implement not in-place api's for protect/unprotect

The protect/unprotect api's can now operate both in-place or not in-place, depending on the requirements of the caller. The length of the out buffer can now be checked to ensure there is sufficient space. Tests are add to verify validation of the output buffer length.
cisco · Mar 25, 2024 · 7f7a1a0 · 7f7a1a0
1 parent ec35cfd
commit 7f7a1a0
Show file tree

Hide file tree

Showing 6 changed files with 1,100 additions and 534 deletions.
diff --git a/fuzzer/fuzzer.c b/fuzzer/fuzzer.c
@@ -187,31 +187,39 @@ static srtp_err_status_t fuzz_srtp_protect(srtp_t srtp_sender,
                                            size_t *len,
                                            size_t mki)
 {
-    return srtp_protect(srtp_sender, hdr, len, mki);
+    size_t out_len = *len + SRTP_MAX_TRAILER_LEN;
+    srtp_err_status_t s =
+        srtp_protect(srtp_sender, hdr, *len, hdr, &out_len, mki);
+    *len = out_len;
+    return s;
 }
 
 static srtp_err_status_t fuzz_srtp_unprotect(srtp_t srtp_sender,
                                              void *hdr,
                                              size_t *len,
                                              size_t mki)
 {
-    return srtp_unprotect(srtp_sender, hdr, len);
+    return srtp_unprotect(srtp_sender, hdr, *len, hdr, len);
 }
 
 static srtp_err_status_t fuzz_srtp_protect_rtcp(srtp_t srtp_sender,
                                                 void *hdr,
                                                 size_t *len,
                                                 size_t mki)
 {
-    return srtp_protect_rtcp(srtp_sender, hdr, len, mki);
+    size_t out_len = *len + SRTP_MAX_SRTCP_TRAILER_LEN;
+    srtp_err_status_t s =
+        srtp_protect_rtcp(srtp_sender, hdr, *len, hdr, &out_len, mki);
+    *len = out_len;
+    return s;
 }
 
 static srtp_err_status_t fuzz_srtp_unprotect_rtcp(srtp_t srtp_sender,
                                                   void *hdr,
                                                   size_t *len,
                                                   size_t mki)
 {
-    return srtp_unprotect_rtcp(srtp_sender, hdr, len);
+    return srtp_unprotect_rtcp(srtp_sender, hdr, *len, hdr, len);
 }
 
 /* Get protect length functions */

diff --git a/include/srtp.h b/include/srtp.h
@@ -426,18 +426,13 @@ srtp_err_status_t srtp_shutdown(void);
  *    - srtp_err_status_replay_fail   rtp sequence number was non-increasing
  *    - @e other                 failure in cryptographic mechanisms
  */
-srtp_err_status_t srtp_protect(srtp_ctx_t *ctx,
-                               uint8_t *rtp_hdr,
-                               size_t *pkt_octet_len,
+srtp_err_status_t srtp_protect(srtp_t ctx,
+                               const uint8_t *rtp,
+                               size_t rtp_len,
+                               uint8_t *srtp,
+                               size_t *srtp_len,
                                size_t mki_index);
 
-srtp_err_status_t srtp_protect2(srtp_t ctx,
-                                const uint8_t *rtp,
-                                size_t rtp_len,
-                                uint8_t *srtp,
-                                size_t *srtp_len,
-                                size_t mki_index);
-
 /**
  * @brief srtp_unprotect() is the Secure RTP receiver-side packet
  * processing function.
@@ -480,14 +475,10 @@ srtp_err_status_t srtp_protect2(srtp_t ctx,
  *
  */
 srtp_err_status_t srtp_unprotect(srtp_t ctx,
-                                 uint8_t *srtp_hdr,
-                                 size_t *len_ptr);
-
-srtp_err_status_t srtp_unprotect2(srtp_t ctx,
-                                  const uint8_t *srtp,
-                                  size_t srtp_len,
-                                  uint8_t *rtp,
-                                  size_t *rtp_len);
+                                 const uint8_t *srtp,
+                                 size_t srtp_len,
+                                 uint8_t *rtp,
+                                 size_t *rtp_len);
 
 /**
  * @brief srtp_create() allocates and initializes an SRTP session.
@@ -1161,17 +1152,12 @@ void srtp_append_salt_to_key(uint8_t *key,
  *                               the cryptographic mechanisms.
  */
 srtp_err_status_t srtp_protect_rtcp(srtp_t ctx,
-                                    uint8_t *rtcp_hdr,
-                                    size_t *pkt_octet_len,
+                                    const uint8_t *rtcp,
+                                    size_t rtcp_len,
+                                    uint8_t *srtcp,
+                                    size_t *srtcp_len,
                                     size_t mki_index);
 
-srtp_err_status_t srtp_protect_rtcp2(srtp_t ctx,
-                                     const uint8_t *rtcp,
-                                     size_t rtcp_len,
-                                     uint8_t *srtcp,
-                                     size_t *srtcp_len,
-                                     size_t mki_index);
-
 /**
  * @brief srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet
  * processing function.
@@ -1213,14 +1199,10 @@ srtp_err_status_t srtp_protect_rtcp2(srtp_t ctx,
  *
  */
 srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx,
-                                      uint8_t *srtcp_hdr,
-                                      size_t *pkt_octet_len);
-
-srtp_err_status_t srtp_unprotect_rtcp2(srtp_t ctx,
-                                       const uint8_t *srtcp,
-                                       size_t srtcp_len,
-                                       uint8_t *rtcp,
-                                       size_t *rtcp_len);
+                                      const uint8_t *srtcp,
+                                      size_t srtcp_len,
+                                      uint8_t *rtcp,
+                                      size_t *rtcp_len);
 
 /**
  * @defgroup User data associated to a SRTP session.