live
SRTPCryptographicContext.hh
Go to the documentation of this file.
1 /**********
2 This library is free software; you can redistribute it and/or modify it under
3 the terms of the GNU Lesser General Public License as published by the
4 Free Software Foundation; either version 3 of the License, or (at your
5 option) any later version. (See <http://www.gnu.org/copyleft/lesser.html>.)
6 
7 This library is distributed in the hope that it will be useful, but WITHOUT
8 ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
9 FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for
10 more details.
11 
12 You should have received a copy of the GNU Lesser General Public License
13 along with this library; if not, write to the Free Software Foundation, Inc.,
14 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
15 **********/
16 // Copyright (c) 1996-2022 Live Networks, Inc. All rights reserved.
17 // The SRTP 'Cryptographic Context', used in all of our uses of SRTP.
18 // Definition
19 
20 #ifndef _SRTP_CRYPTOGRAPHIC_CONTEXT_HH
21 #define _SRTP_CRYPTOGRAPHIC_CONTEXT_HH
22 
23 #ifndef _MIKEY_HH
24 #include "MIKEY.hh"
25 #endif
26 
28 public:
31 
32  // Authenticate (if necessary) and decrypt (if necessary) incoming SRTP and SRTCP packets.
33  // Returns True iff the packet is well-formed and authenticates OK.
34  // ("outPacketSize" will be <= "inPacketSize".)
35  Boolean processIncomingSRTPPacket(u_int8_t* buffer, unsigned inPacketSize,
36  unsigned& outPacketSize);
37  Boolean processIncomingSRTCPPacket(u_int8_t* buffer, unsigned inPacketSize,
38  unsigned& outPacketSize);
39 
40  // Encrypt (if necessary) and add an authentication tag (if necessary) to an outgoing
41  // RTP and RTCP packet.
42  // Returns True iff the packet is well-formed.
43  // ("outPacketSize" will be >= "inPacketSize"; there must be enough space at the end of
44  // "buffer" for the extra (4+10 bytes for SRTP; 4+4+10 bytes for SRTCP).)
45  Boolean processOutgoingSRTPPacket(u_int8_t* buffer, unsigned inPacketSize,
46  unsigned& outPacketSize);
47  Boolean processOutgoingSRTCPPacket(u_int8_t* buffer, unsigned inPacketSize,
48  unsigned& outPacketSize);
49 
50 #ifndef NO_OPENSSL
51 private:
52  // Definitions specific to the "SRTP_AES128_CM_HMAC_SHA1_80" ciphersuite.
53  // Later generalize to support more SRTP ciphersuites #####
54 #define SRTP_CIPHER_KEY_LENGTH (128/8) // in bytes
55 #define SRTP_CIPHER_SALT_LENGTH (112/8) // in bytes
56 #define SRTP_MKI_LENGTH 4 // in bytes
57 #define SRTP_AUTH_KEY_LENGTH (160/8) // in bytes
58 #define SRTP_AUTH_TAG_LENGTH (80/8) // in bytes
59 
60  struct derivedKeys {
64  };
65 
66  struct allDerivedKeys {
69  };
70 
71  typedef enum {
77  label_srtcp_salt = 0x05
79 
80  unsigned generateSRTPAuthenticationTag(u_int8_t const* dataToAuthenticate, unsigned numBytesToAuthenticate,
81  u_int8_t* resultAuthenticationTag);
82  // returns the size of the resulting authentication tag
83  unsigned generateSRTCPAuthenticationTag(u_int8_t const* dataToAuthenticate, unsigned numBytesToAuthenticate,
84  u_int8_t* resultAuthenticationTag);
85  // returns the size of the resulting authentication tag
86 
87  Boolean verifySRTPAuthenticationTag(u_int8_t* dataToAuthenticate, unsigned numBytesToAuthenticate,
88  u_int32_t roc, u_int8_t const* authenticationTag);
89  Boolean verifySRTCPAuthenticationTag(u_int8_t const* dataToAuthenticate, unsigned numBytesToAuthenticate,
90  u_int8_t const* authenticationTag);
91 
92  void decryptSRTPPacket(u_int64_t index, u_int32_t ssrc, u_int8_t* data, unsigned numDataBytes);
93  void decryptSRTCPPacket(u_int32_t index, u_int32_t ssrc, u_int8_t* data, unsigned numDataBytes);
94 
95  void encryptSRTPPacket(u_int64_t index, u_int32_t ssrc, u_int8_t* data, unsigned numDataBytes);
96  void encryptSRTCPPacket(u_int32_t index, u_int32_t ssrc, u_int8_t* data, unsigned numDataBytes);
97 
99  u_int8_t const* dataToAuthenticate, unsigned numBytesToAuthenticate,
100  u_int8_t* resultAuthenticationTag);
101  // returns the size of the resulting authentication tag
102  // "resultAuthenticationTag" must point to an array of at least SRTP_AUTH_TAG_LENGTH
104  u_int8_t const* dataToAuthenticate, unsigned numBytesToAuthenticate,
105  u_int8_t const* authenticationTag);
106 
107  void cryptData(derivedKeys& keys, u_int64_t index, u_int32_t ssrc,
108  u_int8_t* data, unsigned numDataBytes);
109 
111 
112  void deriveKeysFromMaster(u_int8_t const* masterKey, u_int8_t const* salt,
113  allDerivedKeys& allKeysResult);
114  // used to implement "performKeyDerivation()"
115  void deriveSingleKey(u_int8_t const* masterKey, u_int8_t const* salt,
117  unsigned resultKeyLength, u_int8_t* resultKey);
118  // used to implement "deriveKeysFromMaster()".
119  // ("resultKey" must be an existing buffer, of size >= "resultKeyLength")
120 
121 private:
123 
124  // Master key + salt:
125  u_int8_t const* masterKeyPlusSalt() const { return fMIKEYState.keyData(); }
126 
127  u_int8_t const* masterKey() const { return &masterKeyPlusSalt()[0]; }
128  u_int8_t const* masterSalt() const { return &masterKeyPlusSalt()[SRTP_CIPHER_KEY_LENGTH]; }
129 
133  u_int32_t MKI() const { return fMIKEYState.MKI(); }
134 
135  // Derived (i.e., session) keys:
137 
138  // State used for handling the reception of SRTP packets:
141  u_int32_t fReceptionROC; // rollover counter
142 
143  // State used for handling the sending of SRTP packets:
145  u_int32_t fSendingROC;
146 
147  // State used for handling the sending of SRTCP packets:
148  u_int32_t fSRTCPIndex;
149 #endif
150 };
151 
152 #endif
unsigned char Boolean
Definition: Boolean.hh:25
#define SRTP_AUTH_KEY_LENGTH
#define SRTP_CIPHER_KEY_LENGTH
#define SRTP_CIPHER_SALT_LENGTH
u_int32_t MKI() const
Definition: MIKEY.hh:48
Boolean encryptSRTCP() const
Definition: MIKEY.hh:46
Boolean encryptSRTP() const
Definition: MIKEY.hh:45
Boolean useAuthentication() const
Definition: MIKEY.hh:49
u_int8_t const * keyData() const
Definition: MIKEY.hh:47
Boolean verifySRTCPAuthenticationTag(u_int8_t const *dataToAuthenticate, unsigned numBytesToAuthenticate, u_int8_t const *authenticationTag)
Boolean processIncomingSRTCPPacket(u_int8_t *buffer, unsigned inPacketSize, unsigned &outPacketSize)
Boolean verifyAuthenticationTag(derivedKeys &keysToUse, u_int8_t const *dataToAuthenticate, unsigned numBytesToAuthenticate, u_int8_t const *authenticationTag)
virtual ~SRTPCryptographicContext()
unsigned generateAuthenticationTag(derivedKeys &keysToUse, u_int8_t const *dataToAuthenticate, unsigned numBytesToAuthenticate, u_int8_t *resultAuthenticationTag)
void cryptData(derivedKeys &keys, u_int64_t index, u_int32_t ssrc, u_int8_t *data, unsigned numDataBytes)
u_int8_t const * masterSalt() const
void deriveKeysFromMaster(u_int8_t const *masterKey, u_int8_t const *salt, allDerivedKeys &allKeysResult)
u_int8_t const * masterKeyPlusSalt() const
Boolean processOutgoingSRTCPPacket(u_int8_t *buffer, unsigned inPacketSize, unsigned &outPacketSize)
Boolean verifySRTPAuthenticationTag(u_int8_t *dataToAuthenticate, unsigned numBytesToAuthenticate, u_int32_t roc, u_int8_t const *authenticationTag)
void deriveSingleKey(u_int8_t const *masterKey, u_int8_t const *salt, SRTPKeyDerivationLabel label, unsigned resultKeyLength, u_int8_t *resultKey)
unsigned generateSRTCPAuthenticationTag(u_int8_t const *dataToAuthenticate, unsigned numBytesToAuthenticate, u_int8_t *resultAuthenticationTag)
Boolean processIncomingSRTPPacket(u_int8_t *buffer, unsigned inPacketSize, unsigned &outPacketSize)
void decryptSRTCPPacket(u_int32_t index, u_int32_t ssrc, u_int8_t *data, unsigned numDataBytes)
Boolean processOutgoingSRTPPacket(u_int8_t *buffer, unsigned inPacketSize, unsigned &outPacketSize)
unsigned generateSRTPAuthenticationTag(u_int8_t const *dataToAuthenticate, unsigned numBytesToAuthenticate, u_int8_t *resultAuthenticationTag)
u_int8_t const * masterKey() const
void encryptSRTCPPacket(u_int32_t index, u_int32_t ssrc, u_int8_t *data, unsigned numDataBytes)
void decryptSRTPPacket(u_int64_t index, u_int32_t ssrc, u_int8_t *data, unsigned numDataBytes)
SRTPCryptographicContext(MIKEYState const &mikeyState)
void encryptSRTPPacket(u_int64_t index, u_int32_t ssrc, u_int8_t *data, unsigned numDataBytes)
u_int8_t cipherKey[SRTP_CIPHER_KEY_LENGTH]
u_int8_t salt[SRTP_CIPHER_SALT_LENGTH]