Home | History | Annotate | Download | only in srtp 
      1 Changelog
      2 
      3 1.3.20
      4 
      5   Lots of changes.  Thanks to Jeff Chan for catching a memory leak and
      6   helping track down the endian issues with the SSRCs.
      7 
      8 1.3.8
      9 
     10   This is an interim release.  Several little-endian bugs were identified
     11   and fixed; this means that we can use intel/linux for development again.
     12 
     13   Cleaned up sha1 and hmac code significantly, got rid of some excess
     14   functions and properly documented the fuctions in the .h files.
     15 
     16   Eliminated some vestigial files.
     17 
     18   There is a SIGBUS error in the AES encrypt function on sparc
     19   (observed on both solaris and openbsd) with gcc 2.95.  Was unable to
     20   find bad pointer anywhere, so I'm wondering if it isn't a compiler
     21   problem (there's a known problem whose profile it fits).  It doesn't
     22   appear on any other platform, even in the cipher_driver stress
     23   tests.
     24 
     25   Planned changes
     26 
     27   Change interface to nonces (xtd_seq_num_t) so that it uses
     28   network byte ordering, and is consistent with other arguments.
     29 
     30 
     31 1.3.6 
     32 
     33   Changed /dev/random (in configure.in and crypto/rng/rand_source.c) to
     34   /dev/urandom; the latter is non-blocking on all known platforms (which 
     35   corrects some programs that seem to hang) and is actually present on 
     36   Open BSD (unlike /dev/random, which only works in the presence of 
     37   hardware supported random number generation).
     38 
     39   Added machine/types.h case in include/integers.h.
     40 
     41 1.3.5
     42 
     43   Removing srtp_t::template and stream_clone().
     44 
     45   Adding a new policy structure, which will reflect a complete SRTP
     46   policy (including SRTCP).
     47 
     48   This version is *incomplete* and will undergo more changes.  It is
     49   provided only as a basis for discussion.
     50 
     51 1.3.4
     52 
     53    Removed tmmh.c and tmmh.h, which implemented version one of TMMH.
     54 
     55    Changed srtp_get_trailer_length() to act on streams rather than
     56    sessions, and documented the macro SRTP_MAX_TRAILER_LEN, which should
     57    usually be used rather than that function.
     58 
     59    Removed 'salt' from cipher input. 
     60 
     61    Changed rdbx to use err.h error codes.
     62 
     63    Changed malloc() and free() to xalloc() and xfree; these functions
     64    are defined in crypto/kernel/alloc.c and declared in 
     65    include/alloc.h.
     66 
     67    Added 'output' functions to cipher, in addition to 'encrypt'
     68    functions.  It is no longer necessary to zeroize a buffer before
     69    encrypting in order to get keystream.
     70 
     71    Changed octet_string_hex_string() so that "times two" isn't needed
     72    in its input.
     73 
     74    Added crypto_kernel_init() prior to command-line parsing, so that
     75    kernel can be passed command-line arguments, such as "-d
     76    debug_module".  This was done to for the applications
     77    test/srtp-driver, test/kernel-driver, and test/ust-driver.
     78 
     79    Improved srtp_init_aes_128_prf - wrote key derivation function
     80    (srtp_kdf_t).
     81 
     82    Add the tag_len as an argument to the auth_compute() function, but
     83    not the corresponding macro.  This change allows the tag length for
     84    a given auth func to be set to different values at initialization
     85    time.  Previously, the structure auth_t contained the
     86    output_length, but that value was inaccessible from hmac_compute()
     87    and other functions.
     88 
     89    Re-named files from a-b.c to a_b.c. in order to help portability.
     90 
     91    Re-named rijndael to aes (or aes_128 as appropriate).
     92 
     93 
     94 1.2.1 
     95 
     96   Changes so that 1.2.0 compiles on cygwin-win2k.
     97 
     98   Added better error reporting system.  If syslog is present on the
     99   OS, then it is used.
    100 
    101 
    102 1.2.0 Many improvements and additions, and a fex fixes
    103 
    104    Fixed endian issues in RTP header construction in the function
    105    rtp_sendto() in srtp/rtp.c.
    106 
    107    Implemented RIJNDAEL decryption operation, adding the functions
    108    rijndael_decrypt() and rijndael_expand_decryption_key().  Also
    109    re-named rijndael_expand_key() to rijndael_expand_encryption_key()
    110    for consistency.
    111 
    112    Implemented random number source using /dev/random, in the files
    113    crypto/rng/rand_source.c and include/rand_source.h.
    114 
    115    Added index check to SEAL cipher (only values less than 2^32 are
    116    allowed)
    117 
    118    Added test case for null_auth authentication function.
    119 
    120    Added a timing test which tests the effect of CPU cache thrash on
    121    cipher throughput.  The test is done by the function
    122    cipher_test_throughput_array(); the function
    123    cipher_array_alloc_init() creates an array of ciphers for use in
    124    this test.  This test can be accessed by using the -a flag to
    125    the application cipher-driver in the test subdirectory.
    126  
    127    Added argument processing to ust-driver.c, and added that app to
    128    the 'runtest' target in Makefile.in.
    129 
    130    A minor auth_t API change: last argument of auth_init() eliminated.
    131 
    132 
    133 1.0.6 A small but important fix
    134 
    135    Fixed srtp_init_aes_128_prf() by adding octet_string_set_to_zero()
    136    after buffer allocation.
    137 
    138    Eliminated references to no-longer-existing variables in debugging
    139    code in srtp/srtp.c.  This fixes the compilation failure that
    140    occured when using PRINT_DEBUG in that file.
    141 
    142    Corrected spelling of Richard Priestley's name in credits.  Sorry
    143    Richard!
    144 
    145 
    146 1.0.5 Many little fixes
    147 
    148    Fixed octet_string_set_to_zero(), which was writing one
    149    more zero octet than it should.  This bug caused srtp_protect()
    150    and srtp_unprotect() to overwrite the byte that followed the
    151    srtp packet.
    152 
    153    Changed sizeof(uint32_t) to srtp_get_trailer_length() in
    154    srtp-driver.c.  This is just defensive coding.
    155 
    156    Added NULL check to malloc in srtp_alloc().
    157 
    158 
    159 1.0.4 Many minor fixes and two big ones (thanks for the bug reports!)
    160 
    161    Removed 'ssrc' from the srtp_init_aes_128_prf() function argument
    162    list.  This is so that applications which do not a priori know the
    163    ssrc which they will be receiving can still use libsrtp.  Now the
    164    SSRC value is gleaned from the rtp header and exored into the
    165    counter mode offset in the srtp_protect() and srtp_unprotect()
    166    functions, if that cipher is used.  This change cascaed through
    167    many other functions, including srtp_init_from_hex(),
    168    srtp_sender_init() and srtp_receiver_init() in rtp.c, and also
    169    changing the CLI to test/rtpw.  In the future, another function
    170    call will be added to the library that enables multiple ssrc/key
    171    pairs to be installed into the same srtp session, so that libsrtp
    172    works with multiple srtp senders.  For now, this functionality is
    173    lacking.
    174 
    175    Removed the GDOI interface to the rtpw demo program.  This will be
    176    added again at a later date, after the SRTP and GDOI distributions
    177    stabilize.  For now, I've left in the GDOI #defines and autoconf
    178    definitions so that they'll be in place when needed.
    179 
    180    Updated tmmhv2_compute() so that it didn't assume any particular
    181    alginment of the output tag.
    182 
    183    Changed bit field variables in srtp.h to unsigned char from
    184    unsigned int in order to avoid a potential endianness issue.
    185 
    186    Fixed rdbx_estimate_index() to handle all input cases.  This solves
    187    the now notorious "abaft" bug in the rtpw demo app on linux/intel,
    188    in which spurious replay protection failures happen after that word
    189    is received.
    190 
    191    Added ntohs(hdr->seq) to srtp_protect and srtp_unprotect, removed
    192    from rijndael_icm_set_segment().
    193 
    194    Added error checking and handling to srtp_sender_init() and
    195    srtp_receiver_init().
    196 
    197    Changed srtp_alloc() so that it does what you'd expect: allocate an
    198    srtp_ctx_t structure.  This hides the library internals.
    199 
    200 
    201 1.0.1   Many minor fixes
    202 
    203    Added cipher_driver_buffer_test(...) to test/cipher-driver.c.  This
    204    function checks that the byte-buffering functions used by a cipher
    205    are correct.
    206 
    207    Fixed SunOS/Solaris build problems: added HAVE_SYS_INT_TYPES_H and
    208    changed index_t to xtd_seq_num_t (see include/rdbx.h).
    209 
    210    Fixed SEAL3.0 output byte buffering, added byte-buffering test to
    211    cipher/cipher-driver.c.
    212 
    213    Fixed roc-driver so that the non-sequential insertion test
    214    automatically recovers from bad estimates.  This was required to
    215    prevent spurious failures.
    216 
    217    Made rdbx_estimate_index(...) function smarter, so that initial RTP
    218    sequence numbers greater than 32,768 don't cause it to estimate the
    219    rollover counter of 0xffffffff.
    220 
    221 
    222 1.0.0   Initial release
    223 
    224