Unrevert 5590 "description"(=(Auto)update libjingle 61834300->61901702).
BUG=N/A
R=xians@webrtc.org
Review URL: https://webrtc-codereview.appspot.com/9009004
git-svn-id: http://webrtc.googlecode.com/svn/trunk@5595 4adac7df-926f-26a2-2b94-8c16560cd09d
diff --git a/talk/session/media/externalhmac.cc b/talk/session/media/externalhmac.cc
new file mode 100644
index 0000000..d5cfc95
--- /dev/null
+++ b/talk/session/media/externalhmac.cc
@@ -0,0 +1,186 @@
+/*
+ * libjingle
+ * Copyright 2014 Google Inc.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+ * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#if defined(HAVE_SRTP) && defined(ENABLE_EXTERNAL_AUTH)
+
+#ifdef SRTP_RELATIVE_PATH
+#include "srtp.h" // NOLINT
+#else
+#include "third_party/libsrtp/include/srtp.h"
+#endif // SRTP_RELATIVE_PATH
+
+#include "talk/session/media/external_hmac.h"
+
+#include "talk/base/logging.h"
+
+// The debug module for authentiation
+debug_module_t mod_external_hmac = {
+ 0, // Debugging is off by default
+ (char*)"external-hmac-sha-1" // Printable name for module
+};
+
+extern auth_type_t external_hmac;
+
+// Begin test case 0 */
+uint8_t
+external_hmac_test_case_0_key[20] = {
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+ 0x0b, 0x0b, 0x0b, 0x0b
+};
+
+uint8_t
+external_hmac_test_case_0_data[8] = {
+ 0x48, 0x69, 0x20, 0x54, 0x68, 0x65, 0x72, 0x65 // "Hi There"
+};
+
+uint8_t
+external_hmac_fake_tag[10] = {
+ 0xba, 0xdd, 0xba, 0xdd, 0xba, 0xdd, 0xba, 0xdd, 0xba, 0xdd
+};
+
+auth_test_case_t
+external_hmac_test_case_0 = {
+ 20, // Octets in key
+ external_hmac_test_case_0_key, // Key
+ 8, // Octets in data
+ external_hmac_test_case_0_data, // Data
+ 10, // Octets in tag
+ external_hmac_fake_tag, // Tag
+ NULL // Pointer to next testcase
+};
+
+err_status_t
+external_hmac_alloc(auth_t** a, int key_len, int out_len) {
+ uint8_t* pointer;
+
+ // Check key length - note that we don't support keys larger
+ // than 20 bytes yet
+ if (key_len > 20)
+ return err_status_bad_param;
+
+ // Check output length - should be less than 20 bytes/
+ if (out_len > 20)
+ return err_status_bad_param;
+
+ // Allocate memory for auth and hmac_ctx_t structures.
+ pointer = reinterpret_cast<uint8_t*>(
+ crypto_alloc(sizeof(external_hmac_ctx_t) + sizeof(auth_t)));
+ if (pointer == NULL)
+ return err_status_alloc_fail;
+
+ // Set pointers
+ *a = (auth_t *)pointer;
+ (*a)->type = &external_hmac;
+ (*a)->state = pointer + sizeof(auth_t);
+ (*a)->out_len = out_len;
+ (*a)->key_len = key_len;
+ (*a)->prefix_len = 0;
+
+ // Increment global count of all hmac uses.
+ external_hmac.ref_count++;
+
+ return err_status_ok;
+}
+
+err_status_t
+external_hmac_dealloc(auth_t* a) {
+ // Zeroize entire state
+ octet_string_set_to_zero((uint8_t *)a,
+ sizeof(external_hmac_ctx_t) + sizeof(auth_t));
+
+ // Free memory
+ crypto_free(a);
+
+ // Decrement global count of all hmac uses.
+ external_hmac.ref_count--;
+
+ return err_status_ok;
+}
+
+err_status_t
+external_hmac_init(external_hmac_ctx_t* state,
+ const uint8_t* key, int key_len) {
+ if (key_len > HMAC_KEY_LENGTH)
+ return err_status_bad_param;
+
+ memset(state->key, 0, key_len);
+ memcpy(state->key, key, key_len);
+ state->key_length = key_len;
+ return err_status_ok;
+}
+
+err_status_t
+external_hmac_start(external_hmac_ctx_t* state) {
+ return err_status_ok;
+}
+
+err_status_t
+external_hmac_update(external_hmac_ctx_t* state, const uint8_t* message,
+ int msg_octets) {
+ return err_status_ok;
+}
+
+err_status_t
+external_hmac_compute(external_hmac_ctx_t* state, const void* message,
+ int msg_octets, int tag_len, uint8_t* result) {
+ memcpy(result, external_hmac_fake_tag, tag_len);
+ return err_status_ok;
+}
+
+char external_hmac_description[] = "external hmac sha-1 authentication";
+
+ // auth_type_t external_hmac is the hmac metaobject
+
+auth_type_t
+external_hmac = {
+ (auth_alloc_func) external_hmac_alloc,
+ (auth_dealloc_func) external_hmac_dealloc,
+ (auth_init_func) external_hmac_init,
+ (auth_compute_func) external_hmac_compute,
+ (auth_update_func) external_hmac_update,
+ (auth_start_func) external_hmac_start,
+ (char *) external_hmac_description,
+ (int) 0, /* instance count */
+ (auth_test_case_t *) &external_hmac_test_case_0,
+ (debug_module_t *) &mod_external_hmac,
+ (auth_type_id_t) EXTERNAL_HMAC_SHA1
+};
+
+err_status_t
+external_crypto_init() {
+ err_status_t status = crypto_kernel_replace_auth_type(
+ &external_hmac, EXTERNAL_HMAC_SHA1);
+ if (status) {
+ LOG(LS_ERROR) << "Error in replacing default auth module, error: "
+ << status;
+ return err_status_fail;
+ }
+ return err_status_ok;
+}
+
+#endif // defined(HAVE_SRTP) && defined(ENABLE_EXTERNAL_AUTH)
diff --git a/talk/session/media/externalhmac.h b/talk/session/media/externalhmac.h
new file mode 100644
index 0000000..47a195f
--- /dev/null
+++ b/talk/session/media/externalhmac.h
@@ -0,0 +1,91 @@
+/*
+ * libjingle
+ * Copyright 2014 Google Inc.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright notice,
+ * this list of conditions and the following disclaimer in the documentation
+ * and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote products
+ * derived from this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO
+ * EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef TALK_SESSION_MEDIA_EXTERNAL_HMAC_H_
+#define TALK_SESSION_MEDIA_EXTERNAL_HMAC_H_
+
+// External libsrtp HMAC auth module which implements methods defined in
+// auth_type_t.
+// The default auth module will be replaced only when the ENABLE_EXTERNAL_AUTH
+// flag is enabled. This allows us to access to authentication keys,
+// as the default auth implementation doesn't provide access and avoids
+// hashing each packet twice.
+
+// How will libsrtp select this module?
+// Libsrtp defines authentication function types identified by an unsigned
+// integer, e.g. HMAC_SHA1 is 3. Using authentication ids, the application
+// can plug any desired authentication modules into libsrtp.
+// libsrtp also provides a mechanism to select different auth functions for
+// individual streams. This can be done by setting the right value in
+// the auth_type of srtp_policy_t. The application must first register auth
+// functions and the corresponding authentication id using
+// crypto_kernel_replace_auth_type function.
+#if defined(HAVE_SRTP) && defined(ENABLE_EXTERNAL_AUTH)
+
+#ifdef SRTP_RELATIVE_PATH
+#include "crypto_types.h" // NOLINT
+#else
+#include "third_party/libsrtp/crypto/include/crypto_types.h"
+#endif // SRTP_RELATIVE_PATH
+
+#define EXTERNAL_HMAC_SHA1 HMAC_SHA1 + 1
+#define HMAC_KEY_LENGTH 20
+
+// The HMAC context structure used to store authentication keys.
+// The pointer to the key will be allocated in the external_hmac_init function.
+// This pointer is owned by srtp_t in a template context.
+typedef struct {
+ uint8_t key[HMAC_KEY_LENGTH];
+ int key_length;
+} external_hmac_ctx_t;
+
+err_status_t
+external_hmac_alloc(auth_t** a, int key_len, int out_len);
+
+err_status_t
+external_hmac_dealloc(auth_t* a);
+
+err_status_t
+external_hmac_init(external_hmac_ctx_t* state,
+ const uint8_t* key, int key_len);
+
+err_status_t
+external_hmac_start(external_hmac_ctx_t* state);
+
+err_status_t
+external_hmac_update(external_hmac_ctx_t* state, const uint8_t* message,
+ int msg_octets);
+
+err_status_t
+external_hmac_compute(external_hmac_ctx_t* state, const void* message,
+ int msg_octets, int tag_len, uint8_t* result);
+
+err_status_t
+external_crypto_init();
+
+#endif // defined(HAVE_SRTP) && defined(ENABLE_EXTERNAL_AUTH)
+#endif // TALK_SESSION_MEDIA_EXTERNAL_HMAC_H_
diff --git a/talk/session/media/srtpfilter.cc b/talk/session/media/srtpfilter.cc
index 8e1c2c1..2f14268 100644
--- a/talk/session/media/srtpfilter.cc
+++ b/talk/session/media/srtpfilter.cc
@@ -44,9 +44,16 @@
#ifdef HAVE_SRTP
#ifdef SRTP_RELATIVE_PATH
#include "srtp.h" // NOLINT
+extern "C" srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc);
+#include "srtp_priv.h" // NOLINT
#else
#include "third_party/libsrtp/include/srtp.h"
+extern "C" srtp_stream_t srtp_get_stream(srtp_t srtp, uint32_t ssrc);
+#include "third_party/libsrtp/include/srtp_priv.h"
#endif // SRTP_RELATIVE_PATH
+#ifdef ENABLE_EXTERNAL_AUTH
+#include "talk/session/media/external_hmac.h"
+#endif // ENABLE_EXTERNAL_AUTH
#ifdef _DEBUG
extern "C" debug_module_t mod_srtp;
extern "C" debug_module_t mod_auth;
@@ -158,7 +165,6 @@
LOG(LS_INFO) << "SRTP activated with negotiated parameters:"
<< " send cipher_suite " << send_cs
<< " recv cipher_suite " << recv_cs;
-
return true;
}
@@ -208,6 +214,16 @@
return send_session_->ProtectRtp(p, in_len, max_len, out_len);
}
+bool SrtpFilter::ProtectRtp(void* p, int in_len, int max_len, int* out_len,
+ int64* index) {
+ if (!IsActive()) {
+ LOG(LS_WARNING) << "Failed to ProtectRtp: SRTP not active";
+ return false;
+ }
+
+ return send_session_->ProtectRtp(p, in_len, max_len, out_len, index);
+}
+
bool SrtpFilter::ProtectRtcp(void* p, int in_len, int max_len, int* out_len) {
if (!IsActive()) {
LOG(LS_WARNING) << "Failed to ProtectRtcp: SRTP not active";
@@ -240,6 +256,15 @@
}
}
+bool SrtpFilter::GetRtpAuthParams(uint8** key, int* key_len, int* tag_len) {
+ if (!IsActive()) {
+ LOG(LS_WARNING) << "Failed to GetRtpAuthParams: SRTP not active";
+ return false;
+ }
+
+ return send_session_->GetRtpAuthParams(key, key_len, tag_len);
+}
+
void SrtpFilter::set_signal_silent_time(uint32 signal_silent_time_in_ms) {
signal_silent_time_in_ms_ = signal_silent_time_in_ms;
if (state_ == ST_ACTIVE) {
@@ -496,6 +521,14 @@
return true;
}
+bool SrtpSession::ProtectRtp(void* p, int in_len, int max_len, int* out_len,
+ int64* index) {
+ if (!ProtectRtp(p, in_len, max_len, out_len)) {
+ return false;
+ }
+ return (index) ? GetSendStreamPacketIndex(p, in_len, index) : true;
+}
+
bool SrtpSession::ProtectRtcp(void* p, int in_len, int max_len, int* out_len) {
if (!session_) {
LOG(LS_WARNING) << "Failed to protect SRTCP packet: no SRTP Session";
@@ -554,6 +587,42 @@
return true;
}
+bool SrtpSession::GetRtpAuthParams(uint8** key, int* key_len,
+ int* tag_len) {
+#if defined(ENABLE_EXTERNAL_AUTH)
+ external_hmac_ctx_t* external_hmac = NULL;
+ // stream_template will be the reference context for other streams.
+ // Let's use it for getting the keys.
+ srtp_stream_ctx_t* srtp_context = session_->stream_template;
+ if (srtp_context && srtp_context->rtp_auth) {
+ external_hmac = reinterpret_cast<external_hmac_ctx_t*>(
+ srtp_context->rtp_auth->state);
+ }
+
+ if (!external_hmac) {
+ LOG(LS_ERROR) << "Failed to get auth keys from libsrtp!.";
+ return false;
+ }
+
+ *key = external_hmac->key;
+ *key_len = external_hmac->key_length;
+ *tag_len = rtp_auth_tag_len_;
+ return true;
+#else
+ return false;
+#endif
+}
+
+bool SrtpSession::GetSendStreamPacketIndex(void* p, int in_len, int64* index) {
+ srtp_hdr_t* hdr = reinterpret_cast<srtp_hdr_t*>(p);
+ srtp_stream_ctx_t* stream = srtp_get_stream(session_, hdr->ssrc);
+ if (stream == NULL)
+ return false;
+
+ *index = rdbx_get_packet_index(&stream->rtp_rdbx);
+ return true;
+}
+
void SrtpSession::set_signal_silent_time(uint32 signal_silent_time_in_ms) {
srtp_stat_->set_signal_silent_time(signal_silent_time_in_ms);
}
@@ -596,6 +665,13 @@
// TODO(astor) parse window size from WSH session-param
policy.window_size = 1024;
policy.allow_repeat_tx = 1;
+ // If external authentication option is enabled, supply custom auth module
+ // id EXTERNAL_HMAC_SHA1 in the policy structure.
+ // We want to set this option only for rtp packets.
+ // By default policy structure is initialized to HMAC_SHA1.
+#if defined(ENABLE_EXTERNAL_AUTH)
+ policy.rtp.auth_type = EXTERNAL_HMAC_SHA1;
+#endif
policy.next = NULL;
int err = srtp_create(&session_, &policy);
@@ -604,6 +680,7 @@
return false;
}
+
rtp_auth_tag_len_ = policy.rtp.auth_tag_len;
rtcp_auth_tag_len_ = policy.rtcp.auth_tag_len;
return true;
@@ -623,7 +700,13 @@
LOG(LS_ERROR) << "Failed to install SRTP event handler, err=" << err;
return false;
}
-
+#if defined(ENABLE_EXTERNAL_AUTH)
+ err = external_crypto_init();
+ if (err != err_status_ok) {
+ LOG(LS_ERROR) << "Failed to initialize fake auth, err=" << err;
+ return false;
+ }
+#endif
inited_ = true;
}
diff --git a/talk/session/media/srtpfilter.h b/talk/session/media/srtpfilter.h
index b6a2699..bc1735a 100644
--- a/talk/session/media/srtpfilter.h
+++ b/talk/session/media/srtpfilter.h
@@ -122,12 +122,18 @@
// Encrypts/signs an individual RTP/RTCP packet, in-place.
// If an HMAC is used, this will increase the packet size.
bool ProtectRtp(void* data, int in_len, int max_len, int* out_len);
+ // Overloaded version, outputs packet index.
+ bool ProtectRtp(void* data, int in_len, int max_len, int* out_len,
+ int64* index);
bool ProtectRtcp(void* data, int in_len, int max_len, int* out_len);
// Decrypts/verifies an invidiual RTP/RTCP packet.
// If an HMAC is used, this will decrease the packet size.
bool UnprotectRtp(void* data, int in_len, int* out_len);
bool UnprotectRtcp(void* data, int in_len, int* out_len);
+ // Returns rtp auth params from srtp context.
+ bool GetRtpAuthParams(uint8** key, int* key_len, int* tag_len);
+
// Update the silent threshold (in ms) for signaling errors.
void set_signal_silent_time(uint32 signal_silent_time_in_ms);
@@ -200,12 +206,18 @@
// Encrypts/signs an individual RTP/RTCP packet, in-place.
// If an HMAC is used, this will increase the packet size.
bool ProtectRtp(void* data, int in_len, int max_len, int* out_len);
+ // Overloaded version, outputs packet index.
+ bool ProtectRtp(void* data, int in_len, int max_len, int* out_len,
+ int64* index);
bool ProtectRtcp(void* data, int in_len, int max_len, int* out_len);
// Decrypts/verifies an invidiual RTP/RTCP packet.
// If an HMAC is used, this will decrease the packet size.
bool UnprotectRtp(void* data, int in_len, int* out_len);
bool UnprotectRtcp(void* data, int in_len, int* out_len);
+ // Helper method to get authentication params.
+ bool GetRtpAuthParams(uint8** key, int* key_len, int* tag_len);
+
// Update the silent threshold (in ms) for signaling errors.
void set_signal_silent_time(uint32 signal_silent_time_in_ms);
@@ -217,9 +229,13 @@
private:
bool SetKey(int type, const std::string& cs, const uint8* key, int len);
+ // Returns send stream current packet index from srtp db.
+ bool GetSendStreamPacketIndex(void* data, int in_len, int64* index);
+
static bool Init();
void HandleEvent(const srtp_event_data_t* ev);
static void HandleEventThunk(srtp_event_data_t* ev);
+
static std::list<SrtpSession*>* sessions();
srtp_t session_;
diff --git a/talk/session/media/srtpfilter_unittest.cc b/talk/session/media/srtpfilter_unittest.cc
index 1b4aef2..680b9d6 100644
--- a/talk/session/media/srtpfilter_unittest.cc
+++ b/talk/session/media/srtpfilter_unittest.cc
@@ -522,6 +522,25 @@
kTestKey1, kTestKeyLen - 1));
}
+#if defined(ENABLE_EXTERNAL_AUTH)
+TEST_F(SrtpFilterTest, TestGetSendAuthParams) {
+ EXPECT_TRUE(f1_.SetRtpParams(CS_AES_CM_128_HMAC_SHA1_32,
+ kTestKey1, kTestKeyLen,
+ CS_AES_CM_128_HMAC_SHA1_32,
+ kTestKey2, kTestKeyLen));
+ EXPECT_TRUE(f1_.SetRtcpParams(CS_AES_CM_128_HMAC_SHA1_32,
+ kTestKey1, kTestKeyLen,
+ CS_AES_CM_128_HMAC_SHA1_32,
+ kTestKey2, kTestKeyLen));
+ uint8* auth_key = NULL;
+ int auth_key_len = 0, auth_tag_len = 0;
+ EXPECT_TRUE(f1_.GetRtpAuthParams(&auth_key, &auth_key_len, &auth_tag_len));
+ EXPECT_TRUE(auth_key != NULL);
+ EXPECT_EQ(20, auth_key_len);
+ EXPECT_EQ(4, auth_tag_len);
+}
+#endif
+
class SrtpSessionTest : public testing::Test {
protected:
virtual void SetUp() {
@@ -606,6 +625,15 @@
TestUnprotectRtcp(CS_AES_CM_128_HMAC_SHA1_32);
}
+TEST_F(SrtpSessionTest, TestGetSendStreamPacketIndex) {
+ EXPECT_TRUE(s1_.SetSend(CS_AES_CM_128_HMAC_SHA1_32, kTestKey1, kTestKeyLen));
+ int64 index;
+ int out_len = 0;
+ EXPECT_TRUE(s1_.ProtectRtp(rtp_packet_, rtp_len_,
+ sizeof(rtp_packet_), &out_len, &index));
+ EXPECT_EQ(1, index);
+}
+
// Test that we fail to unprotect if someone tampers with the RTP/RTCP paylaods.
TEST_F(SrtpSessionTest, TestTamperReject) {
int out_len;