alloc_fail;
2645 msg->seq = htons(1);
2646
2647 protected_msg_len_octets = msg_len_octets;
2648 status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets);
2649 if (status)
2650 return srtp_err_status_fail;
2651
2652 status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
2653 if (status)
2654 return status;
2655
2656 free(msg);
2657
Pascal Bühlerb095e7e2016-06-09 13:46:28 +0200[diff] [blame]2658 /* update send ctx with same test_key t verify update works*/
2659 policy.ssrc.type = ssrc_any_outbound;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]2660 policy.key = test_key;
Pascal Bühlerb095e7e2016-06-09 13:46:28 +0200[diff] [blame]2661 status = srtp_update(srtp_snd, &policy);
2662 if (status)
2663 return status;
2664
2665 msg = srtp_create_test_packet(msg_len_octets, ssrc);
2666 if (msg == NULL)
2667 return srtp_err_status_alloc_fail;
2668 msg->seq = htons(2);
2669
2670 protected_msg_len_octets = msg_len_octets;
2671 status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets);
2672 if (status)
2673 return srtp_err_status_fail;
2674
2675 status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
2676 if (status)
2677 return status;
2678
2679 free(msg);
2680
2681
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2682 /* update send ctx to use test_alt_key */
2683 policy.ssrc.type = ssrc_any_outbound;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]2684 policy.key = test_alt_key;
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2685 status = srtp_update(srtp_snd, &policy);
2686 if (status)
2687 return status;
2688
2689 /* create and protect msg with new key and ROC still equal to 1 */
2690 msg = srtp_create_test_packet(msg_len_octets, ssrc);
2691 if (msg == NULL)
2692 return srtp_err_status_alloc_fail;
Pascal Bühlerb095e7e2016-06-09 13:46:28 +0200[diff] [blame]2693 msg->seq = htons(3);
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2694
2695 protected_msg_len_octets = msg_len_octets;
2696 status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets);
2697 if (status)
2698 return srtp_err_status_fail;
2699
2700 /* verify that recive ctx will fail to unprotect as it still uses test_key */
2701 status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
2702 if (status == srtp_err_status_ok)
2703 return srtp_err_status_fail;
2704
2705 /* create a new recvieve ctx with test_alt_key but since it is new it will have ROC equal to 1
2706 * and therefore should fail to unprotected */
2707 {
2708 srtp_t srtp_recv_roc_0;
2709
2710 policy.ssrc.type = ssrc_any_inbound;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]2711 policy.key = test_alt_key;
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2712 status = srtp_create(&srtp_recv_roc_0, &policy);
2713 if (status)
2714 return status;
2715
2716 status = srtp_unprotect(srtp_recv_roc_0, msg, &protected_msg_len_octets);
2717 if (status == srtp_err_status_ok)
2718 return srtp_err_status_fail;
2719
2720 status = srtp_dealloc(srtp_recv_roc_0);
2721 if (status)
2722 return status;
2723 }
2724
2725 /* update recive ctx to use test_alt_key */
2726 policy.ssrc.type = ssrc_any_inbound;
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]2727 policy.key = test_alt_key;
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2728 status = srtp_update(srtp_recv, &policy);
2729 if (status)
2730 return status;
2731
2732 /* verify that can still unprotect, therfore key is updated and ROC value is preserved */
2733 status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
2734 if (status)
2735 return status;
2736
2737 free(msg);
2738
2739 status = srtp_dealloc(srtp_snd);
2740 if (status)
2741 return status;
2742
2743 status = srtp_dealloc(srtp_recv);
2744 if (status)
2745 return status;
2746
2747 return srtp_err_status_ok;
2748}
2749
Ryan Hooperab0345b2017-02-07 16:07:59 -0500[diff] [blame^]2750srtp_err_status_t
2751srtp_test_setup_protect_trailer_streams(srtp_t *srtp_send, srtp_t *srtp_send_mki,
2752 srtp_t *srtp_send_aes_gcm, srtp_t *srtp_send_aes_gcm_mki) {
2753
2754 srtp_err_status_t status;
2755 srtp_policy_t policy;
2756 srtp_policy_t policy_mki;
2757#ifdef OPENSSL
2758 srtp_policy_t policy_aes_gcm;
2759 srtp_policy_t policy_aes_gcm_mki;
2760#endif // OPENSSL
2761
2762 memset(&policy, 0, sizeof(policy));
2763 srtp_crypto_policy_set_rtp_default(&policy.rtp);
2764 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
2765 policy.ekt = NULL;
2766 policy.window_size = 128;
2767 policy.allow_repeat_tx = 0;
2768 policy.next = NULL;
2769 policy.ssrc.type = ssrc_any_outbound;
2770 policy.key = test_key;
2771
2772 memset(&policy_mki, 0, sizeof(policy_mki));
2773 srtp_crypto_policy_set_rtp_default(&policy_mki.rtp);
2774 srtp_crypto_policy_set_rtcp_default(&policy_mki.rtcp);
2775 policy_mki.ekt = NULL;
2776 policy_mki.window_size = 128;
2777 policy_mki.allow_repeat_tx = 0;
2778 policy_mki.next = NULL;
2779 policy_mki.ssrc.type = ssrc_any_outbound;
2780 policy_mki.key = NULL;
2781 policy_mki.keys = test_keys;
2782 policy_mki.num_master_keys = 2;
2783
2784#ifdef OPENSSL
2785 memset(&policy_aes_gcm, 0, sizeof(policy_aes_gcm));
2786 srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm.rtp);
2787 srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm.rtcp);
2788 policy_aes_gcm.ekt = NULL;
2789 policy_aes_gcm.window_size = 128;
2790 policy_aes_gcm.allow_repeat_tx = 0;
2791 policy_aes_gcm.next = NULL;
2792 policy_aes_gcm.ssrc.type = ssrc_any_outbound;
2793 policy_aes_gcm.key = test_key;
2794
2795 memset(&policy_aes_gcm_mki, 0, sizeof(policy_aes_gcm_mki));
2796 srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm_mki.rtp);
2797 srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy_aes_gcm_mki.rtcp);
2798 policy_aes_gcm_mki.ekt = NULL;
2799 policy_aes_gcm_mki.window_size = 128;
2800 policy_aes_gcm_mki.allow_repeat_tx = 0;
2801 policy_aes_gcm_mki.next = NULL;
2802 policy_aes_gcm_mki.ssrc.type = ssrc_any_outbound;
2803 policy_aes_gcm_mki.key = NULL;
2804 policy_aes_gcm_mki.keys = test_keys;
2805 policy_aes_gcm_mki.num_master_keys = 2;
2806
2807#endif
2808
2809 /* create a send ctx with defualt profile and test_key */
2810 status = srtp_create(srtp_send, &policy);
2811 if (status)
2812 return status;
2813
2814 status = srtp_create(srtp_send_mki, &policy_mki);
2815 if (status)
2816 return status;
2817
2818#ifdef OPENSSL
2819 status = srtp_create(srtp_send_aes_gcm, &policy_aes_gcm);
2820 if (status)
2821 return status;
2822
2823 status = srtp_create(srtp_send_aes_gcm_mki, &policy_aes_gcm_mki);
2824 if (status)
2825 return status;
2826#endif //OPENSSL
2827
2828 return srtp_err_status_ok;
2829}
2830
2831srtp_err_status_t
2832srtp_test_protect_trailer_length() {
2833
2834 srtp_t srtp_send;
2835 srtp_t srtp_send_mki;
2836 srtp_t srtp_send_aes_gcm;
2837 srtp_t srtp_send_aes_gcm_mki;
2838 uint32_t length = 0;
2839 srtp_err_status_t status;
2840
2841 srtp_test_setup_protect_trailer_streams(&srtp_send, &srtp_send_mki,
2842 &srtp_send_aes_gcm, &srtp_send_aes_gcm_mki);
2843
2844 status = srtp_get_protect_trailer_length(srtp_send, 0, 0, &length);
2845 if (status)
2846 return status;
2847
2848 /* TAG Length: 10 bytes */
2849 if (length != 10)
2850 return srtp_err_status_fail;
2851
2852 status = srtp_get_protect_trailer_length(srtp_send_mki, 1, 1, &length);
2853 if (status)
2854 return status;
2855
2856 /* TAG Length: 10 bytes + MKI length: 4 bytes*/
2857 if (length != 14)
2858 return srtp_err_status_fail;
2859
2860#ifdef OPENSSL
2861 status = srtp_get_protect_trailer_length(srtp_send_aes_gcm, 0, 0, &length);
2862 if (status)
2863 return status;
2864
2865 /* TAG Length: 16 bytes */
2866 if (length != 16)
2867 return srtp_err_status_fail;
2868
2869
2870 status = srtp_get_protect_trailer_length(srtp_send_aes_gcm_mki, 1, 1, &length);
2871 if (status)
2872 return status;
2873
2874 /* TAG Length: 16 bytes + MKI length: 4 bytes*/
2875 if (length != 20)
2876 return srtp_err_status_fail;
2877
2878#endif //OPENSSL
2879
2880 return srtp_err_status_ok;
2881}
2882
2883srtp_err_status_t
2884srtp_test_protect_rtcp_trailer_length() {
2885
2886 srtp_t srtp_send;
2887 srtp_t srtp_send_mki;
2888 srtp_t srtp_send_aes_gcm;
2889 srtp_t srtp_send_aes_gcm_mki;
2890 uint32_t length = 0;
2891 srtp_err_status_t status;
2892
2893 srtp_test_setup_protect_trailer_streams(&srtp_send, &srtp_send_mki,
2894 &srtp_send_aes_gcm, &srtp_send_aes_gcm_mki);
2895
2896 status = srtp_get_protect_rtcp_trailer_length(srtp_send, 0, 0, &length);
2897 if (status)
2898 return status;
2899
2900 /* TAG Length: 10 bytes + SRTCP Trailer 4 bytes*/
2901 if (length != 14)
2902 return srtp_err_status_fail;
2903
2904 status = srtp_get_protect_rtcp_trailer_length(srtp_send_mki, 1, 1, &length);
2905 if (status)
2906 return status;
2907
2908 /* TAG Length: 10 bytes + SRTCP Trailer 4 bytes + MKI 4 bytes*/
2909 if (length != 18)
2910 return srtp_err_status_fail;
2911
2912#ifdef OPENSSL
2913 status = srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm, 0, 0, &length);
2914 if (status)
2915 return status;
2916
2917 /* TAG Length: 16 bytes + SRTCP Trailer 4 bytes*/
2918 if (length != 20)
2919 return srtp_err_status_fail;
2920
2921
2922 status = srtp_get_protect_rtcp_trailer_length(srtp_send_aes_gcm_mki, 1, 1, &length);
2923 if (status)
2924 return status;
2925
2926 /* TAG Length: 16 bytes + SRTCP Trailer 4 bytes + MKI 4 bytes*/
2927 if (length != 24)
2928 return srtp_err_status_fail;
2929
2930#endif //OPENSSL
2931
2932 return srtp_err_status_ok;
2933}
2934
2935
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2936/*
2937 * srtp policy definitions - these definitions are used above
2938 */
2939
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2940unsigned char test_key[46] = {
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2941 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
2942 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
2943 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2944 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6, 0xc1, 0x73,
2945 0xc3, 0x17, 0xf2, 0xda, 0xbe, 0x35, 0x77, 0x93,
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2946 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
2947};
2948
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]2949unsigned char test_key_2[46] = {
2950 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76,
2951 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29,
2952 0x98, 0xf6, 0xf6, 0xe4, 0x3e, 0x43, 0x09, 0xd1,
2953 0xe6, 0x22, 0xa0, 0xe3, 0x32, 0xb9, 0xf1, 0xb6,
2954 0xc3, 0x17, 0xf2, 0xda, 0xbe, 0x35, 0x77, 0x93,
2955 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
2956};
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2957
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]2958unsigned char test_mki_id[TEST_MKI_ID_SIZE] = {
2959 0xe1, 0xf9, 0x7a, 0x0d
2960};
2961
2962unsigned char test_mki_id_2[TEST_MKI_ID_SIZE] = {
2963 0xf3, 0xa1, 0x46, 0x71
2964};
2965
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2966const srtp_policy_t default_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2967 { ssrc_any_outbound, 0 }, /* SSRC */
2968 { /* SRTP policy */
2969 SRTP_AES_128_ICM, /* cipher type */
2970 30, /* cipher key length in octets */
2971 SRTP_HMAC_SHA1, /* authentication func type */
2972 16, /* auth key length in octets */
2973 10, /* auth tag length in octets */
2974 sec_serv_conf_and_auth /* security services flag */
2975 },
2976 { /* SRTCP policy */
2977 SRTP_AES_128_ICM, /* cipher type */
2978 30, /* cipher key length in octets */
2979 SRTP_HMAC_SHA1, /* authentication func type */
2980 16, /* auth key length in octets */
2981 10, /* auth tag length in octets */
2982 sec_serv_conf_and_auth /* security services flag */
2983 },
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]2984 NULL,
2985 (srtp_master_key_t **)test_keys,
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]2986 2, /* indicates the number of Master keys */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2987 NULL, /* indicates that EKT is not in use */
2988 128, /* replay window size */
2989 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]2990 NULL, /* no encrypted extension headers */
2991 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2992 NULL
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2993};
2994
2995const srtp_policy_t aes_only_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2996 { ssrc_any_outbound, 0 }, /* SSRC */
2997 {
2998 SRTP_AES_128_ICM, /* cipher type */
2999 30, /* cipher key length in octets */
3000 SRTP_NULL_AUTH, /* authentication func type */
3001 0, /* auth key length in octets */
3002 0, /* auth tag length in octets */
3003 sec_serv_conf /* security services flag */
3004 },
3005 {
3006 SRTP_AES_128_ICM, /* cipher type */
3007 30, /* cipher key length in octets */
3008 SRTP_NULL_AUTH, /* authentication func type */
3009 0, /* auth key length in octets */
3010 0, /* auth tag length in octets */
3011 sec_serv_conf /* security services flag */
3012 },
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]3013 NULL,
3014 (srtp_master_key_t **)test_keys,
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]3015 2, /* indicates the number of Master keys */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3016 NULL, /* indicates that EKT is not in use */
3017 128, /* replay window size */
3018 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3019 NULL, /* no encrypted extension headers */
3020 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3021 NULL
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3022};
3023
3024const srtp_policy_t hmac_only_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3025 { ssrc_any_outbound, 0 }, /* SSRC */
3026 {
3027 SRTP_NULL_CIPHER, /* cipher type */
3028 0, /* cipher key length in octets */
3029 SRTP_HMAC_SHA1, /* authentication func type */
3030 20, /* auth key length in octets */
3031 4, /* auth tag length in octets */
3032 sec_serv_auth /* security services flag */
3033 },
3034 {
3035 SRTP_NULL_CIPHER, /* cipher type */
3036 0, /* cipher key length in octets */
3037 SRTP_HMAC_SHA1, /* authentication func type */
3038 20, /* auth key length in octets */
3039 4, /* auth tag length in octets */
3040 sec_serv_auth /* security services flag */
3041 },
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]3042 NULL,
3043 (srtp_master_key_t **)test_keys,
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]3044 2, /* Number of Master keys associated with the policy */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3045 NULL, /* indicates that EKT is not in use */
3046 128, /* replay window size */
3047 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3048 NULL, /* no encrypted extension headers */
3049 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3050 NULL
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3051};
3052
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3053#ifdef OPENSSL
3054const srtp_policy_t aes128_gcm_8_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3055 { ssrc_any_outbound, 0 }, /* SSRC */
3056 { /* SRTP policy */
3057 SRTP_AES_128_GCM, /* cipher type */
3058 SRTP_AES_128_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
3059 SRTP_NULL_AUTH, /* authentication func type */
3060 0, /* auth key length in octets */
3061 8, /* auth tag length in octets */
3062 sec_serv_conf_and_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3063 },
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3064 { /* SRTCP policy */
3065 SRTP_AES_128_GCM, /* cipher type */
3066 SRTP_AES_128_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
3067 SRTP_NULL_AUTH, /* authentication func type */
3068 0, /* auth key length in octets */
3069 8, /* auth tag length in octets */
3070 sec_serv_conf_and_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3071 },
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]3072 NULL,
3073 (srtp_master_key_t **)test_keys,
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]3074 2, /* indicates the number of Master keys */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3075 NULL, /* indicates that EKT is not in use */
3076 128, /* replay window size */
3077 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3078 NULL, /* no encrypted extension headers */
3079 0, /* list of encrypted extension headers is empty */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3080 NULL
3081};
3082
3083const srtp_policy_t aes128_gcm_8_cauth_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3084 { ssrc_any_outbound, 0 }, /* SSRC */
3085 { /* SRTP policy */
3086 SRTP_AES_128_GCM, /* cipher type */
3087 SRTP_AES_128_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
3088 SRTP_NULL_AUTH, /* authentication func type */
3089 0, /* auth key length in octets */
3090 8, /* auth tag length in octets */
3091 sec_serv_conf_and_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3092 },
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3093 { /* SRTCP policy */
3094 SRTP_AES_128_GCM, /* cipher type */
3095 SRTP_AES_128_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
3096 SRTP_NULL_AUTH, /* authentication func type */
3097 0, /* auth key length in octets */
3098 8, /* auth tag length in octets */
3099 sec_serv_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3100 },
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]3101 NULL,
Ryan Hooper6c339f72017-01-03 13:45:18 -0500[diff] [blame]3102 (srtp_master_key_t **)test_keys,
3103 2, /* indicates the number of Master keys */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3104 NULL, /* indicates that EKT is not in use */
3105 128, /* replay window size */
3106 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3107 NULL, /* no encrypted extension headers */
3108 0, /* list of encrypted extension headers is empty */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3109 NULL
3110};
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3111
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3112const srtp_policy_t aes256_gcm_8_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3113 { ssrc_any_outbound, 0 }, /* SSRC */
3114 { /* SRTP policy */
3115 SRTP_AES_256_GCM, /* cipher type */
3116 SRTP_AES_256_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
3117 SRTP_NULL_AUTH, /* authentication func type */
3118 0, /* auth key length in octets */
3119 8, /* auth tag length in octets */
3120 sec_serv_conf_and_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3121 },
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3122 { /* SRTCP policy */
3123 SRTP_AES_256_GCM, /* cipher type */
3124 SRTP_AES_256_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
3125 SRTP_NULL_AUTH, /* authentication func type */
3126 0, /* auth key length in octets */
3127 8, /* auth tag length in octets */
3128 sec_serv_conf_and_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3129 },
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]3130 NULL,
3131 (srtp_master_key_t **)test_keys,
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]3132 2, /* indicates the number of Master keys */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3133 NULL, /* indicates that EKT is not in use */
3134 128, /* replay window size */
3135 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3136 NULL, /* no encrypted extension headers */
3137 0, /* list of encrypted extension headers is empty */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3138 NULL
3139};
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3140
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3141const srtp_policy_t aes256_gcm_8_cauth_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3142 { ssrc_any_outbound, 0 }, /* SSRC */
3143 { /* SRTP policy */
3144 SRTP_AES_256_GCM, /* cipher type */
3145 SRTP_AES_256_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
3146 SRTP_NULL_AUTH, /* authentication func type */
3147 0, /* auth key length in octets */
3148 8, /* auth tag length in octets */
3149 sec_serv_conf_and_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3150 },
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3151 { /* SRTCP policy */
3152 SRTP_AES_256_GCM, /* cipher type */
3153 SRTP_AES_256_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
3154 SRTP_NULL_AUTH, /* authentication func type */
3155 0, /* auth key length in octets */
3156 8, /* auth tag length in octets */
3157 sec_serv_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3158 },
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]3159 NULL,
3160 (srtp_master_key_t **)test_keys,
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]3161 2, /* indicates the number of Master keys */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3162 NULL, /* indicates that EKT is not in use */
3163 128, /* replay window size */
3164 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3165 NULL, /* no encrypted extension headers */
3166 0, /* list of encrypted extension headers is empty */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3167 NULL
3168};
3169#endif
3170
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3171const srtp_policy_t null_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3172 { ssrc_any_outbound, 0 }, /* SSRC */
3173 {
3174 SRTP_NULL_CIPHER, /* cipher type */
3175 0, /* cipher key length in octets */
3176 SRTP_NULL_AUTH, /* authentication func type */
3177 0, /* auth key length in octets */
3178 0, /* auth tag length in octets */
3179 sec_serv_none /* security services flag */
3180 },
3181 {
3182 SRTP_NULL_CIPHER, /* cipher type */
3183 0, /* cipher key length in octets */
3184 SRTP_NULL_AUTH, /* authentication func type */
3185 0, /* auth key length in octets */
3186 0, /* auth tag length in octets */
3187 sec_serv_none /* security services flag */
3188 },
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]3189 NULL,
3190 (srtp_master_key_t **)test_keys,
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]3191 2, /* indicates the number of Master keys */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3192 NULL, /* indicates that EKT is not in use */
3193 128, /* replay window size */
3194 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3195 NULL, /* no encrypted extension headers */
3196 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3197 NULL
David McGrew79870d62007-06-15 18:17:39 +0000[diff] [blame]3198};
3199
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]3200unsigned char test_256_key[46] = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3201 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76,
3202 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29,
3203 0x98, 0xf6, 0xf6, 0xe4, 0x3e, 0x43, 0x09, 0xd1,
3204 0xe6, 0x22, 0xa0, 0xe3, 0x32, 0xb9, 0xf1, 0xb6,
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]3205
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3206 0x3b, 0x04, 0x80, 0x3d, 0xe5, 0x1e, 0xe7, 0xc9,
3207 0x64, 0x23, 0xab, 0x5b, 0x78, 0xd2
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]3208};
3209
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]3210unsigned char test_256_key_2[46] = {
3211 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
3212 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
3213 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
3214 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6, 0xc1, 0x73,
3215 0x3b, 0x04, 0x80, 0x3d, 0xe5, 0x1e, 0xe7, 0xc9,
3216 0x64, 0x23, 0xab, 0x5b, 0x78, 0xd2
3217};
3218
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]3219srtp_master_key_t master_256_key_1 = {
3220 test_256_key,
3221 test_mki_id,
3222 TEST_MKI_ID_SIZE
3223};
3224
3225srtp_master_key_t master_256_key_2 = {
3226 test_256_key_2,
3227 test_mki_id_2,
3228 TEST_MKI_ID_SIZE
3229};
3230
3231srtp_master_key_t *test_256_keys[2] = {
3232 &master_key_1,
3233 &master_key_2
3234};
3235
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]3236const srtp_policy_t aes_256_hmac_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3237 { ssrc_any_outbound, 0 }, /* SSRC */
3238 { /* SRTP policy */
3239 SRTP_AES_ICM, /* cipher type */
3240 46, /* cipher key length in octets */
3241 SRTP_HMAC_SHA1, /* authentication func type */
3242 20, /* auth key length in octets */
3243 10, /* auth tag length in octets */
3244 sec_serv_conf_and_auth /* security services flag */
3245 },
3246 { /* SRTCP policy */
3247 SRTP_AES_ICM, /* cipher type */
3248 46, /* cipher key length in octets */
3249 SRTP_HMAC_SHA1, /* authentication func type */
3250 20, /* auth key length in octets */
3251 10, /* auth tag length in octets */
3252 sec_serv_conf_and_auth /* security services flag */
3253 },
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]3254 NULL,
3255 (srtp_master_key_t **)test_256_keys,
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]3256 2, /* indicates the number of Master keys */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3257 NULL, /* indicates that EKT is not in use */
3258 128, /* replay window size */
3259 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3260 NULL, /* no encrypted extension headers */
3261 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3262 NULL
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]3263};
3264
David McGrew79870d62007-06-15 18:17:39 +0000[diff] [blame]3265uint8_t ekt_test_key[16] = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3266 0x77, 0x26, 0x9d, 0xac, 0x16, 0xa3, 0x28, 0xca,
3267 0x8e, 0xc9, 0x68, 0x4b, 0xcc, 0xc4, 0xd2, 0x1b
David McGrew79870d62007-06-15 18:17:39 +0000[diff] [blame]3268};
3269
3270#include "ekt.h"
3271
jfigusc5887e72014-11-06 09:46:18 -0500[diff] [blame]3272srtp_ekt_policy_ctx_t ekt_test_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3273 0xa5a5, /* SPI */
3274 SRTP_EKT_CIPHER_AES_128_ECB,
3275 ekt_test_key,
3276 NULL
David McGrew79870d62007-06-15 18:17:39 +0000[diff] [blame]3277};
3278
3279const srtp_policy_t hmac_only_with_ekt_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3280 { ssrc_any_outbound, 0 }, /* SSRC */
3281 {
3282 SRTP_NULL_CIPHER, /* cipher type */
3283 0, /* cipher key length in octets */
3284 SRTP_HMAC_SHA1, /* authentication func type */
3285 20, /* auth key length in octets */
3286 4, /* auth tag length in octets */
3287 sec_serv_auth /* security services flag */
3288 },
3289 {
3290 SRTP_NULL_CIPHER, /* cipher type */
3291 0, /* cipher key length in octets */
3292 SRTP_HMAC_SHA1, /* authentication func type */
3293 20, /* auth key length in octets */
3294 4, /* auth tag length in octets */
3295 sec_serv_auth /* security services flag */
3296 },
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]3297 NULL,
3298 (srtp_master_key_t **)test_keys,
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame]3299 2, /* indicates the number of Master keys */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3300 &ekt_test_policy, /* indicates that EKT is not in use */
3301 128, /* replay window size */
3302 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3303 NULL, /* no encrypted extension headers */
3304 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3305 NULL
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3306};
3307
3308
3309/*
3310 * an array of pointers to the policies listed above
3311 *
3312 * This array is used to test various aspects of libSRTP for
3313 * different cryptographic policies. The order of the elements
3314 * matters - the timing test generates output that can be used
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3315 * in a plot (see the gnuplot script file 'timing'). If you
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3316 * add to this list, you should do it at the end.
3317 */
3318
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3319const srtp_policy_t *
3320policy_array[] = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3321 &hmac_only_policy,
3322 &aes_only_policy,
3323 &default_policy,
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3324#ifdef OPENSSL
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3325 &aes128_gcm_8_policy,
3326 &aes128_gcm_8_cauth_policy,
3327 &aes256_gcm_8_policy,
3328 &aes256_gcm_8_cauth_policy,
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3329#endif
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3330 &null_policy,
3331 &aes_256_hmac_policy,
3332 &hmac_only_with_ekt_policy,
3333 NULL
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3334};
3335
3336const srtp_policy_t wildcard_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3337 { ssrc_any_outbound, 0 }, /* SSRC */
3338 { /* SRTP policy */
3339 SRTP_AES_128_ICM, /* cipher type */
3340 30, /* cipher key length in octets */
3341 SRTP_HMAC_SHA1, /* authentication func type */
3342 16, /* auth key length in octets */
3343 10, /* auth tag length in octets */
3344 sec_serv_conf_and_auth /* security services flag */
3345 },
3346 { /* SRTCP policy */
3347 SRTP_AES_128_ICM, /* cipher type */
3348 30, /* cipher key length in octets */
3349 SRTP_HMAC_SHA1, /* authentication func type */
3350 16, /* auth key length in octets */
3351 10, /* auth tag length in octets */
3352 sec_serv_conf_and_auth /* security services flag */
3353 },
Ryan Hooper89a288b2016-12-22 16:22:47 -0500[diff] [blame]3354 test_key,
3355 NULL,
3356 0,
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3357 NULL,
3358 128, /* replay window size */
3359 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3360 NULL, /* no encrypted extension headers */
3361 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3362 NULL
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3363};