ccRTP
CryptoContext.h
Go to the documentation of this file.
1 /*
2  Copyright (C) 2004-2006 the Minisip Team
3 
4  This library is free software; you can redistribute it and/or
5  modify it under the terms of the GNU Lesser General Public
6  License as published by the Free Software Foundation; either
7  version 2.1 of the License, or (at your option) any later version.
8 
9  This library is distributed in the hope that it will be useful,
10  but WITHOUT ANY WARRANTY; without even the implied warranty of
11  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
12  Lesser General Public License for more details.
13 
14  You should have received a copy of the GNU Lesser General Public License
15  along with GNU uCommon C++. If not, see <http://www.gnu.org/licenses/>.
16 */
17 
18 
19 
20 #ifndef CRYPTOCONTEXT_H
21 #define CRYPTOCONTEXT_H
22 
23 #include <commoncpp/config.h>
24 
25 #include <ccrtp/rtppkt.h>
26 
27 
28 #define REPLAY_WINDOW_SIZE 64
29 
30 const int SrtpAuthenticationNull = 0;
33 
34 const int SrtpEncryptionNull = 0;
35 const int SrtpEncryptionAESCM = 1;
36 const int SrtpEncryptionAESF8 = 2;
37 const int SrtpEncryptionTWOCM = 3;
38 const int SrtpEncryptionTWOF8 = 4;
39 
40 #ifndef CRYPTOCONTEXTCTRL_H
41 
42 #include <stdint.h>
43 
44 #ifdef SRTP_SUPPORT
45 #include <ccrtp/crypto/SrtpSymCrypto.h>
46 #endif
47 
48 class SrtpSymCrypto;
49 
50 NAMESPACE_COMMONCPP
51 
52  class RTPPacket;
53 
82  class __EXPORT CryptoContext {
83  public:
93  CryptoContext( uint32 ssrc );
94 
169  CryptoContext( uint32 ssrc, int32 roc,
170  int64 keyDerivRate,
171  const int32 ealg,
172  const int32 aalg,
173  uint8* masterKey,
174  int32 masterKeyLength,
175  uint8* masterSalt,
176  int32 masterSaltLength,
177  int32 ekeyl,
178  int32 akeyl,
179  int32 skeyl,
180  int32 tagLength );
187 
197  inline void
198  setRoc(uint32 r)
199  {roc = r;}
200 
209  inline uint32
210  getRoc() const
211  {return roc;}
212 
229  void srtpEncrypt( RTPPacket* rtp, uint64 index, uint32 ssrc );
230 
247  void srtpAuthenticate(RTPPacket* rtp, uint32 roc, uint8* tag );
248 
260  void deriveSrtpKeys(uint64 index);
261 
274  uint64 guessIndex(uint16 newSeqNumber);
275 
291  bool checkReplay(uint16 newSeqNumber);
292 
302  void update( uint16 newSeqNumber );
303 
309  inline int32
310  getTagLength() const
311  {return tagLength;}
312 
313 
319  inline int32
320  getMkiLength() const
321  {return mkiLength;}
322 
328  inline uint32
329  getSsrc() const
330  {return ssrcCtx;}
331 
353  CryptoContext* newCryptoContextForSSRC(uint32 ssrc, int roc, int64 keyDerivRate);
354 
355  private:
356 
357  uint32 ssrcCtx;
358  bool using_mki;
359  uint32 mkiLength;
360  uint8* mki;
361 
362  uint32 roc;
363  uint32 guessed_roc;
364  uint16 s_l;
365  int64 key_deriv_rate;
366 
367  /* bitmask for replay check */
368  uint64 replay_window;
369 
370  uint8* master_key;
371  uint32 master_key_length;
372  uint32 master_key_srtp_use_nb;
373  uint32 master_key_srtcp_use_nb;
374  uint8* master_salt;
375  uint32 master_salt_length;
376 
377  /* Session Encryption, Authentication keys, Salt */
378  int32 n_e;
379  uint8* k_e;
380  int32 n_a;
381  uint8* k_a;
382  int32 n_s;
383  uint8* k_s;
384 
385  int32 ealg;
386  int32 aalg;
387  int32 ekeyl;
388  int32 akeyl;
389  int32 skeyl;
390  int32 tagLength;
391  bool seqNumSet;
392 
393  void* macCtx;
394 
395 #ifdef SRTP_SUPPORT
396  SrtpSymCrypto* cipher;
397  SrtpSymCrypto* f8Cipher;
398 #else
399  void* cipher;
400  void* f8Cipher;
401 #endif
402 
403  };
404 
405 END_NAMESPACE
406 
407 #endif
408 
409 #endif
410 
const int SrtpEncryptionTWOF8
Definition: CryptoContext.h:38
const int SrtpEncryptionAESF8
Definition: CryptoContext.h:36
const int SrtpEncryptionAESCM
Definition: CryptoContext.h:35
const int SrtpAuthenticationSkeinHmac
Definition: CryptoContext.h:32
const int SrtpEncryptionNull
Definition: CryptoContext.h:34
const int SrtpEncryptionTWOCM
Definition: CryptoContext.h:37
const int SrtpAuthenticationSha1Hmac
Definition: CryptoContext.h:31
const int SrtpAuthenticationNull
Definition: CryptoContext.h:30
The implementation for a SRTP cryptographic context.
Definition: CryptoContext.h:82
uint64 guessIndex(uint16 newSeqNumber)
Compute (guess) the new SRTP index based on the sequence number of a received RTP packet.
CryptoContext * newCryptoContextForSSRC(uint32 ssrc, int roc, int64 keyDerivRate)
Derive a new Crypto Context for use with a new SSRC.
uint32 getRoc() const
Get the Roll-Over-Counter.
Definition: CryptoContext.h:210
int32 getMkiLength() const
Get the length of the MKI in bytes.
Definition: CryptoContext.h:320
void srtpEncrypt(RTPPacket *rtp, uint64 index, uint32 ssrc)
Perform SRTP encryption.
void srtpAuthenticate(RTPPacket *rtp, uint32 roc, uint8 *tag)
Compute the authentication tag.
CryptoContext(uint32 ssrc)
Constructor for empty SRTP cryptographic context.
void setRoc(uint32 r)
Set the Roll-Over-Counter.
Definition: CryptoContext.h:198
uint32 getSsrc() const
Get the SSRC of this SRTP Cryptograhic context.
Definition: CryptoContext.h:329
~CryptoContext()
Destructor.
void update(uint16 newSeqNumber)
Update the SRTP packet index.
int32 getTagLength() const
Get the length of the SRTP authentication tag in bytes.
Definition: CryptoContext.h:310
bool checkReplay(uint16 newSeqNumber)
Check for packet replay.
void deriveSrtpKeys(uint64 index)
Perform key derivation according to SRTP specification.
CryptoContext(uint32 ssrc, int32 roc, int64 keyDerivRate, const int32 ealg, const int32 aalg, uint8 *masterKey, int32 masterKeyLength, uint8 *masterSalt, int32 masterSaltLength, int32 ekeyl, int32 akeyl, int32 skeyl, int32 tagLength)
Constructor for an active SRTP cryptographic context.
A base class for both IncomingRTPPkt and OutgoingRTPPkt.
Definition: rtppkt.h:73
RTP packets handling.