Home | History | Annotate | Download | only in include
      1 /*
      2  * ekt.h
      3  *
      4  * interface to Encrypted Key Transport for SRTP
      5  *
      6  * David McGrew
      7  * Cisco Systems, Inc.
      8  */
      9 /*
     10  *
     11  * Copyright (c) 2001-2005 Cisco Systems, Inc.
     12  * All rights reserved.
     13  *
     14  * Redistribution and use in source and binary forms, with or without
     15  * modification, are permitted provided that the following conditions
     16  * are met:
     17  *
     18  *   Redistributions of source code must retain the above copyright
     19  *   notice, this list of conditions and the following disclaimer.
     20  *
     21  *   Redistributions in binary form must reproduce the above
     22  *   copyright notice, this list of conditions and the following
     23  *   disclaimer in the documentation and/or other materials provided
     24  *   with the distribution.
     25  *
     26  *   Neither the name of the Cisco Systems, Inc. nor the names of its
     27  *   contributors may be used to endorse or promote products derived
     28  *   from this software without specific prior written permission.
     29  *
     30  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
     31  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
     32  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
     33  * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
     34  * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
     35  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
     36  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
     37  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
     38  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
     39  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
     40  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
     41  * OF THE POSSIBILITY OF SUCH DAMAGE.
     42  *
     43  */
     44 
     45 
     46 
     47 /*
     48  * EKT implementation strategy
     49  *
     50  * use stream_template approach
     51  *
     52  * in srtp_unprotect, when a new stream appears, check if template has
     53  * EKT defined, and if it does, then apply EKT processing
     54  *
     55  * question: will we want to allow key-sharing templates in addition
     56  * to EKT templates?  could define a new ssrc_type_t that's associated
     57  * with an EKT, e.g.  ssrc_any_ekt.
     58  *
     59  *
     60  */
     61 
     62 #ifndef EKT_H
     63 #define EKT_H
     64 
     65 #ifdef __cplusplus
     66 extern "C" {
     67 #endif
     68 
     69 #include "srtp_priv.h"
     70 
     71 #define EKT_CIPHER_DEFAULT           1
     72 #define EKT_CIPHER_AES_128_ECB       1
     73 #define EKT_CIPHER_AES_192_KEY_WRAP  2
     74 #define EKT_CIPHER_AES_256_KEY_WRAP  3
     75 
     76 typedef uint16_t ekt_spi_t;
     77 
     78 
     79 unsigned
     80 ekt_octets_after_base_tag(ekt_stream_t ekt);
     81 
     82 /*
     83  * an srtp_policy_t structure can contain a pointer to an
     84  * ekt_policy_t structure
     85  *
     86  * this structure holds all of the high level EKT information, and it
     87  * is passed into libsrtp to indicate what policy should be in effect
     88  */
     89 
     90 typedef struct ekt_policy_ctx_t {
     91   ekt_spi_t  spi;     /* security parameter index */
     92   uint8_t    ekt_cipher_type;
     93   uint8_t   *ekt_key;
     94   struct ekt_policy_ctx_t *next_ekt_policy;
     95 } ekt_policy_ctx_t;
     96 
     97 
     98 /*
     99  * an ekt_data_t structure holds the data corresponding to an ekt key,
    100  * spi, and so on
    101  */
    102 
    103 typedef struct ekt_data_t {
    104   ekt_spi_t spi;
    105   uint8_t ekt_cipher_type;
    106   aes_expanded_key_t ekt_enc_key;
    107   aes_expanded_key_t ekt_dec_key;
    108   struct ekt_data_t *next_ekt_data;
    109 } ekt_data_t;
    110 
    111 /*
    112  * an srtp_stream_ctx_t can contain an ekt_stream_ctx_t
    113  *
    114  * an ekt_stream_ctx_t structure holds all of the EKT information for
    115  * a specific SRTP stream
    116  */
    117 
    118 typedef struct ekt_stream_ctx_t {
    119   ekt_data_t *data;
    120   uint16_t    isn;     /* initial sequence number  */
    121   uint8_t     encrypted_master_key[SRTP_MAX_KEY_LEN];
    122 } ekt_stream_ctx_t;
    123 
    124 
    125 
    126 err_status_t
    127 ekt_alloc(ekt_stream_t *stream_data, ekt_policy_t policy);
    128 
    129 err_status_t
    130 ekt_stream_init(ekt_stream_t e,
    131 		ekt_spi_t spi,
    132 		void *ekt_key,
    133 		unsigned ekt_cipher_type);
    134 
    135 err_status_t
    136 ekt_stream_init_from_policy(ekt_stream_t e, ekt_policy_t p);
    137 
    138 
    139 
    140 err_status_t
    141 srtp_stream_init_from_ekt(srtp_stream_t stream,
    142 			  const void *srtcp_hdr,
    143 			  unsigned pkt_octet_len);
    144 
    145 
    146 void
    147 ekt_write_data(ekt_stream_t ekt,
    148 	       uint8_t *base_tag,
    149 	       unsigned base_tag_len,
    150 	       int *packet_len,
    151 	       xtd_seq_num_t pkt_index);
    152 
    153 /*
    154  * We handle EKT by performing some additional steps before
    155  * authentication (copying the auth tag into a temporary location,
    156  * zeroizing the "base tag" field in the packet)
    157  *
    158  * With EKT, the tag_len parameter is actually the base tag
    159  * length
    160  */
    161 
    162 err_status_t
    163 ekt_tag_verification_preproces(uint8_t *pkt_tag,
    164 			       uint8_t *pkt_tag_copy,
    165 			       unsigned tag_len);
    166 
    167 err_status_t
    168 ekt_tag_verification_postproces(uint8_t *pkt_tag,
    169 				uint8_t *pkt_tag_copy,
    170 				unsigned tag_len);
    171 
    172 
    173 /*
    174  * @brief EKT pre-processing for srtcp tag generation
    175  *
    176  * This function does the pre-processing of the SRTCP authentication
    177  * tag format.  When EKT is used, it consists of writing the Encrypted
    178  * Master Key, the SRTP ROC, the Initial Sequence Number, and SPI
    179  * fields.  The Base Authentication Tag field is set to the all-zero
    180  * value
    181  *
    182  * When EKT is not used, this function is a no-op.
    183  *
    184  */
    185 
    186 err_status_t
    187 srtp_stream_srtcp_auth_tag_generation_preprocess(const srtp_stream_t *s,
    188 						 uint8_t *pkt_tag,
    189 						 unsigned pkt_octet_len);
    190 
    191 /* it's not clear that a tag_generation_postprocess function is needed */
    192 
    193 err_status_t
    194 srtcp_auth_tag_generation_postprocess(void);
    195 
    196 
    197 #ifdef __cplusplus
    198 }
    199 #endif
    200 
    201 #endif /* EKT_H */
    202