1 /* 2 * srtp_driver.c 3 * 4 * a test driver for libSRTP 5 * 6 * David A. McGrew 7 * Cisco Systems, Inc. 8 */ 9 /* 10 * 11 * Copyright (c) 2001-2006, Cisco Systems, Inc. 12 * All rights reserved. 13 * 14 * Redistribution and use in source and binary forms, with or without 15 * modification, are permitted provided that the following conditions 16 * are met: 17 * 18 * Redistributions of source code must retain the above copyright 19 * notice, this list of conditions and the following disclaimer. 20 * 21 * Redistributions in binary form must reproduce the above 22 * copyright notice, this list of conditions and the following 23 * disclaimer in the documentation and/or other materials provided 24 * with the distribution. 25 * 26 * Neither the name of the Cisco Systems, Inc. nor the names of its 27 * contributors may be used to endorse or promote products derived 28 * from this software without specific prior written permission. 29 * 30 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 31 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 32 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 33 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 34 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 35 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 41 * OF THE POSSIBILITY OF SUCH DAMAGE. 42 * 43 */ 44 45 46 #include <string.h> /* for memcpy() */ 47 #include <time.h> /* for clock() */ 48 #include <stdlib.h> /* for malloc(), free() */ 49 #include <stdio.h> /* for print(), fflush() */ 50 #include "getopt_s.h" /* for local getopt() */ 51 52 #include "srtp_priv.h" 53 54 #ifdef HAVE_NETINET_IN_H 55 # include <netinet/in.h> 56 #elif defined HAVE_WINSOCK2_H 57 # include <winsock2.h> 58 #endif 59 60 #define PRINT_REFERENCE_PACKET 1 61 62 err_status_t 63 srtp_validate(void); 64 65 err_status_t 66 srtp_create_big_policy(srtp_policy_t **list); 67 68 err_status_t 69 srtp_test_remove_stream(void); 70 71 double 72 srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy); 73 74 double 75 srtp_rejections_per_second(int msg_len_octets, const srtp_policy_t *policy); 76 77 void 78 srtp_do_timing(const srtp_policy_t *policy); 79 80 void 81 srtp_do_rejection_timing(const srtp_policy_t *policy); 82 83 err_status_t 84 srtp_test(const srtp_policy_t *policy); 85 86 err_status_t 87 srtcp_test(const srtp_policy_t *policy); 88 89 err_status_t 90 srtp_session_print_policy(srtp_t srtp); 91 92 err_status_t 93 srtp_print_policy(const srtp_policy_t *policy); 94 95 char * 96 srtp_packet_to_string(srtp_hdr_t *hdr, int packet_len); 97 98 double 99 mips_estimate(int num_trials, int *ignore); 100 101 extern uint8_t test_key[30]; 102 103 void 104 usage(char *prog_name) { 105 printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n" 106 " -t run timing test\n" 107 " -r run rejection timing test\n" 108 " -c run codec timing test\n" 109 " -v run validation tests\n" 110 " -d <mod> turn on debugging module <mod>\n" 111 " -l list debugging modules\n", prog_name); 112 exit(1); 113 } 114 115 /* 116 * The policy_array is a null-terminated array of policy structs. it 117 * is declared at the end of this file 118 */ 119 120 extern const srtp_policy_t *policy_array[]; 121 122 123 /* the wildcard_policy is declared below; it has a wildcard ssrc */ 124 125 extern const srtp_policy_t wildcard_policy; 126 127 /* 128 * mod_driver debug module - debugging module for this test driver 129 * 130 * we use the crypto_kernel debugging system in this driver, which 131 * makes the interface uniform and increases portability 132 */ 133 134 debug_module_t mod_driver = { 135 0, /* debugging is off by default */ 136 "driver" /* printable name for module */ 137 }; 138 139 int 140 main (int argc, char *argv[]) { 141 int q; 142 unsigned do_timing_test = 0; 143 unsigned do_rejection_test = 0; 144 unsigned do_codec_timing = 0; 145 unsigned do_validation = 0; 146 unsigned do_list_mods = 0; 147 err_status_t status; 148 149 /* 150 * verify that the compiler has interpreted the header data 151 * structure srtp_hdr_t correctly 152 */ 153 if (sizeof(srtp_hdr_t) != 12) { 154 printf("error: srtp_hdr_t has incorrect size" 155 "(size is %ld bytes, expected 12)\n", 156 (long)sizeof(srtp_hdr_t)); 157 exit(1); 158 } 159 160 /* initialize srtp library */ 161 status = srtp_init(); 162 if (status) { 163 printf("error: srtp init failed with error code %d\n", status); 164 exit(1); 165 } 166 167 /* load srtp_driver debug module */ 168 status = crypto_kernel_load_debug_module(&mod_driver); 169 if (status) { 170 printf("error: load of srtp_driver debug module failed " 171 "with error code %d\n", status); 172 exit(1); 173 } 174 175 /* process input arguments */ 176 while (1) { 177 q = getopt_s(argc, argv, "trcvld:"); 178 if (q == -1) 179 break; 180 switch (q) { 181 case 't': 182 do_timing_test = 1; 183 break; 184 case 'r': 185 do_rejection_test = 1; 186 break; 187 case 'c': 188 do_codec_timing = 1; 189 break; 190 case 'v': 191 do_validation = 1; 192 break; 193 case 'l': 194 do_list_mods = 1; 195 break; 196 case 'd': 197 status = crypto_kernel_set_debug_module(optarg_s, 1); 198 if (status) { 199 printf("error: set debug module (%s) failed\n", optarg_s); 200 exit(1); 201 } 202 break; 203 default: 204 usage(argv[0]); 205 } 206 } 207 208 if (!do_validation && !do_timing_test && !do_codec_timing 209 && !do_list_mods && !do_rejection_test) 210 usage(argv[0]); 211 212 if (do_list_mods) { 213 status = crypto_kernel_list_debug_modules(); 214 if (status) { 215 printf("error: list of debug modules failed\n"); 216 exit(1); 217 } 218 } 219 220 if (do_validation) { 221 const srtp_policy_t **policy = policy_array; 222 srtp_policy_t *big_policy; 223 224 /* loop over policy array, testing srtp and srtcp for each policy */ 225 while (*policy != NULL) { 226 printf("testing srtp_protect and srtp_unprotect\n"); 227 if (srtp_test(*policy) == err_status_ok) 228 printf("passed\n\n"); 229 else { 230 printf("failed\n"); 231 exit(1); 232 } 233 printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp\n"); 234 if (srtcp_test(*policy) == err_status_ok) 235 printf("passed\n\n"); 236 else { 237 printf("failed\n"); 238 exit(1); 239 } 240 policy++; 241 } 242 243 /* create a big policy list and run tests on it */ 244 status = srtp_create_big_policy(&big_policy); 245 if (status) { 246 printf("unexpected failure with error code %d\n", status); 247 exit(1); 248 } 249 printf("testing srtp_protect and srtp_unprotect with big policy\n"); 250 if (srtp_test(big_policy) == err_status_ok) 251 printf("passed\n\n"); 252 else { 253 printf("failed\n"); 254 exit(1); 255 } 256 257 /* run test on wildcard policy */ 258 printf("testing srtp_protect and srtp_unprotect on " 259 "wildcard ssrc policy\n"); 260 if (srtp_test(&wildcard_policy) == err_status_ok) 261 printf("passed\n\n"); 262 else { 263 printf("failed\n"); 264 exit(1); 265 } 266 267 /* 268 * run validation test against the reference packets - note 269 * that this test only covers the default policy 270 */ 271 printf("testing srtp_protect and srtp_unprotect against " 272 "reference packets\n"); 273 if (srtp_validate() == err_status_ok) 274 printf("passed\n\n"); 275 else { 276 printf("failed\n"); 277 exit(1); 278 } 279 280 /* 281 * test the function srtp_remove_stream() 282 */ 283 printf("testing srtp_remove_stream()..."); 284 if (srtp_test_remove_stream() == err_status_ok) 285 printf("passed\n"); 286 else { 287 printf("failed\n"); 288 exit(1); 289 } 290 } 291 292 if (do_timing_test) { 293 const srtp_policy_t **policy = policy_array; 294 295 /* loop over policies, run timing test for each */ 296 while (*policy != NULL) { 297 srtp_print_policy(*policy); 298 srtp_do_timing(*policy); 299 policy++; 300 } 301 } 302 303 if (do_rejection_test) { 304 const srtp_policy_t **policy = policy_array; 305 306 /* loop over policies, run rejection timing test for each */ 307 while (*policy != NULL) { 308 srtp_print_policy(*policy); 309 srtp_do_rejection_timing(*policy); 310 policy++; 311 } 312 } 313 314 if (do_codec_timing) { 315 srtp_policy_t policy; 316 int ignore; 317 double mips = mips_estimate(1000000000, &ignore); 318 319 crypto_policy_set_rtp_default(&policy.rtp); 320 crypto_policy_set_rtcp_default(&policy.rtcp); 321 policy.ssrc.type = ssrc_specific; 322 policy.ssrc.value = 0xdecafbad; 323 policy.key = test_key; 324 policy.ekt = NULL; 325 policy.window_size = 128; 326 policy.allow_repeat_tx = 0; 327 policy.next = NULL; 328 329 printf("mips estimate: %e\n", mips); 330 331 printf("testing srtp processing time for voice codecs:\n"); 332 printf("codec\t\tlength (octets)\t\tsrtp instructions/second\n"); 333 printf("G.711\t\t%d\t\t\t%e\n", 80, 334 (double) mips * (80 * 8) / 335 srtp_bits_per_second(80, &policy) / .01 ); 336 printf("G.711\t\t%d\t\t\t%e\n", 160, 337 (double) mips * (160 * 8) / 338 srtp_bits_per_second(160, &policy) / .02); 339 printf("G.726-32\t%d\t\t\t%e\n", 40, 340 (double) mips * (40 * 8) / 341 srtp_bits_per_second(40, &policy) / .01 ); 342 printf("G.726-32\t%d\t\t\t%e\n", 80, 343 (double) mips * (80 * 8) / 344 srtp_bits_per_second(80, &policy) / .02); 345 printf("G.729\t\t%d\t\t\t%e\n", 10, 346 (double) mips * (10 * 8) / 347 srtp_bits_per_second(10, &policy) / .01 ); 348 printf("G.729\t\t%d\t\t\t%e\n", 20, 349 (double) mips * (20 * 8) / 350 srtp_bits_per_second(20, &policy) / .02 ); 351 printf("Wideband\t%d\t\t\t%e\n", 320, 352 (double) mips * (320 * 8) / 353 srtp_bits_per_second(320, &policy) / .01 ); 354 printf("Wideband\t%d\t\t\t%e\n", 640, 355 (double) mips * (640 * 8) / 356 srtp_bits_per_second(640, &policy) / .02 ); 357 } 358 359 return 0; 360 } 361 362 363 364 /* 365 * srtp_create_test_packet(len, ssrc) returns a pointer to a 366 * (malloced) example RTP packet whose data field has the length given 367 * by pkt_octet_len and the SSRC value ssrc. The total length of the 368 * packet is twelve octets longer, since the header is at the 369 * beginning. There is room at the end of the packet for a trailer, 370 * and the four octets following the packet are filled with 0xff 371 * values to enable testing for overwrites. 372 * 373 * note that the location of the test packet can (and should) be 374 * deallocated with the free() call once it is no longer needed. 375 */ 376 377 srtp_hdr_t * 378 srtp_create_test_packet(int pkt_octet_len, uint32_t ssrc) { 379 int i; 380 uint8_t *buffer; 381 srtp_hdr_t *hdr; 382 int bytes_in_hdr = 12; 383 384 /* allocate memory for test packet */ 385 hdr = (srtp_hdr_t*) malloc(pkt_octet_len + bytes_in_hdr 386 + SRTP_MAX_TRAILER_LEN + 4); 387 if (!hdr) 388 return NULL; 389 390 hdr->version = 2; /* RTP version two */ 391 hdr->p = 0; /* no padding needed */ 392 hdr->x = 0; /* no header extension */ 393 hdr->cc = 0; /* no CSRCs */ 394 hdr->m = 0; /* marker bit */ 395 hdr->pt = 0xf; /* payload type */ 396 hdr->seq = htons(0x1234); /* sequence number */ 397 hdr->ts = htonl(0xdecafbad); /* timestamp */ 398 hdr->ssrc = htonl(ssrc); /* synch. source */ 399 400 buffer = (uint8_t *)hdr; 401 buffer += bytes_in_hdr; 402 403 /* set RTP data to 0xab */ 404 for (i=0; i < pkt_octet_len; i++) 405 *buffer++ = 0xab; 406 407 /* set post-data value to 0xffff to enable overrun checking */ 408 for (i=0; i < SRTP_MAX_TRAILER_LEN+4; i++) 409 *buffer++ = 0xff; 410 411 return hdr; 412 } 413 414 void 415 srtp_do_timing(const srtp_policy_t *policy) { 416 int len; 417 418 /* 419 * note: the output of this function is formatted so that it 420 * can be used in gnuplot. '#' indicates a comment, and "\r\n" 421 * terminates a record 422 */ 423 424 printf("# testing srtp throughput:\r\n"); 425 printf("# mesg length (octets)\tthroughput (megabits per second)\r\n"); 426 427 for (len=16; len <= 2048; len *= 2) 428 printf("%d\t\t\t%f\r\n", len, 429 srtp_bits_per_second(len, policy) / 1.0E6); 430 431 /* these extra linefeeds let gnuplot know that a dataset is done */ 432 printf("\r\n\r\n"); 433 434 } 435 436 void 437 srtp_do_rejection_timing(const srtp_policy_t *policy) { 438 int len; 439 440 /* 441 * note: the output of this function is formatted so that it 442 * can be used in gnuplot. '#' indicates a comment, and "\r\n" 443 * terminates a record 444 */ 445 446 printf("# testing srtp rejection throughput:\r\n"); 447 printf("# mesg length (octets)\trejections per second\r\n"); 448 449 for (len=8; len <= 2048; len *= 2) 450 printf("%d\t\t\t%e\r\n", len, srtp_rejections_per_second(len, policy)); 451 452 /* these extra linefeeds let gnuplot know that a dataset is done */ 453 printf("\r\n\r\n"); 454 455 } 456 457 458 #define MAX_MSG_LEN 1024 459 460 double 461 srtp_bits_per_second(int msg_len_octets, const srtp_policy_t *policy) { 462 srtp_t srtp; 463 srtp_hdr_t *mesg; 464 int i; 465 clock_t timer; 466 int num_trials = 100000; 467 int len; 468 uint32_t ssrc; 469 err_status_t status; 470 471 /* 472 * allocate and initialize an srtp session 473 */ 474 status = srtp_create(&srtp, policy); 475 if (status) { 476 printf("error: srtp_create() failed with error code %d\n", status); 477 exit(1); 478 } 479 480 /* 481 * if the ssrc is unspecified, use a predetermined one 482 */ 483 if (policy->ssrc.type != ssrc_specific) { 484 ssrc = 0xdeadbeef; 485 } else { 486 ssrc = policy->ssrc.value; 487 } 488 489 /* 490 * create a test packet 491 */ 492 mesg = srtp_create_test_packet(msg_len_octets, ssrc); 493 if (mesg == NULL) 494 return 0.0; /* indicate failure by returning zero */ 495 496 timer = clock(); 497 for (i=0; i < num_trials; i++) { 498 err_status_t status; 499 len = msg_len_octets + 12; /* add in rtp header length */ 500 501 /* srtp protect message */ 502 status = srtp_protect(srtp, mesg, &len); 503 if (status) { 504 printf("error: srtp_protect() failed with error code %d\n", status); 505 exit(1); 506 } 507 508 /* increment message number */ 509 mesg->seq = htons(ntohs(mesg->seq) + 1); 510 511 } 512 timer = clock() - timer; 513 514 free(mesg); 515 516 return (double) (msg_len_octets) * 8 * 517 num_trials * CLOCKS_PER_SEC / timer; 518 } 519 520 double 521 srtp_rejections_per_second(int msg_len_octets, const srtp_policy_t *policy) { 522 srtp_ctx_t *srtp; 523 srtp_hdr_t *mesg; 524 int i; 525 int len; 526 clock_t timer; 527 int num_trials = 1000000; 528 uint32_t ssrc = policy->ssrc.value; 529 err_status_t status; 530 531 /* 532 * allocate and initialize an srtp session 533 */ 534 status = srtp_create(&srtp, policy); 535 if (status) { 536 printf("error: srtp_create() failed with error code %d\n", status); 537 exit(1); 538 } 539 540 mesg = srtp_create_test_packet(msg_len_octets, ssrc); 541 if (mesg == NULL) 542 return 0.0; /* indicate failure by returning zero */ 543 544 len = msg_len_octets; 545 srtp_protect(srtp, (srtp_hdr_t *)mesg, &len); 546 547 timer = clock(); 548 for (i=0; i < num_trials; i++) { 549 len = msg_len_octets; 550 srtp_unprotect(srtp, (srtp_hdr_t *)mesg, &len); 551 } 552 timer = clock() - timer; 553 554 free(mesg); 555 556 return (double) num_trials * CLOCKS_PER_SEC / timer; 557 } 558 559 560 void 561 err_check(err_status_t s) { 562 if (s == err_status_ok) 563 return; 564 else 565 fprintf(stderr, "error: unexpected srtp failure (code %d)\n", s); 566 exit (1); 567 } 568 569 err_status_t 570 srtp_test(const srtp_policy_t *policy) { 571 int i; 572 srtp_t srtp_sender; 573 srtp_t srtp_rcvr; 574 err_status_t status = err_status_ok; 575 srtp_hdr_t *hdr, *hdr2; 576 uint8_t hdr_enc[64]; 577 uint8_t *pkt_end; 578 int msg_len_octets, msg_len_enc; 579 int len; 580 int tag_length = policy->rtp.auth_tag_len; 581 uint32_t ssrc; 582 srtp_policy_t *rcvr_policy; 583 584 err_check(srtp_create(&srtp_sender, policy)); 585 586 /* print out policy */ 587 err_check(srtp_session_print_policy(srtp_sender)); 588 589 /* 590 * initialize data buffer, using the ssrc in the policy unless that 591 * value is a wildcard, in which case we'll just use an arbitrary 592 * one 593 */ 594 if (policy->ssrc.type != ssrc_specific) 595 ssrc = 0xdecafbad; 596 else 597 ssrc = policy->ssrc.value; 598 msg_len_octets = 28; 599 hdr = srtp_create_test_packet(msg_len_octets, ssrc); 600 601 if (hdr == NULL) 602 return err_status_alloc_fail; 603 hdr2 = srtp_create_test_packet(msg_len_octets, ssrc); 604 if (hdr2 == NULL) { 605 free(hdr); 606 return err_status_alloc_fail; 607 } 608 609 /* set message length */ 610 len = msg_len_octets; 611 612 debug_print(mod_driver, "before protection:\n%s", 613 srtp_packet_to_string(hdr, len)); 614 615 #if PRINT_REFERENCE_PACKET 616 debug_print(mod_driver, "reference packet before protection:\n%s", 617 octet_string_hex_string((uint8_t *)hdr, len)); 618 #endif 619 err_check(srtp_protect(srtp_sender, hdr, &len)); 620 621 debug_print(mod_driver, "after protection:\n%s", 622 srtp_packet_to_string(hdr, len)); 623 #if PRINT_REFERENCE_PACKET 624 debug_print(mod_driver, "after protection:\n%s", 625 octet_string_hex_string((uint8_t *)hdr, len)); 626 #endif 627 628 /* save protected message and length */ 629 memcpy(hdr_enc, hdr, len); 630 msg_len_enc = len; 631 632 /* 633 * check for overrun of the srtp_protect() function 634 * 635 * The packet is followed by a value of 0xfffff; if the value of the 636 * data following the packet is different, then we know that the 637 * protect function is overwriting the end of the packet. 638 */ 639 pkt_end = (uint8_t *)hdr + sizeof(srtp_hdr_t) 640 + msg_len_octets + tag_length; 641 for (i = 0; i < 4; i++) 642 if (pkt_end[i] != 0xff) { 643 fprintf(stdout, "overwrite in srtp_protect() function " 644 "(expected %x, found %x in trailing octet %d)\n", 645 0xff, ((uint8_t *)hdr)[i], i); 646 free(hdr); 647 free(hdr2); 648 return err_status_algo_fail; 649 } 650 651 /* 652 * if the policy includes confidentiality, check that ciphertext is 653 * different than plaintext 654 * 655 * Note that this check will give false negatives, with some small 656 * probability, especially if the packets are short. For that 657 * reason, we skip this check if the plaintext is less than four 658 * octets long. 659 */ 660 if ((policy->rtp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) { 661 printf("testing that ciphertext is distinct from plaintext..."); 662 status = err_status_algo_fail; 663 for (i=12; i < msg_len_octets+12; i++) 664 if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) { 665 status = err_status_ok; 666 } 667 if (status) { 668 printf("failed\n"); 669 free(hdr); 670 free(hdr2); 671 return status; 672 } 673 printf("passed\n"); 674 } 675 676 /* 677 * if the policy uses a 'wildcard' ssrc, then we need to make a copy 678 * of the policy that changes the direction to inbound 679 * 680 * we always copy the policy into the rcvr_policy, since otherwise 681 * the compiler would fret about the constness of the policy 682 */ 683 rcvr_policy = (srtp_policy_t*) malloc(sizeof(srtp_policy_t)); 684 if (rcvr_policy == NULL) 685 return err_status_alloc_fail; 686 memcpy(rcvr_policy, policy, sizeof(srtp_policy_t)); 687 if (policy->ssrc.type == ssrc_any_outbound) { 688 rcvr_policy->ssrc.type = ssrc_any_inbound; 689 } 690 691 err_check(srtp_create(&srtp_rcvr, rcvr_policy)); 692 693 err_check(srtp_unprotect(srtp_rcvr, hdr, &len)); 694 695 debug_print(mod_driver, "after unprotection:\n%s", 696 srtp_packet_to_string(hdr, len)); 697 698 /* verify that the unprotected packet matches the origial one */ 699 for (i=0; i < msg_len_octets; i++) 700 if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) { 701 fprintf(stdout, "mismatch at octet %d\n", i); 702 status = err_status_algo_fail; 703 } 704 if (status) { 705 free(hdr); 706 free(hdr2); 707 return status; 708 } 709 710 /* 711 * if the policy includes authentication, then test for false positives 712 */ 713 if (policy->rtp.sec_serv & sec_serv_auth) { 714 char *data = ((char *)hdr) + 12; 715 716 printf("testing for false positives in replay check..."); 717 718 /* set message length */ 719 len = msg_len_enc; 720 721 /* unprotect a second time - should fail with a replay error */ 722 status = srtp_unprotect(srtp_rcvr, hdr_enc, &len); 723 if (status != err_status_replay_fail) { 724 printf("failed with error code %d\n", status); 725 free(hdr); 726 free(hdr2); 727 return status; 728 } else { 729 printf("passed\n"); 730 } 731 732 printf("testing for false positives in auth check..."); 733 734 /* increment sequence number in header */ 735 hdr->seq++; 736 737 /* set message length */ 738 len = msg_len_octets; 739 740 /* apply protection */ 741 err_check(srtp_protect(srtp_sender, hdr, &len)); 742 743 /* flip bits in packet */ 744 data[0] ^= 0xff; 745 746 /* unprotect, and check for authentication failure */ 747 status = srtp_unprotect(srtp_rcvr, hdr, &len); 748 if (status != err_status_auth_fail) { 749 printf("failed\n"); 750 free(hdr); 751 free(hdr2); 752 return status; 753 } else { 754 printf("passed\n"); 755 } 756 757 } 758 759 err_check(srtp_dealloc(srtp_sender)); 760 err_check(srtp_dealloc(srtp_rcvr)); 761 762 free(hdr); 763 free(hdr2); 764 return err_status_ok; 765 } 766 767 768 err_status_t 769 srtcp_test(const srtp_policy_t *policy) { 770 int i; 771 srtp_t srtcp_sender; 772 srtp_t srtcp_rcvr; 773 err_status_t status = err_status_ok; 774 srtp_hdr_t *hdr, *hdr2; 775 uint8_t hdr_enc[64]; 776 uint8_t *pkt_end; 777 int msg_len_octets, msg_len_enc; 778 int len; 779 int tag_length = policy->rtp.auth_tag_len; 780 uint32_t ssrc; 781 srtp_policy_t *rcvr_policy; 782 783 err_check(srtp_create(&srtcp_sender, policy)); 784 785 /* print out policy */ 786 err_check(srtp_session_print_policy(srtcp_sender)); 787 788 /* 789 * initialize data buffer, using the ssrc in the policy unless that 790 * value is a wildcard, in which case we'll just use an arbitrary 791 * one 792 */ 793 if (policy->ssrc.type != ssrc_specific) 794 ssrc = 0xdecafbad; 795 else 796 ssrc = policy->ssrc.value; 797 msg_len_octets = 28; 798 hdr = srtp_create_test_packet(msg_len_octets, ssrc); 799 800 if (hdr == NULL) 801 return err_status_alloc_fail; 802 hdr2 = srtp_create_test_packet(msg_len_octets, ssrc); 803 if (hdr2 == NULL) { 804 free(hdr); 805 return err_status_alloc_fail; 806 } 807 808 /* set message length */ 809 len = msg_len_octets; 810 811 debug_print(mod_driver, "before protection:\n%s", 812 srtp_packet_to_string(hdr, len)); 813 814 #if PRINT_REFERENCE_PACKET 815 debug_print(mod_driver, "reference packet before protection:\n%s", 816 octet_string_hex_string((uint8_t *)hdr, len)); 817 #endif 818 err_check(srtp_protect_rtcp(srtcp_sender, hdr, &len)); 819 820 debug_print(mod_driver, "after protection:\n%s", 821 srtp_packet_to_string(hdr, len)); 822 #if PRINT_REFERENCE_PACKET 823 debug_print(mod_driver, "after protection:\n%s", 824 octet_string_hex_string((uint8_t *)hdr, len)); 825 #endif 826 827 /* save protected message and length */ 828 memcpy(hdr_enc, hdr, len); 829 msg_len_enc = len; 830 831 /* 832 * check for overrun of the srtp_protect() function 833 * 834 * The packet is followed by a value of 0xfffff; if the value of the 835 * data following the packet is different, then we know that the 836 * protect function is overwriting the end of the packet. 837 */ 838 pkt_end = (uint8_t *)hdr + sizeof(srtp_hdr_t) 839 + msg_len_octets + tag_length; 840 for (i = 0; i < 4; i++) 841 if (pkt_end[i] != 0xff) { 842 fprintf(stdout, "overwrite in srtp_protect_rtcp() function " 843 "(expected %x, found %x in trailing octet %d)\n", 844 0xff, ((uint8_t *)hdr)[i], i); 845 free(hdr); 846 free(hdr2); 847 return err_status_algo_fail; 848 } 849 850 /* 851 * if the policy includes confidentiality, check that ciphertext is 852 * different than plaintext 853 * 854 * Note that this check will give false negatives, with some small 855 * probability, especially if the packets are short. For that 856 * reason, we skip this check if the plaintext is less than four 857 * octets long. 858 */ 859 if ((policy->rtp.sec_serv & sec_serv_conf) && (msg_len_octets >= 4)) { 860 printf("testing that ciphertext is distinct from plaintext..."); 861 status = err_status_algo_fail; 862 for (i=12; i < msg_len_octets+12; i++) 863 if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) { 864 status = err_status_ok; 865 } 866 if (status) { 867 printf("failed\n"); 868 free(hdr); 869 free(hdr2); 870 return status; 871 } 872 printf("passed\n"); 873 } 874 875 /* 876 * if the policy uses a 'wildcard' ssrc, then we need to make a copy 877 * of the policy that changes the direction to inbound 878 * 879 * we always copy the policy into the rcvr_policy, since otherwise 880 * the compiler would fret about the constness of the policy 881 */ 882 rcvr_policy = (srtp_policy_t*) malloc(sizeof(srtp_policy_t)); 883 if (rcvr_policy == NULL) 884 return err_status_alloc_fail; 885 memcpy(rcvr_policy, policy, sizeof(srtp_policy_t)); 886 if (policy->ssrc.type == ssrc_any_outbound) { 887 rcvr_policy->ssrc.type = ssrc_any_inbound; 888 } 889 890 err_check(srtp_create(&srtcp_rcvr, rcvr_policy)); 891 892 err_check(srtp_unprotect_rtcp(srtcp_rcvr, hdr, &len)); 893 894 debug_print(mod_driver, "after unprotection:\n%s", 895 srtp_packet_to_string(hdr, len)); 896 897 /* verify that the unprotected packet matches the origial one */ 898 for (i=0; i < msg_len_octets; i++) 899 if (((uint8_t *)hdr)[i] != ((uint8_t *)hdr2)[i]) { 900 fprintf(stdout, "mismatch at octet %d\n", i); 901 status = err_status_algo_fail; 902 } 903 if (status) { 904 free(hdr); 905 free(hdr2); 906 return status; 907 } 908 909 /* 910 * if the policy includes authentication, then test for false positives 911 */ 912 if (policy->rtp.sec_serv & sec_serv_auth) { 913 char *data = ((char *)hdr) + 12; 914 915 printf("testing for false positives in replay check..."); 916 917 /* set message length */ 918 len = msg_len_enc; 919 920 /* unprotect a second time - should fail with a replay error */ 921 status = srtp_unprotect_rtcp(srtcp_rcvr, hdr_enc, &len); 922 if (status != err_status_replay_fail) { 923 printf("failed with error code %d\n", status); 924 free(hdr); 925 free(hdr2); 926 return status; 927 } else { 928 printf("passed\n"); 929 } 930 931 printf("testing for false positives in auth check..."); 932 933 /* increment sequence number in header */ 934 hdr->seq++; 935 936 /* set message length */ 937 len = msg_len_octets; 938 939 /* apply protection */ 940 err_check(srtp_protect_rtcp(srtcp_sender, hdr, &len)); 941 942 /* flip bits in packet */ 943 data[0] ^= 0xff; 944 945 /* unprotect, and check for authentication failure */ 946 status = srtp_unprotect_rtcp(srtcp_rcvr, hdr, &len); 947 if (status != err_status_auth_fail) { 948 printf("failed\n"); 949 free(hdr); 950 free(hdr2); 951 return status; 952 } else { 953 printf("passed\n"); 954 } 955 956 } 957 958 err_check(srtp_dealloc(srtcp_sender)); 959 err_check(srtp_dealloc(srtcp_rcvr)); 960 961 free(hdr); 962 free(hdr2); 963 return err_status_ok; 964 } 965 966 967 err_status_t 968 srtp_session_print_policy(srtp_t srtp) { 969 char *serv_descr[4] = { 970 "none", 971 "confidentiality", 972 "authentication", 973 "confidentiality and authentication" 974 }; 975 char *direction[3] = { 976 "unknown", 977 "outbound", 978 "inbound" 979 }; 980 srtp_stream_t stream; 981 982 /* sanity checking */ 983 if (srtp == NULL) 984 return err_status_fail; 985 986 /* if there's a template stream, print it out */ 987 if (srtp->stream_template != NULL) { 988 stream = srtp->stream_template; 989 printf("# SSRC: any %s\r\n" 990 "# rtp cipher: %s\r\n" 991 "# rtp auth: %s\r\n" 992 "# rtp services: %s\r\n" 993 "# rtcp cipher: %s\r\n" 994 "# rtcp auth: %s\r\n" 995 "# rtcp services: %s\r\n" 996 "# window size: %lu\r\n" 997 "# tx rtx allowed:%s\r\n", 998 direction[stream->direction], 999 stream->rtp_cipher->type->description, 1000 stream->rtp_auth->type->description, 1001 serv_descr[stream->rtp_services], 1002 stream->rtcp_cipher->type->description, 1003 stream->rtcp_auth->type->description, 1004 serv_descr[stream->rtcp_services], 1005 rdbx_get_window_size(&stream->rtp_rdbx), 1006 stream->allow_repeat_tx ? "true" : "false"); 1007 } 1008 1009 /* loop over streams in session, printing the policy of each */ 1010 stream = srtp->stream_list; 1011 while (stream != NULL) { 1012 if (stream->rtp_services > sec_serv_conf_and_auth) 1013 return err_status_bad_param; 1014 1015 printf("# SSRC: 0x%08x\r\n" 1016 "# rtp cipher: %s\r\n" 1017 "# rtp auth: %s\r\n" 1018 "# rtp services: %s\r\n" 1019 "# rtcp cipher: %s\r\n" 1020 "# rtcp auth: %s\r\n" 1021 "# rtcp services: %s\r\n" 1022 "# window size: %lu\r\n" 1023 "# tx rtx allowed:%s\r\n", 1024 stream->ssrc, 1025 stream->rtp_cipher->type->description, 1026 stream->rtp_auth->type->description, 1027 serv_descr[stream->rtp_services], 1028 stream->rtcp_cipher->type->description, 1029 stream->rtcp_auth->type->description, 1030 serv_descr[stream->rtcp_services], 1031 rdbx_get_window_size(&stream->rtp_rdbx), 1032 stream->allow_repeat_tx ? "true" : "false"); 1033 1034 /* advance to next stream in the list */ 1035 stream = stream->next; 1036 } 1037 return err_status_ok; 1038 } 1039 1040 err_status_t 1041 srtp_print_policy(const srtp_policy_t *policy) { 1042 err_status_t status; 1043 srtp_t session; 1044 1045 status = srtp_create(&session, policy); 1046 if (status) 1047 return status; 1048 status = srtp_session_print_policy(session); 1049 if (status) 1050 return status; 1051 status = srtp_dealloc(session); 1052 if (status) 1053 return status; 1054 return err_status_ok; 1055 } 1056 1057 /* 1058 * srtp_print_packet(...) is for debugging only 1059 * it prints an RTP packet to the stdout 1060 * 1061 * note that this function is *not* threadsafe 1062 */ 1063 1064 #include <stdio.h> 1065 1066 #define MTU 2048 1067 1068 char packet_string[MTU]; 1069 1070 char * 1071 srtp_packet_to_string(srtp_hdr_t *hdr, int pkt_octet_len) { 1072 int octets_in_rtp_header = 12; 1073 uint8_t *data = ((uint8_t *)hdr)+octets_in_rtp_header; 1074 int hex_len = pkt_octet_len-octets_in_rtp_header; 1075 1076 /* sanity checking */ 1077 if ((hdr == NULL) || (pkt_octet_len > MTU)) 1078 return NULL; 1079 1080 /* write packet into string */ 1081 sprintf(packet_string, 1082 "(s)rtp packet: {\n" 1083 " version:\t%d\n" 1084 " p:\t\t%d\n" 1085 " x:\t\t%d\n" 1086 " cc:\t\t%d\n" 1087 " m:\t\t%d\n" 1088 " pt:\t\t%x\n" 1089 " seq:\t\t%x\n" 1090 " ts:\t\t%x\n" 1091 " ssrc:\t%x\n" 1092 " data:\t%s\n" 1093 "} (%d octets in total)\n", 1094 hdr->version, 1095 hdr->p, 1096 hdr->x, 1097 hdr->cc, 1098 hdr->m, 1099 hdr->pt, 1100 hdr->seq, 1101 hdr->ts, 1102 hdr->ssrc, 1103 octet_string_hex_string(data, hex_len), 1104 pkt_octet_len); 1105 1106 return packet_string; 1107 } 1108 1109 /* 1110 * mips_estimate() is a simple function to estimate the number of 1111 * instructions per second that the host can perform. note that this 1112 * function can be grossly wrong; you may want to have a manual sanity 1113 * check of its output! 1114 * 1115 * the 'ignore' pointer is there to convince the compiler to not just 1116 * optimize away the function 1117 */ 1118 1119 double 1120 mips_estimate(int num_trials, int *ignore) { 1121 clock_t t; 1122 int i, sum; 1123 1124 sum = 0; 1125 t = clock(); 1126 for (i=0; i<num_trials; i++) 1127 sum += i; 1128 t = clock() - t; 1129 1130 /* printf("%d\n", sum); */ 1131 *ignore = sum; 1132 1133 return (double) num_trials * CLOCKS_PER_SEC / t; 1134 } 1135 1136 1137 /* 1138 * srtp_validate() verifies the correctness of libsrtp by comparing 1139 * some computed packets against some pre-computed reference values. 1140 * These packets were made with the default SRTP policy. 1141 */ 1142 1143 1144 err_status_t 1145 srtp_validate() { 1146 unsigned char test_key[30] = { 1147 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, 1148 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, 1149 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb, 1150 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6 1151 }; 1152 uint8_t srtp_plaintext_ref[28] = { 1153 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad, 1154 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab, 1155 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 1156 0xab, 0xab, 0xab, 0xab 1157 }; 1158 uint8_t srtp_plaintext[38] = { 1159 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad, 1160 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab, 1161 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 1162 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00, 1163 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 1164 }; 1165 uint8_t srtp_ciphertext[38] = { 1166 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad, 1167 0xca, 0xfe, 0xba, 0xbe, 0x4e, 0x55, 0xdc, 0x4c, 1168 0xe7, 0x99, 0x78, 0xd8, 0x8c, 0xa4, 0xd2, 0x15, 1169 0x94, 0x9d, 0x24, 0x02, 0xb7, 0x8d, 0x6a, 0xcc, 1170 0x99, 0xea, 0x17, 0x9b, 0x8d, 0xbb 1171 }; 1172 srtp_t srtp_snd, srtp_recv; 1173 err_status_t status; 1174 int len; 1175 srtp_policy_t policy; 1176 1177 /* 1178 * create a session with a single stream using the default srtp 1179 * policy and with the SSRC value 0xcafebabe 1180 */ 1181 crypto_policy_set_rtp_default(&policy.rtp); 1182 crypto_policy_set_rtcp_default(&policy.rtcp); 1183 policy.ssrc.type = ssrc_specific; 1184 policy.ssrc.value = 0xcafebabe; 1185 policy.key = test_key; 1186 policy.ekt = NULL; 1187 policy.window_size = 128; 1188 policy.allow_repeat_tx = 0; 1189 policy.next = NULL; 1190 1191 status = srtp_create(&srtp_snd, &policy); 1192 if (status) 1193 return status; 1194 1195 /* 1196 * protect plaintext, then compare with ciphertext 1197 */ 1198 len = 28; 1199 status = srtp_protect(srtp_snd, srtp_plaintext, &len); 1200 if (status || (len != 38)) 1201 return err_status_fail; 1202 1203 debug_print(mod_driver, "ciphertext:\n %s", 1204 octet_string_hex_string(srtp_plaintext, len)); 1205 debug_print(mod_driver, "ciphertext reference:\n %s", 1206 octet_string_hex_string(srtp_ciphertext, len)); 1207 1208 if (octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) 1209 return err_status_fail; 1210 1211 /* 1212 * create a receiver session context comparable to the one created 1213 * above - we need to do this so that the replay checking doesn't 1214 * complain 1215 */ 1216 status = srtp_create(&srtp_recv, &policy); 1217 if (status) 1218 return status; 1219 1220 /* 1221 * unprotect ciphertext, then compare with plaintext 1222 */ 1223 status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len); 1224 if (status || (len != 28)) 1225 return status; 1226 1227 if (octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) 1228 return err_status_fail; 1229 1230 return err_status_ok; 1231 } 1232 1233 1234 err_status_t 1235 srtp_create_big_policy(srtp_policy_t **list) { 1236 extern const srtp_policy_t *policy_array[]; 1237 srtp_policy_t *p, *tmp; 1238 int i = 0; 1239 uint32_t ssrc = 0; 1240 1241 /* sanity checking */ 1242 if ((list == NULL) || (policy_array[0] == NULL)) 1243 return err_status_bad_param; 1244 1245 /* 1246 * loop over policy list, mallocing a new list and copying values 1247 * into it (and incrementing the SSRC value as we go along) 1248 */ 1249 tmp = p = NULL; 1250 while (policy_array[i] != NULL) { 1251 p = (srtp_policy_t*) malloc(sizeof(srtp_policy_t)); 1252 if (p == NULL) 1253 return err_status_bad_param; 1254 memcpy(p, policy_array[i], sizeof(srtp_policy_t)); 1255 p->ssrc.type = ssrc_specific; 1256 p->ssrc.value = ssrc++; 1257 p->next = tmp; 1258 tmp = p; 1259 i++; 1260 } 1261 *list = p; 1262 1263 return err_status_ok; 1264 } 1265 1266 err_status_t 1267 srtp_test_remove_stream() { 1268 err_status_t status; 1269 srtp_policy_t *policy_list; 1270 srtp_t session; 1271 srtp_stream_t stream; 1272 /* 1273 * srtp_get_stream() is a libSRTP internal function that we declare 1274 * here so that we can use it to verify the correct operation of the 1275 * library 1276 */ 1277 extern srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc); 1278 1279 1280 status = srtp_create_big_policy(&policy_list); 1281 if (status) 1282 return status; 1283 1284 status = srtp_create(&session, policy_list); 1285 if (status) 1286 return status; 1287 1288 /* 1289 * check for false positives by trying to remove a stream that's not 1290 * in the session 1291 */ 1292 status = srtp_remove_stream(session, htonl(0xaaaaaaaa)); 1293 if (status != err_status_no_ctx) 1294 return err_status_fail; 1295 1296 /* 1297 * check for false negatives by removing stream 0x1, then 1298 * searching for streams 0x0 and 0x2 1299 */ 1300 status = srtp_remove_stream(session, htonl(0x1)); 1301 if (status != err_status_ok) 1302 return err_status_fail; 1303 stream = srtp_get_stream(session, htonl(0x0)); 1304 if (stream == NULL) 1305 return err_status_fail; 1306 stream = srtp_get_stream(session, htonl(0x2)); 1307 if (stream == NULL) 1308 return err_status_fail; 1309 1310 return err_status_ok; 1311 } 1312 1313 /* 1314 * srtp policy definitions - these definitions are used above 1315 */ 1316 1317 unsigned char test_key[30] = { 1318 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, 1319 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, 1320 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb, 1321 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6 1322 }; 1323 1324 1325 const srtp_policy_t default_policy = { 1326 { ssrc_any_outbound, 0 }, /* SSRC */ 1327 { /* SRTP policy */ 1328 AES_128_ICM, /* cipher type */ 1329 30, /* cipher key length in octets */ 1330 HMAC_SHA1, /* authentication func type */ 1331 16, /* auth key length in octets */ 1332 10, /* auth tag length in octets */ 1333 sec_serv_conf_and_auth /* security services flag */ 1334 }, 1335 { /* SRTCP policy */ 1336 AES_128_ICM, /* cipher type */ 1337 30, /* cipher key length in octets */ 1338 HMAC_SHA1, /* authentication func type */ 1339 16, /* auth key length in octets */ 1340 10, /* auth tag length in octets */ 1341 sec_serv_conf_and_auth /* security services flag */ 1342 }, 1343 test_key, 1344 NULL, /* indicates that EKT is not in use */ 1345 128, /* replay window size */ 1346 0, /* retransmission not allowed */ 1347 NULL 1348 }; 1349 1350 const srtp_policy_t aes_tmmh_policy = { 1351 { ssrc_any_outbound, 0 }, /* SSRC */ 1352 { 1353 AES_128_ICM, /* cipher type */ 1354 30, /* cipher key length in octets */ 1355 UST_TMMHv2, /* authentication func type */ 1356 94, /* auth key length in octets */ 1357 4, /* auth tag length in octets */ 1358 sec_serv_conf_and_auth /* security services flag */ 1359 }, 1360 { 1361 AES_128_ICM, /* cipher type */ 1362 30, /* cipher key length in octets */ 1363 UST_TMMHv2, /* authentication func type */ 1364 94, /* auth key length in octets */ 1365 4, /* auth tag length in octets */ 1366 sec_serv_conf_and_auth /* security services flag */ 1367 }, 1368 test_key, 1369 NULL, /* indicates that EKT is not in use */ 1370 128, /* replay window size */ 1371 0, /* retransmission not allowed */ 1372 NULL 1373 }; 1374 1375 const srtp_policy_t tmmh_only_policy = { 1376 { ssrc_any_outbound, 0 }, /* SSRC */ 1377 { 1378 AES_128_ICM, /* cipher type */ 1379 30, /* cipher key length in octets */ 1380 UST_TMMHv2, /* authentication func type */ 1381 94, /* auth key length in octets */ 1382 4, /* auth tag length in octets */ 1383 sec_serv_auth /* security services flag */ 1384 }, 1385 { 1386 AES_128_ICM, /* cipher type */ 1387 30, /* cipher key length in octets */ 1388 UST_TMMHv2, /* authentication func type */ 1389 94, /* auth key length in octets */ 1390 4, /* auth tag length in octets */ 1391 sec_serv_auth /* security services flag */ 1392 }, 1393 test_key, 1394 NULL, /* indicates that EKT is not in use */ 1395 128, /* replay window size */ 1396 0, /* retransmission not allowed */ 1397 NULL 1398 }; 1399 1400 const srtp_policy_t aes_only_policy = { 1401 { ssrc_any_outbound, 0 }, /* SSRC */ 1402 { 1403 AES_128_ICM, /* cipher type */ 1404 30, /* cipher key length in octets */ 1405 NULL_AUTH, /* authentication func type */ 1406 0, /* auth key length in octets */ 1407 0, /* auth tag length in octets */ 1408 sec_serv_conf /* security services flag */ 1409 }, 1410 { 1411 AES_128_ICM, /* cipher type */ 1412 30, /* cipher key length in octets */ 1413 NULL_AUTH, /* authentication func type */ 1414 0, /* auth key length in octets */ 1415 0, /* auth tag length in octets */ 1416 sec_serv_conf /* security services flag */ 1417 }, 1418 test_key, 1419 NULL, /* indicates that EKT is not in use */ 1420 128, /* replay window size */ 1421 0, /* retransmission not allowed */ 1422 NULL 1423 }; 1424 1425 const srtp_policy_t hmac_only_policy = { 1426 { ssrc_any_outbound, 0 }, /* SSRC */ 1427 { 1428 NULL_CIPHER, /* cipher type */ 1429 0, /* cipher key length in octets */ 1430 HMAC_SHA1, /* authentication func type */ 1431 20, /* auth key length in octets */ 1432 4, /* auth tag length in octets */ 1433 sec_serv_auth /* security services flag */ 1434 }, 1435 { 1436 NULL_CIPHER, /* cipher type */ 1437 0, /* cipher key length in octets */ 1438 HMAC_SHA1, /* authentication func type */ 1439 20, /* auth key length in octets */ 1440 4, /* auth tag length in octets */ 1441 sec_serv_auth /* security services flag */ 1442 }, 1443 test_key, 1444 NULL, /* indicates that EKT is not in use */ 1445 128, /* replay window size */ 1446 0, /* retransmission not allowed */ 1447 NULL 1448 }; 1449 1450 const srtp_policy_t null_policy = { 1451 { ssrc_any_outbound, 0 }, /* SSRC */ 1452 { 1453 NULL_CIPHER, /* cipher type */ 1454 0, /* cipher key length in octets */ 1455 NULL_AUTH, /* authentication func type */ 1456 0, /* auth key length in octets */ 1457 0, /* auth tag length in octets */ 1458 sec_serv_none /* security services flag */ 1459 }, 1460 { 1461 NULL_CIPHER, /* cipher type */ 1462 0, /* cipher key length in octets */ 1463 NULL_AUTH, /* authentication func type */ 1464 0, /* auth key length in octets */ 1465 0, /* auth tag length in octets */ 1466 sec_serv_none /* security services flag */ 1467 }, 1468 test_key, 1469 NULL, /* indicates that EKT is not in use */ 1470 128, /* replay window size */ 1471 0, /* retransmission not allowed */ 1472 NULL 1473 }; 1474 1475 uint8_t ekt_test_key[16] = { 1476 0x77, 0x26, 0x9d, 0xac, 0x16, 0xa3, 0x28, 0xca, 1477 0x8e, 0xc9, 0x68, 0x4b, 0xcc, 0xc4, 0xd2, 0x1b 1478 }; 1479 1480 #include "ekt.h" 1481 1482 ekt_policy_ctx_t ekt_test_policy = { 1483 0xa5a5, /* SPI */ 1484 EKT_CIPHER_AES_128_ECB, 1485 ekt_test_key, 1486 NULL 1487 }; 1488 1489 const srtp_policy_t hmac_only_with_ekt_policy = { 1490 { ssrc_any_outbound, 0 }, /* SSRC */ 1491 { 1492 NULL_CIPHER, /* cipher type */ 1493 0, /* cipher key length in octets */ 1494 HMAC_SHA1, /* authentication func type */ 1495 20, /* auth key length in octets */ 1496 4, /* auth tag length in octets */ 1497 sec_serv_auth /* security services flag */ 1498 }, 1499 { 1500 NULL_CIPHER, /* cipher type */ 1501 0, /* cipher key length in octets */ 1502 HMAC_SHA1, /* authentication func type */ 1503 20, /* auth key length in octets */ 1504 4, /* auth tag length in octets */ 1505 sec_serv_auth /* security services flag */ 1506 }, 1507 test_key, 1508 &ekt_test_policy, /* indicates that EKT is not in use */ 1509 128, /* replay window size */ 1510 0, /* retransmission not allowed */ 1511 NULL 1512 }; 1513 1514 1515 /* 1516 * an array of pointers to the policies listed above 1517 * 1518 * This array is used to test various aspects of libSRTP for 1519 * different cryptographic policies. The order of the elements 1520 * matters - the timing test generates output that can be used 1521 * in a plot (see the gnuplot script file 'timing'). If you 1522 * add to this list, you should do it at the end. 1523 */ 1524 1525 #define USE_TMMH 0 1526 1527 const srtp_policy_t * 1528 policy_array[] = { 1529 &hmac_only_policy, 1530 #if USE_TMMH 1531 &tmmh_only_policy, 1532 #endif 1533 &aes_only_policy, 1534 #if USE_TMMH 1535 &aes_tmmh_policy, 1536 #endif 1537 &default_policy, 1538 &null_policy, 1539 &hmac_only_with_ekt_policy, 1540 NULL 1541 }; 1542 1543 const srtp_policy_t wildcard_policy = { 1544 { ssrc_any_outbound, 0 }, /* SSRC */ 1545 { /* SRTP policy */ 1546 AES_128_ICM, /* cipher type */ 1547 30, /* cipher key length in octets */ 1548 HMAC_SHA1, /* authentication func type */ 1549 16, /* auth key length in octets */ 1550 10, /* auth tag length in octets */ 1551 sec_serv_conf_and_auth /* security services flag */ 1552 }, 1553 { /* SRTCP policy */ 1554 AES_128_ICM, /* cipher type */ 1555 30, /* cipher key length in octets */ 1556 HMAC_SHA1, /* authentication func type */ 1557 16, /* auth key length in octets */ 1558 10, /* auth tag length in octets */ 1559 sec_serv_conf_and_auth /* security services flag */ 1560 }, 1561 test_key, 1562 NULL, 1563 128, /* replay window size */ 1564 0, /* retransmission not allowed */ 1565 NULL 1566 }; 1567
