Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / libsrtp2 / fe5d8b82702174eb1f6a3e945fbc8ec4a529175c / . / test / srtp_driver.c
blob: d3033f19b08d506dce465918e578a3e72b4b82ae [file] [log] [blame]
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1/*
2 * srtp_driver.c
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3 *
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]4 * a test driver for libSRTP
5 *
6 * David A. McGrew
7 * Cisco Systems, Inc.
8 */
9/*
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]10 *
David McGrew7629bf22006-06-08 17:00:25 +0000[diff] [blame]11 * Copyright (c) 2001-2006, Cisco Systems, Inc.
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]12 * All rights reserved.
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]13 *
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]14 * Redistribution and use in source and binary forms, with or without
15 * modification, are permitted provided that the following conditions
16 * are met:
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]17 *
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]18 * Redistributions of source code must retain the above copyright
19 * notice, this list of conditions and the following disclaimer.
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]20 *
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]21 * Redistributions in binary form must reproduce the above
22 * copyright notice, this list of conditions and the following
23 * disclaimer in the documentation and/or other materials provided
24 * with the distribution.
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]25 *
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]26 * Neither the name of the Cisco Systems, Inc. nor the names of its
27 * contributors may be used to endorse or promote products derived
28 * from this software without specific prior written permission.
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]29 *
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]30 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
31 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
32 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
33 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
34 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
35 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
41 * OF THE POSSIBILITY OF SUCH DAMAGE.
42 *
43 */
44
45
46#include <string.h> /* for memcpy() */
47#include <time.h> /* for clock() */
48#include <stdlib.h> /* for malloc(), free() */
49#include <stdio.h> /* for print(), fflush() */
David McGrew79bd3012006-07-17 20:41:21 +0000[diff] [blame]50#include "getopt_s.h" /* for local getopt() */
jfigus46d6b472014-11-14 16:42:01 -0500[diff] [blame]51#include "util.h"
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]52
David McGrew3c45e0c2006-07-12 00:50:56 +0000[diff] [blame]53#include "srtp_priv.h"
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]54#include "util.h"
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]55
Marcus Sundberg1cbca882005-10-02 20:50:06 +0000[diff] [blame]56#ifdef HAVE_NETINET_IN_H
57# include <netinet/in.h>
58#elif defined HAVE_WINSOCK2_H
59# include <winsock2.h>
60#endif
61
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]62#define PRINT_REFERENCE_PACKET 1
63
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]64srtp_err_status_t
Marcus Sundberga3f95fe2005-09-29 12:48:41 +0000[diff] [blame]65srtp_validate(void);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]66
Paul E. Jones9fc018c2016-06-03 02:56:56 -0400[diff] [blame]67#ifdef OPENSSL
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]68srtp_err_status_t
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]69srtp_validate_gcm(void);
Paul E. Jones9fc018c2016-06-03 02:56:56 -0400[diff] [blame]70#endif
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]71
72srtp_err_status_t
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]73srtp_validate_encrypted_extensions_headers(void);
74
Joachim Bauch80a45b52015-12-06 22:57:58 +0100[diff] [blame]75#ifdef OPENSSL
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]76srtp_err_status_t
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]77srtp_validate_encrypted_extensions_headers_gcm(void);
Joachim Bauch80a45b52015-12-06 22:57:58 +0100[diff] [blame]78#endif
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]79
80srtp_err_status_t
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]81srtp_validate_aes_256(void);
82
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]83srtp_err_status_t
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]84srtp_create_big_policy(srtp_policy_t **list);
85
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]86srtp_err_status_t
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]87srtp_dealloc_big_policy(srtp_policy_t *list);
88
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]89srtp_err_status_t
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]90srtp_test_empty_payload(void);
91
92#ifdef OPENSSL
93srtp_err_status_t
94srtp_test_empty_payload_gcm(void);
95#endif
96
97srtp_err_status_t
Marcus Sundberga3f95fe2005-09-29 12:48:41 +0000[diff] [blame]98srtp_test_remove_stream(void);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]99
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]100srtp_err_status_t
101srtp_test_update(void);
102
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]103double
104srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy);
105
106double
107srtp_rejections_per_second(int msg_len_octets, const srtp_policy_t *policy);
108
109void
110srtp_do_timing(const srtp_policy_t *policy);
111
112void
113srtp_do_rejection_timing(const srtp_policy_t *policy);
114
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]115srtp_err_status_t
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]116srtp_test(const srtp_policy_t *policy, int extension_header, int mki_index);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]117
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]118srtp_err_status_t
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]119srtcp_test(const srtp_policy_t *policy, int mki_index);
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]120
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]121srtp_err_status_t
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]122srtp_session_print_policy(srtp_t srtp);
123
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]124srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]125srtp_print_policy(const srtp_policy_t *policy);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]126
127char *
128srtp_packet_to_string(srtp_hdr_t *hdr, int packet_len);
129
130double
131mips_estimate(int num_trials, int *ignore);
132
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]133extern uint8_t test_key[46];
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]134extern uint8_t test_key_2[46];
135extern uint8_t test_mki_id[4];
136extern uint8_t test_mki_id_2[4];
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]137
138void
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]139usage (char *prog_name)
140{
141 printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n"
142 " -t run timing test\n"
143 " -r run rejection timing test\n"
144 " -c run codec timing test\n"
145 " -v run validation tests\n"
146 " -d <mod> turn on debugging module <mod>\n"
147 " -l list debugging modules\n", prog_name);
148 exit(1);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]149}
150
151/*
152 * The policy_array is a null-terminated array of policy structs. it
153 * is declared at the end of this file
154 */
155
156extern const srtp_policy_t *policy_array[];
157
158
159/* the wildcard_policy is declared below; it has a wildcard ssrc */
160
161extern const srtp_policy_t wildcard_policy;
162
163/*
164 * mod_driver debug module - debugging module for this test driver
165 *
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]166 * we use the crypto_kernel debugging system in this driver, which
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]167 * makes the interface uniform and increases portability
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]168 */
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]169
jfigus02d6f032014-11-21 10:56:42 -0500[diff] [blame]170srtp_debug_module_t mod_driver = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]171 0, /* debugging is off by default */
172 "driver" /* printable name for module */
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]173};
174
175int
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]176main (int argc, char *argv[])
177{
178 int q;
179 unsigned do_timing_test = 0;
180 unsigned do_rejection_test = 0;
181 unsigned do_codec_timing = 0;
182 unsigned do_validation = 0;
183 unsigned do_list_mods = 0;
184 srtp_err_status_t status;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]185
186 /*
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]187 * verify that the compiler has interpreted the header data
188 * structure srtp_hdr_t correctly
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]189 */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]190 if (sizeof(srtp_hdr_t) != 12) {
191 printf("error: srtp_hdr_t has incorrect size"
192 "(size is %ld bytes, expected 12)\n",
193 (long)sizeof(srtp_hdr_t));
194 exit(1);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]195 }
196
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]197 /* initialize srtp library */
198 status = srtp_init();
199 if (status) {
200 printf("error: srtp init failed with error code %d\n", status);
201 exit(1);
202 }
203
204 /* load srtp_driver debug module */
jfigus92736bc2014-11-21 10:30:54 -0500[diff] [blame]205 status = srtp_crypto_kernel_load_debug_module(&mod_driver);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]206 if (status) {
207 printf("error: load of srtp_driver debug module failed "
208 "with error code %d\n", status);
209 exit(1);
210 }
211
212 /* process input arguments */
213 while (1) {
214 q = getopt_s(argc, argv, "trcvld:");
215 if (q == -1) {
216 break;
217 }
218 switch (q) {
219 case 't':
220 do_timing_test = 1;
221 break;
222 case 'r':
223 do_rejection_test = 1;
224 break;
225 case 'c':
226 do_codec_timing = 1;
227 break;
228 case 'v':
229 do_validation = 1;
230 break;
231 case 'l':
232 do_list_mods = 1;
233 break;
234 case 'd':
jfigus92736bc2014-11-21 10:30:54 -0500[diff] [blame]235 status = srtp_crypto_kernel_set_debug_module(optarg_s, 1);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]236 if (status) {
237 printf("error: set debug module (%s) failed\n", optarg_s);
238 exit(1);
239 }
240 break;
241 default:
242 usage(argv[0]);
243 }
244 }
245
246 if (!do_validation && !do_timing_test && !do_codec_timing
247 && !do_list_mods && !do_rejection_test) {
248 usage(argv[0]);
249 }
250
251 if (do_list_mods) {
jfigus92736bc2014-11-21 10:30:54 -0500[diff] [blame]252 status = srtp_crypto_kernel_list_debug_modules();
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]253 if (status) {
254 printf("error: list of debug modules failed\n");
255 exit(1);
256 }
257 }
258
259 if (do_validation) {
260 const srtp_policy_t **policy = policy_array;
261 srtp_policy_t *big_policy;
262
263 /* loop over policy array, testing srtp and srtcp for each policy */
264 while (*policy != NULL) {
265 printf("testing srtp_protect and srtp_unprotect\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]266 if (srtp_test(*policy, 0, -1) == srtp_err_status_ok) {
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]267 printf("passed\n\n");
268 } else{
269 printf("failed\n");
270 exit(1);
271 }
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]272
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]273 printf("testing srtp_protect and srtp_unprotect with encrypted extensions headers\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]274 if (srtp_test(*policy, 1, -1) == srtp_err_status_ok) {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]275 printf("passed\n\n");
276 } else{
277 printf("failed\n");
278 exit(1);
279 }
280 printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]281 if (srtcp_test(*policy, -1) == srtp_err_status_ok) {
282 printf("passed\n\n");
283 } else{
284 printf("failed\n");
285 exit(1);
286 }
287 printf("testing srtp_protect_rtp and srtp_unprotect_rtp with MKI index set to 0\n");
288 if (srtp_test(*policy, 0, 0) == srtp_err_status_ok) {
289 printf("passed\n\n");
290 } else{
291 printf("failed\n");
292 exit(1);
293 }
294 printf("testing srtp_protect_rtp and srtp_unprotect_rtp with MKI index set to 1\n");
295 if (srtp_test(*policy, 0, 1) == srtp_err_status_ok) {
296 printf("passed\n\n");
297 } else{
298 printf("failed\n");
299 exit(1);
300 }
301
302 printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp with MKI index set to 0\n");
303 if (srtcp_test(*policy, 0) == srtp_err_status_ok) {
304 printf("passed\n\n");
305 } else{
306 printf("failed\n");
307 exit(1);
308 }
309 printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp with MKI index set to 1\n");
310 if (srtcp_test(*policy, 1) == srtp_err_status_ok) {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]311 printf("passed\n\n");
312 } else{
313 printf("failed\n");
314 exit(1);
315 }
316 policy++;
317 }
318
319 /* create a big policy list and run tests on it */
320 status = srtp_create_big_policy(&big_policy);
321 if (status) {
322 printf("unexpected failure with error code %d\n", status);
323 exit(1);
324 }
325 printf("testing srtp_protect and srtp_unprotect with big policy\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]326 if (srtp_test(big_policy, 0, -1) == srtp_err_status_ok) {
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]327 printf("passed\n\n");
328 } else{
329 printf("failed\n");
330 exit(1);
331 }
332 printf("testing srtp_protect and srtp_unprotect with big policy and encrypted extensions headers\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]333 if (srtp_test(big_policy, 1, -1) == srtp_err_status_ok) {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]334 printf("passed\n\n");
335 } else{
336 printf("failed\n");
337 exit(1);
338 }
339 status = srtp_dealloc_big_policy(big_policy);
340 if (status) {
341 printf("unexpected failure with error code %d\n", status);
342 exit(1);
343 }
344
345 /* run test on wildcard policy */
346 printf("testing srtp_protect and srtp_unprotect on "
347 "wildcard ssrc policy\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]348 if (srtp_test(&wildcard_policy, 0, -1) == srtp_err_status_ok) {
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]349 printf("passed\n\n");
350 } else{
351 printf("failed\n");
352 exit(1);
353 }
354 printf("testing srtp_protect and srtp_unprotect on "
355 "wildcard ssrc policy and encrypted extensions headers\n");
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]356 if (srtp_test(&wildcard_policy, 1, -1) == srtp_err_status_ok) {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]357 printf("passed\n\n");
358 } else{
359 printf("failed\n");
360 exit(1);
361 }
362
363 /*
364 * run validation test against the reference packets - note
365 * that this test only covers the default policy
366 */
367 printf("testing srtp_protect and srtp_unprotect against "
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]368 "reference packet\n");
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]369 if (srtp_validate() == srtp_err_status_ok) {
370 printf("passed\n\n");
371 } else{
372 printf("failed\n");
373 exit(1);
374 }
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]375
376#ifdef OPENSSL
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]377 printf("testing srtp_protect and srtp_unprotect against "
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]378 "reference packet using GCM\n");
379 if (srtp_validate_gcm() == srtp_err_status_ok) {
380 printf("passed\n\n");
381 } else{
382 printf("failed\n");
383 exit(1);
384 }
385#endif
386
387 printf("testing srtp_protect and srtp_unprotect against "
388 "reference packet with encrypted extensions headers\n");
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]389 if (srtp_validate_encrypted_extensions_headers() == srtp_err_status_ok)
390 printf("passed\n\n");
391 else {
392 printf("failed\n");
393 exit(1);
394 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]395
Joachim Bauchb8cb5772015-11-24 21:46:25 +0100[diff] [blame]396#ifdef OPENSSL
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]397 printf("testing srtp_protect and srtp_unprotect against "
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]398 "reference packet with encrypted extension headers (GCM)\n");
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]399 if (srtp_validate_encrypted_extensions_headers_gcm() == srtp_err_status_ok) {
400 printf("passed\n\n");
401 } else{
402 printf("failed\n");
403 exit(1);
404 }
Joachim Bauch80a45b52015-12-06 22:57:58 +0100[diff] [blame]405#endif
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]406
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]407 /*
408 * run validation test against the reference packets for
409 * AES-256
410 */
411 printf("testing srtp_protect and srtp_unprotect against "
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]412 "reference packet (AES-256)\n");
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]413 if (srtp_validate_aes_256() == srtp_err_status_ok) {
414 printf("passed\n\n");
415 } else{
416 printf("failed\n");
417 exit(1);
418 }
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]419
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]420 /*
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]421 * test packets with empty payload
422 */
423 printf("testing srtp_protect and srtp_unprotect against "
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]424 "packet with empty payload\n");
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]425 if (srtp_test_empty_payload() == srtp_err_status_ok) {
426 printf("passed\n");
427 } else{
428 printf("failed\n");
429 exit(1);
430 }
431#ifdef OPENSSL
432 printf("testing srtp_protect and srtp_unprotect against "
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]433 "packet with empty payload (GCM)\n");
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]434 if (srtp_test_empty_payload_gcm() == srtp_err_status_ok) {
435 printf("passed\n");
436 } else{
437 printf("failed\n");
438 exit(1);
439 }
440#endif
441
442 /*
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]443 * test the function srtp_remove_stream()
444 */
445 printf("testing srtp_remove_stream()...");
446 if (srtp_test_remove_stream() == srtp_err_status_ok) {
447 printf("passed\n");
448 } else{
449 printf("failed\n");
450 exit(1);
451 }
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]452
453 /*
454 * test the function srtp_update()
455 */
456 printf("testing srtp_update()...");
457 if (srtp_test_update() == srtp_err_status_ok) {
458 printf("passed\n");
459 } else {
460 printf("failed\n");
461 exit(1);
462 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]463 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]464
465 if (do_timing_test) {
466 const srtp_policy_t **policy = policy_array;
467
468 /* loop over policies, run timing test for each */
469 while (*policy != NULL) {
470 srtp_print_policy(*policy);
471 srtp_do_timing(*policy);
472 policy++;
473 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]474 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]475
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]476 if (do_rejection_test) {
477 const srtp_policy_t **policy = policy_array;
478
479 /* loop over policies, run rejection timing test for each */
480 while (*policy != NULL) {
481 srtp_print_policy(*policy);
482 srtp_do_rejection_timing(*policy);
483 policy++;
484 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]485 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]486
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]487 if (do_codec_timing) {
488 srtp_policy_t policy;
489 int ignore;
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]490 double mips_value = mips_estimate(1000000000, &ignore);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]491
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]492 memset(&policy, 0, sizeof(policy));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]493 srtp_crypto_policy_set_rtp_default(&policy.rtp);
494 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
495 policy.ssrc.type = ssrc_specific;
496 policy.ssrc.value = 0xdecafbad;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]497 srtp_update_policy_master_key(&policy, test_key);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]498 policy.ekt = NULL;
499 policy.window_size = 128;
500 policy.allow_repeat_tx = 0;
501 policy.next = NULL;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]502
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]503 printf("mips estimate: %e\n", mips_value);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]504
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]505 printf("testing srtp processing time for voice codecs:\n");
506 printf("codec\t\tlength (octets)\t\tsrtp instructions/second\n");
507 printf("G.711\t\t%d\t\t\t%e\n", 80,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]508 (double)mips_value * (80 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]509 srtp_bits_per_second(80, &policy) / .01 );
510 printf("G.711\t\t%d\t\t\t%e\n", 160,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]511 (double)mips_value * (160 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]512 srtp_bits_per_second(160, &policy) / .02);
513 printf("G.726-32\t%d\t\t\t%e\n", 40,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]514 (double)mips_value * (40 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]515 srtp_bits_per_second(40, &policy) / .01 );
516 printf("G.726-32\t%d\t\t\t%e\n", 80,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]517 (double)mips_value * (80 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]518 srtp_bits_per_second(80, &policy) / .02);
519 printf("G.729\t\t%d\t\t\t%e\n", 10,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]520 (double)mips_value * (10 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]521 srtp_bits_per_second(10, &policy) / .01 );
522 printf("G.729\t\t%d\t\t\t%e\n", 20,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]523 (double)mips_value * (20 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]524 srtp_bits_per_second(20, &policy) / .02 );
525 printf("Wideband\t%d\t\t\t%e\n", 320,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]526 (double)mips_value * (320 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]527 srtp_bits_per_second(320, &policy) / .01 );
528 printf("Wideband\t%d\t\t\t%e\n", 640,
Joachim Bauchdc53dcb2016-03-10 20:32:44 +0100[diff] [blame]529 (double)mips_value * (640 * 8) /
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]530 srtp_bits_per_second(640, &policy) / .02 );
531 }
Jonathan Lennoxdfb30842010-05-15 04:52:01 +0000[diff] [blame]532
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]533 status = srtp_shutdown();
534 if (status) {
535 printf("error: srtp shutdown failed with error code %d\n", status);
536 exit(1);
537 }
538
539 return 0;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]540}
541
542
543
544/*
545 * srtp_create_test_packet(len, ssrc) returns a pointer to a
546 * (malloced) example RTP packet whose data field has the length given
547 * by pkt_octet_len and the SSRC value ssrc. The total length of the
548 * packet is twelve octets longer, since the header is at the
549 * beginning. There is room at the end of the packet for a trailer,
550 * and the four octets following the packet are filled with 0xff
551 * values to enable testing for overwrites.
552 *
553 * note that the location of the test packet can (and should) be
554 * deallocated with the free() call once it is no longer needed.
555 */
556
557srtp_hdr_t *
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]558srtp_create_test_packet (int pkt_octet_len, uint32_t ssrc)
559{
560 int i;
561 uint8_t *buffer;
562 srtp_hdr_t *hdr;
563 int bytes_in_hdr = 12;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]564
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]565 /* allocate memory for test packet */
566 hdr = (srtp_hdr_t*)malloc(pkt_octet_len + bytes_in_hdr
567 + SRTP_MAX_TRAILER_LEN + 4);
568 if (!hdr) {
569 return NULL;
570 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]571
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]572 hdr->version = 2; /* RTP version two */
573 hdr->p = 0; /* no padding needed */
574 hdr->x = 0; /* no header extension */
575 hdr->cc = 0; /* no CSRCs */
576 hdr->m = 0; /* marker bit */
577 hdr->pt = 0xf; /* payload type */
578 hdr->seq = htons(0x1234); /* sequence number */
579 hdr->ts = htonl(0xdecafbad); /* timestamp */
580 hdr->ssrc = htonl(ssrc); /* synch. source */
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]581
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]582 buffer = (uint8_t*)hdr;
583 buffer += bytes_in_hdr;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]584
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]585 /* set RTP data to 0xab */
586 for (i = 0; i < pkt_octet_len; i++) {
587 *buffer++ = 0xab;
588 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]589
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]590 /* set post-data value to 0xffff to enable overrun checking */
591 for (i = 0; i < SRTP_MAX_TRAILER_LEN + 4; i++) {
592 *buffer++ = 0xff;
593 }
594
595 return hdr;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]596}
597
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]598srtp_hdr_t *
599srtp_create_test_packet_ext_hdr(int pkt_octet_len, uint32_t ssrc) {
600 int i;
601 uint8_t *buffer;
602 srtp_hdr_t *hdr;
603 int bytes_in_hdr = 12;
604 uint8_t extension_header[12] = {
605 /* one-byte header */
606 0xbe, 0xde,
607 /* size */
608 0x00, 0x02,
609 /* id 1, length 1 (i.e. 2 bytes) */
610 0x11,
611 /* payload */
612 0xca,
613 0xfe,
614 /* padding */
615 0x00,
616 /* id 2, length 0 (i.e. 1 byte) */
617 0x20,
618 /* payload */
619 0xba,
620 /* padding */
621 0x00,
622 0x00
623 };
624
625 /* allocate memory for test packet */
626 hdr = (srtp_hdr_t*) malloc(pkt_octet_len + bytes_in_hdr
627 + sizeof(extension_header) + SRTP_MAX_TRAILER_LEN + 4);
628 if (!hdr)
629 return NULL;
630
631 hdr->version = 2; /* RTP version two */
632 hdr->p = 0; /* no padding needed */
633 hdr->x = 1; /* no header extension */
634 hdr->cc = 0; /* no CSRCs */
635 hdr->m = 0; /* marker bit */
636 hdr->pt = 0xf; /* payload type */
637 hdr->seq = htons(0x1234); /* sequence number */
638 hdr->ts = htonl(0xdecafbad); /* timestamp */
639 hdr->ssrc = htonl(ssrc); /* synch. source */
640
641 buffer = (uint8_t *)hdr;
642 buffer += bytes_in_hdr;
643
644 memcpy(buffer, extension_header, sizeof(extension_header));
645 buffer += sizeof(extension_header);
646
647 /* set RTP data to 0xab */
648 for (i=0; i < pkt_octet_len; i++)
649 *buffer++ = 0xab;
650
651 /* set post-data value to 0xffff to enable overrun checking */
652 for (i=0; i < SRTP_MAX_TRAILER_LEN+4; i++)
653 *buffer++ = 0xff;
654
655 return hdr;
656}
657
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]658void
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]659srtp_do_timing (const srtp_policy_t *policy)
660{
661 int len;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]662
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]663 /*
664 * note: the output of this function is formatted so that it
665 * can be used in gnuplot. '#' indicates a comment, and "\r\n"
666 * terminates a record
667 */
668
669 printf("# testing srtp throughput:\r\n");
670 printf("# mesg length (octets)\tthroughput (megabits per second)\r\n");
671
672 for (len = 16; len <= 2048; len *= 2) {
673 printf("%d\t\t\t%f\r\n", len,
674 srtp_bits_per_second(len, policy) / 1.0E6);
675 }
676
677 /* these extra linefeeds let gnuplot know that a dataset is done */
678 printf("\r\n\r\n");
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]679
680}
681
682void
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]683srtp_do_rejection_timing (const srtp_policy_t *policy)
684{
685 int len;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]686
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]687 /*
688 * note: the output of this function is formatted so that it
689 * can be used in gnuplot. '#' indicates a comment, and "\r\n"
690 * terminates a record
691 */
692
693 printf("# testing srtp rejection throughput:\r\n");
694 printf("# mesg length (octets)\trejections per second\r\n");
695
696 for (len = 8; len <= 2048; len *= 2) {
697 printf("%d\t\t\t%e\r\n", len, srtp_rejections_per_second(len, policy));
698 }
699
700 /* these extra linefeeds let gnuplot know that a dataset is done */
701 printf("\r\n\r\n");
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]702
703}
704
705
706#define MAX_MSG_LEN 1024
707
708double
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]709srtp_bits_per_second (int msg_len_octets, const srtp_policy_t *policy)
710{
711 srtp_t srtp;
712 srtp_hdr_t *mesg;
713 int i;
714 clock_t timer;
715 int num_trials = 100000;
716 int len;
717 uint32_t ssrc;
718 srtp_err_status_t status;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]719
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]720 /*
721 * allocate and initialize an srtp session
722 */
723 status = srtp_create(&srtp, policy);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]724 if (status) {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]725 printf("error: srtp_create() failed with error code %d\n", status);
726 exit(1);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]727 }
728
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]729 /*
730 * if the ssrc is unspecified, use a predetermined one
731 */
732 if (policy->ssrc.type != ssrc_specific) {
733 ssrc = 0xdeadbeef;
734 } else {
735 ssrc = policy->ssrc.value;
Jonathan Lennox75b36872010-05-21 00:30:21 +0000[diff] [blame]736 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]737
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]738 /*
739 * create a test packet
740 */
741 mesg = srtp_create_test_packet(msg_len_octets, ssrc);
742 if (mesg == NULL) {
743 return 0.0; /* indicate failure by returning zero */
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]744
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]745 }
746 timer = clock();
747 for (i = 0; i < num_trials; i++) {
748 len = msg_len_octets + 12; /* add in rtp header length */
749
750 /* srtp protect message */
751 status = srtp_protect(srtp, mesg, &len);
752 if (status) {
753 printf("error: srtp_protect() failed with error code %d\n", status);
754 exit(1);
755 }
756
757 /* increment message number */
758 {
759 /* hack sequence to avoid problems with macros for htons/ntohs on some systems */
760 short new_seq = ntohs(mesg->seq) + 1;
761 mesg->seq = htons(new_seq);
762 }
763 }
764 timer = clock() - timer;
765
766 free(mesg);
767
768 status = srtp_dealloc(srtp);
769 if (status) {
770 printf("error: srtp_dealloc() failed with error code %d\n", status);
771 exit(1);
772 }
773
774 return (double)(msg_len_octets) * 8 *
775 num_trials * CLOCKS_PER_SEC / timer;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]776}
777
778double
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]779srtp_rejections_per_second (int msg_len_octets, const srtp_policy_t *policy)
780{
781 srtp_ctx_t *srtp;
782 srtp_hdr_t *mesg;
783 int i;
784 int len;
785 clock_t timer;
786 int num_trials = 1000000;
787 uint32_t ssrc = policy->ssrc.value;
788 srtp_err_status_t status;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]789
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]790 /*
791 * allocate and initialize an srtp session
792 */
793 status = srtp_create(&srtp, policy);
794 if (status) {
795 printf("error: srtp_create() failed with error code %d\n", status);
796 exit(1);
797 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]798
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]799 mesg = srtp_create_test_packet(msg_len_octets, ssrc);
800 if (mesg == NULL) {
801 return 0.0; /* indicate failure by returning zero */
802
803 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]804 len = msg_len_octets;
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]805 srtp_protect(srtp, (srtp_hdr_t*)mesg, &len);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]806
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]807 timer = clock();
808 for (i = 0; i < num_trials; i++) {
809 len = msg_len_octets;
810 srtp_unprotect(srtp, (srtp_hdr_t*)mesg, &len);
811 }
812 timer = clock() - timer;
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]813
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]814 free(mesg);
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]815
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]816 status = srtp_dealloc(srtp);
817 if (status) {
818 printf("error: srtp_dealloc() failed with error code %d\n", status);
819 exit(1);
820 }
821
822 return (double)num_trials * CLOCKS_PER_SEC / timer;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]823}
824
825
826void
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]827err_check (srtp_err_status_t s)
828{
829 if (s == srtp_err_status_ok) {
830 return;
831 } else{
832 fprintf(stderr, "error: unexpected srtp failure (code %d)\n", s);
833 }
834 exit(1);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]835}
836
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]837srtp_err_status_t
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]838srtp_test_call_protect(srtp_t srtp_sender, srtp_hdr_t *hdr, int *len, int mki_index) {
839 if (mki_index == -1) {
840 return srtp_protect(srtp_sender, hdr, len);
841 } else {
842 return srtp_protect_mki(srtp_sender, hdr, len, 1, mki_index);
843 }
844}
845
846srtp_err_status_t
847srtp_test_call_protect_rtcp(srtp_t srtp_sender, srtp_hdr_t *hdr, int *len, int mki_index) {
848 if (mki_index == -1) {
849 return srtp_protect_rtcp(srtp_sender, hdr, len);
850 } else {
851 return srtp_protect_rtcp_mki(srtp_sender, hdr, len, 1, mki_index);
852 }
853}
854
855srtp_err_status_t
856srtp_test_call_unprotect(srtp_t srtp_sender, srtp_hdr_t *hdr, int *len, int use_mki) {
857 if (use_mki == -1) {
858 return srtp_unprotect(srtp_sender, hdr, len);
859 } else {
860 return srtp_unprotect_mki(srtp_sender, hdr, len, use_mki);
861 }
862}
863
864srtp_err_status_t
865srtp_test_call_unprotect_rtcp(srtp_t srtp_sender, srtp_hdr_t *hdr, int *len, int use_mki) {
866 if (use_mki == -1) {
867 return srtp_unprotect_rtcp(srtp_sender, hdr, len);
868 } else {
869 return srtp_unprotect_rtcp_mki(srtp_sender, hdr, len, use_mki);
870 }
871}
872
873srtp_err_status_t
874srtp_test (const srtp_policy_t *policy, int extension_header, int mki_index)
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]875{
876 int i;
877 srtp_t srtp_sender;
878 srtp_t srtp_rcvr;
879 srtp_err_status_t status = srtp_err_status_ok;
880 srtp_hdr_t *hdr, *hdr2;
881 uint8_t hdr_enc[64];
882 uint8_t *pkt_end;
883 int msg_len_octets, msg_len_enc;
884 int len;
885 int tag_length = policy->rtp.auth_tag_len;
886 uint32_t ssrc;
887 srtp_policy_t *rcvr_policy;
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]888 srtp_policy_t tmp_policy;
889 int header = 1;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]890 int use_mki = 0;
891
892 printf("HOOP Inside SRTP Test\n");
893 if (mki_index >= 0)
894 use_mki = 1;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]895
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]896 if (extension_header) {
897 memcpy(&tmp_policy, policy, sizeof(srtp_policy_t));
898 tmp_policy.enc_xtn_hdr = &header;
899 tmp_policy.enc_xtn_hdr_count = 1;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]900 printf("HOOP Inside SRTP Test about to call create with extension header\n");
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]901 err_check(srtp_create(&srtp_sender, &tmp_policy));
902 } else {
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]903 printf("HOOP Inside SRTP Test about to call create\n");
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]904 err_check(srtp_create(&srtp_sender, policy));
905 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]906
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]907 printf("HOOP Inside SRTP Test after srtp_create\n");
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]908 /* print out policy */
909 err_check(srtp_session_print_policy(srtp_sender));
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]910
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]911 /*
912 * initialize data buffer, using the ssrc in the policy unless that
913 * value is a wildcard, in which case we'll just use an arbitrary
914 * one
915 */
916 if (policy->ssrc.type != ssrc_specific) {
917 ssrc = 0xdecafbad;
918 } else{
919 ssrc = policy->ssrc.value;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]920 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]921 msg_len_octets = 28;
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]922 if (extension_header) {
923 hdr = srtp_create_test_packet_ext_hdr(msg_len_octets, ssrc);
924 hdr2 = srtp_create_test_packet_ext_hdr(msg_len_octets, ssrc);
925 } else {
926 hdr = srtp_create_test_packet(msg_len_octets, ssrc);
927 hdr2 = srtp_create_test_packet(msg_len_octets, ssrc);
928 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]929
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]930 if (hdr == NULL) {
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]931 free(hdr2);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]932 return srtp_err_status_alloc_fail;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]933 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]934 if (hdr2 == NULL) {
935 free(hdr);
936 return srtp_err_status_alloc_fail;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]937 }
938
Marcus Sundberg5c40da82005-10-08 18:15:00 +0000[diff] [blame]939 /* set message length */
940 len = msg_len_octets;
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]941 if (extension_header) {
942 len += 12;
943 }
Marcus Sundberg5c40da82005-10-08 18:15:00 +0000[diff] [blame]944
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]945 debug_print(mod_driver, "before protection:\n%s",
946 srtp_packet_to_string(hdr, len));
947
948#if PRINT_REFERENCE_PACKET
949 debug_print(mod_driver, "reference packet before protection:\n%s",
950 octet_string_hex_string((uint8_t*)hdr, len));
951#endif
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]952 printf("HOOP about to call protect\n");
953 err_check(srtp_test_call_protect(srtp_sender, hdr, &len, mki_index));
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]954
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]955 debug_print(mod_driver, "after protection:\n%s",
956 srtp_packet_to_string(hdr, len));
957#if PRINT_REFERENCE_PACKET
958 debug_print(mod_driver, "after protection:\n%s",
959 octet_string_hex_string((uint8_t*)hdr, len));
960#endif
961
962 /* save protected message and length */
963 memcpy(hdr_enc, hdr, len);
964 msg_len_enc = len;
965
966 /*
967 * check for overrun of the srtp_protect() function
968 *
969 * The packet is followed by a value of 0xfffff; if the value of the
970 * data following the packet is different, then we know that the
971 * protect function is overwriting the end of the packet.
972 */
973 pkt_end = (uint8_t*)hdr + sizeof(srtp_hdr_t)
974 + msg_len_octets + tag_length;
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]975 if (extension_header) {
976 pkt_end += 12;
977 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]978 for (i = 0; i < 4; i++) {
979 if (pkt_end[i] != 0xff) {
980 fprintf(stdout, "overwrite in srtp_protect() function "
981 "(expected %x, found %x in trailing octet %d)\n",
982 0xff, ((uint8_t*)hdr)[i], i);
983 free(hdr);
984 free(hdr2);
985 return srtp_err_status_algo_fail;
986 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]987 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]988
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]989 /*
990 * if the policy includes confidentiality, check that ciphertext is
991 * different than plaintext
992 *
993 * Note that this check will give false negatives, with some small
994 * probability, especially if the packets are short. For that
995 * reason, we skip this check if the plaintext is less than four
996 * octets long.
997 */
998 if ((policy->rtp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) {
999 printf("testing that ciphertext is distinct from plaintext...");
1000 status = srtp_err_status_algo_fail;
1001 for (i = 12; i < msg_len_octets + 12; i++) {
1002 if (((uint8_t*)hdr)[i] != ((uint8_t*)hdr2)[i]) {
1003 status = srtp_err_status_ok;
1004 }
1005 }
1006 if (status) {
1007 printf("failed\n");
1008 free(hdr);
1009 free(hdr2);
1010 return status;
1011 }
1012 printf("passed\n");
1013 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1014
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1015 /*
1016 * if the policy uses a 'wildcard' ssrc, then we need to make a copy
1017 * of the policy that changes the direction to inbound
1018 *
1019 * we always copy the policy into the rcvr_policy, since otherwise
1020 * the compiler would fret about the constness of the policy
1021 */
1022 rcvr_policy = (srtp_policy_t*)malloc(sizeof(srtp_policy_t));
1023 if (rcvr_policy == NULL) {
1024 free(hdr);
1025 free(hdr2);
1026 return srtp_err_status_alloc_fail;
1027 }
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1028 if (extension_header) {
1029 memcpy(rcvr_policy, &tmp_policy, sizeof(srtp_policy_t));
1030 if (tmp_policy.ssrc.type == ssrc_any_outbound) {
1031 rcvr_policy->ssrc.type = ssrc_any_inbound;
1032 }
1033 } else {
1034 memcpy(rcvr_policy, policy, sizeof(srtp_policy_t));
1035 if (policy->ssrc.type == ssrc_any_outbound) {
1036 rcvr_policy->ssrc.type = ssrc_any_inbound;
1037 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1038 }
1039
1040 err_check(srtp_create(&srtp_rcvr, rcvr_policy));
1041
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1042 printf("HOOP about to call unprotect\n");
1043 err_check(srtp_test_call_unprotect(srtp_rcvr, hdr, &len, use_mki));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1044
1045 debug_print(mod_driver, "after unprotection:\n%s",
1046 srtp_packet_to_string(hdr, len));
1047
1048 /* verify that the unprotected packet matches the origial one */
1049 for (i = 0; i < msg_len_octets; i++) {
1050 if (((uint8_t*)hdr)[i] != ((uint8_t*)hdr2)[i]) {
1051 fprintf(stdout, "mismatch at octet %d\n", i);
1052 status = srtp_err_status_algo_fail;
1053 }
1054 }
1055 if (status) {
1056 free(hdr);
1057 free(hdr2);
1058 free(rcvr_policy);
1059 return status;
1060 }
1061
1062 /*
1063 * if the policy includes authentication, then test for false positives
1064 */
1065 if (policy->rtp.sec_serv & sec_serv_auth) {
1066 char *data = ((char*)hdr) + 12;
1067
1068 printf("testing for false positives in replay check...");
1069
1070 /* set message length */
1071 len = msg_len_enc;
1072
1073 /* unprotect a second time - should fail with a replay error */
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1074 printf("HOOP about to call unprotect a second time\n");
1075 status = srtp_test_call_unprotect(srtp_rcvr, hdr, &len, use_mki);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1076 if (status != srtp_err_status_replay_fail) {
1077 printf("failed with error code %d\n", status);
1078 free(hdr);
1079 free(hdr2);
1080 free(rcvr_policy);
1081 return status;
1082 } else {
1083 printf("passed\n");
1084 }
1085
1086 printf("testing for false positives in auth check...");
1087
1088 /* increment sequence number in header */
1089 hdr->seq++;
1090
1091 /* set message length */
1092 len = msg_len_octets;
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1093 if (extension_header) {
1094 len += 12;
1095 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1096
1097 /* apply protection */
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1098 err_check(srtp_test_call_protect(srtp_sender, hdr, &len, mki_index));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1099
1100 /* flip bits in packet */
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]1101 data[extension_header ? 12 : 0] ^= 0xff;
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1102
1103 /* unprotect, and check for authentication failure */
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1104 status = srtp_test_call_unprotect(srtp_rcvr, hdr, &len, use_mki);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1105 if (status != srtp_err_status_auth_fail) {
1106 printf("failed\n");
1107 free(hdr);
1108 free(hdr2);
1109 free(rcvr_policy);
1110 return status;
1111 } else {
1112 printf("passed\n");
1113 }
1114
1115 }
1116
1117 err_check(srtp_dealloc(srtp_sender));
1118 err_check(srtp_dealloc(srtp_rcvr));
1119
1120 free(hdr);
1121 free(hdr2);
1122 free(rcvr_policy);
1123 return srtp_err_status_ok;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1124}
1125
1126
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]1127srtp_err_status_t
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1128srtcp_test (const srtp_policy_t *policy, int mki_index)
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1129{
1130 int i;
1131 srtp_t srtcp_sender;
1132 srtp_t srtcp_rcvr;
1133 srtp_err_status_t status = srtp_err_status_ok;
1134 srtp_hdr_t *hdr, *hdr2;
1135 uint8_t hdr_enc[64];
1136 uint8_t *pkt_end;
1137 int msg_len_octets, msg_len_enc;
1138 int len;
1139 int tag_length = policy->rtp.auth_tag_len;
1140 uint32_t ssrc;
1141 srtp_policy_t *rcvr_policy;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1142 int use_mki = 0;
1143
1144 if (mki_index >= 0)
1145 use_mki = 1;
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1146
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1147 err_check(srtp_create(&srtcp_sender, policy));
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1148
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1149 /* print out policy */
1150 err_check(srtp_session_print_policy(srtcp_sender));
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1151
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1152 /*
1153 * initialize data buffer, using the ssrc in the policy unless that
1154 * value is a wildcard, in which case we'll just use an arbitrary
1155 * one
1156 */
1157 if (policy->ssrc.type != ssrc_specific) {
1158 ssrc = 0xdecafbad;
1159 } else{
1160 ssrc = policy->ssrc.value;
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1161 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1162 msg_len_octets = 28;
1163 hdr = srtp_create_test_packet(msg_len_octets, ssrc);
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1164
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1165 if (hdr == NULL) {
1166 return srtp_err_status_alloc_fail;
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1167 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1168 hdr2 = srtp_create_test_packet(msg_len_octets, ssrc);
1169 if (hdr2 == NULL) {
1170 free(hdr);
1171 return srtp_err_status_alloc_fail;
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1172 }
1173
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1174 /* set message length */
1175 len = msg_len_octets;
1176
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1177 debug_print(mod_driver, "before protection:\n%s",
1178 srtp_packet_to_string(hdr, len));
1179
1180#if PRINT_REFERENCE_PACKET
1181 debug_print(mod_driver, "reference packet before protection:\n%s",
1182 octet_string_hex_string((uint8_t*)hdr, len));
1183#endif
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1184 err_check(srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, mki_index));
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1185
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1186 debug_print(mod_driver, "after protection:\n%s",
1187 srtp_packet_to_string(hdr, len));
1188#if PRINT_REFERENCE_PACKET
1189 debug_print(mod_driver, "after protection:\n%s",
1190 octet_string_hex_string((uint8_t*)hdr, len));
1191#endif
1192
1193 /* save protected message and length */
1194 memcpy(hdr_enc, hdr, len);
1195 msg_len_enc = len;
1196
1197 /*
1198 * check for overrun of the srtp_protect() function
1199 *
1200 * The packet is followed by a value of 0xfffff; if the value of the
1201 * data following the packet is different, then we know that the
1202 * protect function is overwriting the end of the packet.
1203 */
1204 pkt_end = (uint8_t*)hdr + sizeof(srtp_hdr_t)
1205 + msg_len_octets + tag_length;
1206 for (i = 0; i < 4; i++) {
1207 if (pkt_end[i] != 0xff) {
1208 fprintf(stdout, "overwrite in srtp_protect_rtcp() function "
1209 "(expected %x, found %x in trailing octet %d)\n",
1210 0xff, ((uint8_t*)hdr)[i], i);
1211 free(hdr);
1212 free(hdr2);
1213 return srtp_err_status_algo_fail;
1214 }
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1215 }
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1216
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1217 /*
1218 * if the policy includes confidentiality, check that ciphertext is
1219 * different than plaintext
1220 *
1221 * Note that this check will give false negatives, with some small
1222 * probability, especially if the packets are short. For that
1223 * reason, we skip this check if the plaintext is less than four
1224 * octets long.
1225 */
1226 if ((policy->rtp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) {
1227 printf("testing that ciphertext is distinct from plaintext...");
1228 status = srtp_err_status_algo_fail;
1229 for (i = 12; i < msg_len_octets + 12; i++) {
1230 if (((uint8_t*)hdr)[i] != ((uint8_t*)hdr2)[i]) {
1231 status = srtp_err_status_ok;
1232 }
1233 }
1234 if (status) {
1235 printf("failed\n");
1236 free(hdr);
1237 free(hdr2);
1238 return status;
1239 }
1240 printf("passed\n");
1241 }
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1242
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1243 /*
1244 * if the policy uses a 'wildcard' ssrc, then we need to make a copy
1245 * of the policy that changes the direction to inbound
1246 *
1247 * we always copy the policy into the rcvr_policy, since otherwise
1248 * the compiler would fret about the constness of the policy
1249 */
1250 rcvr_policy = (srtp_policy_t*)malloc(sizeof(srtp_policy_t));
1251 if (rcvr_policy == NULL) {
1252 return srtp_err_status_alloc_fail;
1253 }
1254 memcpy(rcvr_policy, policy, sizeof(srtp_policy_t));
1255 if (policy->ssrc.type == ssrc_any_outbound) {
1256 rcvr_policy->ssrc.type = ssrc_any_inbound;
1257 }
1258
1259 err_check(srtp_create(&srtcp_rcvr, rcvr_policy));
1260
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1261 err_check(srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &len, use_mki));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1262
1263 debug_print(mod_driver, "after unprotection:\n%s",
1264 srtp_packet_to_string(hdr, len));
1265
1266 /* verify that the unprotected packet matches the origial one */
1267 for (i = 0; i < msg_len_octets; i++) {
1268 if (((uint8_t*)hdr)[i] != ((uint8_t*)hdr2)[i]) {
1269 fprintf(stdout, "mismatch at octet %d\n", i);
1270 status = srtp_err_status_algo_fail;
1271 }
1272 }
1273 if (status) {
1274 free(hdr);
1275 free(hdr2);
1276 free(rcvr_policy);
1277 return status;
1278 }
1279
1280 /*
1281 * if the policy includes authentication, then test for false positives
1282 */
1283 if (policy->rtp.sec_serv & sec_serv_auth) {
1284 char *data = ((char*)hdr) + 12;
1285
1286 printf("testing for false positives in replay check...");
1287
1288 /* set message length */
1289 len = msg_len_enc;
1290
1291 /* unprotect a second time - should fail with a replay error */
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1292 status = srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &len, use_mki);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1293 if (status != srtp_err_status_replay_fail) {
1294 printf("failed with error code %d\n", status);
1295 free(hdr);
1296 free(hdr2);
1297 free(rcvr_policy);
1298 return status;
1299 } else {
1300 printf("passed\n");
1301 }
1302
1303 printf("testing for false positives in auth check...");
1304
1305 /* increment sequence number in header */
1306 hdr->seq++;
1307
1308 /* set message length */
1309 len = msg_len_octets;
1310
1311 /* apply protection */
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1312 err_check(srtp_test_call_protect_rtcp(srtcp_sender, hdr, &len, mki_index));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1313
1314 /* flip bits in packet */
1315 data[0] ^= 0xff;
1316
1317 /* unprotect, and check for authentication failure */
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1318 status = srtp_test_call_unprotect_rtcp(srtcp_rcvr, hdr, &len, use_mki);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1319 if (status != srtp_err_status_auth_fail) {
1320 printf("failed\n");
1321 free(hdr);
1322 free(hdr2);
1323 free(rcvr_policy);
1324 return status;
1325 } else {
1326 printf("passed\n");
1327 }
1328
1329 }
1330
1331 err_check(srtp_dealloc(srtcp_sender));
1332 err_check(srtp_dealloc(srtcp_rcvr));
1333
1334 free(hdr);
1335 free(hdr2);
1336 free(rcvr_policy);
1337 return srtp_err_status_ok;
David McGrew9c70f292006-05-03 19:38:38 +0000[diff] [blame]1338}
1339
1340
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]1341srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1342srtp_session_print_policy (srtp_t srtp)
1343{
1344 char *serv_descr[4] = {
1345 "none",
1346 "confidentiality",
1347 "authentication",
1348 "confidentiality and authentication"
1349 };
1350 char *direction[3] = {
1351 "unknown",
1352 "outbound",
1353 "inbound"
1354 };
1355 srtp_stream_t stream;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1356 srtp_session_keys_t *session_keys = NULL;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1357
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1358 /* sanity checking */
1359 if (srtp == NULL) {
1360 return srtp_err_status_fail;
1361 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1362
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1363 /* if there's a template stream, print it out */
1364 if (srtp->stream_template != NULL) {
1365 stream = srtp->stream_template;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1366 session_keys = &stream->session_keys[0];
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1367 printf("# SSRC: any %s\r\n"
1368 "# rtp cipher: %s\r\n"
1369 "# rtp auth: %s\r\n"
1370 "# rtp services: %s\r\n"
1371 "# rtcp cipher: %s\r\n"
1372 "# rtcp auth: %s\r\n"
1373 "# rtcp services: %s\r\n"
1374 "# window size: %lu\r\n"
1375 "# tx rtx allowed:%s\r\n",
1376 direction[stream->direction],
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1377 session_keys->rtp_cipher->type->description,
1378 session_keys->rtp_auth->type->description,
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1379 serv_descr[stream->rtp_services],
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1380 session_keys->rtcp_cipher->type->description,
1381 session_keys->rtcp_auth->type->description,
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1382 serv_descr[stream->rtcp_services],
jfigusde8deb32014-11-25 12:58:11 -0500[diff] [blame]1383 srtp_rdbx_get_window_size(&stream->rtp_rdbx),
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1384 stream->allow_repeat_tx ? "true" : "false");
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1385
1386 printf("# Encrypted extension headers: ");
1387 if (stream->enc_xtn_hdr && stream->enc_xtn_hdr_count > 0) {
1388 int* enc_xtn_hdr = stream->enc_xtn_hdr;
1389 int count = stream->enc_xtn_hdr_count;
1390 while (count > 0) {
1391 printf("%d ", *enc_xtn_hdr);
1392 enc_xtn_hdr++;
1393 count--;
1394 }
1395 printf("\n");
1396 } else {
1397 printf("none\n");
1398 }
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1399 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1400
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1401 /* loop over streams in session, printing the policy of each */
1402 stream = srtp->stream_list;
1403 while (stream != NULL) {
1404 if (stream->rtp_services > sec_serv_conf_and_auth) {
1405 return srtp_err_status_bad_param;
1406 }
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1407 session_keys = &stream->session_keys[0];
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1408
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1409 printf("# SSRC: 0x%08x\r\n"
1410 "# rtp cipher: %s\r\n"
1411 "# rtp auth: %s\r\n"
1412 "# rtp services: %s\r\n"
1413 "# rtcp cipher: %s\r\n"
1414 "# rtcp auth: %s\r\n"
1415 "# rtcp services: %s\r\n"
1416 "# window size: %lu\r\n"
1417 "# tx rtx allowed:%s\r\n",
1418 stream->ssrc,
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1419 session_keys->rtp_cipher->type->description,
1420 session_keys->rtp_auth->type->description,
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1421 serv_descr[stream->rtp_services],
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1422 session_keys->rtcp_cipher->type->description,
1423 session_keys->rtcp_auth->type->description,
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1424 serv_descr[stream->rtcp_services],
jfigusde8deb32014-11-25 12:58:11 -0500[diff] [blame]1425 srtp_rdbx_get_window_size(&stream->rtp_rdbx),
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1426 stream->allow_repeat_tx ? "true" : "false");
1427
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1428 printf("# Encrypted extension headers: ");
1429 if (stream->enc_xtn_hdr && stream->enc_xtn_hdr_count > 0) {
1430 int* enc_xtn_hdr = stream->enc_xtn_hdr;
1431 int count = stream->enc_xtn_hdr_count;
1432 while (count > 0) {
1433 printf("%d ", *enc_xtn_hdr);
1434 enc_xtn_hdr++;
1435 count--;
1436 }
1437 printf("\n");
1438 } else {
1439 printf("none\n");
1440 }
1441
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1442 /* advance to next stream in the list */
1443 stream = stream->next;
1444 }
1445 return srtp_err_status_ok;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1446}
1447
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]1448srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1449srtp_print_policy (const srtp_policy_t *policy)
1450{
1451 srtp_err_status_t status;
1452 srtp_t session;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1453
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1454 status = srtp_create(&session, policy);
1455 if (status) {
1456 return status;
1457 }
1458 status = srtp_session_print_policy(session);
1459 if (status) {
1460 return status;
1461 }
1462 status = srtp_dealloc(session);
1463 if (status) {
1464 return status;
1465 }
1466 return srtp_err_status_ok;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1467}
1468
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1469/*
1470 * srtp_print_packet(...) is for debugging only
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1471 * it prints an RTP packet to the stdout
1472 *
1473 * note that this function is *not* threadsafe
1474 */
1475
1476#include <stdio.h>
1477
1478#define MTU 2048
1479
1480char packet_string[MTU];
1481
1482char *
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1483srtp_packet_to_string (srtp_hdr_t *hdr, int pkt_octet_len)
1484{
1485 int octets_in_rtp_header = 12;
1486 uint8_t *data = ((uint8_t*)hdr) + octets_in_rtp_header;
1487 int hex_len = pkt_octet_len - octets_in_rtp_header;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1488
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1489 /* sanity checking */
1490 if ((hdr == NULL) || (pkt_octet_len > MTU)) {
1491 return NULL;
1492 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1493
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1494 /* write packet into string */
1495 sprintf(packet_string,
1496 "(s)rtp packet: {\n"
1497 " version:\t%d\n"
1498 " p:\t\t%d\n"
1499 " x:\t\t%d\n"
1500 " cc:\t\t%d\n"
1501 " m:\t\t%d\n"
1502 " pt:\t\t%x\n"
1503 " seq:\t\t%x\n"
1504 " ts:\t\t%x\n"
1505 " ssrc:\t%x\n"
1506 " data:\t%s\n"
1507 "} (%d octets in total)\n",
1508 hdr->version,
1509 hdr->p,
1510 hdr->x,
1511 hdr->cc,
1512 hdr->m,
1513 hdr->pt,
1514 hdr->seq,
1515 hdr->ts,
1516 hdr->ssrc,
1517 octet_string_hex_string(data, hex_len),
1518 pkt_octet_len);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1519
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1520 return packet_string;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1521}
1522
1523/*
1524 * mips_estimate() is a simple function to estimate the number of
1525 * instructions per second that the host can perform. note that this
1526 * function can be grossly wrong; you may want to have a manual sanity
1527 * check of its output!
1528 *
1529 * the 'ignore' pointer is there to convince the compiler to not just
1530 * optimize away the function
1531 */
1532
1533double
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1534mips_estimate (int num_trials, int *ignore)
1535{
1536 clock_t t;
1537 volatile int i, sum;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1538
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1539 sum = 0;
1540 t = clock();
1541 for (i = 0; i < num_trials; i++) {
1542 sum += i;
1543 }
1544 t = clock() - t;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1545
1546/* printf("%d\n", sum); */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1547 *ignore = sum;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1548
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1549 return (double)num_trials * CLOCKS_PER_SEC / t;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1550}
1551
1552
1553/*
1554 * srtp_validate() verifies the correctness of libsrtp by comparing
1555 * some computed packets against some pre-computed reference values.
1556 * These packets were made with the default SRTP policy.
1557 */
1558
1559
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]1560srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1561srtp_validate ()
1562{
1563 uint8_t srtp_plaintext_ref[28] = {
1564 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1565 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
1566 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1567 0xab, 0xab, 0xab, 0xab
1568 };
1569 uint8_t srtp_plaintext[38] = {
1570 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1571 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
1572 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1573 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00,
1574 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1575 };
1576 uint8_t srtp_ciphertext[38] = {
1577 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1578 0xca, 0xfe, 0xba, 0xbe, 0x4e, 0x55, 0xdc, 0x4c,
1579 0xe7, 0x99, 0x78, 0xd8, 0x8c, 0xa4, 0xd2, 0x15,
1580 0x94, 0x9d, 0x24, 0x02, 0xb7, 0x8d, 0x6a, 0xcc,
1581 0x99, 0xea, 0x17, 0x9b, 0x8d, 0xbb
1582 };
Pascal Bühler941cf122016-06-10 09:30:52 +0200[diff] [blame]1583 uint8_t rtcp_plaintext_ref[24] = {
1584 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
1585 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1586 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1587 };
1588 uint8_t rtcp_plaintext[38] = {
1589 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
1590 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1591 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1592 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1593 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1594 };
1595 uint8_t srtcp_ciphertext[38] = {
1596 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
1597 0x71, 0x28, 0x03, 0x5b, 0xe4, 0x87, 0xb9, 0xbd,
1598 0xbe, 0xf8, 0x90, 0x41, 0xf9, 0x77, 0xa5, 0xa8,
1599 0x80, 0x00, 0x00, 0x01, 0x99, 0x3e, 0x08, 0xcd,
1600 0x54, 0xd6, 0xc1, 0x23, 0x07, 0x98
1601 };
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1602 srtp_t srtp_snd, srtp_recv;
1603 srtp_err_status_t status;
1604 int len;
1605 srtp_policy_t policy;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1606
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1607 /*
1608 * create a session with a single stream using the default srtp
1609 * policy and with the SSRC value 0xcafebabe
1610 */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1611 memset(&policy, 0, sizeof(policy));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1612 srtp_crypto_policy_set_rtp_default(&policy.rtp);
1613 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
1614 policy.ssrc.type = ssrc_specific;
1615 policy.ssrc.value = 0xcafebabe;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1616 srtp_update_policy_master_key(&policy, test_key);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1617 policy.ekt = NULL;
1618 policy.window_size = 128;
1619 policy.allow_repeat_tx = 0;
1620 policy.next = NULL;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1621
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1622 status = srtp_create(&srtp_snd, &policy);
1623 if (status) {
1624 return status;
1625 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1626
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1627 /*
1628 * protect plaintext, then compare with ciphertext
1629 */
1630 len = 28;
1631 status = srtp_protect(srtp_snd, srtp_plaintext, &len);
1632 if (status || (len != 38)) {
1633 return srtp_err_status_fail;
1634 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1635
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1636 debug_print(mod_driver, "ciphertext:\n %s",
1637 octet_string_hex_string(srtp_plaintext, len));
1638 debug_print(mod_driver, "ciphertext reference:\n %s",
1639 octet_string_hex_string(srtp_ciphertext, len));
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1640
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1641 if (octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) {
1642 return srtp_err_status_fail;
1643 }
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]1644
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1645 /*
Pascal Bühler941cf122016-06-10 09:30:52 +0200[diff] [blame]1646 * protect plaintext rtcp, then compare with srtcp ciphertext
1647 */
1648 len = 24;
1649 status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len);
1650 if (status || (len != 38)) {
1651 return srtp_err_status_fail;
1652 }
1653
1654 debug_print(mod_driver, "srtcp ciphertext:\n %s",
1655 octet_string_hex_string(rtcp_plaintext, len));
1656 debug_print(mod_driver, "srtcp ciphertext reference:\n %s",
1657 octet_string_hex_string(srtcp_ciphertext, len));
1658
1659 if (octet_string_is_eq(rtcp_plaintext, srtcp_ciphertext, len)) {
1660 return srtp_err_status_fail;
1661 }
1662
1663 /*
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1664 * create a receiver session context comparable to the one created
1665 * above - we need to do this so that the replay checking doesn't
1666 * complain
1667 */
1668 status = srtp_create(&srtp_recv, &policy);
1669 if (status) {
1670 return status;
1671 }
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]1672
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1673 /*
1674 * unprotect ciphertext, then compare with plaintext
1675 */
1676 status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
1677 if (status || (len != 28)) {
1678 return status;
1679 }
1680
1681 if (octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) {
1682 return srtp_err_status_fail;
1683 }
1684
Pascal Bühler941cf122016-06-10 09:30:52 +0200[diff] [blame]1685 /*
1686 * unprotect srtcp ciphertext, then compare with rtcp plaintext
1687 */
1688 len = 38;
1689 status = srtp_unprotect_rtcp(srtp_recv, srtcp_ciphertext, &len);
1690 if (status || (len != 24)) {
1691 return status;
1692 }
1693
1694 if (octet_string_is_eq(srtcp_ciphertext, rtcp_plaintext_ref, len)) {
1695 return srtp_err_status_fail;
1696 }
1697
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]1698 status = srtp_dealloc(srtp_snd);
1699 if (status) {
1700 return status;
1701 }
1702
1703 status = srtp_dealloc(srtp_recv);
1704 if (status) {
1705 return status;
1706 }
1707
1708 return srtp_err_status_ok;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1709}
1710
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1711#ifdef OPENSSL
1712/*
1713 * srtp_validate_gcm() verifies the correctness of libsrtp by comparing
1714 * an computed packet against the known ciphertext for the plaintext.
1715 */
1716srtp_err_status_t
1717srtp_validate_gcm ()
1718{
1719 unsigned char test_key_gcm[28] = {
1720 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
1721 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
1722 0xa0, 0xa1, 0xa2, 0xa3, 0xa4, 0xa5, 0xa6, 0xa7,
1723 0xa8, 0xa9, 0xaa, 0xab
1724 };
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1725 uint8_t rtp_plaintext_ref[28] = {
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1726 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1727 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
1728 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1729 0xab, 0xab, 0xab, 0xab
1730 };
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1731 uint8_t rtp_plaintext[44] = {
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1732 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1733 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
1734 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1735 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00,
1736 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1737 0x00, 0x00, 0x00, 0x00
1738 };
1739 uint8_t srtp_ciphertext[44] = {
1740 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1741 0xca, 0xfe, 0xba, 0xbe, 0xc5, 0x00, 0x2e, 0xde,
1742 0x04, 0xcf, 0xdd, 0x2e, 0xb9, 0x11, 0x59, 0xe0,
1743 0x88, 0x0a, 0xa0, 0x6e, 0xd2, 0x97, 0x68, 0x26,
1744 0xf7, 0x96, 0xb2, 0x01, 0xdf, 0x31, 0x31, 0xa1,
1745 0x27, 0xe8, 0xa3, 0x92
1746 };
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1747 uint8_t rtcp_plaintext_ref[24] = {
1748 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
1749 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1750 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1751 };
1752 uint8_t rtcp_plaintext[44] = {
1753 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
1754 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1755 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1756 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1757 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1758 0x00, 0x00, 0x00, 0x00
1759 };
1760 uint8_t srtcp_ciphertext[44] = {
1761 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
1762 0xc9, 0x8b, 0x8b, 0x5d, 0xf0, 0x39, 0x2a, 0x55,
1763 0x85, 0x2b, 0x6c, 0x21, 0xac, 0x8e, 0x70, 0x25,
1764 0xc5, 0x2c, 0x6f, 0xbe, 0xa2, 0xb3, 0xb4, 0x46,
1765 0xea, 0x31, 0x12, 0x3b, 0xa8, 0x8c, 0xe6, 0x1e,
1766 0x80, 0x00, 0x00, 0x01
1767 };
1768
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1769 srtp_t srtp_snd, srtp_recv;
1770 srtp_err_status_t status;
1771 int len;
1772 srtp_policy_t policy;
1773
1774 /*
1775 * create a session with a single stream using the default srtp
1776 * policy and with the SSRC value 0xcafebabe
1777 */
1778 memset(&policy, 0, sizeof(policy));
1779 srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);
1780 srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp);
1781 policy.ssrc.type = ssrc_specific;
1782 policy.ssrc.value = 0xcafebabe;
1783 policy.key = test_key_gcm;
1784 policy.ekt = NULL;
1785 policy.window_size = 128;
1786 policy.allow_repeat_tx = 0;
1787 policy.next = NULL;
1788
1789 status = srtp_create(&srtp_snd, &policy);
1790 if (status) {
1791 return status;
1792 }
1793
1794 /*
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1795 * protect plaintext rtp, then compare with srtp ciphertext
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1796 */
1797 len = 28;
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1798 status = srtp_protect(srtp_snd, rtp_plaintext, &len);
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1799 if (status || (len != 44)) {
1800 return srtp_err_status_fail;
1801 }
1802
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1803 debug_print(mod_driver, "srtp ciphertext:\n %s",
1804 octet_string_hex_string(rtp_plaintext, len));
1805 debug_print(mod_driver, "srtp ciphertext reference:\n %s",
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1806 octet_string_hex_string(srtp_ciphertext, len));
1807
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1808 if (octet_string_is_eq(rtp_plaintext, srtp_ciphertext, len)) {
1809 return srtp_err_status_fail;
1810 }
1811
1812 /*
1813 * protect plaintext rtcp, then compare with srtcp ciphertext
1814 */
1815 len = 24;
1816 status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len);
1817 if (status || (len != 44)) {
1818 return srtp_err_status_fail;
1819 }
1820
1821 debug_print(mod_driver, "srtcp ciphertext:\n %s",
1822 octet_string_hex_string(rtcp_plaintext, len));
1823 debug_print(mod_driver, "srtcp ciphertext reference:\n %s",
1824 octet_string_hex_string(srtcp_ciphertext, len));
1825
1826 if (octet_string_is_eq(rtcp_plaintext, srtcp_ciphertext, len)) {
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1827 return srtp_err_status_fail;
1828 }
1829
1830 /*
1831 * create a receiver session context comparable to the one created
1832 * above - we need to do this so that the replay checking doesn't
1833 * complain
1834 */
1835 status = srtp_create(&srtp_recv, &policy);
1836 if (status) {
1837 return status;
1838 }
1839
1840 /*
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1841 * unprotect srtp ciphertext, then compare with rtp plaintext
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1842 */
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1843 len = 44;
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1844 status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
1845 if (status || (len != 28)) {
1846 return status;
1847 }
1848
Pascal Bühler45019ae2016-06-10 08:35:12 +0200[diff] [blame]1849 if (octet_string_is_eq(srtp_ciphertext, rtp_plaintext_ref, len)) {
1850 return srtp_err_status_fail;
1851 }
1852
1853 /*
1854 * unprotect srtcp ciphertext, then compare with rtcp plaintext
1855 */
1856 len = 44;
1857 status = srtp_unprotect_rtcp(srtp_recv, srtcp_ciphertext, &len);
1858 if (status || (len != 24)) {
1859 return status;
1860 }
1861
1862 if (octet_string_is_eq(srtcp_ciphertext, rtcp_plaintext_ref, len)) {
Paul E. Jonese2ab5f22016-05-29 16:18:24 -0400[diff] [blame]1863 return srtp_err_status_fail;
1864 }
1865
1866 status = srtp_dealloc(srtp_snd);
1867 if (status) {
1868 return status;
1869 }
1870
1871 status = srtp_dealloc(srtp_recv);
1872 if (status) {
1873 return status;
1874 }
1875
1876 return srtp_err_status_ok;
1877}
1878#endif
1879
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1880/*
1881 * Test vectors taken from RFC 6904, Appendix A
1882 */
1883srtp_err_status_t
1884srtp_validate_encrypted_extensions_headers() {
1885 unsigned char test_key_ext_headers[30] = {
1886 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
1887 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
1888 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
1889 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
1890 };
1891 uint8_t srtp_plaintext_ref[56] = {
1892 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1893 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
1894 0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
1895 0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
1896 0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
1897 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1898 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab
1899 };
1900 uint8_t srtp_plaintext[66] = {
1901 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1902 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
1903 0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
1904 0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
1905 0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
1906 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1907 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
1908 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
1909 0x00, 0x00
1910 };
1911 uint8_t srtp_ciphertext[66] = {
1912 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
1913 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
1914 0x17, 0x58, 0x8A, 0x92, 0x70, 0xF4, 0xE1, 0x5E,
1915 0x1C, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x95, 0x46,
1916 0xA9, 0x94, 0xF0, 0xBC, 0x54, 0x78, 0x97, 0x00,
1917 0x4e, 0x55, 0xdc, 0x4c, 0xe7, 0x99, 0x78, 0xd8,
1918 0x8c, 0xa4, 0xd2, 0x15, 0x94, 0x9d, 0x24, 0x02,
1919 0x5a, 0x46, 0xb3, 0xca, 0x35, 0xc5, 0x35, 0xa8,
1920 0x91, 0xc7
1921 };
1922 srtp_t srtp_snd, srtp_recv;
1923 srtp_err_status_t status;
1924 int len;
1925 srtp_policy_t policy;
1926 int headers[3] = {1, 3, 4};
1927
1928 /*
1929 * create a session with a single stream using the default srtp
1930 * policy and with the SSRC value 0xcafebabe
1931 */
1932 memset(&policy, 0, sizeof(policy));
1933 srtp_crypto_policy_set_rtp_default(&policy.rtp);
1934 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
1935 policy.ssrc.type = ssrc_specific;
1936 policy.ssrc.value = 0xcafebabe;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]1937 srtp_update_policy_master_key(&policy, test_key_ext_headers);
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1938 policy.ekt = NULL;
1939 policy.window_size = 128;
1940 policy.allow_repeat_tx = 0;
1941 policy.enc_xtn_hdr = headers;
1942 policy.enc_xtn_hdr_count = sizeof(headers) / sizeof(headers[0]);
1943 policy.next = NULL;
1944
1945 status = srtp_create(&srtp_snd, &policy);
1946 if (status)
1947 return status;
1948
1949 /*
1950 * protect plaintext, then compare with ciphertext
1951 */
1952 len = sizeof(srtp_plaintext_ref);
1953 status = srtp_protect(srtp_snd, srtp_plaintext, &len);
1954 if (status || (len != sizeof(srtp_plaintext)))
1955 return srtp_err_status_fail;
1956
1957 debug_print(mod_driver, "ciphertext:\n %s",
1958 srtp_octet_string_hex_string(srtp_plaintext, len));
1959 debug_print(mod_driver, "ciphertext reference:\n %s",
1960 srtp_octet_string_hex_string(srtp_ciphertext, len));
1961
1962 if (octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len))
1963 return srtp_err_status_fail;
1964
1965 /*
1966 * create a receiver session context comparable to the one created
1967 * above - we need to do this so that the replay checking doesn't
1968 * complain
1969 */
1970 status = srtp_create(&srtp_recv, &policy);
1971 if (status)
1972 return status;
1973
1974 /*
1975 * unprotect ciphertext, then compare with plaintext
1976 */
1977 status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
Joachim Baucha9ecefe2015-12-14 21:40:42 +0100[diff] [blame]1978 if (status) {
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1979 return status;
Joachim Baucha9ecefe2015-12-14 21:40:42 +0100[diff] [blame]1980 } else if (len != sizeof(srtp_plaintext_ref)) {
1981 return srtp_err_status_fail;
1982 }
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]1983
1984 if (octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len))
1985 return srtp_err_status_fail;
1986
1987 status = srtp_dealloc(srtp_snd);
1988 if (status)
1989 return status;
1990
1991 status = srtp_dealloc(srtp_recv);
1992 if (status)
1993 return status;
1994
1995 return srtp_err_status_ok;
1996}
1997
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]1998
Joachim Bauch80a45b52015-12-06 22:57:58 +0100[diff] [blame]1999#ifdef OPENSSL
Joachim Baucha9ecefe2015-12-14 21:40:42 +0100[diff] [blame]2000
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2001/*
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]2002 * Headers of test vectors taken from RFC 6904, Appendix A
2003 */
2004srtp_err_status_t
2005srtp_validate_encrypted_extensions_headers_gcm() {
2006 unsigned char test_key_ext_headers[30] = {
2007 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
2008 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
2009 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
2010 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
2011 };
2012 uint8_t srtp_plaintext_ref[56] = {
2013 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
2014 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
2015 0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
2016 0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
2017 0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
2018 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
2019 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab
2020 };
2021 uint8_t srtp_plaintext[64] = {
2022 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
2023 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
2024 0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
2025 0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
2026 0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
2027 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
2028 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
2029 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
2030 };
2031 uint8_t srtp_ciphertext[64] = {
2032 0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
2033 0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
2034 0x17, 0x58, 0x8A, 0x92, 0x70, 0xF4, 0xE1, 0x5E,
2035 0x1C, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x95, 0x46,
2036 0xA9, 0x94, 0xF0, 0xBC, 0x54, 0x78, 0x97, 0x00,
2037 0x0e, 0xca, 0x0c, 0xf9, 0x5e, 0xe9, 0x55, 0xb2,
2038 0x6c, 0xd3, 0xd2, 0x88, 0xb4, 0x9f, 0x6c, 0xa9,
2039 0xbb, 0x4e, 0x15, 0xc2, 0xe9, 0xf2, 0x66, 0x78
2040 };
2041 srtp_t srtp_snd, srtp_recv;
2042 srtp_err_status_t status;
2043 int len;
2044 srtp_policy_t policy;
2045 int headers[3] = {1, 3, 4};
2046
2047 /*
2048 * create a session with a single stream using the default srtp
2049 * policy and with the SSRC value 0xcafebabe
2050 */
2051 memset(&policy, 0, sizeof(policy));
2052 srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp);
2053 srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp);
2054 policy.ssrc.type = ssrc_specific;
2055 policy.ssrc.value = 0xcafebabe;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2056 srtp_update_policy_master_key(&policy, test_key_ext_headers);
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]2057 policy.ekt = NULL;
2058 policy.window_size = 128;
2059 policy.allow_repeat_tx = 0;
2060 policy.enc_xtn_hdr = headers;
2061 policy.enc_xtn_hdr_count = sizeof(headers) / sizeof(headers[0]);
2062 policy.next = NULL;
2063
2064 status = srtp_create(&srtp_snd, &policy);
2065 if (status)
2066 return status;
2067
2068 /*
2069 * protect plaintext, then compare with ciphertext
2070 */
2071 len = sizeof(srtp_plaintext_ref);
2072 status = srtp_protect(srtp_snd, srtp_plaintext, &len);
2073 if (status || (len != sizeof(srtp_plaintext)))
2074 return srtp_err_status_fail;
2075
2076 debug_print(mod_driver, "ciphertext:\n %s",
2077 srtp_octet_string_hex_string(srtp_plaintext, len));
2078 debug_print(mod_driver, "ciphertext reference:\n %s",
2079 srtp_octet_string_hex_string(srtp_ciphertext, len));
2080
2081 if (octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len))
2082 return srtp_err_status_fail;
2083
2084 /*
2085 * create a receiver session context comparable to the one created
2086 * above - we need to do this so that the replay checking doesn't
2087 * complain
2088 */
2089 status = srtp_create(&srtp_recv, &policy);
2090 if (status)
2091 return status;
2092
2093 /*
2094 * unprotect ciphertext, then compare with plaintext
2095 */
2096 status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
Joachim Baucha9ecefe2015-12-14 21:40:42 +0100[diff] [blame]2097 if (status) {
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]2098 return status;
Joachim Baucha9ecefe2015-12-14 21:40:42 +0100[diff] [blame]2099 } else if (len != sizeof(srtp_plaintext_ref)) {
2100 return srtp_err_status_fail;
2101 }
Joachim Bauchfa1e8c22015-11-24 23:38:48 +0100[diff] [blame]2102
2103 if (octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len))
2104 return srtp_err_status_fail;
2105
2106 status = srtp_dealloc(srtp_snd);
2107 if (status)
2108 return status;
2109
2110 status = srtp_dealloc(srtp_recv);
2111 if (status)
2112 return status;
2113
2114 return srtp_err_status_ok;
2115}
Joachim Bauch80a45b52015-12-06 22:57:58 +0100[diff] [blame]2116#endif
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2117
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2118/*
2119 * srtp_validate_aes_256() verifies the correctness of libsrtp by comparing
2120 * some computed packets against some pre-computed reference values.
2121 * These packets were made with the AES-CM-256/HMAC-SHA-1-80 policy.
2122 */
2123
2124
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]2125srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2126srtp_validate_aes_256 ()
2127{
2128 unsigned char aes_256_test_key[46] = {
2129 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76,
2130 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29,
2131 0x98, 0xf6, 0xf6, 0xe4, 0x3e, 0x43, 0x09, 0xd1,
2132 0xe6, 0x22, 0xa0, 0xe3, 0x32, 0xb9, 0xf1, 0xb6,
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2133
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2134 0x3b, 0x04, 0x80, 0x3d, 0xe5, 0x1e, 0xe7, 0xc9,
2135 0x64, 0x23, 0xab, 0x5b, 0x78, 0xd2
2136 };
2137 uint8_t srtp_plaintext_ref[28] = {
2138 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
2139 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
2140 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
2141 0xab, 0xab, 0xab, 0xab
2142 };
2143 uint8_t srtp_plaintext[38] = {
2144 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
2145 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
2146 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
2147 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00,
2148 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
2149 };
2150 uint8_t srtp_ciphertext[38] = {
2151 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
2152 0xca, 0xfe, 0xba, 0xbe, 0xf1, 0xd9, 0xde, 0x17,
2153 0xff, 0x25, 0x1f, 0xf1, 0xaa, 0x00, 0x77, 0x74,
2154 0xb0, 0xb4, 0xb4, 0x0d, 0xa0, 0x8d, 0x9d, 0x9a,
2155 0x5b, 0x3a, 0x55, 0xd8, 0x87, 0x3b
2156 };
2157 srtp_t srtp_snd, srtp_recv;
2158 srtp_err_status_t status;
2159 int len;
2160 srtp_policy_t policy;
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2161
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2162 /*
2163 * create a session with a single stream using the default srtp
2164 * policy and with the SSRC value 0xcafebabe
2165 */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]2166 memset(&policy, 0, sizeof(policy));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2167 srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtp);
2168 srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtcp);
2169 policy.ssrc.type = ssrc_specific;
2170 policy.ssrc.value = 0xcafebabe;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2171 srtp_update_policy_master_key(&policy, aes_256_test_key);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2172 policy.ekt = NULL;
2173 policy.window_size = 128;
2174 policy.allow_repeat_tx = 0;
2175 policy.next = NULL;
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2176
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2177 status = srtp_create(&srtp_snd, &policy);
2178 if (status) {
2179 return status;
2180 }
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2181
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2182 /*
2183 * protect plaintext, then compare with ciphertext
2184 */
2185 len = 28;
2186 status = srtp_protect(srtp_snd, srtp_plaintext, &len);
2187 if (status || (len != 38)) {
2188 return srtp_err_status_fail;
2189 }
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2190
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2191 debug_print(mod_driver, "ciphertext:\n %s",
2192 octet_string_hex_string(srtp_plaintext, len));
2193 debug_print(mod_driver, "ciphertext reference:\n %s",
2194 octet_string_hex_string(srtp_ciphertext, len));
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2195
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2196 if (octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) {
2197 return srtp_err_status_fail;
2198 }
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2199
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2200 /*
2201 * create a receiver session context comparable to the one created
2202 * above - we need to do this so that the replay checking doesn't
2203 * complain
2204 */
2205 status = srtp_create(&srtp_recv, &policy);
2206 if (status) {
2207 return status;
2208 }
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2209
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2210 /*
2211 * unprotect ciphertext, then compare with plaintext
2212 */
2213 status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
2214 if (status || (len != 28)) {
2215 return status;
2216 }
2217
2218 if (octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) {
2219 return srtp_err_status_fail;
2220 }
2221
2222 status = srtp_dealloc(srtp_snd);
2223 if (status) {
2224 return status;
2225 }
2226
2227 status = srtp_dealloc(srtp_recv);
2228 if (status) {
2229 return status;
2230 }
2231
2232 return srtp_err_status_ok;
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]2233}
2234
2235
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]2236srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2237srtp_create_big_policy (srtp_policy_t **list)
2238{
2239 extern const srtp_policy_t *policy_array[];
2240 srtp_policy_t *p, *tmp;
2241 int i = 0;
2242 uint32_t ssrc = 0;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2243
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2244 /* sanity checking */
2245 if ((list == NULL) || (policy_array[0] == NULL)) {
2246 return srtp_err_status_bad_param;
2247 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2248
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2249 /*
2250 * loop over policy list, mallocing a new list and copying values
2251 * into it (and incrementing the SSRC value as we go along)
2252 */
2253 tmp = NULL;
2254 while (policy_array[i] != NULL) {
2255 p = (srtp_policy_t*)malloc(sizeof(srtp_policy_t));
2256 if (p == NULL) {
2257 return srtp_err_status_bad_param;
2258 }
2259 memcpy(p, policy_array[i], sizeof(srtp_policy_t));
2260 p->ssrc.type = ssrc_specific;
2261 p->ssrc.value = ssrc++;
2262 p->next = tmp;
2263 tmp = p;
2264 i++;
2265 }
2266 *list = p;
2267
2268 return srtp_err_status_ok;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2269}
2270
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]2271srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2272srtp_dealloc_big_policy (srtp_policy_t *list)
2273{
2274 srtp_policy_t *p, *next;
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]2275
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2276 for (p = list; p != NULL; p = next) {
2277 next = p->next;
2278 free(p);
2279 }
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]2280
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2281 return srtp_err_status_ok;
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]2282}
2283
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]2284srtp_err_status_t
2285srtp_test_empty_payload()
2286{
2287 srtp_t srtp_snd, srtp_recv;
2288 srtp_err_status_t status;
2289 int len;
2290 srtp_policy_t policy;
2291 srtp_hdr_t *mesg;
2292
2293 /*
2294 * create a session with a single stream using the default srtp
2295 * policy and with the SSRC value 0xcafebabe
2296 */
2297 memset(&policy, 0, sizeof(policy));
2298 srtp_crypto_policy_set_rtp_default(&policy.rtp);
2299 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
2300 policy.ssrc.type = ssrc_specific;
2301 policy.ssrc.value = 0xcafebabe;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2302 srtp_update_policy_master_key(&policy, test_key);
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]2303 policy.ekt = NULL;
2304 policy.window_size = 128;
2305 policy.allow_repeat_tx = 0;
2306 policy.next = NULL;
2307
2308 status = srtp_create(&srtp_snd, &policy);
2309 if (status) {
2310 return status;
2311 }
2312
2313 mesg = srtp_create_test_packet(0, policy.ssrc.value);
2314 if (mesg == NULL) {
2315 return srtp_err_status_fail;
2316 }
2317
2318 len = 12; /* only the header */
2319 status = srtp_protect(srtp_snd, mesg, &len);
2320 if (status) {
2321 return status;
2322 } else if (len != 12 + 10) {
2323 return srtp_err_status_fail;
2324 }
2325
2326 /*
2327 * create a receiver session context comparable to the one created
2328 * above - we need to do this so that the replay checking doesn't
2329 * complain
2330 */
2331 status = srtp_create(&srtp_recv, &policy);
2332 if (status) {
2333 return status;
2334 }
2335
2336 /*
2337 * unprotect ciphertext, then compare with plaintext
2338 */
2339 status = srtp_unprotect(srtp_recv, mesg, &len);
2340 if (status) {
2341 return status;
2342 } else if (len != 12) {
2343 return srtp_err_status_fail;
2344 }
2345
2346 status = srtp_dealloc(srtp_snd);
2347 if (status) {
2348 return status;
2349 }
2350
2351 status = srtp_dealloc(srtp_recv);
2352 if (status) {
2353 return status;
2354 }
2355
2356 free(mesg);
2357
2358 return srtp_err_status_ok;
2359}
2360
2361#ifdef OPENSSL
2362srtp_err_status_t
2363srtp_test_empty_payload_gcm()
2364{
2365 srtp_t srtp_snd, srtp_recv;
2366 srtp_err_status_t status;
2367 int len;
2368 srtp_policy_t policy;
2369 srtp_hdr_t *mesg;
2370
2371 /*
2372 * create a session with a single stream using the default srtp
2373 * policy and with the SSRC value 0xcafebabe
2374 */
2375 memset(&policy, 0, sizeof(policy));
2376 srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp);
2377 srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp);
2378 policy.ssrc.type = ssrc_specific;
2379 policy.ssrc.value = 0xcafebabe;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2380 srtp_update_policy_master_key(&policy, test_key);
Joachim Bauchc8a19ae2015-12-14 22:50:36 +0100[diff] [blame]2381 policy.ekt = NULL;
2382 policy.window_size = 128;
2383 policy.allow_repeat_tx = 0;
2384 policy.next = NULL;
2385
2386 status = srtp_create(&srtp_snd, &policy);
2387 if (status) {
2388 return status;
2389 }
2390
2391 mesg = srtp_create_test_packet(0, policy.ssrc.value);
2392 if (mesg == NULL) {
2393 return srtp_err_status_fail;
2394 }
2395
2396 len = 12; /* only the header */
2397 status = srtp_protect(srtp_snd, mesg, &len);
2398 if (status) {
2399 return status;
2400 } else if (len != 12 + 8) {
2401 return srtp_err_status_fail;
2402 }
2403
2404 /*
2405 * create a receiver session context comparable to the one created
2406 * above - we need to do this so that the replay checking doesn't
2407 * complain
2408 */
2409 status = srtp_create(&srtp_recv, &policy);
2410 if (status) {
2411 return status;
2412 }
2413
2414 /*
2415 * unprotect ciphertext, then compare with plaintext
2416 */
2417 status = srtp_unprotect(srtp_recv, mesg, &len);
2418 if (status) {
2419 return status;
2420 } else if (len != 12) {
2421 return srtp_err_status_fail;
2422 }
2423
2424 status = srtp_dealloc(srtp_snd);
2425 if (status) {
2426 return status;
2427 }
2428
2429 status = srtp_dealloc(srtp_recv);
2430 if (status) {
2431 return status;
2432 }
2433
2434 free(mesg);
2435
2436 return srtp_err_status_ok;
2437}
2438#endif // OPENSSL
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]2439
jfigus857009c2014-11-05 11:17:43 -0500[diff] [blame]2440srtp_err_status_t
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2441srtp_test_remove_stream ()
2442{
2443 srtp_err_status_t status;
2444 srtp_policy_t *policy_list, policy;
2445 srtp_t session;
2446 srtp_stream_t stream;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2447
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2448 /*
2449 * srtp_get_stream() is a libSRTP internal function that we declare
2450 * here so that we can use it to verify the correct operation of the
2451 * library
2452 */
2453 extern srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc);
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2454
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2455
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2456 status = srtp_create_big_policy(&policy_list);
2457 if (status) {
2458 return status;
2459 }
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2460
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2461 status = srtp_create(&session, policy_list);
2462 if (status) {
2463 return status;
2464 }
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]2465
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2466 /*
2467 * check for false positives by trying to remove a stream that's not
2468 * in the session
2469 */
2470 status = srtp_remove_stream(session, htonl(0xaaaaaaaa));
2471 if (status != srtp_err_status_no_ctx) {
2472 return srtp_err_status_fail;
2473 }
Jonathan Lennox80c4c832010-05-17 19:30:28 +0000[diff] [blame]2474
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2475 /*
2476 * check for false negatives by removing stream 0x1, then
2477 * searching for streams 0x0 and 0x2
2478 */
2479 status = srtp_remove_stream(session, htonl(0x1));
2480 if (status != srtp_err_status_ok) {
2481 return srtp_err_status_fail;
2482 }
2483 stream = srtp_get_stream(session, htonl(0x0));
2484 if (stream == NULL) {
2485 return srtp_err_status_fail;
2486 }
2487 stream = srtp_get_stream(session, htonl(0x2));
2488 if (stream == NULL) {
2489 return srtp_err_status_fail;
2490 }
Jonathan Lennoxad741b22010-05-27 19:23:05 +0000[diff] [blame]2491
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2492 status = srtp_dealloc(session);
2493 if (status != srtp_err_status_ok) {
2494 return status;
2495 }
Jonathan Lennoxad741b22010-05-27 19:23:05 +0000[diff] [blame]2496
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2497 status = srtp_dealloc_big_policy(policy_list);
2498 if (status != srtp_err_status_ok) {
2499 return status;
2500 }
Jonathan Lennoxad741b22010-05-27 19:23:05 +0000[diff] [blame]2501
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2502 /* Now test adding and removing a single stream */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]2503 memset(&policy, 0, sizeof(policy));
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2504 srtp_crypto_policy_set_rtp_default(&policy.rtp);
2505 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
2506 policy.ssrc.type = ssrc_specific;
2507 policy.ssrc.value = 0xcafebabe;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2508 srtp_update_policy_master_key(&policy, test_key);
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2509 policy.ekt = NULL;
2510 policy.window_size = 128;
2511 policy.allow_repeat_tx = 0;
2512 policy.next = NULL;
Jonathan Lennoxad741b22010-05-27 19:23:05 +0000[diff] [blame]2513
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2514 status = srtp_create(&session, NULL);
2515 if (status != srtp_err_status_ok) {
2516 return status;
2517 }
2518
2519 status = srtp_add_stream(session, &policy);
2520 if (status != srtp_err_status_ok) {
2521 return status;
2522 }
2523
2524 status = srtp_remove_stream(session, htonl(0xcafebabe));
2525 if (status != srtp_err_status_ok) {
2526 return status;
2527 }
2528
2529 status = srtp_dealloc(session);
2530 if (status != srtp_err_status_ok) {
2531 return status;
2532 }
2533
2534 return srtp_err_status_ok;
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2535}
2536
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2537
2538unsigned char test_alt_key[46] = {
2539 0xe5, 0x19, 0x6f, 0x01, 0x5e, 0xf1, 0x9b, 0xe1,
2540 0xd7, 0x47, 0xa7, 0x27, 0x07, 0xd7, 0x47, 0x33,
2541 0x01, 0xc2, 0x35, 0x4d, 0x59, 0x6a, 0xf7, 0x84,
2542 0x96, 0x98, 0xeb, 0xaa, 0xac, 0xf6, 0xa1, 0x45,
2543 0xc7, 0x15, 0xe2, 0xea, 0xfe, 0x55, 0x67, 0x96,
2544 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
2545};
2546
2547/*
2548 * srtp_test_update() verifies updating/rekeying exsisting streams.
2549 * As stated in https://tools.ietf.org/html/rfc3711#section-3.3.1
2550 * the value of the ROC must not be reset after a rekey, this test
2551 * atempts to prove that srtp_update does not reset the ROC.
2552 */
2553
2554srtp_err_status_t
2555srtp_test_update() {
2556
2557 srtp_err_status_t status;
2558 uint32_t ssrc = 0x12121212;
2559 int msg_len_octets = 32;
2560 int protected_msg_len_octets;
2561 srtp_hdr_t * msg;
2562 srtp_t srtp_snd, srtp_recv;
2563 srtp_policy_t policy;
2564
Joachim Bauch1b793352015-12-14 21:30:44 +0100[diff] [blame]2565 memset(&policy, 0, sizeof(policy));
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2566 srtp_crypto_policy_set_rtp_default(&policy.rtp);
2567 srtp_crypto_policy_set_rtcp_default(&policy.rtcp);
2568 policy.ekt = NULL;
2569 policy.window_size = 128;
2570 policy.allow_repeat_tx = 0;
2571 policy.next = NULL;
2572 policy.ssrc.type = ssrc_any_outbound;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2573 srtp_update_policy_master_key(&policy, test_key);
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2574
2575 /* create a send and recive ctx with defualt profile and test_key */
2576 status = srtp_create(&srtp_recv, &policy);
2577 if (status)
2578 return status;
2579
2580 policy.ssrc.type = ssrc_any_inbound;
2581 status = srtp_create(&srtp_snd, &policy);
2582 if (status)
2583 return status;
2584
2585 /* protect and unprotect two msg's that will cause the ROC to be equal to 1 */
2586 msg = srtp_create_test_packet(msg_len_octets, ssrc);
2587 if (msg == NULL)
2588 return srtp_err_status_alloc_fail;
2589 msg->seq = htons(65535);
2590
2591 protected_msg_len_octets = msg_len_octets;
2592 status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets);
2593 if (status)
2594 return srtp_err_status_fail;
2595
2596 status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
2597 if (status)
2598 return status;
2599
2600 free(msg);
2601
2602 msg = srtp_create_test_packet(msg_len_octets, ssrc);
2603 if (msg == NULL)
2604 return srtp_err_status_alloc_fail;
2605 msg->seq = htons(1);
2606
2607 protected_msg_len_octets = msg_len_octets;
2608 status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets);
2609 if (status)
2610 return srtp_err_status_fail;
2611
2612 status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
2613 if (status)
2614 return status;
2615
2616 free(msg);
2617
Pascal Bühlerb095e7e2016-06-09 13:46:28 +0200[diff] [blame]2618 /* update send ctx with same test_key t verify update works*/
2619 policy.ssrc.type = ssrc_any_outbound;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2620 srtp_update_policy_master_key(&policy, test_key);
Pascal Bühlerb095e7e2016-06-09 13:46:28 +0200[diff] [blame]2621 status = srtp_update(srtp_snd, &policy);
2622 if (status)
2623 return status;
2624
2625 msg = srtp_create_test_packet(msg_len_octets, ssrc);
2626 if (msg == NULL)
2627 return srtp_err_status_alloc_fail;
2628 msg->seq = htons(2);
2629
2630 protected_msg_len_octets = msg_len_octets;
2631 status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets);
2632 if (status)
2633 return srtp_err_status_fail;
2634
2635 status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
2636 if (status)
2637 return status;
2638
2639 free(msg);
2640
2641
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2642 /* update send ctx to use test_alt_key */
2643 policy.ssrc.type = ssrc_any_outbound;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2644 srtp_update_policy_master_key(&policy, test_alt_key);
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2645 status = srtp_update(srtp_snd, &policy);
2646 if (status)
2647 return status;
2648
2649 /* create and protect msg with new key and ROC still equal to 1 */
2650 msg = srtp_create_test_packet(msg_len_octets, ssrc);
2651 if (msg == NULL)
2652 return srtp_err_status_alloc_fail;
Pascal Bühlerb095e7e2016-06-09 13:46:28 +0200[diff] [blame]2653 msg->seq = htons(3);
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2654
2655 protected_msg_len_octets = msg_len_octets;
2656 status = srtp_protect(srtp_snd, msg, &protected_msg_len_octets);
2657 if (status)
2658 return srtp_err_status_fail;
2659
2660 /* verify that recive ctx will fail to unprotect as it still uses test_key */
2661 status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
2662 if (status == srtp_err_status_ok)
2663 return srtp_err_status_fail;
2664
2665 /* create a new recvieve ctx with test_alt_key but since it is new it will have ROC equal to 1
2666 * and therefore should fail to unprotected */
2667 {
2668 srtp_t srtp_recv_roc_0;
2669
2670 policy.ssrc.type = ssrc_any_inbound;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2671 srtp_update_policy_master_key(&policy, test_alt_key);
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2672 status = srtp_create(&srtp_recv_roc_0, &policy);
2673 if (status)
2674 return status;
2675
2676 status = srtp_unprotect(srtp_recv_roc_0, msg, &protected_msg_len_octets);
2677 if (status == srtp_err_status_ok)
2678 return srtp_err_status_fail;
2679
2680 status = srtp_dealloc(srtp_recv_roc_0);
2681 if (status)
2682 return status;
2683 }
2684
2685 /* update recive ctx to use test_alt_key */
2686 policy.ssrc.type = ssrc_any_inbound;
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2687 srtp_update_policy_master_key(&policy, test_alt_key);
Pascal Bühlerbd3112a2015-11-06 20:29:15 +0100[diff] [blame]2688 status = srtp_update(srtp_recv, &policy);
2689 if (status)
2690 return status;
2691
2692 /* verify that can still unprotect, therfore key is updated and ROC value is preserved */
2693 status = srtp_unprotect(srtp_recv, msg, &protected_msg_len_octets);
2694 if (status)
2695 return status;
2696
2697 free(msg);
2698
2699 status = srtp_dealloc(srtp_snd);
2700 if (status)
2701 return status;
2702
2703 status = srtp_dealloc(srtp_recv);
2704 if (status)
2705 return status;
2706
2707 return srtp_err_status_ok;
2708}
2709
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2710/*
2711 * srtp policy definitions - these definitions are used above
2712 */
2713
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2714unsigned char test_key[46] = {
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2715 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
2716 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
2717 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2718 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6, 0xc1, 0x73,
2719 0xc3, 0x17, 0xf2, 0xda, 0xbe, 0x35, 0x77, 0x93,
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2720 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
2721};
2722
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2723unsigned char test_key_2[46] = {
2724 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76,
2725 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29,
2726 0x98, 0xf6, 0xf6, 0xe4, 0x3e, 0x43, 0x09, 0xd1,
2727 0xe6, 0x22, 0xa0, 0xe3, 0x32, 0xb9, 0xf1, 0xb6,
2728 0xc3, 0x17, 0xf2, 0xda, 0xbe, 0x35, 0x77, 0x93,
2729 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6
2730};
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2731
2732const srtp_policy_t default_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2733 { ssrc_any_outbound, 0 }, /* SSRC */
2734 { /* SRTP policy */
2735 SRTP_AES_128_ICM, /* cipher type */
2736 30, /* cipher key length in octets */
2737 SRTP_HMAC_SHA1, /* authentication func type */
2738 16, /* auth key length in octets */
2739 10, /* auth tag length in octets */
2740 sec_serv_conf_and_auth /* security services flag */
2741 },
2742 { /* SRTCP policy */
2743 SRTP_AES_128_ICM, /* cipher type */
2744 30, /* cipher key length in octets */
2745 SRTP_HMAC_SHA1, /* authentication func type */
2746 16, /* auth key length in octets */
2747 10, /* auth tag length in octets */
2748 sec_serv_conf_and_auth /* security services flag */
2749 },
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2750 {
2751 {
2752 test_key,
2753 test_mki_id,
2754 TEST_MKI_ID_SIZE
2755 },
2756 {
2757 test_key_2,
2758 test_mki_id_2,
2759 TEST_MKI_ID_SIZE
2760 },
2761 {
2762 NULL,
2763 NULL,
2764 0
2765 },
2766 {
2767 NULL,
2768 NULL,
2769 0
2770 }
2771 },
2772 2, /* indicates the number of Master keys */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2773 NULL, /* indicates that EKT is not in use */
2774 128, /* replay window size */
2775 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]2776 NULL, /* no encrypted extension headers */
2777 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2778 NULL
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2779};
2780
2781const srtp_policy_t aes_only_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2782 { ssrc_any_outbound, 0 }, /* SSRC */
2783 {
2784 SRTP_AES_128_ICM, /* cipher type */
2785 30, /* cipher key length in octets */
2786 SRTP_NULL_AUTH, /* authentication func type */
2787 0, /* auth key length in octets */
2788 0, /* auth tag length in octets */
2789 sec_serv_conf /* security services flag */
2790 },
2791 {
2792 SRTP_AES_128_ICM, /* cipher type */
2793 30, /* cipher key length in octets */
2794 SRTP_NULL_AUTH, /* authentication func type */
2795 0, /* auth key length in octets */
2796 0, /* auth tag length in octets */
2797 sec_serv_conf /* security services flag */
2798 },
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2799 {
2800 {
2801 test_key,
2802 test_mki_id,
2803 TEST_MKI_ID_SIZE
2804 },
2805 {
2806 test_key_2,
2807 test_mki_id_2,
2808 TEST_MKI_ID_SIZE
2809 },
2810 {
2811 NULL,
2812 NULL,
2813 0
2814 },
2815 {
2816 NULL,
2817 NULL,
2818 0
2819 }
2820 },
2821 2, /* indicates the number of Master keys */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2822 NULL, /* indicates that EKT is not in use */
2823 128, /* replay window size */
2824 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]2825 NULL, /* no encrypted extension headers */
2826 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2827 NULL
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2828};
2829
2830const srtp_policy_t hmac_only_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2831 { ssrc_any_outbound, 0 }, /* SSRC */
2832 {
2833 SRTP_NULL_CIPHER, /* cipher type */
2834 0, /* cipher key length in octets */
2835 SRTP_HMAC_SHA1, /* authentication func type */
2836 20, /* auth key length in octets */
2837 4, /* auth tag length in octets */
2838 sec_serv_auth /* security services flag */
2839 },
2840 {
2841 SRTP_NULL_CIPHER, /* cipher type */
2842 0, /* cipher key length in octets */
2843 SRTP_HMAC_SHA1, /* authentication func type */
2844 20, /* auth key length in octets */
2845 4, /* auth tag length in octets */
2846 sec_serv_auth /* security services flag */
2847 },
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2848 {
2849 {
2850 test_key,
2851 test_mki_id,
2852 TEST_MKI_ID_SIZE
2853 },
2854 {
2855 test_key_2,
2856 test_mki_id_2,
2857 TEST_MKI_ID_SIZE
2858 },
2859 {
2860 NULL,
2861 NULL,
2862 0
2863 },
2864 {
2865 NULL,
2866 NULL,
2867 0
2868 }
2869 },
2870 2, /* Number of Master keys associated with the policy */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2871 NULL, /* indicates that EKT is not in use */
2872 128, /* replay window size */
2873 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]2874 NULL, /* no encrypted extension headers */
2875 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2876 NULL
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]2877};
2878
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2879#ifdef OPENSSL
2880const srtp_policy_t aes128_gcm_8_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2881 { ssrc_any_outbound, 0 }, /* SSRC */
2882 { /* SRTP policy */
2883 SRTP_AES_128_GCM, /* cipher type */
2884 SRTP_AES_128_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
2885 SRTP_NULL_AUTH, /* authentication func type */
2886 0, /* auth key length in octets */
2887 8, /* auth tag length in octets */
2888 sec_serv_conf_and_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2889 },
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2890 { /* SRTCP policy */
2891 SRTP_AES_128_GCM, /* cipher type */
2892 SRTP_AES_128_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
2893 SRTP_NULL_AUTH, /* authentication func type */
2894 0, /* auth key length in octets */
2895 8, /* auth tag length in octets */
2896 sec_serv_conf_and_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2897 },
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2898 {
2899 {
2900 test_key,
2901 test_mki_id,
2902 TEST_MKI_ID_SIZE
2903 },
2904 {
2905 test_key_2,
2906 test_mki_id_2,
2907 TEST_MKI_ID_SIZE
2908 },
2909 {
2910 NULL,
2911 NULL,
2912 0
2913 },
2914 {
2915 NULL,
2916 NULL,
2917 0
2918 }
2919 },
2920 2, /* indicates the number of Master keys */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2921 NULL, /* indicates that EKT is not in use */
2922 128, /* replay window size */
2923 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]2924 NULL, /* no encrypted extension headers */
2925 0, /* list of encrypted extension headers is empty */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2926 NULL
2927};
2928
2929const srtp_policy_t aes128_gcm_8_cauth_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2930 { ssrc_any_outbound, 0 }, /* SSRC */
2931 { /* SRTP policy */
2932 SRTP_AES_128_GCM, /* cipher type */
2933 SRTP_AES_128_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
2934 SRTP_NULL_AUTH, /* authentication func type */
2935 0, /* auth key length in octets */
2936 8, /* auth tag length in octets */
2937 sec_serv_conf_and_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2938 },
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2939 { /* SRTCP policy */
2940 SRTP_AES_128_GCM, /* cipher type */
2941 SRTP_AES_128_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
2942 SRTP_NULL_AUTH, /* authentication func type */
2943 0, /* auth key length in octets */
2944 8, /* auth tag length in octets */
2945 sec_serv_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2946 },
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2947 {
2948 {
2949 test_key,
2950 test_mki_id,
2951 TEST_MKI_ID_SIZE
2952 },
2953 {
2954 NULL,
2955 NULL,
2956 0
2957 },
2958 {
2959 NULL,
2960 NULL,
2961 0
2962 },
2963 {
2964 NULL,
2965 NULL,
2966 0
2967 }
2968 },
2969 1,
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2970 NULL, /* indicates that EKT is not in use */
2971 128, /* replay window size */
2972 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]2973 NULL, /* no encrypted extension headers */
2974 0, /* list of encrypted extension headers is empty */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2975 NULL
2976};
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2977
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2978const srtp_policy_t aes256_gcm_8_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2979 { ssrc_any_outbound, 0 }, /* SSRC */
2980 { /* SRTP policy */
2981 SRTP_AES_256_GCM, /* cipher type */
2982 SRTP_AES_256_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
2983 SRTP_NULL_AUTH, /* authentication func type */
2984 0, /* auth key length in octets */
2985 8, /* auth tag length in octets */
2986 sec_serv_conf_and_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2987 },
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]2988 { /* SRTCP policy */
2989 SRTP_AES_256_GCM, /* cipher type */
2990 SRTP_AES_256_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
2991 SRTP_NULL_AUTH, /* authentication func type */
2992 0, /* auth key length in octets */
2993 8, /* auth tag length in octets */
2994 sec_serv_conf_and_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]2995 },
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]2996 {
2997 {
2998 test_key,
2999 test_mki_id,
3000 TEST_MKI_ID_SIZE
3001 },
3002 {
3003 test_key_2,
3004 test_mki_id_2,
3005 TEST_MKI_ID_SIZE
3006 },
3007 {
3008 NULL,
3009 NULL,
3010 0
3011 },
3012 {
3013 NULL,
3014 NULL,
3015 0
3016 }
3017 },
3018 2, /* indicates the number of Master keys */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3019 NULL, /* indicates that EKT is not in use */
3020 128, /* replay window size */
3021 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3022 NULL, /* no encrypted extension headers */
3023 0, /* list of encrypted extension headers is empty */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3024 NULL
3025};
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3026
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3027const srtp_policy_t aes256_gcm_8_cauth_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3028 { ssrc_any_outbound, 0 }, /* SSRC */
3029 { /* SRTP policy */
3030 SRTP_AES_256_GCM, /* cipher type */
3031 SRTP_AES_256_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
3032 SRTP_NULL_AUTH, /* authentication func type */
3033 0, /* auth key length in octets */
3034 8, /* auth tag length in octets */
3035 sec_serv_conf_and_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3036 },
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3037 { /* SRTCP policy */
3038 SRTP_AES_256_GCM, /* cipher type */
3039 SRTP_AES_256_GCM_KEYSIZE_WSALT, /* cipher key length in octets */
3040 SRTP_NULL_AUTH, /* authentication func type */
3041 0, /* auth key length in octets */
3042 8, /* auth tag length in octets */
3043 sec_serv_auth /* security services flag */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3044 },
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]3045 {
3046 {
3047 test_key,
3048 test_mki_id,
3049 TEST_MKI_ID_SIZE
3050 },
3051 {
3052 test_key_2,
3053 test_mki_id_2,
3054 TEST_MKI_ID_SIZE
3055 },
3056 {
3057 NULL,
3058 NULL,
3059 0
3060 },
3061 {
3062 NULL,
3063 NULL,
3064 0
3065 }
3066 },
3067 2, /* indicates the number of Master keys */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3068 NULL, /* indicates that EKT is not in use */
3069 128, /* replay window size */
3070 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3071 NULL, /* no encrypted extension headers */
3072 0, /* list of encrypted extension headers is empty */
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3073 NULL
3074};
3075#endif
3076
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3077const srtp_policy_t null_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3078 { ssrc_any_outbound, 0 }, /* SSRC */
3079 {
3080 SRTP_NULL_CIPHER, /* cipher type */
3081 0, /* cipher key length in octets */
3082 SRTP_NULL_AUTH, /* authentication func type */
3083 0, /* auth key length in octets */
3084 0, /* auth tag length in octets */
3085 sec_serv_none /* security services flag */
3086 },
3087 {
3088 SRTP_NULL_CIPHER, /* cipher type */
3089 0, /* cipher key length in octets */
3090 SRTP_NULL_AUTH, /* authentication func type */
3091 0, /* auth key length in octets */
3092 0, /* auth tag length in octets */
3093 sec_serv_none /* security services flag */
3094 },
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]3095 {
3096 {
3097 test_key,
3098 test_mki_id,
3099 TEST_MKI_ID_SIZE
3100 },
3101 {
3102 test_key_2,
3103 test_mki_id_2,
3104 TEST_MKI_ID_SIZE
3105 },
3106 {
3107 NULL,
3108 NULL,
3109 0
3110 },
3111 {
3112 NULL,
3113 NULL,
3114 0
3115 }
3116 },
3117 2, /* indicates the number of Master keys */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3118 NULL, /* indicates that EKT is not in use */
3119 128, /* replay window size */
3120 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3121 NULL, /* no encrypted extension headers */
3122 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3123 NULL
David McGrew79870d62007-06-15 18:17:39 +0000[diff] [blame]3124};
3125
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]3126unsigned char test_256_key[46] = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3127 0xf0, 0xf0, 0x49, 0x14, 0xb5, 0x13, 0xf2, 0x76,
3128 0x3a, 0x1b, 0x1f, 0xa1, 0x30, 0xf1, 0x0e, 0x29,
3129 0x98, 0xf6, 0xf6, 0xe4, 0x3e, 0x43, 0x09, 0xd1,
3130 0xe6, 0x22, 0xa0, 0xe3, 0x32, 0xb9, 0xf1, 0xb6,
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]3131
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3132 0x3b, 0x04, 0x80, 0x3d, 0xe5, 0x1e, 0xe7, 0xc9,
3133 0x64, 0x23, 0xab, 0x5b, 0x78, 0xd2
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]3134};
3135
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]3136unsigned char test_256_key_2[46] = {
3137 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0,
3138 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39,
3139 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb,
3140 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6, 0xc1, 0x73,
3141 0x3b, 0x04, 0x80, 0x3d, 0xe5, 0x1e, 0xe7, 0xc9,
3142 0x64, 0x23, 0xab, 0x5b, 0x78, 0xd2
3143};
3144
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]3145const srtp_policy_t aes_256_hmac_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3146 { ssrc_any_outbound, 0 }, /* SSRC */
3147 { /* SRTP policy */
3148 SRTP_AES_ICM, /* cipher type */
3149 46, /* cipher key length in octets */
3150 SRTP_HMAC_SHA1, /* authentication func type */
3151 20, /* auth key length in octets */
3152 10, /* auth tag length in octets */
3153 sec_serv_conf_and_auth /* security services flag */
3154 },
3155 { /* SRTCP policy */
3156 SRTP_AES_ICM, /* cipher type */
3157 46, /* cipher key length in octets */
3158 SRTP_HMAC_SHA1, /* authentication func type */
3159 20, /* auth key length in octets */
3160 10, /* auth tag length in octets */
3161 sec_serv_conf_and_auth /* security services flag */
3162 },
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]3163 {
3164 {
3165 test_256_key,
3166 test_mki_id,
3167 TEST_MKI_ID_SIZE
3168 },
3169 {
3170 test_256_key_2,
3171 test_mki_id_2,
3172 TEST_MKI_ID_SIZE
3173 },
3174 {
3175 NULL,
3176 NULL,
3177 0
3178 },
3179 {
3180 NULL,
3181 NULL,
3182 0
3183 }
3184 },
3185 2, /* indicates the number of Master keys */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3186 NULL, /* indicates that EKT is not in use */
3187 128, /* replay window size */
3188 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3189 NULL, /* no encrypted extension headers */
3190 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3191 NULL
Jonathan Lennox5df951a2010-05-20 20:55:54 +0000[diff] [blame]3192};
3193
David McGrew79870d62007-06-15 18:17:39 +0000[diff] [blame]3194uint8_t ekt_test_key[16] = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3195 0x77, 0x26, 0x9d, 0xac, 0x16, 0xa3, 0x28, 0xca,
3196 0x8e, 0xc9, 0x68, 0x4b, 0xcc, 0xc4, 0xd2, 0x1b
David McGrew79870d62007-06-15 18:17:39 +0000[diff] [blame]3197};
3198
3199#include "ekt.h"
3200
jfigusc5887e72014-11-06 09:46:18 -0500[diff] [blame]3201srtp_ekt_policy_ctx_t ekt_test_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3202 0xa5a5, /* SPI */
3203 SRTP_EKT_CIPHER_AES_128_ECB,
3204 ekt_test_key,
3205 NULL
David McGrew79870d62007-06-15 18:17:39 +0000[diff] [blame]3206};
3207
3208const srtp_policy_t hmac_only_with_ekt_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3209 { ssrc_any_outbound, 0 }, /* SSRC */
3210 {
3211 SRTP_NULL_CIPHER, /* cipher type */
3212 0, /* cipher key length in octets */
3213 SRTP_HMAC_SHA1, /* authentication func type */
3214 20, /* auth key length in octets */
3215 4, /* auth tag length in octets */
3216 sec_serv_auth /* security services flag */
3217 },
3218 {
3219 SRTP_NULL_CIPHER, /* cipher type */
3220 0, /* cipher key length in octets */
3221 SRTP_HMAC_SHA1, /* authentication func type */
3222 20, /* auth key length in octets */
3223 4, /* auth tag length in octets */
3224 sec_serv_auth /* security services flag */
3225 },
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]3226 {
3227 {
3228 test_key,
3229 test_mki_id,
3230 TEST_MKI_ID_SIZE
3231 },
3232 {
3233 test_key_2,
3234 test_mki_id_2,
3235 TEST_MKI_ID_SIZE
3236 },
3237 {
3238 NULL,
3239 NULL,
3240 0
3241 },
3242 {
3243 NULL,
3244 NULL,
3245 0
3246 }
3247 },
3248 2, /* indicates the number of Master keys */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3249 &ekt_test_policy, /* indicates that EKT is not in use */
3250 128, /* replay window size */
3251 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3252 NULL, /* no encrypted extension headers */
3253 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3254 NULL
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3255};
3256
3257
3258/*
3259 * an array of pointers to the policies listed above
3260 *
3261 * This array is used to test various aspects of libSRTP for
3262 * different cryptographic policies. The order of the elements
3263 * matters - the timing test generates output that can be used
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3264 * in a plot (see the gnuplot script file 'timing'). If you
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3265 * add to this list, you should do it at the end.
3266 */
3267
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3268const srtp_policy_t *
3269policy_array[] = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3270 &hmac_only_policy,
3271 &aes_only_policy,
3272 &default_policy,
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3273#ifdef OPENSSL
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3274 &aes128_gcm_8_policy,
3275 &aes128_gcm_8_cauth_policy,
3276 &aes256_gcm_8_policy,
3277 &aes256_gcm_8_cauth_policy,
jfigus8c36da22013-10-01 16:41:19 -0400[diff] [blame]3278#endif
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3279 &null_policy,
3280 &aes_256_hmac_policy,
3281 &hmac_only_with_ekt_policy,
3282 NULL
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3283};
3284
3285const srtp_policy_t wildcard_policy = {
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3286 { ssrc_any_outbound, 0 }, /* SSRC */
3287 { /* SRTP policy */
3288 SRTP_AES_128_ICM, /* cipher type */
3289 30, /* cipher key length in octets */
3290 SRTP_HMAC_SHA1, /* authentication func type */
3291 16, /* auth key length in octets */
3292 10, /* auth tag length in octets */
3293 sec_serv_conf_and_auth /* security services flag */
3294 },
3295 { /* SRTCP policy */
3296 SRTP_AES_128_ICM, /* cipher type */
3297 30, /* cipher key length in octets */
3298 SRTP_HMAC_SHA1, /* authentication func type */
3299 16, /* auth key length in octets */
3300 10, /* auth tag length in octets */
3301 sec_serv_conf_and_auth /* security services flag */
3302 },
Ryan Hooperfe5d8b82016-12-15 14:53:58 -0500[diff] [blame^]3303 {
3304 {
3305 test_key,
3306 test_mki_id,
3307 TEST_MKI_ID_SIZE
3308 },
3309 {
3310 NULL,
3311 NULL,
3312 0
3313 },
3314 {
3315 NULL,
3316 NULL,
3317 0
3318 },
3319 {
3320 NULL,
3321 NULL,
3322 0
3323 }
3324 },
3325 1,
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3326 NULL,
3327 128, /* replay window size */
3328 0, /* retransmission not allowed */
Joachim Bauch99a74822015-11-17 00:08:19 +0100[diff] [blame]3329 NULL, /* no encrypted extension headers */
3330 0, /* list of encrypted extension headers is empty */
jfigus67b9c732014-11-20 10:17:21 -0500[diff] [blame]3331 NULL
Cullen Jennings235513a2005-09-21 22:51:36 +0000[diff] [blame]3332};