1*90e502c7SAndroid Build Coastguard Worker /* 2*90e502c7SAndroid Build Coastguard Worker * srtp.h 3*90e502c7SAndroid Build Coastguard Worker * 4*90e502c7SAndroid Build Coastguard Worker * interface to libsrtp 5*90e502c7SAndroid Build Coastguard Worker * 6*90e502c7SAndroid Build Coastguard Worker * David A. McGrew 7*90e502c7SAndroid Build Coastguard Worker * Cisco Systems, Inc. 8*90e502c7SAndroid Build Coastguard Worker */ 9*90e502c7SAndroid Build Coastguard Worker /* 10*90e502c7SAndroid Build Coastguard Worker * 11*90e502c7SAndroid Build Coastguard Worker * Copyright (c) 2001-2017, Cisco Systems, Inc. 12*90e502c7SAndroid Build Coastguard Worker * All rights reserved. 13*90e502c7SAndroid Build Coastguard Worker * 14*90e502c7SAndroid Build Coastguard Worker * Redistribution and use in source and binary forms, with or without 15*90e502c7SAndroid Build Coastguard Worker * modification, are permitted provided that the following conditions 16*90e502c7SAndroid Build Coastguard Worker * are met: 17*90e502c7SAndroid Build Coastguard Worker * 18*90e502c7SAndroid Build Coastguard Worker * Redistributions of source code must retain the above copyright 19*90e502c7SAndroid Build Coastguard Worker * notice, this list of conditions and the following disclaimer. 20*90e502c7SAndroid Build Coastguard Worker * 21*90e502c7SAndroid Build Coastguard Worker * Redistributions in binary form must reproduce the above 22*90e502c7SAndroid Build Coastguard Worker * copyright notice, this list of conditions and the following 23*90e502c7SAndroid Build Coastguard Worker * disclaimer in the documentation and/or other materials provided 24*90e502c7SAndroid Build Coastguard Worker * with the distribution. 25*90e502c7SAndroid Build Coastguard Worker * 26*90e502c7SAndroid Build Coastguard Worker * Neither the name of the Cisco Systems, Inc. nor the names of its 27*90e502c7SAndroid Build Coastguard Worker * contributors may be used to endorse or promote products derived 28*90e502c7SAndroid Build Coastguard Worker * from this software without specific prior written permission. 29*90e502c7SAndroid Build Coastguard Worker * 30*90e502c7SAndroid Build Coastguard Worker * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 31*90e502c7SAndroid Build Coastguard Worker * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 32*90e502c7SAndroid Build Coastguard Worker * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS 33*90e502c7SAndroid Build Coastguard Worker * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE 34*90e502c7SAndroid Build Coastguard Worker * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, 35*90e502c7SAndroid Build Coastguard Worker * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 36*90e502c7SAndroid Build Coastguard Worker * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 37*90e502c7SAndroid Build Coastguard Worker * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 38*90e502c7SAndroid Build Coastguard Worker * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 39*90e502c7SAndroid Build Coastguard Worker * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 40*90e502c7SAndroid Build Coastguard Worker * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 41*90e502c7SAndroid Build Coastguard Worker * OF THE POSSIBILITY OF SUCH DAMAGE. 42*90e502c7SAndroid Build Coastguard Worker * 43*90e502c7SAndroid Build Coastguard Worker */ 44*90e502c7SAndroid Build Coastguard Worker 45*90e502c7SAndroid Build Coastguard Worker #ifndef SRTP_SRTP_H 46*90e502c7SAndroid Build Coastguard Worker #define SRTP_SRTP_H 47*90e502c7SAndroid Build Coastguard Worker 48*90e502c7SAndroid Build Coastguard Worker #include <stdint.h> 49*90e502c7SAndroid Build Coastguard Worker 50*90e502c7SAndroid Build Coastguard Worker #ifdef __cplusplus 51*90e502c7SAndroid Build Coastguard Worker extern "C" { 52*90e502c7SAndroid Build Coastguard Worker #endif 53*90e502c7SAndroid Build Coastguard Worker 54*90e502c7SAndroid Build Coastguard Worker /** 55*90e502c7SAndroid Build Coastguard Worker * @defgroup SRTP Secure RTP 56*90e502c7SAndroid Build Coastguard Worker * 57*90e502c7SAndroid Build Coastguard Worker * @brief libSRTP provides functions for protecting RTP and RTCP. See 58*90e502c7SAndroid Build Coastguard Worker * Section @ref Overview for an introduction to the use of the library. 59*90e502c7SAndroid Build Coastguard Worker * 60*90e502c7SAndroid Build Coastguard Worker * @{ 61*90e502c7SAndroid Build Coastguard Worker */ 62*90e502c7SAndroid Build Coastguard Worker 63*90e502c7SAndroid Build Coastguard Worker /* 64*90e502c7SAndroid Build Coastguard Worker * SRTP_MASTER_KEY_LEN is the nominal master key length supported by libSRTP 65*90e502c7SAndroid Build Coastguard Worker */ 66*90e502c7SAndroid Build Coastguard Worker 67*90e502c7SAndroid Build Coastguard Worker #define SRTP_MASTER_KEY_LEN 30 68*90e502c7SAndroid Build Coastguard Worker 69*90e502c7SAndroid Build Coastguard Worker /* 70*90e502c7SAndroid Build Coastguard Worker * SRTP_MAX_KEY_LEN is the maximum key length supported by libSRTP 71*90e502c7SAndroid Build Coastguard Worker */ 72*90e502c7SAndroid Build Coastguard Worker #define SRTP_MAX_KEY_LEN 64 73*90e502c7SAndroid Build Coastguard Worker 74*90e502c7SAndroid Build Coastguard Worker /* 75*90e502c7SAndroid Build Coastguard Worker * SRTP_MAX_TAG_LEN is the maximum tag length supported by libSRTP 76*90e502c7SAndroid Build Coastguard Worker */ 77*90e502c7SAndroid Build Coastguard Worker 78*90e502c7SAndroid Build Coastguard Worker #define SRTP_MAX_TAG_LEN 16 79*90e502c7SAndroid Build Coastguard Worker 80*90e502c7SAndroid Build Coastguard Worker /** 81*90e502c7SAndroid Build Coastguard Worker * SRTP_MAX_MKI_LEN is the maximum size the MKI could be which is 82*90e502c7SAndroid Build Coastguard Worker * 128 bytes 83*90e502c7SAndroid Build Coastguard Worker */ 84*90e502c7SAndroid Build Coastguard Worker #define SRTP_MAX_MKI_LEN 128 85*90e502c7SAndroid Build Coastguard Worker 86*90e502c7SAndroid Build Coastguard Worker /** 87*90e502c7SAndroid Build Coastguard Worker * SRTP_MAX_TRAILER_LEN is the maximum length of the SRTP trailer 88*90e502c7SAndroid Build Coastguard Worker * (authentication tag and MKI) supported by libSRTP. This value is 89*90e502c7SAndroid Build Coastguard Worker * the maixmum number of octets that will be added to an RTP packet by 90*90e502c7SAndroid Build Coastguard Worker * srtp_protect(). 91*90e502c7SAndroid Build Coastguard Worker * 92*90e502c7SAndroid Build Coastguard Worker * @brief the maximum number of octets added by srtp_protect(). 93*90e502c7SAndroid Build Coastguard Worker */ 94*90e502c7SAndroid Build Coastguard Worker #define SRTP_MAX_TRAILER_LEN (SRTP_MAX_TAG_LEN + SRTP_MAX_MKI_LEN) 95*90e502c7SAndroid Build Coastguard Worker 96*90e502c7SAndroid Build Coastguard Worker /** 97*90e502c7SAndroid Build Coastguard Worker * SRTP_MAX_NUM_MASTER_KEYS is the maximum number of Master keys for 98*90e502c7SAndroid Build Coastguard Worker * MKI supported by libSRTP. 99*90e502c7SAndroid Build Coastguard Worker * 100*90e502c7SAndroid Build Coastguard Worker */ 101*90e502c7SAndroid Build Coastguard Worker #define SRTP_MAX_NUM_MASTER_KEYS 16 102*90e502c7SAndroid Build Coastguard Worker 103*90e502c7SAndroid Build Coastguard Worker #define SRTP_SALT_LEN 14 104*90e502c7SAndroid Build Coastguard Worker 105*90e502c7SAndroid Build Coastguard Worker /* 106*90e502c7SAndroid Build Coastguard Worker * SRTP_AEAD_SALT_LEN is the length of the SALT values used with 107*90e502c7SAndroid Build Coastguard Worker * GCM mode. GCM mode requires an IV. The SALT value is used 108*90e502c7SAndroid Build Coastguard Worker * as part of the IV formation logic applied to each RTP packet. 109*90e502c7SAndroid Build Coastguard Worker */ 110*90e502c7SAndroid Build Coastguard Worker #define SRTP_AEAD_SALT_LEN 12 111*90e502c7SAndroid Build Coastguard Worker 112*90e502c7SAndroid Build Coastguard Worker #define SRTP_AES_128_KEY_LEN 16 113*90e502c7SAndroid Build Coastguard Worker #define SRTP_AES_192_KEY_LEN 24 114*90e502c7SAndroid Build Coastguard Worker #define SRTP_AES_256_KEY_LEN 32 115*90e502c7SAndroid Build Coastguard Worker 116*90e502c7SAndroid Build Coastguard Worker #define SRTP_AES_ICM_128_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_128_KEY_LEN) 117*90e502c7SAndroid Build Coastguard Worker #define SRTP_AES_ICM_192_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_192_KEY_LEN) 118*90e502c7SAndroid Build Coastguard Worker #define SRTP_AES_ICM_256_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_256_KEY_LEN) 119*90e502c7SAndroid Build Coastguard Worker 120*90e502c7SAndroid Build Coastguard Worker #define SRTP_AES_GCM_128_KEY_LEN_WSALT \ 121*90e502c7SAndroid Build Coastguard Worker (SRTP_AEAD_SALT_LEN + SRTP_AES_128_KEY_LEN) 122*90e502c7SAndroid Build Coastguard Worker #define SRTP_AES_GCM_192_KEY_LEN_WSALT \ 123*90e502c7SAndroid Build Coastguard Worker (SRTP_AEAD_SALT_LEN + SRTP_AES_192_KEY_LEN) 124*90e502c7SAndroid Build Coastguard Worker #define SRTP_AES_GCM_256_KEY_LEN_WSALT \ 125*90e502c7SAndroid Build Coastguard Worker (SRTP_AEAD_SALT_LEN + SRTP_AES_256_KEY_LEN) 126*90e502c7SAndroid Build Coastguard Worker 127*90e502c7SAndroid Build Coastguard Worker /** 128*90e502c7SAndroid Build Coastguard Worker * @brief A srtp_cipher_type_id_t is an identifier for a particular cipher 129*90e502c7SAndroid Build Coastguard Worker * type. 130*90e502c7SAndroid Build Coastguard Worker * 131*90e502c7SAndroid Build Coastguard Worker * A srtp_cipher_type_id_t is an integer that represents a particular 132*90e502c7SAndroid Build Coastguard Worker * cipher type, e.g. the Advanced Encryption Standard (AES). A 133*90e502c7SAndroid Build Coastguard Worker * SRTP_NULL_CIPHER is avaliable; this cipher leaves the data unchanged, 134*90e502c7SAndroid Build Coastguard Worker * and can be selected to indicate that no encryption is to take 135*90e502c7SAndroid Build Coastguard Worker * place. 136*90e502c7SAndroid Build Coastguard Worker * 137*90e502c7SAndroid Build Coastguard Worker * @ingroup Ciphers 138*90e502c7SAndroid Build Coastguard Worker */ 139*90e502c7SAndroid Build Coastguard Worker typedef uint32_t srtp_cipher_type_id_t; 140*90e502c7SAndroid Build Coastguard Worker 141*90e502c7SAndroid Build Coastguard Worker /** 142*90e502c7SAndroid Build Coastguard Worker * @brief An srtp_auth_type_id_t is an identifier for a particular 143*90e502c7SAndroid Build Coastguard Worker * authentication 144*90e502c7SAndroid Build Coastguard Worker * function. 145*90e502c7SAndroid Build Coastguard Worker * 146*90e502c7SAndroid Build Coastguard Worker * An srtp_auth_type_id_t is an integer that represents a particular 147*90e502c7SAndroid Build Coastguard Worker * authentication function type, e.g. HMAC-SHA1. A SRTP_NULL_AUTH is 148*90e502c7SAndroid Build Coastguard Worker * avaliable; this authentication function performs no computation, 149*90e502c7SAndroid Build Coastguard Worker * and can be selected to indicate that no authentication is to take 150*90e502c7SAndroid Build Coastguard Worker * place. 151*90e502c7SAndroid Build Coastguard Worker * 152*90e502c7SAndroid Build Coastguard Worker * @ingroup Authentication 153*90e502c7SAndroid Build Coastguard Worker */ 154*90e502c7SAndroid Build Coastguard Worker typedef uint32_t srtp_auth_type_id_t; 155*90e502c7SAndroid Build Coastguard Worker 156*90e502c7SAndroid Build Coastguard Worker /** 157*90e502c7SAndroid Build Coastguard Worker * @brief srtp_err_status_t defines error codes. 158*90e502c7SAndroid Build Coastguard Worker * 159*90e502c7SAndroid Build Coastguard Worker * The enumeration srtp_err_status_t defines error codes. Note that the 160*90e502c7SAndroid Build Coastguard Worker * value of srtp_err_status_ok is equal to zero, which can simplify error 161*90e502c7SAndroid Build Coastguard Worker * checking somewhat. 162*90e502c7SAndroid Build Coastguard Worker * 163*90e502c7SAndroid Build Coastguard Worker */ 164*90e502c7SAndroid Build Coastguard Worker typedef enum { 165*90e502c7SAndroid Build Coastguard Worker srtp_err_status_ok = 0, /**< nothing to report */ 166*90e502c7SAndroid Build Coastguard Worker srtp_err_status_fail = 1, /**< unspecified failure */ 167*90e502c7SAndroid Build Coastguard Worker srtp_err_status_bad_param = 2, /**< unsupported parameter */ 168*90e502c7SAndroid Build Coastguard Worker srtp_err_status_alloc_fail = 3, /**< couldn't allocate memory */ 169*90e502c7SAndroid Build Coastguard Worker srtp_err_status_dealloc_fail = 4, /**< couldn't deallocate properly */ 170*90e502c7SAndroid Build Coastguard Worker srtp_err_status_init_fail = 5, /**< couldn't initialize */ 171*90e502c7SAndroid Build Coastguard Worker srtp_err_status_terminus = 6, /**< can't process as much data as */ 172*90e502c7SAndroid Build Coastguard Worker /**< requested */ 173*90e502c7SAndroid Build Coastguard Worker srtp_err_status_auth_fail = 7, /**< authentication failure */ 174*90e502c7SAndroid Build Coastguard Worker srtp_err_status_cipher_fail = 8, /**< cipher failure */ 175*90e502c7SAndroid Build Coastguard Worker srtp_err_status_replay_fail = 9, /**< replay check failed (bad index) */ 176*90e502c7SAndroid Build Coastguard Worker srtp_err_status_replay_old = 10, /**< replay check failed (index too */ 177*90e502c7SAndroid Build Coastguard Worker /**< old) */ 178*90e502c7SAndroid Build Coastguard Worker srtp_err_status_algo_fail = 11, /**< algorithm failed test routine */ 179*90e502c7SAndroid Build Coastguard Worker srtp_err_status_no_such_op = 12, /**< unsupported operation */ 180*90e502c7SAndroid Build Coastguard Worker srtp_err_status_no_ctx = 13, /**< no appropriate context found */ 181*90e502c7SAndroid Build Coastguard Worker srtp_err_status_cant_check = 14, /**< unable to perform desired */ 182*90e502c7SAndroid Build Coastguard Worker /**< validation */ 183*90e502c7SAndroid Build Coastguard Worker srtp_err_status_key_expired = 15, /**< can't use key any more */ 184*90e502c7SAndroid Build Coastguard Worker srtp_err_status_socket_err = 16, /**< error in use of socket */ 185*90e502c7SAndroid Build Coastguard Worker srtp_err_status_signal_err = 17, /**< error in use POSIX signals */ 186*90e502c7SAndroid Build Coastguard Worker srtp_err_status_nonce_bad = 18, /**< nonce check failed */ 187*90e502c7SAndroid Build Coastguard Worker srtp_err_status_read_fail = 19, /**< couldn't read data */ 188*90e502c7SAndroid Build Coastguard Worker srtp_err_status_write_fail = 20, /**< couldn't write data */ 189*90e502c7SAndroid Build Coastguard Worker srtp_err_status_parse_err = 21, /**< error parsing data */ 190*90e502c7SAndroid Build Coastguard Worker srtp_err_status_encode_err = 22, /**< error encoding data */ 191*90e502c7SAndroid Build Coastguard Worker srtp_err_status_semaphore_err = 23, /**< error while using semaphores */ 192*90e502c7SAndroid Build Coastguard Worker srtp_err_status_pfkey_err = 24, /**< error while using pfkey */ 193*90e502c7SAndroid Build Coastguard Worker srtp_err_status_bad_mki = 25, /**< error MKI present in packet is */ 194*90e502c7SAndroid Build Coastguard Worker /**< invalid */ 195*90e502c7SAndroid Build Coastguard Worker srtp_err_status_pkt_idx_old = 26, /**< packet index is too old to */ 196*90e502c7SAndroid Build Coastguard Worker /**< consider */ 197*90e502c7SAndroid Build Coastguard Worker srtp_err_status_pkt_idx_adv = 27 /**< packet index advanced, reset */ 198*90e502c7SAndroid Build Coastguard Worker /**< needed */ 199*90e502c7SAndroid Build Coastguard Worker } srtp_err_status_t; 200*90e502c7SAndroid Build Coastguard Worker 201*90e502c7SAndroid Build Coastguard Worker typedef struct srtp_ctx_t_ srtp_ctx_t; 202*90e502c7SAndroid Build Coastguard Worker 203*90e502c7SAndroid Build Coastguard Worker /** 204*90e502c7SAndroid Build Coastguard Worker * @brief srtp_sec_serv_t describes a set of security services. 205*90e502c7SAndroid Build Coastguard Worker * 206*90e502c7SAndroid Build Coastguard Worker * A srtp_sec_serv_t enumeration is used to describe the particular 207*90e502c7SAndroid Build Coastguard Worker * security services that will be applied by a particular crypto 208*90e502c7SAndroid Build Coastguard Worker * policy (or other mechanism). 209*90e502c7SAndroid Build Coastguard Worker */ 210*90e502c7SAndroid Build Coastguard Worker typedef enum { 211*90e502c7SAndroid Build Coastguard Worker sec_serv_none = 0, /**< no services */ 212*90e502c7SAndroid Build Coastguard Worker sec_serv_conf = 1, /**< confidentiality */ 213*90e502c7SAndroid Build Coastguard Worker sec_serv_auth = 2, /**< authentication */ 214*90e502c7SAndroid Build Coastguard Worker sec_serv_conf_and_auth = 3 /**< confidentiality and authentication */ 215*90e502c7SAndroid Build Coastguard Worker } srtp_sec_serv_t; 216*90e502c7SAndroid Build Coastguard Worker 217*90e502c7SAndroid Build Coastguard Worker /** 218*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_t describes a particular crypto policy that 219*90e502c7SAndroid Build Coastguard Worker * can be applied to an SRTP stream. 220*90e502c7SAndroid Build Coastguard Worker * 221*90e502c7SAndroid Build Coastguard Worker * A srtp_crypto_policy_t describes a particular cryptographic policy that 222*90e502c7SAndroid Build Coastguard Worker * can be applied to an SRTP or SRTCP stream. An SRTP session policy 223*90e502c7SAndroid Build Coastguard Worker * consists of a list of these policies, one for each SRTP stream 224*90e502c7SAndroid Build Coastguard Worker * in the session. 225*90e502c7SAndroid Build Coastguard Worker */ 226*90e502c7SAndroid Build Coastguard Worker typedef struct srtp_crypto_policy_t { 227*90e502c7SAndroid Build Coastguard Worker srtp_cipher_type_id_t cipher_type; /**< An integer representing */ 228*90e502c7SAndroid Build Coastguard Worker /**< the type of cipher. */ 229*90e502c7SAndroid Build Coastguard Worker int cipher_key_len; /**< The length of the cipher key */ 230*90e502c7SAndroid Build Coastguard Worker /**< in octets. */ 231*90e502c7SAndroid Build Coastguard Worker srtp_auth_type_id_t auth_type; /**< An integer representing the */ 232*90e502c7SAndroid Build Coastguard Worker /**< authentication function. */ 233*90e502c7SAndroid Build Coastguard Worker int auth_key_len; /**< The length of the authentication */ 234*90e502c7SAndroid Build Coastguard Worker /**< function key in octets. */ 235*90e502c7SAndroid Build Coastguard Worker int auth_tag_len; /**< The length of the authentication */ 236*90e502c7SAndroid Build Coastguard Worker /**< tag in octets. */ 237*90e502c7SAndroid Build Coastguard Worker srtp_sec_serv_t sec_serv; /**< The flag indicating the security */ 238*90e502c7SAndroid Build Coastguard Worker /**< services to be applied. */ 239*90e502c7SAndroid Build Coastguard Worker } srtp_crypto_policy_t; 240*90e502c7SAndroid Build Coastguard Worker 241*90e502c7SAndroid Build Coastguard Worker /** 242*90e502c7SAndroid Build Coastguard Worker * @brief srtp_ssrc_type_t describes the type of an SSRC. 243*90e502c7SAndroid Build Coastguard Worker * 244*90e502c7SAndroid Build Coastguard Worker * An srtp_ssrc_type_t enumeration is used to indicate a type of SSRC. See 245*90e502c7SAndroid Build Coastguard Worker * @ref srtp_policy_t for more informataion. 246*90e502c7SAndroid Build Coastguard Worker */ 247*90e502c7SAndroid Build Coastguard Worker typedef enum { 248*90e502c7SAndroid Build Coastguard Worker ssrc_undefined = 0, /**< Indicates an undefined SSRC type. */ 249*90e502c7SAndroid Build Coastguard Worker ssrc_specific = 1, /**< Indicates a specific SSRC value */ 250*90e502c7SAndroid Build Coastguard Worker ssrc_any_inbound = 2, /**< Indicates any inbound SSRC value */ 251*90e502c7SAndroid Build Coastguard Worker /**< (i.e. a value that is used in the */ 252*90e502c7SAndroid Build Coastguard Worker /**< function srtp_unprotect()) */ 253*90e502c7SAndroid Build Coastguard Worker ssrc_any_outbound = 3 /**< Indicates any outbound SSRC value */ 254*90e502c7SAndroid Build Coastguard Worker /**< (i.e. a value that is used in the */ 255*90e502c7SAndroid Build Coastguard Worker /**< function srtp_protect()) */ 256*90e502c7SAndroid Build Coastguard Worker } srtp_ssrc_type_t; 257*90e502c7SAndroid Build Coastguard Worker 258*90e502c7SAndroid Build Coastguard Worker /** 259*90e502c7SAndroid Build Coastguard Worker * @brief An srtp_ssrc_t represents a particular SSRC value, or a `wildcard' 260*90e502c7SAndroid Build Coastguard Worker * SSRC. 261*90e502c7SAndroid Build Coastguard Worker * 262*90e502c7SAndroid Build Coastguard Worker * An srtp_ssrc_t represents a particular SSRC value (if its type is 263*90e502c7SAndroid Build Coastguard Worker * ssrc_specific), or a wildcard SSRC value that will match all 264*90e502c7SAndroid Build Coastguard Worker * outbound SSRCs (if its type is ssrc_any_outbound) or all inbound 265*90e502c7SAndroid Build Coastguard Worker * SSRCs (if its type is ssrc_any_inbound). 266*90e502c7SAndroid Build Coastguard Worker */ 267*90e502c7SAndroid Build Coastguard Worker typedef struct { 268*90e502c7SAndroid Build Coastguard Worker srtp_ssrc_type_t type; /**< The type of this particular SSRC */ 269*90e502c7SAndroid Build Coastguard Worker unsigned int value; /**< The value of this SSRC, if it is not a */ 270*90e502c7SAndroid Build Coastguard Worker /**< wildcard */ 271*90e502c7SAndroid Build Coastguard Worker } srtp_ssrc_t; 272*90e502c7SAndroid Build Coastguard Worker 273*90e502c7SAndroid Build Coastguard Worker /** 274*90e502c7SAndroid Build Coastguard Worker * @brief points to an EKT policy 275*90e502c7SAndroid Build Coastguard Worker */ 276*90e502c7SAndroid Build Coastguard Worker typedef struct srtp_ekt_policy_ctx_t *srtp_ekt_policy_t; 277*90e502c7SAndroid Build Coastguard Worker 278*90e502c7SAndroid Build Coastguard Worker /** 279*90e502c7SAndroid Build Coastguard Worker * @brief points to EKT stream data 280*90e502c7SAndroid Build Coastguard Worker */ 281*90e502c7SAndroid Build Coastguard Worker typedef struct srtp_ekt_stream_ctx_t *srtp_ekt_stream_t; 282*90e502c7SAndroid Build Coastguard Worker 283*90e502c7SAndroid Build Coastguard Worker /** 284*90e502c7SAndroid Build Coastguard Worker * @brief srtp_master_key_t represents a master key. There will 285*90e502c7SAndroid Build Coastguard Worker * be a Master Key Index and the Master Key associated with the 286*90e502c7SAndroid Build Coastguard Worker * Master Key Index. Need to also keep track of the Master Key 287*90e502c7SAndroid Build Coastguard Worker * Index Size to correctly read it from a packet. 288*90e502c7SAndroid Build Coastguard Worker */ 289*90e502c7SAndroid Build Coastguard Worker typedef struct srtp_master_key_t { 290*90e502c7SAndroid Build Coastguard Worker unsigned char *key; 291*90e502c7SAndroid Build Coastguard Worker unsigned char *mki_id; 292*90e502c7SAndroid Build Coastguard Worker unsigned int mki_size; 293*90e502c7SAndroid Build Coastguard Worker } srtp_master_key_t; 294*90e502c7SAndroid Build Coastguard Worker 295*90e502c7SAndroid Build Coastguard Worker /** 296*90e502c7SAndroid Build Coastguard Worker * @brief represents the policy for an SRTP session. 297*90e502c7SAndroid Build Coastguard Worker * 298*90e502c7SAndroid Build Coastguard Worker * A single srtp_policy_t struct represents the policy for a single 299*90e502c7SAndroid Build Coastguard Worker * SRTP stream, and a linked list of these elements represents the 300*90e502c7SAndroid Build Coastguard Worker * policy for an entire SRTP session. Each element contains the SRTP 301*90e502c7SAndroid Build Coastguard Worker * and SRTCP crypto policies for that stream, a pointer to the SRTP 302*90e502c7SAndroid Build Coastguard Worker * master key for that stream, the SSRC describing that stream, or a 303*90e502c7SAndroid Build Coastguard Worker * flag indicating a `wildcard' SSRC value, and a `next' field that 304*90e502c7SAndroid Build Coastguard Worker * holds a pointer to the next element in the list of policy elements, 305*90e502c7SAndroid Build Coastguard Worker * or NULL if it is the last element. 306*90e502c7SAndroid Build Coastguard Worker * 307*90e502c7SAndroid Build Coastguard Worker * The wildcard value SSRC_ANY_INBOUND matches any SSRC from an 308*90e502c7SAndroid Build Coastguard Worker * inbound stream that for which there is no explicit SSRC entry in 309*90e502c7SAndroid Build Coastguard Worker * another policy element. Similarly, the value SSRC_ANY_OUTBOUND 310*90e502c7SAndroid Build Coastguard Worker * will matches any SSRC from an outbound stream that does not appear 311*90e502c7SAndroid Build Coastguard Worker * in another policy element. Note that wildcard SSRCs &b cannot be 312*90e502c7SAndroid Build Coastguard Worker * used to match both inbound and outbound traffic. This restriction 313*90e502c7SAndroid Build Coastguard Worker * is intentional, and it allows libSRTP to ensure that no security 314*90e502c7SAndroid Build Coastguard Worker * lapses result from accidental re-use of SSRC values during key 315*90e502c7SAndroid Build Coastguard Worker * sharing. 316*90e502c7SAndroid Build Coastguard Worker * 317*90e502c7SAndroid Build Coastguard Worker * @warning The final element of the list @b must have its `next' pointer 318*90e502c7SAndroid Build Coastguard Worker * set to NULL. 319*90e502c7SAndroid Build Coastguard Worker */ 320*90e502c7SAndroid Build Coastguard Worker 321*90e502c7SAndroid Build Coastguard Worker typedef struct srtp_policy_t { 322*90e502c7SAndroid Build Coastguard Worker srtp_ssrc_t ssrc; /**< The SSRC value of stream, or the */ 323*90e502c7SAndroid Build Coastguard Worker /**< flags SSRC_ANY_INBOUND or */ 324*90e502c7SAndroid Build Coastguard Worker /**< SSRC_ANY_OUTBOUND if key sharing */ 325*90e502c7SAndroid Build Coastguard Worker /**< is used for this policy element. */ 326*90e502c7SAndroid Build Coastguard Worker srtp_crypto_policy_t rtp; /**< SRTP crypto policy. */ 327*90e502c7SAndroid Build Coastguard Worker srtp_crypto_policy_t rtcp; /**< SRTCP crypto policy. */ 328*90e502c7SAndroid Build Coastguard Worker unsigned char *key; /**< Pointer to the SRTP master key for */ 329*90e502c7SAndroid Build Coastguard Worker /**< this stream. */ 330*90e502c7SAndroid Build Coastguard Worker srtp_master_key_t **keys; /** Array of Master Key structures */ 331*90e502c7SAndroid Build Coastguard Worker unsigned long num_master_keys; /** Number of master keys */ 332*90e502c7SAndroid Build Coastguard Worker srtp_ekt_policy_t ekt; /**< Pointer to the EKT policy structure */ 333*90e502c7SAndroid Build Coastguard Worker /**< for this stream (if any) */ 334*90e502c7SAndroid Build Coastguard Worker unsigned long window_size; /**< The window size to use for replay */ 335*90e502c7SAndroid Build Coastguard Worker /**< protection. */ 336*90e502c7SAndroid Build Coastguard Worker int allow_repeat_tx; /**< Whether retransmissions of */ 337*90e502c7SAndroid Build Coastguard Worker /**< packets with the same sequence */ 338*90e502c7SAndroid Build Coastguard Worker /**< number are allowed. */ 339*90e502c7SAndroid Build Coastguard Worker /**< (Note that such repeated */ 340*90e502c7SAndroid Build Coastguard Worker /**< transmissions must have the same */ 341*90e502c7SAndroid Build Coastguard Worker /**< RTP payload, or a severe security */ 342*90e502c7SAndroid Build Coastguard Worker /**< weakness is introduced!) */ 343*90e502c7SAndroid Build Coastguard Worker int *enc_xtn_hdr; /**< List of header ids to encrypt. */ 344*90e502c7SAndroid Build Coastguard Worker int enc_xtn_hdr_count; /**< Number of entries in list of header */ 345*90e502c7SAndroid Build Coastguard Worker /**< ids. */ 346*90e502c7SAndroid Build Coastguard Worker struct srtp_policy_t *next; /**< Pointer to next stream policy. */ 347*90e502c7SAndroid Build Coastguard Worker } srtp_policy_t; 348*90e502c7SAndroid Build Coastguard Worker 349*90e502c7SAndroid Build Coastguard Worker /** 350*90e502c7SAndroid Build Coastguard Worker * @brief An srtp_t points to an SRTP session structure. 351*90e502c7SAndroid Build Coastguard Worker * 352*90e502c7SAndroid Build Coastguard Worker * The typedef srtp_t is a pointer to a structure that represents 353*90e502c7SAndroid Build Coastguard Worker * an SRTP session. This datatype is intentially opaque in 354*90e502c7SAndroid Build Coastguard Worker * order to separate the interface from the implementation. 355*90e502c7SAndroid Build Coastguard Worker * 356*90e502c7SAndroid Build Coastguard Worker * An SRTP session consists of all of the traffic sent to the RTP and 357*90e502c7SAndroid Build Coastguard Worker * RTCP destination transport addresses, using the RTP/SAVP (Secure 358*90e502c7SAndroid Build Coastguard Worker * Audio/Video Profile). A session can be viewed as a set of SRTP 359*90e502c7SAndroid Build Coastguard Worker * streams, each of which originates with a different participant. 360*90e502c7SAndroid Build Coastguard Worker */ 361*90e502c7SAndroid Build Coastguard Worker typedef srtp_ctx_t *srtp_t; 362*90e502c7SAndroid Build Coastguard Worker 363*90e502c7SAndroid Build Coastguard Worker /** 364*90e502c7SAndroid Build Coastguard Worker * @brief srtp_init() initializes the srtp library. 365*90e502c7SAndroid Build Coastguard Worker * 366*90e502c7SAndroid Build Coastguard Worker * @warning This function @b must be called before any other srtp 367*90e502c7SAndroid Build Coastguard Worker * functions. 368*90e502c7SAndroid Build Coastguard Worker */ 369*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_init(void); 370*90e502c7SAndroid Build Coastguard Worker 371*90e502c7SAndroid Build Coastguard Worker /** 372*90e502c7SAndroid Build Coastguard Worker * @brief srtp_shutdown() de-initializes the srtp library. 373*90e502c7SAndroid Build Coastguard Worker * 374*90e502c7SAndroid Build Coastguard Worker * @warning No srtp functions may be called after calling this function. 375*90e502c7SAndroid Build Coastguard Worker */ 376*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_shutdown(void); 377*90e502c7SAndroid Build Coastguard Worker 378*90e502c7SAndroid Build Coastguard Worker /** 379*90e502c7SAndroid Build Coastguard Worker * @brief srtp_protect() is the Secure RTP sender-side packet processing 380*90e502c7SAndroid Build Coastguard Worker * function. 381*90e502c7SAndroid Build Coastguard Worker * 382*90e502c7SAndroid Build Coastguard Worker * The function call srtp_protect(ctx, rtp_hdr, len_ptr) applies SRTP 383*90e502c7SAndroid Build Coastguard Worker * protection to the RTP packet rtp_hdr (which has length *len_ptr) using 384*90e502c7SAndroid Build Coastguard Worker * the SRTP context ctx. If srtp_err_status_ok is returned, then rtp_hdr 385*90e502c7SAndroid Build Coastguard Worker * points to the resulting SRTP packet and *len_ptr is the number of 386*90e502c7SAndroid Build Coastguard Worker * octets in that packet; otherwise, no assumptions should be made 387*90e502c7SAndroid Build Coastguard Worker * about the value of either data elements. 388*90e502c7SAndroid Build Coastguard Worker * 389*90e502c7SAndroid Build Coastguard Worker * The sequence numbers of the RTP packets presented to this function 390*90e502c7SAndroid Build Coastguard Worker * need not be consecutive, but they @b must be out of order by less 391*90e502c7SAndroid Build Coastguard Worker * than 2^15 = 32,768 packets. 392*90e502c7SAndroid Build Coastguard Worker * 393*90e502c7SAndroid Build Coastguard Worker * @warning This function assumes that it can write the authentication 394*90e502c7SAndroid Build Coastguard Worker * tag into the location in memory immediately following the RTP 395*90e502c7SAndroid Build Coastguard Worker * packet, and assumes that the RTP packet is aligned on a 32-bit 396*90e502c7SAndroid Build Coastguard Worker * boundary. 397*90e502c7SAndroid Build Coastguard Worker * 398*90e502c7SAndroid Build Coastguard Worker * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN 399*90e502c7SAndroid Build Coastguard Worker * into the location in memory immediately following the RTP packet. 400*90e502c7SAndroid Build Coastguard Worker * Callers MUST ensure that this much writable memory is available in 401*90e502c7SAndroid Build Coastguard Worker * the buffer that holds the RTP packet. 402*90e502c7SAndroid Build Coastguard Worker * 403*90e502c7SAndroid Build Coastguard Worker * @param ctx is the SRTP context to use in processing the packet. 404*90e502c7SAndroid Build Coastguard Worker * 405*90e502c7SAndroid Build Coastguard Worker * @param rtp_hdr is a pointer to the RTP packet (before the call); after 406*90e502c7SAndroid Build Coastguard Worker * the function returns, it points to the srtp packet. 407*90e502c7SAndroid Build Coastguard Worker * 408*90e502c7SAndroid Build Coastguard Worker * @param len_ptr is a pointer to the length in octets of the complete 409*90e502c7SAndroid Build Coastguard Worker * RTP packet (header and body) before the function call, and of the 410*90e502c7SAndroid Build Coastguard Worker * complete SRTP packet after the call, if srtp_err_status_ok was returned. 411*90e502c7SAndroid Build Coastguard Worker * Otherwise, the value of the data to which it points is undefined. 412*90e502c7SAndroid Build Coastguard Worker * 413*90e502c7SAndroid Build Coastguard Worker * @return 414*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok no problems 415*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_replay_fail rtp sequence number was non-increasing 416*90e502c7SAndroid Build Coastguard Worker * - @e other failure in cryptographic mechanisms 417*90e502c7SAndroid Build Coastguard Worker */ 418*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_protect(srtp_t ctx, void *rtp_hdr, int *len_ptr); 419*90e502c7SAndroid Build Coastguard Worker 420*90e502c7SAndroid Build Coastguard Worker /** 421*90e502c7SAndroid Build Coastguard Worker * @brief srtp_protect_mki() is the Secure RTP sender-side packet processing 422*90e502c7SAndroid Build Coastguard Worker * function that can utilize MKI. 423*90e502c7SAndroid Build Coastguard Worker * 424*90e502c7SAndroid Build Coastguard Worker * The function call srtp_protect(ctx, rtp_hdr, len_ptr) applies SRTP 425*90e502c7SAndroid Build Coastguard Worker * protection to the RTP packet rtp_hdr (which has length *len_ptr) using 426*90e502c7SAndroid Build Coastguard Worker * the SRTP context ctx. If srtp_err_status_ok is returned, then rtp_hdr 427*90e502c7SAndroid Build Coastguard Worker * points to the resulting SRTP packet and *len_ptr is the number of 428*90e502c7SAndroid Build Coastguard Worker * octets in that packet; otherwise, no assumptions should be made 429*90e502c7SAndroid Build Coastguard Worker * about the value of either data elements. 430*90e502c7SAndroid Build Coastguard Worker * 431*90e502c7SAndroid Build Coastguard Worker * The sequence numbers of the RTP packets presented to this function 432*90e502c7SAndroid Build Coastguard Worker * need not be consecutive, but they @b must be out of order by less 433*90e502c7SAndroid Build Coastguard Worker * than 2^15 = 32,768 packets. 434*90e502c7SAndroid Build Coastguard Worker * 435*90e502c7SAndroid Build Coastguard Worker * @warning This function assumes that it can write the authentication 436*90e502c7SAndroid Build Coastguard Worker * tag into the location in memory immediately following the RTP 437*90e502c7SAndroid Build Coastguard Worker * packet, and assumes that the RTP packet is aligned on a 32-bit 438*90e502c7SAndroid Build Coastguard Worker * boundary. 439*90e502c7SAndroid Build Coastguard Worker * 440*90e502c7SAndroid Build Coastguard Worker * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN 441*90e502c7SAndroid Build Coastguard Worker * into the location in memory immediately following the RTP packet. 442*90e502c7SAndroid Build Coastguard Worker * Callers MUST ensure that this much writable memory is available in 443*90e502c7SAndroid Build Coastguard Worker * the buffer that holds the RTP packet. 444*90e502c7SAndroid Build Coastguard Worker * 445*90e502c7SAndroid Build Coastguard Worker * @param ctx is the SRTP context to use in processing the packet. 446*90e502c7SAndroid Build Coastguard Worker * 447*90e502c7SAndroid Build Coastguard Worker * @param rtp_hdr is a pointer to the RTP packet (before the call); after 448*90e502c7SAndroid Build Coastguard Worker * the function returns, it points to the srtp packet. 449*90e502c7SAndroid Build Coastguard Worker * 450*90e502c7SAndroid Build Coastguard Worker * @param pkt_octet_len is a pointer to the length in octets of the complete 451*90e502c7SAndroid Build Coastguard Worker * RTP packet (header and body) before the function call, and of the 452*90e502c7SAndroid Build Coastguard Worker * complete SRTP packet after the call, if srtp_err_status_ok was returned. 453*90e502c7SAndroid Build Coastguard Worker * Otherwise, the value of the data to which it points is undefined. 454*90e502c7SAndroid Build Coastguard Worker * 455*90e502c7SAndroid Build Coastguard Worker * @param use_mki is a boolean to tell the system if mki is being used. If 456*90e502c7SAndroid Build Coastguard Worker * set to false then will use the first set of session keys. If set to true 457*90e502c7SAndroid Build Coastguard Worker * will 458*90e502c7SAndroid Build Coastguard Worker * use the session keys identified by the mki_index 459*90e502c7SAndroid Build Coastguard Worker * 460*90e502c7SAndroid Build Coastguard Worker * @param mki_index integer value specifying which set of session keys should be 461*90e502c7SAndroid Build Coastguard Worker * used if use_mki is set to true. 462*90e502c7SAndroid Build Coastguard Worker * 463*90e502c7SAndroid Build Coastguard Worker * @return 464*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok no problems 465*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_replay_fail rtp sequence number was non-increasing 466*90e502c7SAndroid Build Coastguard Worker * - @e other failure in cryptographic mechanisms 467*90e502c7SAndroid Build Coastguard Worker */ 468*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, 469*90e502c7SAndroid Build Coastguard Worker void *rtp_hdr, 470*90e502c7SAndroid Build Coastguard Worker int *pkt_octet_len, 471*90e502c7SAndroid Build Coastguard Worker unsigned int use_mki, 472*90e502c7SAndroid Build Coastguard Worker unsigned int mki_index); 473*90e502c7SAndroid Build Coastguard Worker 474*90e502c7SAndroid Build Coastguard Worker /** 475*90e502c7SAndroid Build Coastguard Worker * @brief srtp_unprotect() is the Secure RTP receiver-side packet 476*90e502c7SAndroid Build Coastguard Worker * processing function. 477*90e502c7SAndroid Build Coastguard Worker * 478*90e502c7SAndroid Build Coastguard Worker * The function call srtp_unprotect(ctx, srtp_hdr, len_ptr) verifies 479*90e502c7SAndroid Build Coastguard Worker * the Secure RTP protection of the SRTP packet pointed to by srtp_hdr 480*90e502c7SAndroid Build Coastguard Worker * (which has length *len_ptr), using the SRTP context ctx. If 481*90e502c7SAndroid Build Coastguard Worker * srtp_err_status_ok is returned, then srtp_hdr points to the resulting 482*90e502c7SAndroid Build Coastguard Worker * RTP packet and *len_ptr is the number of octets in that packet; 483*90e502c7SAndroid Build Coastguard Worker * otherwise, no assumptions should be made about the value of either 484*90e502c7SAndroid Build Coastguard Worker * data elements. 485*90e502c7SAndroid Build Coastguard Worker * 486*90e502c7SAndroid Build Coastguard Worker * The sequence numbers of the RTP packets presented to this function 487*90e502c7SAndroid Build Coastguard Worker * need not be consecutive, but they @b must be out of order by less 488*90e502c7SAndroid Build Coastguard Worker * than 2^15 = 32,768 packets. 489*90e502c7SAndroid Build Coastguard Worker * 490*90e502c7SAndroid Build Coastguard Worker * @warning This function assumes that the SRTP packet is aligned on a 491*90e502c7SAndroid Build Coastguard Worker * 32-bit boundary. 492*90e502c7SAndroid Build Coastguard Worker * 493*90e502c7SAndroid Build Coastguard Worker * @param ctx is the SRTP session which applies to the particular packet. 494*90e502c7SAndroid Build Coastguard Worker * 495*90e502c7SAndroid Build Coastguard Worker * @param srtp_hdr is a pointer to the header of the SRTP packet 496*90e502c7SAndroid Build Coastguard Worker * (before the call). after the function returns, it points to the 497*90e502c7SAndroid Build Coastguard Worker * rtp packet if srtp_err_status_ok was returned; otherwise, the value of 498*90e502c7SAndroid Build Coastguard Worker * the data to which it points is undefined. 499*90e502c7SAndroid Build Coastguard Worker * 500*90e502c7SAndroid Build Coastguard Worker * @param len_ptr is a pointer to the length in octets of the complete 501*90e502c7SAndroid Build Coastguard Worker * srtp packet (header and body) before the function call, and of the 502*90e502c7SAndroid Build Coastguard Worker * complete rtp packet after the call, if srtp_err_status_ok was returned. 503*90e502c7SAndroid Build Coastguard Worker * Otherwise, the value of the data to which it points is undefined. 504*90e502c7SAndroid Build Coastguard Worker * 505*90e502c7SAndroid Build Coastguard Worker * @return 506*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok if the RTP packet is valid. 507*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_auth_fail if the SRTP packet failed the message 508*90e502c7SAndroid Build Coastguard Worker * authentication check. 509*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_replay_fail if the SRTP packet is a replay (e.g. packet 510*90e502c7SAndroid Build Coastguard Worker * has already been processed and accepted). 511*90e502c7SAndroid Build Coastguard Worker * - [other] if there has been an error in the cryptographic mechanisms. 512*90e502c7SAndroid Build Coastguard Worker * 513*90e502c7SAndroid Build Coastguard Worker */ 514*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_unprotect(srtp_t ctx, void *srtp_hdr, int *len_ptr); 515*90e502c7SAndroid Build Coastguard Worker 516*90e502c7SAndroid Build Coastguard Worker /** 517*90e502c7SAndroid Build Coastguard Worker * @brief srtp_unprotect_mki() is the Secure RTP receiver-side packet 518*90e502c7SAndroid Build Coastguard Worker * processing function that checks for MKI. 519*90e502c7SAndroid Build Coastguard Worker * 520*90e502c7SAndroid Build Coastguard Worker * The function call srtp_unprotect(ctx, srtp_hdr, len_ptr) verifies 521*90e502c7SAndroid Build Coastguard Worker * the Secure RTP protection of the SRTP packet pointed to by srtp_hdr 522*90e502c7SAndroid Build Coastguard Worker * (which has length *len_ptr), using the SRTP context ctx. If 523*90e502c7SAndroid Build Coastguard Worker * srtp_err_status_ok is returned, then srtp_hdr points to the resulting 524*90e502c7SAndroid Build Coastguard Worker * RTP packet and *len_ptr is the number of octets in that packet; 525*90e502c7SAndroid Build Coastguard Worker * otherwise, no assumptions should be made about the value of either 526*90e502c7SAndroid Build Coastguard Worker * data elements. 527*90e502c7SAndroid Build Coastguard Worker * 528*90e502c7SAndroid Build Coastguard Worker * The sequence numbers of the RTP packets presented to this function 529*90e502c7SAndroid Build Coastguard Worker * need not be consecutive, but they @b must be out of order by less 530*90e502c7SAndroid Build Coastguard Worker * than 2^15 = 32,768 packets. 531*90e502c7SAndroid Build Coastguard Worker * 532*90e502c7SAndroid Build Coastguard Worker * @warning This function assumes that the SRTP packet is aligned on a 533*90e502c7SAndroid Build Coastguard Worker * 32-bit boundary. 534*90e502c7SAndroid Build Coastguard Worker * 535*90e502c7SAndroid Build Coastguard Worker * @param ctx is the SRTP session which applies to the particular packet. 536*90e502c7SAndroid Build Coastguard Worker * 537*90e502c7SAndroid Build Coastguard Worker * @param srtp_hdr is a pointer to the header of the SRTP packet 538*90e502c7SAndroid Build Coastguard Worker * (before the call). after the function returns, it points to the 539*90e502c7SAndroid Build Coastguard Worker * rtp packet if srtp_err_status_ok was returned; otherwise, the value of 540*90e502c7SAndroid Build Coastguard Worker * the data to which it points is undefined. 541*90e502c7SAndroid Build Coastguard Worker * 542*90e502c7SAndroid Build Coastguard Worker * @param len_ptr is a pointer to the length in octets of the complete 543*90e502c7SAndroid Build Coastguard Worker * srtp packet (header and body) before the function call, and of the 544*90e502c7SAndroid Build Coastguard Worker * complete rtp packet after the call, if srtp_err_status_ok was returned. 545*90e502c7SAndroid Build Coastguard Worker * Otherwise, the value of the data to which it points is undefined. 546*90e502c7SAndroid Build Coastguard Worker * 547*90e502c7SAndroid Build Coastguard Worker * @param use_mki is a boolean to tell the system if mki is being used. If 548*90e502c7SAndroid Build Coastguard Worker * set to false then will use the first set of session keys. If set to true 549*90e502c7SAndroid Build Coastguard Worker * will 550*90e502c7SAndroid Build Coastguard Worker * use the session keys identified by the mki_index 551*90e502c7SAndroid Build Coastguard Worker * 552*90e502c7SAndroid Build Coastguard Worker * @return 553*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok if the RTP packet is valid. 554*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_auth_fail if the SRTP packet failed the message 555*90e502c7SAndroid Build Coastguard Worker * authentication check. 556*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_replay_fail if the SRTP packet is a replay (e.g. packet 557*90e502c7SAndroid Build Coastguard Worker * has already been processed and accepted). 558*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_bad_mki if the MKI in the packet is not a known MKI id 559*90e502c7SAndroid Build Coastguard Worker * - [other] if there has been an error in the cryptographic mechanisms. 560*90e502c7SAndroid Build Coastguard Worker * 561*90e502c7SAndroid Build Coastguard Worker */ 562*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_unprotect_mki(srtp_t ctx, 563*90e502c7SAndroid Build Coastguard Worker void *srtp_hdr, 564*90e502c7SAndroid Build Coastguard Worker int *len_ptr, 565*90e502c7SAndroid Build Coastguard Worker unsigned int use_mki); 566*90e502c7SAndroid Build Coastguard Worker 567*90e502c7SAndroid Build Coastguard Worker /** 568*90e502c7SAndroid Build Coastguard Worker * @brief srtp_create() allocates and initializes an SRTP session. 569*90e502c7SAndroid Build Coastguard Worker 570*90e502c7SAndroid Build Coastguard Worker * The function call srtp_create(session, policy) allocates and 571*90e502c7SAndroid Build Coastguard Worker * initializes an SRTP session context, applying the given policy. 572*90e502c7SAndroid Build Coastguard Worker * 573*90e502c7SAndroid Build Coastguard Worker * @param session is a pointer to the SRTP session to which the policy is 574*90e502c7SAndroid Build Coastguard Worker * to be added. 575*90e502c7SAndroid Build Coastguard Worker * 576*90e502c7SAndroid Build Coastguard Worker * @param policy is the srtp_policy_t struct that describes the policy 577*90e502c7SAndroid Build Coastguard Worker * for the session. The struct may be a single element, or it may be 578*90e502c7SAndroid Build Coastguard Worker * the head of a list, in which case each element of the list is 579*90e502c7SAndroid Build Coastguard Worker * processed. It may also be NULL, in which case streams should be added 580*90e502c7SAndroid Build Coastguard Worker * later using srtp_add_stream(). The final element of the list @b must 581*90e502c7SAndroid Build Coastguard Worker * have its `next' field set to NULL. 582*90e502c7SAndroid Build Coastguard Worker * 583*90e502c7SAndroid Build Coastguard Worker * @return 584*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok if creation succeded. 585*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_alloc_fail if allocation failed. 586*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_init_fail if initialization failed. 587*90e502c7SAndroid Build Coastguard Worker */ 588*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_create(srtp_t *session, const srtp_policy_t *policy); 589*90e502c7SAndroid Build Coastguard Worker 590*90e502c7SAndroid Build Coastguard Worker /** 591*90e502c7SAndroid Build Coastguard Worker * @brief srtp_add_stream() allocates and initializes an SRTP stream 592*90e502c7SAndroid Build Coastguard Worker * within a given SRTP session. 593*90e502c7SAndroid Build Coastguard Worker * 594*90e502c7SAndroid Build Coastguard Worker * The function call srtp_add_stream(session, policy) allocates and 595*90e502c7SAndroid Build Coastguard Worker * initializes a new SRTP stream within a given, previously created 596*90e502c7SAndroid Build Coastguard Worker * session, applying the policy given as the other argument to that 597*90e502c7SAndroid Build Coastguard Worker * stream. 598*90e502c7SAndroid Build Coastguard Worker * 599*90e502c7SAndroid Build Coastguard Worker * @return values: 600*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok if stream creation succeded. 601*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_alloc_fail if stream allocation failed 602*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_init_fail if stream initialization failed. 603*90e502c7SAndroid Build Coastguard Worker */ 604*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_add_stream(srtp_t session, const srtp_policy_t *policy); 605*90e502c7SAndroid Build Coastguard Worker 606*90e502c7SAndroid Build Coastguard Worker /** 607*90e502c7SAndroid Build Coastguard Worker * @brief srtp_remove_stream() deallocates an SRTP stream. 608*90e502c7SAndroid Build Coastguard Worker * 609*90e502c7SAndroid Build Coastguard Worker * The function call srtp_remove_stream(session, ssrc) removes 610*90e502c7SAndroid Build Coastguard Worker * the SRTP stream with the SSRC value ssrc from the SRTP session 611*90e502c7SAndroid Build Coastguard Worker * context given by the argument session. 612*90e502c7SAndroid Build Coastguard Worker * 613*90e502c7SAndroid Build Coastguard Worker * @param session is the SRTP session from which the stream 614*90e502c7SAndroid Build Coastguard Worker * will be removed. 615*90e502c7SAndroid Build Coastguard Worker * 616*90e502c7SAndroid Build Coastguard Worker * @param ssrc is the SSRC value of the stream to be removed 617*90e502c7SAndroid Build Coastguard Worker * in network byte order. 618*90e502c7SAndroid Build Coastguard Worker * 619*90e502c7SAndroid Build Coastguard Worker * @warning Wildcard SSRC values cannot be removed from a 620*90e502c7SAndroid Build Coastguard Worker * session. 621*90e502c7SAndroid Build Coastguard Worker * 622*90e502c7SAndroid Build Coastguard Worker * @return 623*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok if the stream deallocation succeded. 624*90e502c7SAndroid Build Coastguard Worker * - [other] otherwise. 625*90e502c7SAndroid Build Coastguard Worker * 626*90e502c7SAndroid Build Coastguard Worker */ 627*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_remove_stream(srtp_t session, unsigned int ssrc); 628*90e502c7SAndroid Build Coastguard Worker 629*90e502c7SAndroid Build Coastguard Worker /** 630*90e502c7SAndroid Build Coastguard Worker * @brief srtp_update() udpates all streams in the session. 631*90e502c7SAndroid Build Coastguard Worker * 632*90e502c7SAndroid Build Coastguard Worker * The function call srtp_update(session, policy) updates 633*90e502c7SAndroid Build Coastguard Worker * all the streams in the session applying the given policy 634*90e502c7SAndroid Build Coastguard Worker * and key. The exsisting ROC value of all streams will be 635*90e502c7SAndroid Build Coastguard Worker * preserved. 636*90e502c7SAndroid Build Coastguard Worker * 637*90e502c7SAndroid Build Coastguard Worker * @param session is the SRTP session that contains the streams 638*90e502c7SAndroid Build Coastguard Worker * to be updated. 639*90e502c7SAndroid Build Coastguard Worker * 640*90e502c7SAndroid Build Coastguard Worker * @param policy is the srtp_policy_t struct that describes the policy 641*90e502c7SAndroid Build Coastguard Worker * for the session. The struct may be a single element, or it may be 642*90e502c7SAndroid Build Coastguard Worker * the head of a list, in which case each element of the list is 643*90e502c7SAndroid Build Coastguard Worker * processed. The final element of the list @b must 644*90e502c7SAndroid Build Coastguard Worker * have its `next' field set to NULL. 645*90e502c7SAndroid Build Coastguard Worker * 646*90e502c7SAndroid Build Coastguard Worker * @return 647*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok if stream creation succeded. 648*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_alloc_fail if stream allocation failed 649*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_init_fail if stream initialization failed. 650*90e502c7SAndroid Build Coastguard Worker * - [other] otherwise. 651*90e502c7SAndroid Build Coastguard Worker * 652*90e502c7SAndroid Build Coastguard Worker */ 653*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_update(srtp_t session, const srtp_policy_t *policy); 654*90e502c7SAndroid Build Coastguard Worker 655*90e502c7SAndroid Build Coastguard Worker /** 656*90e502c7SAndroid Build Coastguard Worker * @brief srtp_update_stream() udpates a SRTP stream. 657*90e502c7SAndroid Build Coastguard Worker * 658*90e502c7SAndroid Build Coastguard Worker * The function call srtp_update_stream(session, policy) updates 659*90e502c7SAndroid Build Coastguard Worker * the stream(s) in the session that match applying the given 660*90e502c7SAndroid Build Coastguard Worker * policy and key. The exsisting ROC value of all stream(s) will 661*90e502c7SAndroid Build Coastguard Worker * be preserved. 662*90e502c7SAndroid Build Coastguard Worker * 663*90e502c7SAndroid Build Coastguard Worker * @param session is the SRTP session that contains the streams 664*90e502c7SAndroid Build Coastguard Worker * to be updated. 665*90e502c7SAndroid Build Coastguard Worker * 666*90e502c7SAndroid Build Coastguard Worker * @param policy is the srtp_policy_t struct that describes the policy 667*90e502c7SAndroid Build Coastguard Worker * for the session. 668*90e502c7SAndroid Build Coastguard Worker * 669*90e502c7SAndroid Build Coastguard Worker * @return 670*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok if stream creation succeded. 671*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_alloc_fail if stream allocation failed 672*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_init_fail if stream initialization failed. 673*90e502c7SAndroid Build Coastguard Worker * - [other] otherwise. 674*90e502c7SAndroid Build Coastguard Worker * 675*90e502c7SAndroid Build Coastguard Worker */ 676*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_update_stream(srtp_t session, 677*90e502c7SAndroid Build Coastguard Worker const srtp_policy_t *policy); 678*90e502c7SAndroid Build Coastguard Worker 679*90e502c7SAndroid Build Coastguard Worker /** 680*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_rtp_default() sets a crypto policy 681*90e502c7SAndroid Build Coastguard Worker * structure to the SRTP default policy for RTP protection. 682*90e502c7SAndroid Build Coastguard Worker * 683*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 684*90e502c7SAndroid Build Coastguard Worker * 685*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_rtp_default(&p) sets the 686*90e502c7SAndroid Build Coastguard Worker * srtp_crypto_policy_t at location p to the SRTP default policy for RTP 687*90e502c7SAndroid Build Coastguard Worker * protection, as defined in the specification. This function is a 688*90e502c7SAndroid Build Coastguard Worker * convenience that helps to avoid dealing directly with the policy 689*90e502c7SAndroid Build Coastguard Worker * data structure. You are encouraged to initialize policy elements 690*90e502c7SAndroid Build Coastguard Worker * with this function call. Doing so may allow your code to be 691*90e502c7SAndroid Build Coastguard Worker * forward compatible with later versions of libSRTP that include more 692*90e502c7SAndroid Build Coastguard Worker * elements in the srtp_crypto_policy_t datatype. 693*90e502c7SAndroid Build Coastguard Worker * 694*90e502c7SAndroid Build Coastguard Worker * @return void. 695*90e502c7SAndroid Build Coastguard Worker * 696*90e502c7SAndroid Build Coastguard Worker */ 697*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_rtp_default(srtp_crypto_policy_t *p); 698*90e502c7SAndroid Build Coastguard Worker 699*90e502c7SAndroid Build Coastguard Worker /** 700*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_rtcp_default() sets a crypto policy 701*90e502c7SAndroid Build Coastguard Worker * structure to the SRTP default policy for RTCP protection. 702*90e502c7SAndroid Build Coastguard Worker * 703*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 704*90e502c7SAndroid Build Coastguard Worker * 705*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_rtcp_default(&p) sets the 706*90e502c7SAndroid Build Coastguard Worker * srtp_crypto_policy_t at location p to the SRTP default policy for RTCP 707*90e502c7SAndroid Build Coastguard Worker * protection, as defined in the specification. This function is a 708*90e502c7SAndroid Build Coastguard Worker * convenience that helps to avoid dealing directly with the policy 709*90e502c7SAndroid Build Coastguard Worker * data structure. You are encouraged to initialize policy elements 710*90e502c7SAndroid Build Coastguard Worker * with this function call. Doing so may allow your code to be 711*90e502c7SAndroid Build Coastguard Worker * forward compatible with later versions of libSRTP that include more 712*90e502c7SAndroid Build Coastguard Worker * elements in the srtp_crypto_policy_t datatype. 713*90e502c7SAndroid Build Coastguard Worker * 714*90e502c7SAndroid Build Coastguard Worker * @return void. 715*90e502c7SAndroid Build Coastguard Worker * 716*90e502c7SAndroid Build Coastguard Worker */ 717*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_rtcp_default(srtp_crypto_policy_t *p); 718*90e502c7SAndroid Build Coastguard Worker 719*90e502c7SAndroid Build Coastguard Worker /** 720*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80() sets a crypto 721*90e502c7SAndroid Build Coastguard Worker * policy structure to the SRTP default policy for RTP protection. 722*90e502c7SAndroid Build Coastguard Worker * 723*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 724*90e502c7SAndroid Build Coastguard Worker * 725*90e502c7SAndroid Build Coastguard Worker * The function srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80() is a 726*90e502c7SAndroid Build Coastguard Worker * synonym for srtp_crypto_policy_set_rtp_default(). It conforms to the 727*90e502c7SAndroid Build Coastguard Worker * naming convention used in RFC 4568 (SDP Security Descriptions for 728*90e502c7SAndroid Build Coastguard Worker * Media Streams). 729*90e502c7SAndroid Build Coastguard Worker * 730*90e502c7SAndroid Build Coastguard Worker * @return void. 731*90e502c7SAndroid Build Coastguard Worker * 732*90e502c7SAndroid Build Coastguard Worker */ 733*90e502c7SAndroid Build Coastguard Worker #define srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(p) \ 734*90e502c7SAndroid Build Coastguard Worker srtp_crypto_policy_set_rtp_default(p) 735*90e502c7SAndroid Build Coastguard Worker 736*90e502c7SAndroid Build Coastguard Worker /** 737*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32() sets a crypto 738*90e502c7SAndroid Build Coastguard Worker * policy structure to a short-authentication tag policy 739*90e502c7SAndroid Build Coastguard Worker * 740*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 741*90e502c7SAndroid Build Coastguard Worker * 742*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(&p) 743*90e502c7SAndroid Build Coastguard Worker * sets the srtp_crypto_policy_t at location p to use policy 744*90e502c7SAndroid Build Coastguard Worker * AES_CM_128_HMAC_SHA1_32 as defined in RFC 4568. 745*90e502c7SAndroid Build Coastguard Worker * This policy uses AES-128 746*90e502c7SAndroid Build Coastguard Worker * Counter Mode encryption and HMAC-SHA1 authentication, with an 747*90e502c7SAndroid Build Coastguard Worker * authentication tag that is only 32 bits long. This length is 748*90e502c7SAndroid Build Coastguard Worker * considered adequate only for protecting audio and video media that 749*90e502c7SAndroid Build Coastguard Worker * use a stateless playback function. See Section 7.5 of RFC 3711 750*90e502c7SAndroid Build Coastguard Worker * (http://www.ietf.org/rfc/rfc3711.txt). 751*90e502c7SAndroid Build Coastguard Worker * 752*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 753*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 754*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 755*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 756*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 757*90e502c7SAndroid Build Coastguard Worker * 758*90e502c7SAndroid Build Coastguard Worker * @warning This crypto policy is intended for use in SRTP, but not in 759*90e502c7SAndroid Build Coastguard Worker * SRTCP. It is recommended that a policy that uses longer 760*90e502c7SAndroid Build Coastguard Worker * authentication tags be used for SRTCP. See Section 7.5 of RFC 3711 761*90e502c7SAndroid Build Coastguard Worker * (http://www.ietf.org/rfc/rfc3711.txt). 762*90e502c7SAndroid Build Coastguard Worker * 763*90e502c7SAndroid Build Coastguard Worker * @return void. 764*90e502c7SAndroid Build Coastguard Worker * 765*90e502c7SAndroid Build Coastguard Worker */ 766*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(srtp_crypto_policy_t *p); 767*90e502c7SAndroid Build Coastguard Worker 768*90e502c7SAndroid Build Coastguard Worker /** 769*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_cm_128_null_auth() sets a crypto 770*90e502c7SAndroid Build Coastguard Worker * policy structure to an encryption-only policy 771*90e502c7SAndroid Build Coastguard Worker * 772*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 773*90e502c7SAndroid Build Coastguard Worker * 774*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_cm_128_null_auth(&p) sets 775*90e502c7SAndroid Build Coastguard Worker * the srtp_crypto_policy_t at location p to use the SRTP default cipher 776*90e502c7SAndroid Build Coastguard Worker * (AES-128 Counter Mode), but to use no authentication method. This 777*90e502c7SAndroid Build Coastguard Worker * policy is NOT RECOMMENDED unless it is unavoidable; see Section 7.5 778*90e502c7SAndroid Build Coastguard Worker * of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). 779*90e502c7SAndroid Build Coastguard Worker * 780*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 781*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 782*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 783*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 784*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 785*90e502c7SAndroid Build Coastguard Worker * 786*90e502c7SAndroid Build Coastguard Worker * @warning This policy is NOT RECOMMENDED for SRTP unless it is 787*90e502c7SAndroid Build Coastguard Worker * unavoidable, and it is NOT RECOMMENDED at all for SRTCP; see 788*90e502c7SAndroid Build Coastguard Worker * Section 7.5 of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). 789*90e502c7SAndroid Build Coastguard Worker * 790*90e502c7SAndroid Build Coastguard Worker * @return void. 791*90e502c7SAndroid Build Coastguard Worker * 792*90e502c7SAndroid Build Coastguard Worker */ 793*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_cm_128_null_auth(srtp_crypto_policy_t *p); 794*90e502c7SAndroid Build Coastguard Worker 795*90e502c7SAndroid Build Coastguard Worker /** 796*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_null_cipher_hmac_sha1_80() sets a crypto 797*90e502c7SAndroid Build Coastguard Worker * policy structure to an authentication-only policy 798*90e502c7SAndroid Build Coastguard Worker * 799*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 800*90e502c7SAndroid Build Coastguard Worker * 801*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&p) 802*90e502c7SAndroid Build Coastguard Worker * sets the srtp_crypto_policy_t at location p to use HMAC-SHA1 with an 80 803*90e502c7SAndroid Build Coastguard Worker * bit authentication tag to provide message authentication, but to 804*90e502c7SAndroid Build Coastguard Worker * use no encryption. This policy is NOT RECOMMENDED for SRTP unless 805*90e502c7SAndroid Build Coastguard Worker * there is a requirement to forego encryption. 806*90e502c7SAndroid Build Coastguard Worker * 807*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 808*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 809*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 810*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 811*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 812*90e502c7SAndroid Build Coastguard Worker * 813*90e502c7SAndroid Build Coastguard Worker * @warning This policy is NOT RECOMMENDED for SRTP unless there is a 814*90e502c7SAndroid Build Coastguard Worker * requirement to forego encryption. 815*90e502c7SAndroid Build Coastguard Worker * 816*90e502c7SAndroid Build Coastguard Worker * @return void. 817*90e502c7SAndroid Build Coastguard Worker * 818*90e502c7SAndroid Build Coastguard Worker */ 819*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_null_cipher_hmac_sha1_80(srtp_crypto_policy_t *p); 820*90e502c7SAndroid Build Coastguard Worker 821*90e502c7SAndroid Build Coastguard Worker /** 822*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_null_cipher_hmac_null() sets a crypto 823*90e502c7SAndroid Build Coastguard Worker * policy structure to use no encryption or authentication. 824*90e502c7SAndroid Build Coastguard Worker * 825*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 826*90e502c7SAndroid Build Coastguard Worker * 827*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_null_cipher_hmac_null(&p) 828*90e502c7SAndroid Build Coastguard Worker * sets the srtp_crypto_policy_t at location p to use no encryption and 829*90e502c7SAndroid Build Coastguard Worker * no authentication. This policy should only be used for testing and 830*90e502c7SAndroid Build Coastguard Worker * troubleshootingl. 831*90e502c7SAndroid Build Coastguard Worker * 832*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 833*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 834*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 835*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 836*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 837*90e502c7SAndroid Build Coastguard Worker * 838*90e502c7SAndroid Build Coastguard Worker * @warning This policy is NOT RECOMMENDED for SRTP unless there is a 839*90e502c7SAndroid Build Coastguard Worker * requirement to forego encryption and authentication. 840*90e502c7SAndroid Build Coastguard Worker * 841*90e502c7SAndroid Build Coastguard Worker * @return void. 842*90e502c7SAndroid Build Coastguard Worker * 843*90e502c7SAndroid Build Coastguard Worker */ 844*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_null_cipher_hmac_null(srtp_crypto_policy_t *p); 845*90e502c7SAndroid Build Coastguard Worker 846*90e502c7SAndroid Build Coastguard Worker /** 847*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80() sets a crypto 848*90e502c7SAndroid Build Coastguard Worker * policy structure to a encryption and authentication policy using AES-256 849*90e502c7SAndroid Build Coastguard Worker * for RTP protection. 850*90e502c7SAndroid Build Coastguard Worker * 851*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 852*90e502c7SAndroid Build Coastguard Worker * 853*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(&p) 854*90e502c7SAndroid Build Coastguard Worker * sets the srtp_crypto_policy_t at location p to use policy 855*90e502c7SAndroid Build Coastguard Worker * AES_CM_256_HMAC_SHA1_80 as defined in RFC 6188. This policy uses AES-256 856*90e502c7SAndroid Build Coastguard Worker * Counter Mode encryption and HMAC-SHA1 authentication, with an 80 bit 857*90e502c7SAndroid Build Coastguard Worker * authentication tag. 858*90e502c7SAndroid Build Coastguard Worker * 859*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 860*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 861*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 862*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 863*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 864*90e502c7SAndroid Build Coastguard Worker * 865*90e502c7SAndroid Build Coastguard Worker * @return void. 866*90e502c7SAndroid Build Coastguard Worker * 867*90e502c7SAndroid Build Coastguard Worker */ 868*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(srtp_crypto_policy_t *p); 869*90e502c7SAndroid Build Coastguard Worker 870*90e502c7SAndroid Build Coastguard Worker /** 871*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32() sets a crypto 872*90e502c7SAndroid Build Coastguard Worker * policy structure to a short-authentication tag policy using AES-256 873*90e502c7SAndroid Build Coastguard Worker * encryption. 874*90e502c7SAndroid Build Coastguard Worker * 875*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 876*90e502c7SAndroid Build Coastguard Worker * 877*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32(&p) 878*90e502c7SAndroid Build Coastguard Worker * sets the srtp_crypto_policy_t at location p to use policy 879*90e502c7SAndroid Build Coastguard Worker * AES_CM_256_HMAC_SHA1_32 as defined in RFC 6188. This policy uses AES-256 880*90e502c7SAndroid Build Coastguard Worker * Counter Mode encryption and HMAC-SHA1 authentication, with an 881*90e502c7SAndroid Build Coastguard Worker * authentication tag that is only 32 bits long. This length is 882*90e502c7SAndroid Build Coastguard Worker * considered adequate only for protecting audio and video media that 883*90e502c7SAndroid Build Coastguard Worker * use a stateless playback function. See Section 7.5 of RFC 3711 884*90e502c7SAndroid Build Coastguard Worker * (http://www.ietf.org/rfc/rfc3711.txt). 885*90e502c7SAndroid Build Coastguard Worker * 886*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 887*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 888*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 889*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 890*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 891*90e502c7SAndroid Build Coastguard Worker * 892*90e502c7SAndroid Build Coastguard Worker * @warning This crypto policy is intended for use in SRTP, but not in 893*90e502c7SAndroid Build Coastguard Worker * SRTCP. It is recommended that a policy that uses longer 894*90e502c7SAndroid Build Coastguard Worker * authentication tags be used for SRTCP. See Section 7.5 of RFC 3711 895*90e502c7SAndroid Build Coastguard Worker * (http://www.ietf.org/rfc/rfc3711.txt). 896*90e502c7SAndroid Build Coastguard Worker * 897*90e502c7SAndroid Build Coastguard Worker * @return void. 898*90e502c7SAndroid Build Coastguard Worker * 899*90e502c7SAndroid Build Coastguard Worker */ 900*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32(srtp_crypto_policy_t *p); 901*90e502c7SAndroid Build Coastguard Worker 902*90e502c7SAndroid Build Coastguard Worker /** 903*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_cm_256_null_auth() sets a crypto 904*90e502c7SAndroid Build Coastguard Worker * policy structure to an encryption-only policy 905*90e502c7SAndroid Build Coastguard Worker * 906*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 907*90e502c7SAndroid Build Coastguard Worker * 908*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_cm_256_null_auth(&p) sets 909*90e502c7SAndroid Build Coastguard Worker * the srtp_crypto_policy_t at location p to use the SRTP default cipher 910*90e502c7SAndroid Build Coastguard Worker * (AES-256 Counter Mode), but to use no authentication method. This 911*90e502c7SAndroid Build Coastguard Worker * policy is NOT RECOMMENDED unless it is unavoidable; see Section 7.5 912*90e502c7SAndroid Build Coastguard Worker * of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). 913*90e502c7SAndroid Build Coastguard Worker * 914*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 915*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 916*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 917*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 918*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 919*90e502c7SAndroid Build Coastguard Worker * 920*90e502c7SAndroid Build Coastguard Worker * @warning This policy is NOT RECOMMENDED for SRTP unless it is 921*90e502c7SAndroid Build Coastguard Worker * unavoidable, and it is NOT RECOMMENDED at all for SRTCP; see 922*90e502c7SAndroid Build Coastguard Worker * Section 7.5 of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). 923*90e502c7SAndroid Build Coastguard Worker * 924*90e502c7SAndroid Build Coastguard Worker * @return void. 925*90e502c7SAndroid Build Coastguard Worker * 926*90e502c7SAndroid Build Coastguard Worker */ 927*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_cm_256_null_auth(srtp_crypto_policy_t *p); 928*90e502c7SAndroid Build Coastguard Worker 929*90e502c7SAndroid Build Coastguard Worker /** 930*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80() sets a crypto 931*90e502c7SAndroid Build Coastguard Worker * policy structure to a encryption and authentication policy using AES-192 932*90e502c7SAndroid Build Coastguard Worker * for RTP protection. 933*90e502c7SAndroid Build Coastguard Worker * 934*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 935*90e502c7SAndroid Build Coastguard Worker * 936*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80(&p) 937*90e502c7SAndroid Build Coastguard Worker * sets the srtp_crypto_policy_t at location p to use policy 938*90e502c7SAndroid Build Coastguard Worker * AES_CM_192_HMAC_SHA1_80 as defined in RFC 6188. This policy uses AES-192 939*90e502c7SAndroid Build Coastguard Worker * Counter Mode encryption and HMAC-SHA1 authentication, with an 80 bit 940*90e502c7SAndroid Build Coastguard Worker * authentication tag. 941*90e502c7SAndroid Build Coastguard Worker * 942*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 943*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 944*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 945*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 946*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 947*90e502c7SAndroid Build Coastguard Worker * 948*90e502c7SAndroid Build Coastguard Worker * @return void. 949*90e502c7SAndroid Build Coastguard Worker * 950*90e502c7SAndroid Build Coastguard Worker */ 951*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80(srtp_crypto_policy_t *p); 952*90e502c7SAndroid Build Coastguard Worker 953*90e502c7SAndroid Build Coastguard Worker /** 954*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32() sets a crypto 955*90e502c7SAndroid Build Coastguard Worker * policy structure to a short-authentication tag policy using AES-192 956*90e502c7SAndroid Build Coastguard Worker * encryption. 957*90e502c7SAndroid Build Coastguard Worker * 958*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 959*90e502c7SAndroid Build Coastguard Worker * 960*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32(&p) 961*90e502c7SAndroid Build Coastguard Worker * sets the srtp_crypto_policy_t at location p to use policy 962*90e502c7SAndroid Build Coastguard Worker * AES_CM_192_HMAC_SHA1_32 as defined in RFC 6188. This policy uses AES-192 963*90e502c7SAndroid Build Coastguard Worker * Counter Mode encryption and HMAC-SHA1 authentication, with an 964*90e502c7SAndroid Build Coastguard Worker * authentication tag that is only 32 bits long. This length is 965*90e502c7SAndroid Build Coastguard Worker * considered adequate only for protecting audio and video media that 966*90e502c7SAndroid Build Coastguard Worker * use a stateless playback function. See Section 7.5 of RFC 3711 967*90e502c7SAndroid Build Coastguard Worker * (http://www.ietf.org/rfc/rfc3711.txt). 968*90e502c7SAndroid Build Coastguard Worker * 969*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 970*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 971*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 972*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 973*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 974*90e502c7SAndroid Build Coastguard Worker * 975*90e502c7SAndroid Build Coastguard Worker * @warning This crypto policy is intended for use in SRTP, but not in 976*90e502c7SAndroid Build Coastguard Worker * SRTCP. It is recommended that a policy that uses longer 977*90e502c7SAndroid Build Coastguard Worker * authentication tags be used for SRTCP. See Section 7.5 of RFC 3711 978*90e502c7SAndroid Build Coastguard Worker * (http://www.ietf.org/rfc/rfc3711.txt). 979*90e502c7SAndroid Build Coastguard Worker * 980*90e502c7SAndroid Build Coastguard Worker * @return void. 981*90e502c7SAndroid Build Coastguard Worker * 982*90e502c7SAndroid Build Coastguard Worker */ 983*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32(srtp_crypto_policy_t *p); 984*90e502c7SAndroid Build Coastguard Worker 985*90e502c7SAndroid Build Coastguard Worker /** 986*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_cm_192_null_auth() sets a crypto 987*90e502c7SAndroid Build Coastguard Worker * policy structure to an encryption-only policy 988*90e502c7SAndroid Build Coastguard Worker * 989*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 990*90e502c7SAndroid Build Coastguard Worker * 991*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_cm_192_null_auth(&p) sets 992*90e502c7SAndroid Build Coastguard Worker * the srtp_crypto_policy_t at location p to use the SRTP default cipher 993*90e502c7SAndroid Build Coastguard Worker * (AES-192 Counter Mode), but to use no authentication method. This 994*90e502c7SAndroid Build Coastguard Worker * policy is NOT RECOMMENDED unless it is unavoidable; see Section 7.5 995*90e502c7SAndroid Build Coastguard Worker * of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). 996*90e502c7SAndroid Build Coastguard Worker * 997*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 998*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 999*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 1000*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 1001*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 1002*90e502c7SAndroid Build Coastguard Worker * 1003*90e502c7SAndroid Build Coastguard Worker * @warning This policy is NOT RECOMMENDED for SRTP unless it is 1004*90e502c7SAndroid Build Coastguard Worker * unavoidable, and it is NOT RECOMMENDED at all for SRTCP; see 1005*90e502c7SAndroid Build Coastguard Worker * Section 7.5 of RFC 3711 (http://www.ietf.org/rfc/rfc3711.txt). 1006*90e502c7SAndroid Build Coastguard Worker * 1007*90e502c7SAndroid Build Coastguard Worker * @return void. 1008*90e502c7SAndroid Build Coastguard Worker * 1009*90e502c7SAndroid Build Coastguard Worker */ 1010*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_cm_192_null_auth(srtp_crypto_policy_t *p); 1011*90e502c7SAndroid Build Coastguard Worker 1012*90e502c7SAndroid Build Coastguard Worker /** 1013*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_gcm_128_8_auth() sets a crypto 1014*90e502c7SAndroid Build Coastguard Worker * policy structure to an AEAD encryption policy. 1015*90e502c7SAndroid Build Coastguard Worker * 1016*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 1017*90e502c7SAndroid Build Coastguard Worker * 1018*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_gcm_128_8_auth(&p) sets 1019*90e502c7SAndroid Build Coastguard Worker * the srtp_crypto_policy_t at location p to use the SRTP default cipher 1020*90e502c7SAndroid Build Coastguard Worker * (AES-128 Galois Counter Mode) with 8 octet auth tag. This 1021*90e502c7SAndroid Build Coastguard Worker * policy applies confidentiality and authentication to both the 1022*90e502c7SAndroid Build Coastguard Worker * RTP and RTCP packets. 1023*90e502c7SAndroid Build Coastguard Worker * 1024*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 1025*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 1026*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 1027*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 1028*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 1029*90e502c7SAndroid Build Coastguard Worker * 1030*90e502c7SAndroid Build Coastguard Worker * @return void. 1031*90e502c7SAndroid Build Coastguard Worker * 1032*90e502c7SAndroid Build Coastguard Worker */ 1033*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_gcm_128_8_auth(srtp_crypto_policy_t *p); 1034*90e502c7SAndroid Build Coastguard Worker 1035*90e502c7SAndroid Build Coastguard Worker /** 1036*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_gcm_256_8_auth() sets a crypto 1037*90e502c7SAndroid Build Coastguard Worker * policy structure to an AEAD encryption policy 1038*90e502c7SAndroid Build Coastguard Worker * 1039*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 1040*90e502c7SAndroid Build Coastguard Worker * 1041*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_gcm_256_8_auth(&p) sets 1042*90e502c7SAndroid Build Coastguard Worker * the srtp_crypto_policy_t at location p to use the SRTP default cipher 1043*90e502c7SAndroid Build Coastguard Worker * (AES-256 Galois Counter Mode) with 8 octet auth tag. This 1044*90e502c7SAndroid Build Coastguard Worker * policy applies confidentiality and authentication to both the 1045*90e502c7SAndroid Build Coastguard Worker * RTP and RTCP packets. 1046*90e502c7SAndroid Build Coastguard Worker * 1047*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 1048*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 1049*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 1050*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 1051*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 1052*90e502c7SAndroid Build Coastguard Worker * 1053*90e502c7SAndroid Build Coastguard Worker * @return void. 1054*90e502c7SAndroid Build Coastguard Worker * 1055*90e502c7SAndroid Build Coastguard Worker */ 1056*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_gcm_256_8_auth(srtp_crypto_policy_t *p); 1057*90e502c7SAndroid Build Coastguard Worker 1058*90e502c7SAndroid Build Coastguard Worker /** 1059*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_gcm_128_8_only_auth() sets a crypto 1060*90e502c7SAndroid Build Coastguard Worker * policy structure to an AEAD authentication-only policy 1061*90e502c7SAndroid Build Coastguard Worker * 1062*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 1063*90e502c7SAndroid Build Coastguard Worker * 1064*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&p) sets 1065*90e502c7SAndroid Build Coastguard Worker * the srtp_crypto_policy_t at location p to use the SRTP default cipher 1066*90e502c7SAndroid Build Coastguard Worker * (AES-128 Galois Counter Mode) with 8 octet auth tag. This policy 1067*90e502c7SAndroid Build Coastguard Worker * applies confidentiality and authentication to the RTP packets, 1068*90e502c7SAndroid Build Coastguard Worker * but only authentication to the RTCP packets. 1069*90e502c7SAndroid Build Coastguard Worker * 1070*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 1071*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 1072*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 1073*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 1074*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 1075*90e502c7SAndroid Build Coastguard Worker * 1076*90e502c7SAndroid Build Coastguard Worker * @return void. 1077*90e502c7SAndroid Build Coastguard Worker * 1078*90e502c7SAndroid Build Coastguard Worker */ 1079*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_gcm_128_8_only_auth(srtp_crypto_policy_t *p); 1080*90e502c7SAndroid Build Coastguard Worker 1081*90e502c7SAndroid Build Coastguard Worker /** 1082*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_gcm_256_8_only_auth() sets a crypto 1083*90e502c7SAndroid Build Coastguard Worker * policy structure to an AEAD authentication-only policy 1084*90e502c7SAndroid Build Coastguard Worker * 1085*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 1086*90e502c7SAndroid Build Coastguard Worker * 1087*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&p) sets 1088*90e502c7SAndroid Build Coastguard Worker * the srtp_crypto_policy_t at location p to use the SRTP default cipher 1089*90e502c7SAndroid Build Coastguard Worker * (AES-256 Galois Counter Mode) with 8 octet auth tag. This policy 1090*90e502c7SAndroid Build Coastguard Worker * applies confidentiality and authentication to the RTP packets, 1091*90e502c7SAndroid Build Coastguard Worker * but only authentication to the RTCP packets. 1092*90e502c7SAndroid Build Coastguard Worker * 1093*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 1094*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 1095*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 1096*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 1097*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 1098*90e502c7SAndroid Build Coastguard Worker * 1099*90e502c7SAndroid Build Coastguard Worker * @return void. 1100*90e502c7SAndroid Build Coastguard Worker * 1101*90e502c7SAndroid Build Coastguard Worker */ 1102*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_gcm_256_8_only_auth(srtp_crypto_policy_t *p); 1103*90e502c7SAndroid Build Coastguard Worker 1104*90e502c7SAndroid Build Coastguard Worker /** 1105*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_gcm_128_16_auth() sets a crypto 1106*90e502c7SAndroid Build Coastguard Worker * policy structure to an AEAD encryption policy. 1107*90e502c7SAndroid Build Coastguard Worker * 1108*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 1109*90e502c7SAndroid Build Coastguard Worker * 1110*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_gcm_128_16_auth(&p) sets 1111*90e502c7SAndroid Build Coastguard Worker * the srtp_crypto_policy_t at location p to use the SRTP default cipher 1112*90e502c7SAndroid Build Coastguard Worker * (AES-128 Galois Counter Mode) with 16 octet auth tag. This 1113*90e502c7SAndroid Build Coastguard Worker * policy applies confidentiality and authentication to both the 1114*90e502c7SAndroid Build Coastguard Worker * RTP and RTCP packets. 1115*90e502c7SAndroid Build Coastguard Worker * 1116*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 1117*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 1118*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 1119*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 1120*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 1121*90e502c7SAndroid Build Coastguard Worker * 1122*90e502c7SAndroid Build Coastguard Worker * @return void. 1123*90e502c7SAndroid Build Coastguard Worker * 1124*90e502c7SAndroid Build Coastguard Worker */ 1125*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_gcm_128_16_auth(srtp_crypto_policy_t *p); 1126*90e502c7SAndroid Build Coastguard Worker 1127*90e502c7SAndroid Build Coastguard Worker /** 1128*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_aes_gcm_256_16_auth() sets a crypto 1129*90e502c7SAndroid Build Coastguard Worker * policy structure to an AEAD encryption policy 1130*90e502c7SAndroid Build Coastguard Worker * 1131*90e502c7SAndroid Build Coastguard Worker * @param p is a pointer to the policy structure to be set 1132*90e502c7SAndroid Build Coastguard Worker * 1133*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_aes_gcm_256_16_auth(&p) sets 1134*90e502c7SAndroid Build Coastguard Worker * the srtp_crypto_policy_t at location p to use the SRTP default cipher 1135*90e502c7SAndroid Build Coastguard Worker * (AES-256 Galois Counter Mode) with 16 octet auth tag. This 1136*90e502c7SAndroid Build Coastguard Worker * policy applies confidentiality and authentication to both the 1137*90e502c7SAndroid Build Coastguard Worker * RTP and RTCP packets. 1138*90e502c7SAndroid Build Coastguard Worker * 1139*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 1140*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 1141*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 1142*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 1143*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 1144*90e502c7SAndroid Build Coastguard Worker * 1145*90e502c7SAndroid Build Coastguard Worker * @return void. 1146*90e502c7SAndroid Build Coastguard Worker * 1147*90e502c7SAndroid Build Coastguard Worker */ 1148*90e502c7SAndroid Build Coastguard Worker void srtp_crypto_policy_set_aes_gcm_256_16_auth(srtp_crypto_policy_t *p); 1149*90e502c7SAndroid Build Coastguard Worker 1150*90e502c7SAndroid Build Coastguard Worker /** 1151*90e502c7SAndroid Build Coastguard Worker * @brief srtp_dealloc() deallocates storage for an SRTP session 1152*90e502c7SAndroid Build Coastguard Worker * context. 1153*90e502c7SAndroid Build Coastguard Worker * 1154*90e502c7SAndroid Build Coastguard Worker * The function call srtp_dealloc(s) deallocates storage for the 1155*90e502c7SAndroid Build Coastguard Worker * SRTP session context s. This function should be called no more 1156*90e502c7SAndroid Build Coastguard Worker * than one time for each of the contexts allocated by the function 1157*90e502c7SAndroid Build Coastguard Worker * srtp_create(). 1158*90e502c7SAndroid Build Coastguard Worker * 1159*90e502c7SAndroid Build Coastguard Worker * @param s is the srtp_t for the session to be deallocated. 1160*90e502c7SAndroid Build Coastguard Worker * 1161*90e502c7SAndroid Build Coastguard Worker * @return 1162*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok if there no problems. 1163*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_dealloc_fail a memory deallocation failure occured. 1164*90e502c7SAndroid Build Coastguard Worker */ 1165*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_dealloc(srtp_t s); 1166*90e502c7SAndroid Build Coastguard Worker 1167*90e502c7SAndroid Build Coastguard Worker /* 1168*90e502c7SAndroid Build Coastguard Worker * @brief identifies a particular SRTP profile 1169*90e502c7SAndroid Build Coastguard Worker * 1170*90e502c7SAndroid Build Coastguard Worker * An srtp_profile_t enumeration is used to identify a particular SRTP 1171*90e502c7SAndroid Build Coastguard Worker * profile (that is, a set of algorithms and parameters). These profiles 1172*90e502c7SAndroid Build Coastguard Worker * are defined for DTLS-SRTP: 1173*90e502c7SAndroid Build Coastguard Worker * https://www.iana.org/assignments/srtp-protection/srtp-protection.xhtml 1174*90e502c7SAndroid Build Coastguard Worker */ 1175*90e502c7SAndroid Build Coastguard Worker typedef enum { 1176*90e502c7SAndroid Build Coastguard Worker srtp_profile_reserved = 0, 1177*90e502c7SAndroid Build Coastguard Worker srtp_profile_aes128_cm_sha1_80 = 1, 1178*90e502c7SAndroid Build Coastguard Worker srtp_profile_aes128_cm_sha1_32 = 2, 1179*90e502c7SAndroid Build Coastguard Worker srtp_profile_null_sha1_80 = 5, 1180*90e502c7SAndroid Build Coastguard Worker srtp_profile_null_sha1_32 = 6, 1181*90e502c7SAndroid Build Coastguard Worker srtp_profile_aead_aes_128_gcm = 7, 1182*90e502c7SAndroid Build Coastguard Worker srtp_profile_aead_aes_256_gcm = 8, 1183*90e502c7SAndroid Build Coastguard Worker } srtp_profile_t; 1184*90e502c7SAndroid Build Coastguard Worker 1185*90e502c7SAndroid Build Coastguard Worker /** 1186*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_from_profile_for_rtp() sets a crypto policy 1187*90e502c7SAndroid Build Coastguard Worker * structure to the appropriate value for RTP based on an srtp_profile_t 1188*90e502c7SAndroid Build Coastguard Worker * 1189*90e502c7SAndroid Build Coastguard Worker * @param policy is a pointer to the policy structure to be set 1190*90e502c7SAndroid Build Coastguard Worker * 1191*90e502c7SAndroid Build Coastguard Worker * @param profile is an enumeration for the policy to be set 1192*90e502c7SAndroid Build Coastguard Worker * 1193*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_rtp_default(&policy, profile) 1194*90e502c7SAndroid Build Coastguard Worker * sets the srtp_crypto_policy_t at location policy to the policy for RTP 1195*90e502c7SAndroid Build Coastguard Worker * protection, as defined by the srtp_profile_t profile. 1196*90e502c7SAndroid Build Coastguard Worker * 1197*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 1198*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 1199*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 1200*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 1201*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 1202*90e502c7SAndroid Build Coastguard Worker * 1203*90e502c7SAndroid Build Coastguard Worker * @return values 1204*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok no problems were encountered 1205*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_bad_param the profile is not supported 1206*90e502c7SAndroid Build Coastguard Worker * 1207*90e502c7SAndroid Build Coastguard Worker */ 1208*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_crypto_policy_set_from_profile_for_rtp( 1209*90e502c7SAndroid Build Coastguard Worker srtp_crypto_policy_t *policy, 1210*90e502c7SAndroid Build Coastguard Worker srtp_profile_t profile); 1211*90e502c7SAndroid Build Coastguard Worker 1212*90e502c7SAndroid Build Coastguard Worker /** 1213*90e502c7SAndroid Build Coastguard Worker * @brief srtp_crypto_policy_set_from_profile_for_rtcp() sets a crypto policy 1214*90e502c7SAndroid Build Coastguard Worker * structure to the appropriate value for RTCP based on an srtp_profile_t 1215*90e502c7SAndroid Build Coastguard Worker * 1216*90e502c7SAndroid Build Coastguard Worker * @param policy is a pointer to the policy structure to be set 1217*90e502c7SAndroid Build Coastguard Worker * 1218*90e502c7SAndroid Build Coastguard Worker * @param profile is an enumeration for the policy to be set 1219*90e502c7SAndroid Build Coastguard Worker * 1220*90e502c7SAndroid Build Coastguard Worker * The function call srtp_crypto_policy_set_rtcp_default(&policy, profile) 1221*90e502c7SAndroid Build Coastguard Worker * sets the srtp_crypto_policy_t at location policy to the policy for RTCP 1222*90e502c7SAndroid Build Coastguard Worker * protection, as defined by the srtp_profile_t profile. 1223*90e502c7SAndroid Build Coastguard Worker * 1224*90e502c7SAndroid Build Coastguard Worker * This function is a convenience that helps to avoid dealing directly 1225*90e502c7SAndroid Build Coastguard Worker * with the policy data structure. You are encouraged to initialize 1226*90e502c7SAndroid Build Coastguard Worker * policy elements with this function call. Doing so may allow your 1227*90e502c7SAndroid Build Coastguard Worker * code to be forward compatible with later versions of libSRTP that 1228*90e502c7SAndroid Build Coastguard Worker * include more elements in the srtp_crypto_policy_t datatype. 1229*90e502c7SAndroid Build Coastguard Worker * 1230*90e502c7SAndroid Build Coastguard Worker * @return values 1231*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok no problems were encountered 1232*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_bad_param the profile is not supported 1233*90e502c7SAndroid Build Coastguard Worker * 1234*90e502c7SAndroid Build Coastguard Worker */ 1235*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_crypto_policy_set_from_profile_for_rtcp( 1236*90e502c7SAndroid Build Coastguard Worker srtp_crypto_policy_t *policy, 1237*90e502c7SAndroid Build Coastguard Worker srtp_profile_t profile); 1238*90e502c7SAndroid Build Coastguard Worker 1239*90e502c7SAndroid Build Coastguard Worker /** 1240*90e502c7SAndroid Build Coastguard Worker * @brief returns the master key length for a given SRTP profile 1241*90e502c7SAndroid Build Coastguard Worker */ 1242*90e502c7SAndroid Build Coastguard Worker unsigned int srtp_profile_get_master_key_length(srtp_profile_t profile); 1243*90e502c7SAndroid Build Coastguard Worker 1244*90e502c7SAndroid Build Coastguard Worker /** 1245*90e502c7SAndroid Build Coastguard Worker * @brief returns the master salt length for a given SRTP profile 1246*90e502c7SAndroid Build Coastguard Worker */ 1247*90e502c7SAndroid Build Coastguard Worker unsigned int srtp_profile_get_master_salt_length(srtp_profile_t profile); 1248*90e502c7SAndroid Build Coastguard Worker 1249*90e502c7SAndroid Build Coastguard Worker /** 1250*90e502c7SAndroid Build Coastguard Worker * @brief appends the salt to the key 1251*90e502c7SAndroid Build Coastguard Worker * 1252*90e502c7SAndroid Build Coastguard Worker * The function call srtp_append_salt_to_key(k, klen, s, slen) 1253*90e502c7SAndroid Build Coastguard Worker * copies the string s to the location at klen bytes following 1254*90e502c7SAndroid Build Coastguard Worker * the location k. 1255*90e502c7SAndroid Build Coastguard Worker * 1256*90e502c7SAndroid Build Coastguard Worker * @warning There must be at least bytes_in_salt + bytes_in_key bytes 1257*90e502c7SAndroid Build Coastguard Worker * available at the location pointed to by key. 1258*90e502c7SAndroid Build Coastguard Worker * 1259*90e502c7SAndroid Build Coastguard Worker */ 1260*90e502c7SAndroid Build Coastguard Worker void srtp_append_salt_to_key(unsigned char *key, 1261*90e502c7SAndroid Build Coastguard Worker unsigned int bytes_in_key, 1262*90e502c7SAndroid Build Coastguard Worker unsigned char *salt, 1263*90e502c7SAndroid Build Coastguard Worker unsigned int bytes_in_salt); 1264*90e502c7SAndroid Build Coastguard Worker 1265*90e502c7SAndroid Build Coastguard Worker /** 1266*90e502c7SAndroid Build Coastguard Worker * @} 1267*90e502c7SAndroid Build Coastguard Worker */ 1268*90e502c7SAndroid Build Coastguard Worker 1269*90e502c7SAndroid Build Coastguard Worker /** 1270*90e502c7SAndroid Build Coastguard Worker * @defgroup SRTCP Secure RTCP 1271*90e502c7SAndroid Build Coastguard Worker * @ingroup SRTP 1272*90e502c7SAndroid Build Coastguard Worker * 1273*90e502c7SAndroid Build Coastguard Worker * @brief Secure RTCP functions are used to protect RTCP traffic. 1274*90e502c7SAndroid Build Coastguard Worker * 1275*90e502c7SAndroid Build Coastguard Worker * RTCP is the control protocol for RTP. libSRTP protects RTCP 1276*90e502c7SAndroid Build Coastguard Worker * traffic in much the same way as it does RTP traffic. The function 1277*90e502c7SAndroid Build Coastguard Worker * srtp_protect_rtcp() applies cryptographic protections to outbound 1278*90e502c7SAndroid Build Coastguard Worker * RTCP packets, and srtp_unprotect_rtcp() verifies the protections on 1279*90e502c7SAndroid Build Coastguard Worker * inbound RTCP packets. 1280*90e502c7SAndroid Build Coastguard Worker * 1281*90e502c7SAndroid Build Coastguard Worker * A note on the naming convention: srtp_protect_rtcp() has an srtp_t 1282*90e502c7SAndroid Build Coastguard Worker * as its first argument, and thus has `srtp_' as its prefix. The 1283*90e502c7SAndroid Build Coastguard Worker * trailing `_rtcp' indicates the protocol on which it acts. 1284*90e502c7SAndroid Build Coastguard Worker * 1285*90e502c7SAndroid Build Coastguard Worker * @{ 1286*90e502c7SAndroid Build Coastguard Worker */ 1287*90e502c7SAndroid Build Coastguard Worker 1288*90e502c7SAndroid Build Coastguard Worker /** 1289*90e502c7SAndroid Build Coastguard Worker * @brief srtp_protect_rtcp() is the Secure RTCP sender-side packet 1290*90e502c7SAndroid Build Coastguard Worker * processing function. 1291*90e502c7SAndroid Build Coastguard Worker * 1292*90e502c7SAndroid Build Coastguard Worker * The function call srtp_protect_rtcp(ctx, rtp_hdr, len_ptr) applies 1293*90e502c7SAndroid Build Coastguard Worker * SRTCP protection to the RTCP packet rtcp_hdr (which has length 1294*90e502c7SAndroid Build Coastguard Worker * *len_ptr) using the SRTP session context ctx. If srtp_err_status_ok is 1295*90e502c7SAndroid Build Coastguard Worker * returned, then rtp_hdr points to the resulting SRTCP packet and 1296*90e502c7SAndroid Build Coastguard Worker * *len_ptr is the number of octets in that packet; otherwise, no 1297*90e502c7SAndroid Build Coastguard Worker * assumptions should be made about the value of either data elements. 1298*90e502c7SAndroid Build Coastguard Worker * 1299*90e502c7SAndroid Build Coastguard Worker * @warning This function assumes that it can write the authentication 1300*90e502c7SAndroid Build Coastguard Worker * tag into the location in memory immediately following the RTCP 1301*90e502c7SAndroid Build Coastguard Worker * packet, and assumes that the RTCP packet is aligned on a 32-bit 1302*90e502c7SAndroid Build Coastguard Worker * boundary. 1303*90e502c7SAndroid Build Coastguard Worker * 1304*90e502c7SAndroid Build Coastguard Worker * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN+4 1305*90e502c7SAndroid Build Coastguard Worker * into the location in memory immediately following the RTCP packet. 1306*90e502c7SAndroid Build Coastguard Worker * Callers MUST ensure that this much writable memory is available in 1307*90e502c7SAndroid Build Coastguard Worker * the buffer that holds the RTCP packet. 1308*90e502c7SAndroid Build Coastguard Worker * 1309*90e502c7SAndroid Build Coastguard Worker * @param ctx is the SRTP context to use in processing the packet. 1310*90e502c7SAndroid Build Coastguard Worker * 1311*90e502c7SAndroid Build Coastguard Worker * @param rtcp_hdr is a pointer to the RTCP packet (before the call); after 1312*90e502c7SAndroid Build Coastguard Worker * the function returns, it points to the srtp packet. 1313*90e502c7SAndroid Build Coastguard Worker * 1314*90e502c7SAndroid Build Coastguard Worker * @param pkt_octet_len is a pointer to the length in octets of the 1315*90e502c7SAndroid Build Coastguard Worker * complete RTCP packet (header and body) before the function call, 1316*90e502c7SAndroid Build Coastguard Worker * and of the complete SRTCP packet after the call, if srtp_err_status_ok 1317*90e502c7SAndroid Build Coastguard Worker * was returned. Otherwise, the value of the data to which it points 1318*90e502c7SAndroid Build Coastguard Worker * is undefined. 1319*90e502c7SAndroid Build Coastguard Worker * 1320*90e502c7SAndroid Build Coastguard Worker * @return 1321*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok if there were no problems. 1322*90e502c7SAndroid Build Coastguard Worker * - [other] if there was a failure in 1323*90e502c7SAndroid Build Coastguard Worker * the cryptographic mechanisms. 1324*90e502c7SAndroid Build Coastguard Worker */ 1325*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, 1326*90e502c7SAndroid Build Coastguard Worker void *rtcp_hdr, 1327*90e502c7SAndroid Build Coastguard Worker int *pkt_octet_len); 1328*90e502c7SAndroid Build Coastguard Worker 1329*90e502c7SAndroid Build Coastguard Worker /** 1330*90e502c7SAndroid Build Coastguard Worker * @brief srtp_protect_rtcp_mki() is the Secure RTCP sender-side packet 1331*90e502c7SAndroid Build Coastguard Worker * processing function that can utilize mki. 1332*90e502c7SAndroid Build Coastguard Worker * 1333*90e502c7SAndroid Build Coastguard Worker * The function call srtp_protect_rtcp(ctx, rtp_hdr, len_ptr) applies 1334*90e502c7SAndroid Build Coastguard Worker * SRTCP protection to the RTCP packet rtcp_hdr (which has length 1335*90e502c7SAndroid Build Coastguard Worker * *len_ptr) using the SRTP session context ctx. If srtp_err_status_ok is 1336*90e502c7SAndroid Build Coastguard Worker * returned, then rtp_hdr points to the resulting SRTCP packet and 1337*90e502c7SAndroid Build Coastguard Worker * *len_ptr is the number of octets in that packet; otherwise, no 1338*90e502c7SAndroid Build Coastguard Worker * assumptions should be made about the value of either data elements. 1339*90e502c7SAndroid Build Coastguard Worker * 1340*90e502c7SAndroid Build Coastguard Worker * @warning This function assumes that it can write the authentication 1341*90e502c7SAndroid Build Coastguard Worker * tag into the location in memory immediately following the RTCP 1342*90e502c7SAndroid Build Coastguard Worker * packet, and assumes that the RTCP packet is aligned on a 32-bit 1343*90e502c7SAndroid Build Coastguard Worker * boundary. 1344*90e502c7SAndroid Build Coastguard Worker * 1345*90e502c7SAndroid Build Coastguard Worker * @warning This function assumes that it can write SRTP_MAX_TRAILER_LEN+4 1346*90e502c7SAndroid Build Coastguard Worker * into the location in memory immediately following the RTCP packet. 1347*90e502c7SAndroid Build Coastguard Worker * Callers MUST ensure that this much writable memory is available in 1348*90e502c7SAndroid Build Coastguard Worker * the buffer that holds the RTCP packet. 1349*90e502c7SAndroid Build Coastguard Worker * 1350*90e502c7SAndroid Build Coastguard Worker * @param ctx is the SRTP context to use in processing the packet. 1351*90e502c7SAndroid Build Coastguard Worker * 1352*90e502c7SAndroid Build Coastguard Worker * @param rtcp_hdr is a pointer to the RTCP packet (before the call); after 1353*90e502c7SAndroid Build Coastguard Worker * the function returns, it points to the srtp packet. 1354*90e502c7SAndroid Build Coastguard Worker * 1355*90e502c7SAndroid Build Coastguard Worker * @param pkt_octet_len is a pointer to the length in octets of the 1356*90e502c7SAndroid Build Coastguard Worker * complete RTCP packet (header and body) before the function call, 1357*90e502c7SAndroid Build Coastguard Worker * and of the complete SRTCP packet after the call, if srtp_err_status_ok 1358*90e502c7SAndroid Build Coastguard Worker * was returned. Otherwise, the value of the data to which it points 1359*90e502c7SAndroid Build Coastguard Worker * is undefined. 1360*90e502c7SAndroid Build Coastguard Worker * 1361*90e502c7SAndroid Build Coastguard Worker * @param use_mki is a boolean to tell the system if mki is being used. If 1362*90e502c7SAndroid Build Coastguard Worker * set to false then will use the first set of session keys. If set to true 1363*90e502c7SAndroid Build Coastguard Worker * will 1364*90e502c7SAndroid Build Coastguard Worker * use the session keys identified by the mki_index 1365*90e502c7SAndroid Build Coastguard Worker * 1366*90e502c7SAndroid Build Coastguard Worker * @param mki_index integer value specifying which set of session kesy should be 1367*90e502c7SAndroid Build Coastguard Worker * used if use_mki is set to true. 1368*90e502c7SAndroid Build Coastguard Worker * 1369*90e502c7SAndroid Build Coastguard Worker * @return 1370*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok if there were no problems. 1371*90e502c7SAndroid Build Coastguard Worker * - [other] if there was a failure in 1372*90e502c7SAndroid Build Coastguard Worker * the cryptographic mechanisms. 1373*90e502c7SAndroid Build Coastguard Worker */ 1374*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, 1375*90e502c7SAndroid Build Coastguard Worker void *rtcp_hdr, 1376*90e502c7SAndroid Build Coastguard Worker int *pkt_octet_len, 1377*90e502c7SAndroid Build Coastguard Worker unsigned int use_mki, 1378*90e502c7SAndroid Build Coastguard Worker unsigned int mki_index); 1379*90e502c7SAndroid Build Coastguard Worker 1380*90e502c7SAndroid Build Coastguard Worker /** 1381*90e502c7SAndroid Build Coastguard Worker * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet 1382*90e502c7SAndroid Build Coastguard Worker * processing function. 1383*90e502c7SAndroid Build Coastguard Worker * 1384*90e502c7SAndroid Build Coastguard Worker * The function call srtp_unprotect_rtcp(ctx, srtp_hdr, len_ptr) 1385*90e502c7SAndroid Build Coastguard Worker * verifies the Secure RTCP protection of the SRTCP packet pointed to 1386*90e502c7SAndroid Build Coastguard Worker * by srtcp_hdr (which has length *len_ptr), using the SRTP session 1387*90e502c7SAndroid Build Coastguard Worker * context ctx. If srtp_err_status_ok is returned, then srtcp_hdr points 1388*90e502c7SAndroid Build Coastguard Worker * to the resulting RTCP packet and *len_ptr is the number of octets 1389*90e502c7SAndroid Build Coastguard Worker * in that packet; otherwise, no assumptions should be made about the 1390*90e502c7SAndroid Build Coastguard Worker * value of either data elements. 1391*90e502c7SAndroid Build Coastguard Worker * 1392*90e502c7SAndroid Build Coastguard Worker * @warning This function assumes that the SRTCP packet is aligned on a 1393*90e502c7SAndroid Build Coastguard Worker * 32-bit boundary. 1394*90e502c7SAndroid Build Coastguard Worker * 1395*90e502c7SAndroid Build Coastguard Worker * @param ctx is a pointer to the srtp_t which applies to the 1396*90e502c7SAndroid Build Coastguard Worker * particular packet. 1397*90e502c7SAndroid Build Coastguard Worker * 1398*90e502c7SAndroid Build Coastguard Worker * @param srtcp_hdr is a pointer to the header of the SRTCP packet 1399*90e502c7SAndroid Build Coastguard Worker * (before the call). After the function returns, it points to the 1400*90e502c7SAndroid Build Coastguard Worker * rtp packet if srtp_err_status_ok was returned; otherwise, the value of 1401*90e502c7SAndroid Build Coastguard Worker * the data to which it points is undefined. 1402*90e502c7SAndroid Build Coastguard Worker * 1403*90e502c7SAndroid Build Coastguard Worker * @param pkt_octet_len is a pointer to the length in octets of the 1404*90e502c7SAndroid Build Coastguard Worker * complete SRTCP packet (header and body) before the function call, 1405*90e502c7SAndroid Build Coastguard Worker * and of the complete rtp packet after the call, if srtp_err_status_ok was 1406*90e502c7SAndroid Build Coastguard Worker * returned. Otherwise, the value of the data to which it points is 1407*90e502c7SAndroid Build Coastguard Worker * undefined. 1408*90e502c7SAndroid Build Coastguard Worker * 1409*90e502c7SAndroid Build Coastguard Worker * @return 1410*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok if the RTCP packet is valid. 1411*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_auth_fail if the SRTCP packet failed the message 1412*90e502c7SAndroid Build Coastguard Worker * authentication check. 1413*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_replay_fail if the SRTCP packet is a replay (e.g. has 1414*90e502c7SAndroid Build Coastguard Worker * already been processed and accepted). 1415*90e502c7SAndroid Build Coastguard Worker * - [other] if there has been an error in the cryptographic mechanisms. 1416*90e502c7SAndroid Build Coastguard Worker * 1417*90e502c7SAndroid Build Coastguard Worker */ 1418*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, 1419*90e502c7SAndroid Build Coastguard Worker void *srtcp_hdr, 1420*90e502c7SAndroid Build Coastguard Worker int *pkt_octet_len); 1421*90e502c7SAndroid Build Coastguard Worker 1422*90e502c7SAndroid Build Coastguard Worker /** 1423*90e502c7SAndroid Build Coastguard Worker * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet 1424*90e502c7SAndroid Build Coastguard Worker * processing function. 1425*90e502c7SAndroid Build Coastguard Worker * 1426*90e502c7SAndroid Build Coastguard Worker * The function call srtp_unprotect_rtcp(ctx, srtp_hdr, len_ptr) 1427*90e502c7SAndroid Build Coastguard Worker * verifies the Secure RTCP protection of the SRTCP packet pointed to 1428*90e502c7SAndroid Build Coastguard Worker * by srtcp_hdr (which has length *len_ptr), using the SRTP session 1429*90e502c7SAndroid Build Coastguard Worker * context ctx. If srtp_err_status_ok is returned, then srtcp_hdr points 1430*90e502c7SAndroid Build Coastguard Worker * to the resulting RTCP packet and *len_ptr is the number of octets 1431*90e502c7SAndroid Build Coastguard Worker * in that packet; otherwise, no assumptions should be made about the 1432*90e502c7SAndroid Build Coastguard Worker * value of either data elements. 1433*90e502c7SAndroid Build Coastguard Worker * 1434*90e502c7SAndroid Build Coastguard Worker * @warning This function assumes that the SRTCP packet is aligned on a 1435*90e502c7SAndroid Build Coastguard Worker * 32-bit boundary. 1436*90e502c7SAndroid Build Coastguard Worker * 1437*90e502c7SAndroid Build Coastguard Worker * @param ctx is a pointer to the srtp_t which applies to the 1438*90e502c7SAndroid Build Coastguard Worker * particular packet. 1439*90e502c7SAndroid Build Coastguard Worker * 1440*90e502c7SAndroid Build Coastguard Worker * @param srtcp_hdr is a pointer to the header of the SRTCP packet 1441*90e502c7SAndroid Build Coastguard Worker * (before the call). After the function returns, it points to the 1442*90e502c7SAndroid Build Coastguard Worker * rtp packet if srtp_err_status_ok was returned; otherwise, the value of 1443*90e502c7SAndroid Build Coastguard Worker * the data to which it points is undefined. 1444*90e502c7SAndroid Build Coastguard Worker * 1445*90e502c7SAndroid Build Coastguard Worker * @param pkt_octet_len is a pointer to the length in octets of the 1446*90e502c7SAndroid Build Coastguard Worker * complete SRTCP packet (header and body) before the function call, 1447*90e502c7SAndroid Build Coastguard Worker * and of the complete rtp packet after the call, if srtp_err_status_ok was 1448*90e502c7SAndroid Build Coastguard Worker * returned. Otherwise, the value of the data to which it points is 1449*90e502c7SAndroid Build Coastguard Worker * undefined. 1450*90e502c7SAndroid Build Coastguard Worker * 1451*90e502c7SAndroid Build Coastguard Worker * @param use_mki is a boolean to tell the system if mki is being used. If 1452*90e502c7SAndroid Build Coastguard Worker * set to false then will use the first set of session keys. If set to true 1453*90e502c7SAndroid Build Coastguard Worker * will use the session keys identified by the mki_index 1454*90e502c7SAndroid Build Coastguard Worker * 1455*90e502c7SAndroid Build Coastguard Worker * @return 1456*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_ok if the RTCP packet is valid. 1457*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_auth_fail if the SRTCP packet failed the message 1458*90e502c7SAndroid Build Coastguard Worker * authentication check. 1459*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_replay_fail if the SRTCP packet is a replay (e.g. has 1460*90e502c7SAndroid Build Coastguard Worker * already been processed and accepted). 1461*90e502c7SAndroid Build Coastguard Worker * - srtp_err_status_bad_mki if the MKI in the packet is not a known MKI 1462*90e502c7SAndroid Build Coastguard Worker * id 1463*90e502c7SAndroid Build Coastguard Worker * - [other] if there has been an error in the 1464*90e502c7SAndroid Build Coastguard Worker * cryptographic mechanisms. 1465*90e502c7SAndroid Build Coastguard Worker * 1466*90e502c7SAndroid Build Coastguard Worker */ 1467*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, 1468*90e502c7SAndroid Build Coastguard Worker void *srtcp_hdr, 1469*90e502c7SAndroid Build Coastguard Worker int *pkt_octet_len, 1470*90e502c7SAndroid Build Coastguard Worker unsigned int use_mki); 1471*90e502c7SAndroid Build Coastguard Worker 1472*90e502c7SAndroid Build Coastguard Worker /** 1473*90e502c7SAndroid Build Coastguard Worker * @} 1474*90e502c7SAndroid Build Coastguard Worker */ 1475*90e502c7SAndroid Build Coastguard Worker 1476*90e502c7SAndroid Build Coastguard Worker /** 1477*90e502c7SAndroid Build Coastguard Worker * @defgroup User data associated to a SRTP session. 1478*90e502c7SAndroid Build Coastguard Worker * @ingroup SRTP 1479*90e502c7SAndroid Build Coastguard Worker * 1480*90e502c7SAndroid Build Coastguard Worker * @brief Store custom user data within a SRTP session. 1481*90e502c7SAndroid Build Coastguard Worker * 1482*90e502c7SAndroid Build Coastguard Worker * @{ 1483*90e502c7SAndroid Build Coastguard Worker */ 1484*90e502c7SAndroid Build Coastguard Worker 1485*90e502c7SAndroid Build Coastguard Worker /** 1486*90e502c7SAndroid Build Coastguard Worker * @brief srtp_set_user_data() stores the given pointer into the SRTP 1487*90e502c7SAndroid Build Coastguard Worker * session for later retrieval. 1488*90e502c7SAndroid Build Coastguard Worker * 1489*90e502c7SAndroid Build Coastguard Worker * @param ctx is the srtp_t context in which the given data pointer is 1490*90e502c7SAndroid Build Coastguard Worker * stored. 1491*90e502c7SAndroid Build Coastguard Worker * 1492*90e502c7SAndroid Build Coastguard Worker * @param data is a pointer to the custom information (struct, function, 1493*90e502c7SAndroid Build Coastguard Worker * etc) associated with the SRTP session. 1494*90e502c7SAndroid Build Coastguard Worker * 1495*90e502c7SAndroid Build Coastguard Worker * @return void. 1496*90e502c7SAndroid Build Coastguard Worker * 1497*90e502c7SAndroid Build Coastguard Worker */ 1498*90e502c7SAndroid Build Coastguard Worker void srtp_set_user_data(srtp_t ctx, void *data); 1499*90e502c7SAndroid Build Coastguard Worker 1500*90e502c7SAndroid Build Coastguard Worker /** 1501*90e502c7SAndroid Build Coastguard Worker * @brief srtp_get_user_data() retrieves the pointer to the custom data 1502*90e502c7SAndroid Build Coastguard Worker * previously stored with srtp_set_user_data(). 1503*90e502c7SAndroid Build Coastguard Worker * 1504*90e502c7SAndroid Build Coastguard Worker * This function is mostly useful for retrieving data associated to a 1505*90e502c7SAndroid Build Coastguard Worker * SRTP session when an event fires. The user can then get such a custom 1506*90e502c7SAndroid Build Coastguard Worker * data by calling this function with the session field of the 1507*90e502c7SAndroid Build Coastguard Worker * srtp_event_data_t struct as argument. 1508*90e502c7SAndroid Build Coastguard Worker * 1509*90e502c7SAndroid Build Coastguard Worker * @param ctx is the srtp_t context in which the given data pointer was 1510*90e502c7SAndroid Build Coastguard Worker * stored. 1511*90e502c7SAndroid Build Coastguard Worker * 1512*90e502c7SAndroid Build Coastguard Worker * @return void* pointer to the user data. 1513*90e502c7SAndroid Build Coastguard Worker * 1514*90e502c7SAndroid Build Coastguard Worker */ 1515*90e502c7SAndroid Build Coastguard Worker void *srtp_get_user_data(srtp_t ctx); 1516*90e502c7SAndroid Build Coastguard Worker 1517*90e502c7SAndroid Build Coastguard Worker /** 1518*90e502c7SAndroid Build Coastguard Worker * @} 1519*90e502c7SAndroid Build Coastguard Worker */ 1520*90e502c7SAndroid Build Coastguard Worker 1521*90e502c7SAndroid Build Coastguard Worker /** 1522*90e502c7SAndroid Build Coastguard Worker * @defgroup SRTPevents SRTP events and callbacks 1523*90e502c7SAndroid Build Coastguard Worker * @ingroup SRTP 1524*90e502c7SAndroid Build Coastguard Worker * 1525*90e502c7SAndroid Build Coastguard Worker * @brief libSRTP can use a user-provided callback function to 1526*90e502c7SAndroid Build Coastguard Worker * handle events. 1527*90e502c7SAndroid Build Coastguard Worker * 1528*90e502c7SAndroid Build Coastguard Worker * 1529*90e502c7SAndroid Build Coastguard Worker * libSRTP allows a user to provide a callback function to handle 1530*90e502c7SAndroid Build Coastguard Worker * events that need to be dealt with outside of the data plane (see 1531*90e502c7SAndroid Build Coastguard Worker * the enum srtp_event_t for a description of these events). Dealing 1532*90e502c7SAndroid Build Coastguard Worker * with these events is not a strict necessity; they are not 1533*90e502c7SAndroid Build Coastguard Worker * security-critical, but the application may suffer if they are not 1534*90e502c7SAndroid Build Coastguard Worker * handled. The function srtp_set_event_handler() is used to provide 1535*90e502c7SAndroid Build Coastguard Worker * the callback function. 1536*90e502c7SAndroid Build Coastguard Worker * 1537*90e502c7SAndroid Build Coastguard Worker * A default event handler that merely reports on the events as they 1538*90e502c7SAndroid Build Coastguard Worker * happen is included. It is also possible to set the event handler 1539*90e502c7SAndroid Build Coastguard Worker * function to NULL, in which case all events will just be silently 1540*90e502c7SAndroid Build Coastguard Worker * ignored. 1541*90e502c7SAndroid Build Coastguard Worker * 1542*90e502c7SAndroid Build Coastguard Worker * @{ 1543*90e502c7SAndroid Build Coastguard Worker */ 1544*90e502c7SAndroid Build Coastguard Worker 1545*90e502c7SAndroid Build Coastguard Worker /** 1546*90e502c7SAndroid Build Coastguard Worker * @brief srtp_event_t defines events that need to be handled 1547*90e502c7SAndroid Build Coastguard Worker * 1548*90e502c7SAndroid Build Coastguard Worker * The enum srtp_event_t defines events that need to be handled 1549*90e502c7SAndroid Build Coastguard Worker * outside the `data plane', such as SSRC collisions and 1550*90e502c7SAndroid Build Coastguard Worker * key expirations. 1551*90e502c7SAndroid Build Coastguard Worker * 1552*90e502c7SAndroid Build Coastguard Worker * When a key expires or the maximum number of packets has been 1553*90e502c7SAndroid Build Coastguard Worker * reached, an SRTP stream will enter an `expired' state in which no 1554*90e502c7SAndroid Build Coastguard Worker * more packets can be protected or unprotected. When this happens, 1555*90e502c7SAndroid Build Coastguard Worker * it is likely that you will want to either deallocate the stream 1556*90e502c7SAndroid Build Coastguard Worker * (using srtp_remove_stream()), and possibly allocate a new one. 1557*90e502c7SAndroid Build Coastguard Worker * 1558*90e502c7SAndroid Build Coastguard Worker * When an SRTP stream expires, the other streams in the same session 1559*90e502c7SAndroid Build Coastguard Worker * are unaffected, unless key sharing is used by that stream. In the 1560*90e502c7SAndroid Build Coastguard Worker * latter case, all of the streams in the session will expire. 1561*90e502c7SAndroid Build Coastguard Worker */ 1562*90e502c7SAndroid Build Coastguard Worker typedef enum { 1563*90e502c7SAndroid Build Coastguard Worker event_ssrc_collision, /**< An SSRC collision occured. */ 1564*90e502c7SAndroid Build Coastguard Worker event_key_soft_limit, /**< An SRTP stream reached the soft key */ 1565*90e502c7SAndroid Build Coastguard Worker /**< usage limit and will expire soon. */ 1566*90e502c7SAndroid Build Coastguard Worker event_key_hard_limit, /**< An SRTP stream reached the hard */ 1567*90e502c7SAndroid Build Coastguard Worker /**< key usage limit and has expired. */ 1568*90e502c7SAndroid Build Coastguard Worker event_packet_index_limit /**< An SRTP stream reached the hard */ 1569*90e502c7SAndroid Build Coastguard Worker /**< packet limit (2^48 packets). */ 1570*90e502c7SAndroid Build Coastguard Worker } srtp_event_t; 1571*90e502c7SAndroid Build Coastguard Worker 1572*90e502c7SAndroid Build Coastguard Worker /** 1573*90e502c7SAndroid Build Coastguard Worker * @brief srtp_event_data_t is the structure passed as a callback to 1574*90e502c7SAndroid Build Coastguard Worker * the event handler function 1575*90e502c7SAndroid Build Coastguard Worker * 1576*90e502c7SAndroid Build Coastguard Worker * The struct srtp_event_data_t holds the data passed to the event 1577*90e502c7SAndroid Build Coastguard Worker * handler function. 1578*90e502c7SAndroid Build Coastguard Worker */ 1579*90e502c7SAndroid Build Coastguard Worker typedef struct srtp_event_data_t { 1580*90e502c7SAndroid Build Coastguard Worker srtp_t session; /**< The session in which the event happend. */ 1581*90e502c7SAndroid Build Coastguard Worker uint32_t ssrc; /**< The ssrc in host order of the stream in which */ 1582*90e502c7SAndroid Build Coastguard Worker /**< the event happend */ 1583*90e502c7SAndroid Build Coastguard Worker srtp_event_t event; /**< An enum indicating the type of event. */ 1584*90e502c7SAndroid Build Coastguard Worker } srtp_event_data_t; 1585*90e502c7SAndroid Build Coastguard Worker 1586*90e502c7SAndroid Build Coastguard Worker /** 1587*90e502c7SAndroid Build Coastguard Worker * @brief srtp_event_handler_func_t is the function prototype for 1588*90e502c7SAndroid Build Coastguard Worker * the event handler. 1589*90e502c7SAndroid Build Coastguard Worker * 1590*90e502c7SAndroid Build Coastguard Worker * The typedef srtp_event_handler_func_t is the prototype for the 1591*90e502c7SAndroid Build Coastguard Worker * event handler function. It has as its only argument an 1592*90e502c7SAndroid Build Coastguard Worker * srtp_event_data_t which describes the event that needs to be handled. 1593*90e502c7SAndroid Build Coastguard Worker * There can only be a single, global handler for all events in 1594*90e502c7SAndroid Build Coastguard Worker * libSRTP. 1595*90e502c7SAndroid Build Coastguard Worker */ 1596*90e502c7SAndroid Build Coastguard Worker typedef void(srtp_event_handler_func_t)(srtp_event_data_t *data); 1597*90e502c7SAndroid Build Coastguard Worker 1598*90e502c7SAndroid Build Coastguard Worker /** 1599*90e502c7SAndroid Build Coastguard Worker * @brief sets the event handler to the function supplied by the caller. 1600*90e502c7SAndroid Build Coastguard Worker * 1601*90e502c7SAndroid Build Coastguard Worker * The function call srtp_install_event_handler(func) sets the event 1602*90e502c7SAndroid Build Coastguard Worker * handler function to the value func. The value NULL is acceptable 1603*90e502c7SAndroid Build Coastguard Worker * as an argument; in this case, events will be ignored rather than 1604*90e502c7SAndroid Build Coastguard Worker * handled. 1605*90e502c7SAndroid Build Coastguard Worker * 1606*90e502c7SAndroid Build Coastguard Worker * @param func is a pointer to a fuction that takes an srtp_event_data_t 1607*90e502c7SAndroid Build Coastguard Worker * pointer as an argument and returns void. This function 1608*90e502c7SAndroid Build Coastguard Worker * will be used by libSRTP to handle events. 1609*90e502c7SAndroid Build Coastguard Worker */ 1610*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_install_event_handler(srtp_event_handler_func_t func); 1611*90e502c7SAndroid Build Coastguard Worker 1612*90e502c7SAndroid Build Coastguard Worker /** 1613*90e502c7SAndroid Build Coastguard Worker * @brief Returns the version string of the library. 1614*90e502c7SAndroid Build Coastguard Worker * 1615*90e502c7SAndroid Build Coastguard Worker */ 1616*90e502c7SAndroid Build Coastguard Worker const char *srtp_get_version_string(void); 1617*90e502c7SAndroid Build Coastguard Worker 1618*90e502c7SAndroid Build Coastguard Worker /** 1619*90e502c7SAndroid Build Coastguard Worker * @brief Returns the numeric representation of the library version. 1620*90e502c7SAndroid Build Coastguard Worker * 1621*90e502c7SAndroid Build Coastguard Worker */ 1622*90e502c7SAndroid Build Coastguard Worker unsigned int srtp_get_version(void); 1623*90e502c7SAndroid Build Coastguard Worker 1624*90e502c7SAndroid Build Coastguard Worker /** 1625*90e502c7SAndroid Build Coastguard Worker * @brief srtp_set_debug_module(mod_name, v) 1626*90e502c7SAndroid Build Coastguard Worker * 1627*90e502c7SAndroid Build Coastguard Worker * sets dynamic debugging to the value v (0 for off, 1 for on) for the 1628*90e502c7SAndroid Build Coastguard Worker * debug module with the name mod_name 1629*90e502c7SAndroid Build Coastguard Worker * 1630*90e502c7SAndroid Build Coastguard Worker * returns err_status_ok on success, err_status_fail otherwise 1631*90e502c7SAndroid Build Coastguard Worker */ 1632*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_set_debug_module(const char *mod_name, int v); 1633*90e502c7SAndroid Build Coastguard Worker 1634*90e502c7SAndroid Build Coastguard Worker /** 1635*90e502c7SAndroid Build Coastguard Worker * @brief srtp_list_debug_modules() outputs a list of debugging modules 1636*90e502c7SAndroid Build Coastguard Worker * 1637*90e502c7SAndroid Build Coastguard Worker */ 1638*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_list_debug_modules(void); 1639*90e502c7SAndroid Build Coastguard Worker 1640*90e502c7SAndroid Build Coastguard Worker /** 1641*90e502c7SAndroid Build Coastguard Worker * @brief srtp_log_level_t defines log levels. 1642*90e502c7SAndroid Build Coastguard Worker * 1643*90e502c7SAndroid Build Coastguard Worker * The enumeration srtp_log_level_t defines log levels reported 1644*90e502c7SAndroid Build Coastguard Worker * in the srtp_log_handler_func_t. 1645*90e502c7SAndroid Build Coastguard Worker * 1646*90e502c7SAndroid Build Coastguard Worker */ 1647*90e502c7SAndroid Build Coastguard Worker typedef enum { 1648*90e502c7SAndroid Build Coastguard Worker srtp_log_level_error, /**< log level is reporting an error message */ 1649*90e502c7SAndroid Build Coastguard Worker srtp_log_level_warning, /**< log level is reporting a warning message */ 1650*90e502c7SAndroid Build Coastguard Worker srtp_log_level_info, /**< log level is reporting an info message */ 1651*90e502c7SAndroid Build Coastguard Worker srtp_log_level_debug /**< log level is reporting a debug message */ 1652*90e502c7SAndroid Build Coastguard Worker } srtp_log_level_t; 1653*90e502c7SAndroid Build Coastguard Worker 1654*90e502c7SAndroid Build Coastguard Worker /** 1655*90e502c7SAndroid Build Coastguard Worker * @brief srtp_log_handler_func_t is the function prototype for 1656*90e502c7SAndroid Build Coastguard Worker * the log handler. 1657*90e502c7SAndroid Build Coastguard Worker * 1658*90e502c7SAndroid Build Coastguard Worker * The typedef srtp_event_handler_func_t is the prototype for the 1659*90e502c7SAndroid Build Coastguard Worker * event handler function. It has as srtp_log_level_t, log 1660*90e502c7SAndroid Build Coastguard Worker * message and data as arguments. 1661*90e502c7SAndroid Build Coastguard Worker * There can only be a single, global handler for all log messages in 1662*90e502c7SAndroid Build Coastguard Worker * libSRTP. 1663*90e502c7SAndroid Build Coastguard Worker */ 1664*90e502c7SAndroid Build Coastguard Worker typedef void(srtp_log_handler_func_t)(srtp_log_level_t level, 1665*90e502c7SAndroid Build Coastguard Worker const char *msg, 1666*90e502c7SAndroid Build Coastguard Worker void *data); 1667*90e502c7SAndroid Build Coastguard Worker 1668*90e502c7SAndroid Build Coastguard Worker /** 1669*90e502c7SAndroid Build Coastguard Worker * @brief sets the log handler to the function supplied by the caller. 1670*90e502c7SAndroid Build Coastguard Worker * 1671*90e502c7SAndroid Build Coastguard Worker * The function call srtp_install_log_handler(func) sets the log 1672*90e502c7SAndroid Build Coastguard Worker * handler function to the value func. The value NULL is acceptable 1673*90e502c7SAndroid Build Coastguard Worker * as an argument; in this case, log messages will be ignored. 1674*90e502c7SAndroid Build Coastguard Worker * This function can be called before srtp_init() inorder to capture 1675*90e502c7SAndroid Build Coastguard Worker * any logging during start up. 1676*90e502c7SAndroid Build Coastguard Worker * 1677*90e502c7SAndroid Build Coastguard Worker * @param func is a pointer to a fuction of type srtp_log_handler_func_t. 1678*90e502c7SAndroid Build Coastguard Worker * This function will be used by libSRTP to output log messages. 1679*90e502c7SAndroid Build Coastguard Worker * @param data is a user pointer that will be returned as the data argument in 1680*90e502c7SAndroid Build Coastguard Worker * func. 1681*90e502c7SAndroid Build Coastguard Worker */ 1682*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_install_log_handler(srtp_log_handler_func_t func, 1683*90e502c7SAndroid Build Coastguard Worker void *data); 1684*90e502c7SAndroid Build Coastguard Worker 1685*90e502c7SAndroid Build Coastguard Worker /** 1686*90e502c7SAndroid Build Coastguard Worker * @brief srtp_get_protect_trailer_length(session, use_mki, mki_index, length) 1687*90e502c7SAndroid Build Coastguard Worker * 1688*90e502c7SAndroid Build Coastguard Worker * Determines the length of the amount of data Lib SRTP will add to the 1689*90e502c7SAndroid Build Coastguard Worker * packet during the protect process. The length is returned in the length 1690*90e502c7SAndroid Build Coastguard Worker * parameter 1691*90e502c7SAndroid Build Coastguard Worker * 1692*90e502c7SAndroid Build Coastguard Worker * returns err_status_ok on success, err_status_bad_mki if the MKI index is 1693*90e502c7SAndroid Build Coastguard Worker * invalid 1694*90e502c7SAndroid Build Coastguard Worker * 1695*90e502c7SAndroid Build Coastguard Worker */ 1696*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_get_protect_trailer_length(srtp_t session, 1697*90e502c7SAndroid Build Coastguard Worker uint32_t use_mki, 1698*90e502c7SAndroid Build Coastguard Worker uint32_t mki_index, 1699*90e502c7SAndroid Build Coastguard Worker uint32_t *length); 1700*90e502c7SAndroid Build Coastguard Worker 1701*90e502c7SAndroid Build Coastguard Worker /** 1702*90e502c7SAndroid Build Coastguard Worker * @brief srtp_get_protect_rtcp_trailer_length(session, use_mki, mki_index, 1703*90e502c7SAndroid Build Coastguard Worker * length) 1704*90e502c7SAndroid Build Coastguard Worker * 1705*90e502c7SAndroid Build Coastguard Worker * Determines the length of the amount of data Lib SRTP will add to the 1706*90e502c7SAndroid Build Coastguard Worker * packet during the protect process. The length is returned in the length 1707*90e502c7SAndroid Build Coastguard Worker * parameter 1708*90e502c7SAndroid Build Coastguard Worker * 1709*90e502c7SAndroid Build Coastguard Worker * returns err_status_ok on success, err_status_bad_mki if the MKI index is 1710*90e502c7SAndroid Build Coastguard Worker * invalid 1711*90e502c7SAndroid Build Coastguard Worker * 1712*90e502c7SAndroid Build Coastguard Worker */ 1713*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_get_protect_rtcp_trailer_length(srtp_t session, 1714*90e502c7SAndroid Build Coastguard Worker uint32_t use_mki, 1715*90e502c7SAndroid Build Coastguard Worker uint32_t mki_index, 1716*90e502c7SAndroid Build Coastguard Worker uint32_t *length); 1717*90e502c7SAndroid Build Coastguard Worker 1718*90e502c7SAndroid Build Coastguard Worker /** 1719*90e502c7SAndroid Build Coastguard Worker * @brief srtp_set_stream_roc(session, ssrc, roc) 1720*90e502c7SAndroid Build Coastguard Worker * 1721*90e502c7SAndroid Build Coastguard Worker * Set the roll-over-counter on a session for a given SSRC 1722*90e502c7SAndroid Build Coastguard Worker * 1723*90e502c7SAndroid Build Coastguard Worker * returns err_status_ok on success, srtp_err_status_bad_param if there is no 1724*90e502c7SAndroid Build Coastguard Worker * stream found 1725*90e502c7SAndroid Build Coastguard Worker * 1726*90e502c7SAndroid Build Coastguard Worker */ 1727*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_set_stream_roc(srtp_t session, 1728*90e502c7SAndroid Build Coastguard Worker uint32_t ssrc, 1729*90e502c7SAndroid Build Coastguard Worker uint32_t roc); 1730*90e502c7SAndroid Build Coastguard Worker 1731*90e502c7SAndroid Build Coastguard Worker /** 1732*90e502c7SAndroid Build Coastguard Worker * @brief srtp_get_stream_roc(session, ssrc, roc) 1733*90e502c7SAndroid Build Coastguard Worker * 1734*90e502c7SAndroid Build Coastguard Worker * Get the roll-over-counter on a session for a given SSRC 1735*90e502c7SAndroid Build Coastguard Worker * 1736*90e502c7SAndroid Build Coastguard Worker * returns err_status_ok on success, srtp_err_status_bad_param if there is no 1737*90e502c7SAndroid Build Coastguard Worker * stream found 1738*90e502c7SAndroid Build Coastguard Worker * 1739*90e502c7SAndroid Build Coastguard Worker */ 1740*90e502c7SAndroid Build Coastguard Worker srtp_err_status_t srtp_get_stream_roc(srtp_t session, 1741*90e502c7SAndroid Build Coastguard Worker uint32_t ssrc, 1742*90e502c7SAndroid Build Coastguard Worker uint32_t *roc); 1743*90e502c7SAndroid Build Coastguard Worker 1744*90e502c7SAndroid Build Coastguard Worker /** 1745*90e502c7SAndroid Build Coastguard Worker * @} 1746*90e502c7SAndroid Build Coastguard Worker */ 1747*90e502c7SAndroid Build Coastguard Worker 1748*90e502c7SAndroid Build Coastguard Worker /* in host order, so outside the #if */ 1749*90e502c7SAndroid Build Coastguard Worker #define SRTCP_E_BIT 0x80000000 1750*90e502c7SAndroid Build Coastguard Worker 1751*90e502c7SAndroid Build Coastguard Worker /* for byte-access */ 1752*90e502c7SAndroid Build Coastguard Worker #define SRTCP_E_BYTE_BIT 0x80 1753*90e502c7SAndroid Build Coastguard Worker #define SRTCP_INDEX_MASK 0x7fffffff 1754*90e502c7SAndroid Build Coastguard Worker 1755*90e502c7SAndroid Build Coastguard Worker #ifdef __cplusplus 1756*90e502c7SAndroid Build Coastguard Worker } 1757*90e502c7SAndroid Build Coastguard Worker #endif 1758*90e502c7SAndroid Build Coastguard Worker 1759*90e502c7SAndroid Build Coastguard Worker #endif /* SRTP_SRTP_H */ 1760