blob: 12c0a847f486c9c47debc76125dc15d7d9d1b5f4 [file] [log] [blame]
Cullen Jennings235513a2005-09-21 22:51:36 +00001Changelog
2
jfigusd6580192014-10-13 10:31:30 -040031.5.0
4
5 Add support for using OpenSSL crypto using the --enable-openssl
6 option.
7
8 Add support for AES-GCM crypto suites.
9
10 Add support for pkg_config.
11
12 Add user data API to allow user to associate additional data with a
13 SRTP context.
14
15 This release also includes a variety of bug fixes, which can be
16 viewed at: https://github.com/cisco/libsrtp/commits/master
17
18 Note: The change log was not maintained between versions 1.3.20 and
19 1.4.5.
20
Cullen Jennings235513a2005-09-21 22:51:36 +0000211.3.20
22
23 Lots of changes. Thanks to Jeff Chan for catching a memory leak and
24 helping track down the endian issues with the SSRCs.
25
261.3.8
27
28 This is an interim release. Several little-endian bugs were identified
29 and fixed; this means that we can use intel/linux for development again.
30
31 Cleaned up sha1 and hmac code significantly, got rid of some excess
32 functions and properly documented the fuctions in the .h files.
33
34 Eliminated some vestigial files.
35
36 There is a SIGBUS error in the AES encrypt function on sparc
37 (observed on both solaris and openbsd) with gcc 2.95. Was unable to
38 find bad pointer anywhere, so I'm wondering if it isn't a compiler
39 problem (there's a known problem whose profile it fits). It doesn't
40 appear on any other platform, even in the cipher_driver stress
41 tests.
42
43 Planned changes
44
45 Change interface to nonces (xtd_seq_num_t) so that it uses
46 network byte ordering, and is consistent with other arguments.
47
48
491.3.6
50
51 Changed /dev/random (in configure.in and crypto/rng/rand_source.c) to
52 /dev/urandom; the latter is non-blocking on all known platforms (which
53 corrects some programs that seem to hang) and is actually present on
54 Open BSD (unlike /dev/random, which only works in the presence of
55 hardware supported random number generation).
56
57 Added machine/types.h case in include/integers.h.
58
591.3.5
60
61 Removing srtp_t::template and stream_clone().
62
63 Adding a new policy structure, which will reflect a complete SRTP
64 policy (including SRTCP).
65
66 This version is *incomplete* and will undergo more changes. It is
67 provided only as a basis for discussion.
68
691.3.4
70
71 Removed tmmh.c and tmmh.h, which implemented version one of TMMH.
72
73 Changed srtp_get_trailer_length() to act on streams rather than
74 sessions, and documented the macro SRTP_MAX_TRAILER_LEN, which should
75 usually be used rather than that function.
76
77 Removed 'salt' from cipher input.
78
79 Changed rdbx to use err.h error codes.
80
81 Changed malloc() and free() to xalloc() and xfree; these functions
82 are defined in crypto/kernel/alloc.c and declared in
83 include/alloc.h.
84
85 Added 'output' functions to cipher, in addition to 'encrypt'
86 functions. It is no longer necessary to zeroize a buffer before
87 encrypting in order to get keystream.
88
89 Changed octet_string_hex_string() so that "times two" isn't needed
90 in its input.
91
92 Added crypto_kernel_init() prior to command-line parsing, so that
93 kernel can be passed command-line arguments, such as "-d
94 debug_module". This was done to for the applications
95 test/srtp-driver, test/kernel-driver, and test/ust-driver.
96
97 Improved srtp_init_aes_128_prf - wrote key derivation function
98 (srtp_kdf_t).
99
100 Add the tag_len as an argument to the auth_compute() function, but
101 not the corresponding macro. This change allows the tag length for
102 a given auth func to be set to different values at initialization
103 time. Previously, the structure auth_t contained the
104 output_length, but that value was inaccessible from hmac_compute()
105 and other functions.
106
107 Re-named files from a-b.c to a_b.c. in order to help portability.
108
109 Re-named rijndael to aes (or aes_128 as appropriate).
110
111
1121.2.1
113
114 Changes so that 1.2.0 compiles on cygwin-win2k.
115
116 Added better error reporting system. If syslog is present on the
117 OS, then it is used.
118
119
1201.2.0 Many improvements and additions, and a fex fixes
121
122 Fixed endian issues in RTP header construction in the function
123 rtp_sendto() in srtp/rtp.c.
124
125 Implemented RIJNDAEL decryption operation, adding the functions
126 rijndael_decrypt() and rijndael_expand_decryption_key(). Also
127 re-named rijndael_expand_key() to rijndael_expand_encryption_key()
128 for consistency.
129
130 Implemented random number source using /dev/random, in the files
131 crypto/rng/rand_source.c and include/rand_source.h.
132
133 Added index check to SEAL cipher (only values less than 2^32 are
134 allowed)
135
136 Added test case for null_auth authentication function.
137
138 Added a timing test which tests the effect of CPU cache thrash on
139 cipher throughput. The test is done by the function
140 cipher_test_throughput_array(); the function
141 cipher_array_alloc_init() creates an array of ciphers for use in
142 this test. This test can be accessed by using the -a flag to
143 the application cipher-driver in the test subdirectory.
144
145 Added argument processing to ust-driver.c, and added that app to
146 the 'runtest' target in Makefile.in.
147
148 A minor auth_t API change: last argument of auth_init() eliminated.
149
150
1511.0.6 A small but important fix
152
153 Fixed srtp_init_aes_128_prf() by adding octet_string_set_to_zero()
154 after buffer allocation.
155
156 Eliminated references to no-longer-existing variables in debugging
157 code in srtp/srtp.c. This fixes the compilation failure that
158 occured when using PRINT_DEBUG in that file.
159
160 Corrected spelling of Richard Priestley's name in credits. Sorry
161 Richard!
162
163
1641.0.5 Many little fixes
165
166 Fixed octet_string_set_to_zero(), which was writing one
167 more zero octet than it should. This bug caused srtp_protect()
168 and srtp_unprotect() to overwrite the byte that followed the
169 srtp packet.
170
171 Changed sizeof(uint32_t) to srtp_get_trailer_length() in
172 srtp-driver.c. This is just defensive coding.
173
174 Added NULL check to malloc in srtp_alloc().
175
176
1771.0.4 Many minor fixes and two big ones (thanks for the bug reports!)
178
179 Removed 'ssrc' from the srtp_init_aes_128_prf() function argument
180 list. This is so that applications which do not a priori know the
181 ssrc which they will be receiving can still use libsrtp. Now the
182 SSRC value is gleaned from the rtp header and exored into the
183 counter mode offset in the srtp_protect() and srtp_unprotect()
184 functions, if that cipher is used. This change cascaed through
185 many other functions, including srtp_init_from_hex(),
186 srtp_sender_init() and srtp_receiver_init() in rtp.c, and also
187 changing the CLI to test/rtpw. In the future, another function
188 call will be added to the library that enables multiple ssrc/key
189 pairs to be installed into the same srtp session, so that libsrtp
190 works with multiple srtp senders. For now, this functionality is
191 lacking.
192
193 Removed the GDOI interface to the rtpw demo program. This will be
194 added again at a later date, after the SRTP and GDOI distributions
195 stabilize. For now, I've left in the GDOI #defines and autoconf
196 definitions so that they'll be in place when needed.
197
198 Updated tmmhv2_compute() so that it didn't assume any particular
199 alginment of the output tag.
200
201 Changed bit field variables in srtp.h to unsigned char from
202 unsigned int in order to avoid a potential endianness issue.
203
204 Fixed rdbx_estimate_index() to handle all input cases. This solves
205 the now notorious "abaft" bug in the rtpw demo app on linux/intel,
206 in which spurious replay protection failures happen after that word
207 is received.
208
209 Added ntohs(hdr->seq) to srtp_protect and srtp_unprotect, removed
210 from rijndael_icm_set_segment().
211
212 Added error checking and handling to srtp_sender_init() and
213 srtp_receiver_init().
214
215 Changed srtp_alloc() so that it does what you'd expect: allocate an
216 srtp_ctx_t structure. This hides the library internals.
217
218
2191.0.1 Many minor fixes
220
221 Added cipher_driver_buffer_test(...) to test/cipher-driver.c. This
222 function checks that the byte-buffering functions used by a cipher
223 are correct.
224
225 Fixed SunOS/Solaris build problems: added HAVE_SYS_INT_TYPES_H and
226 changed index_t to xtd_seq_num_t (see include/rdbx.h).
227
228 Fixed SEAL3.0 output byte buffering, added byte-buffering test to
229 cipher/cipher-driver.c.
230
231 Fixed roc-driver so that the non-sequential insertion test
232 automatically recovers from bad estimates. This was required to
233 prevent spurious failures.
234
235 Made rdbx_estimate_index(...) function smarter, so that initial RTP
236 sequence numbers greater than 32,768 don't cause it to estimate the
237 rollover counter of 0xffffffff.
238
239
2401.0.0 Initial release
241