4 * interface to Encrypted Key Transport for SRTP
11 * Copyright (c) 2001-2017 Cisco Systems, Inc.
12 * All rights reserved.
14 * Redistribution and use in source and binary forms, with or without
15 * modification, are permitted provided that the following conditions
18 * Redistributions of source code must retain the above copyright
19 * notice, this list of conditions and the following disclaimer.
21 * Redistributions in binary form must reproduce the above
22 * copyright notice, this list of conditions and the following
23 * disclaimer in the documentation and/or other materials provided
24 * with the distribution.
26 * Neither the name of the Cisco Systems, Inc. nor the names of its
27 * contributors may be used to endorse or promote products derived
28 * from this software without specific prior written permission.
30 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
31 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
32 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
33 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
34 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
35 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
41 * OF THE POSSIBILITY OF SUCH DAMAGE.
46 * EKT implementation strategy
48 * use stream_template approach
50 * in srtp_unprotect, when a new stream appears, check if template has
51 * EKT defined, and if it does, then apply EKT processing
53 * question: will we want to allow key-sharing templates in addition
54 * to EKT templates? could define a new ssrc_type_t that's associated
55 * with an EKT, e.g. ssrc_any_ekt.
63 // left in commented out as reminder to not include private headers
64 //#include "srtp_priv.h"
70 #define SRTP_EKT_CIPHER_DEFAULT 1
71 #define SRTP_EKT_CIPHER_AES_128_ECB 1
72 #define SRTP_EKT_CIPHER_AES_192_KEY_WRAP 2
73 #define SRTP_EKT_CIPHER_AES_256_KEY_WRAP 3
75 typedef uint16_t srtp_ekt_spi_t;
77 unsigned srtp_ekt_octets_after_base_tag(srtp_ekt_stream_t ekt);
80 * an srtp_policy_t structure can contain a pointer to an
81 * srtp_ekt_policy_t structure
83 * this structure holds all of the high level EKT information, and it
84 * is passed into libsrtp to indicate what policy should be in effect
87 typedef struct srtp_ekt_policy_ctx_t {
88 srtp_ekt_spi_t spi; /* security parameter index */
89 uint8_t ekt_cipher_type;
91 struct srtp_ekt_policy_ctx_t *next_ekt_policy;
92 } srtp_ekt_policy_ctx_t;
95 * an srtp_ekt_data_t structure holds the data corresponding to an ekt key,
99 typedef struct srtp_ekt_data_t {
101 uint8_t ekt_cipher_type;
102 srtp_aes_expanded_key_t ekt_enc_key;
103 srtp_aes_expanded_key_t ekt_dec_key;
104 struct ekt_data_t *next_ekt_data;
108 * an srtp_stream_ctx_t can contain an srtp_ekt_stream_ctx_t
110 * an srtp_ekt_stream_ctx_t structure holds all of the EKT information for
111 * a specific SRTP stream
114 typedef struct srtp_ekt_stream_ctx_t {
115 srtp_ekt_data_t *data;
116 uint16_t isn; /* initial sequence number */
117 uint8_t encrypted_master_key[SRTP_MAX_KEY_LEN];
118 } srtp_ekt_stream_ctx_t;
120 srtp_err_status_t srtp_ekt_alloc(srtp_ekt_stream_t *stream_data,
121 srtp_ekt_policy_t policy);
123 srtp_err_status_t srtp_ekt_stream_init(srtp_ekt_stream_t e,
126 unsigned ekt_cipher_type);
128 srtp_err_status_t srtp_ekt_stream_init_from_policy(srtp_ekt_stream_t e,
129 srtp_ekt_policy_t p);
131 srtp_err_status_t srtp_stream_init_from_ekt(srtp_stream_t stream,
132 const void *srtcp_hdr,
133 unsigned pkt_octet_len);
135 void srtp_ekt_write_data(srtp_ekt_stream_t ekt,
137 unsigned base_tag_len,
139 srtp_xtd_seq_num_t pkt_index);
142 * We handle EKT by performing some additional steps before
143 * authentication (copying the auth tag into a temporary location,
144 * zeroizing the "base tag" field in the packet)
146 * With EKT, the tag_len parameter is actually the base tag
149 srtp_err_status_t srtp_ekt_tag_verification_preproces(uint8_t *pkt_tag,
150 uint8_t *pkt_tag_copy,
153 srtp_err_status_t srtp_ekt_tag_verification_postproces(uint8_t *pkt_tag,
154 uint8_t *pkt_tag_copy,
158 * @brief EKT pre-processing for srtcp tag generation
160 * This function does the pre-processing of the SRTCP authentication
161 * tag format. When EKT is used, it consists of writing the Encrypted
162 * Master Key, the SRTP ROC, the Initial Sequence Number, and SPI
163 * fields. The Base Authentication Tag field is set to the all-zero
166 * When EKT is not used, this function is a no-op.
169 srtp_err_status_t srtp_stream_srtcp_auth_tag_generation_preprocess(
170 const srtp_stream_t *s,
172 unsigned pkt_octet_len);
174 /* it's not clear that a tag_generation_postprocess function is needed */
175 srtp_err_status_t srtcp_auth_tag_generation_postprocess(void);
181 #endif /* SRTP_EKT_H */