Skip to content

Commit

Permalink
consistently use mki size from srtp_stream_ctx_t
Browse files Browse the repository at this point in the history 
The mki_size member of the srtp_stream_ctx_t has the correct value at
all times, no need to manage the value of a separate mke_size variable.
  • Loading branch information
@pabuhler
pabuhler committed Mar 25, 2024
1 parent 5427fe3 commit ec35cfd
Showing 1 changed file with 46 additions and 56 deletions.
102 changes: 46 additions & 56 deletions srtp/srtp.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1651,11 +1651,9 @@ srtp_err_status_t srtp_get_session_keys_for_packet(
srtp_stream_ctx_t *stream,
const uint8_t *hdr,
size_t pkt_octet_len,
size_t *mki_size,
srtp_session_keys_t **session_keys)
{
if (!stream->use_mki) {
*mki_size = 0;
*session_keys = &stream->session_keys[0];
return srtp_err_status_ok;
}
Expand All @@ -1672,7 +1670,6 @@ srtp_err_status_t srtp_get_session_keys_for_packet(
}

if (tag_len > mki_start_location) {
*mki_size = 0;
return srtp_err_status_bad_mki;
}

Expand All @@ -1687,13 +1684,11 @@ srtp_err_status_t srtp_get_session_keys_for_packet(
for (size_t i = 0; i < stream->num_master_keys; i++) {
if (memcmp(hdr + mki_start_location, stream->session_keys[i].mki_id,
stream->mki_size) == 0) {
*mki_size = stream->mki_size;
*session_keys = &stream->session_keys[i];
return srtp_err_status_ok;
}
}

*mki_size = 0;
return srtp_err_status_bad_mki;
}

Expand Down Expand Up @@ -1762,7 +1757,6 @@ static srtp_err_status_t srtp_protect_aead(srtp_ctx_t *ctx,
size_t tag_len;
v128_t iv;
size_t aad_len;
size_t mki_size = 0;

debug_print0(mod_srtp, "function srtp_protect_aead");

Expand Down Expand Up @@ -1887,16 +1881,15 @@ static srtp_err_status_t srtp_protect_aead(srtp_ctx_t *ctx,
}

if (stream->use_mki) {
uint8_t *mki_location = rtp_hdr + *pkt_octet_len + tag_len;
srtp_inject_mki(mki_location, session_keys, stream->mki_size);
mki_size = stream->mki_size;
srtp_inject_mki(rtp_hdr + *pkt_octet_len + tag_len, session_keys,
stream->mki_size);
}

/* increase the packet length by the length of the auth tag */
*pkt_octet_len += tag_len;

/* increase the packet length by the length of the mki_size */
*pkt_octet_len += mki_size;
*pkt_octet_len += stream->mki_size;

return srtp_err_status_ok;
}
Expand All @@ -1915,7 +1908,6 @@ static srtp_err_status_t srtp_unprotect_aead(srtp_ctx_t *ctx,
uint8_t *srtp_hdr,
size_t *pkt_octet_len,
srtp_session_keys_t *session_keys,
size_t mki_size,
bool advance_packet_index)
{
srtp_hdr_t *hdr = (srtp_hdr_t *)srtp_hdr;
Expand Down Expand Up @@ -1960,14 +1952,15 @@ static srtp_err_status_t srtp_unprotect_aead(srtp_ctx_t *ctx,
if (hdr->x == 1) {
enc_start += srtp_get_rtp_xtn_hdr_len(hdr, srtp_hdr);
}
if (!(enc_start <= srtp_hdr + (*pkt_octet_len - tag_len - mki_size))) {
if (!(enc_start <=
srtp_hdr + (*pkt_octet_len - tag_len - stream->mki_size))) {
return srtp_err_status_parse_err;
}

/*
* We pass the tag down to the cipher when doing GCM mode
*/
enc_octet_len = *pkt_octet_len - mki_size - (enc_start - srtp_hdr);
enc_octet_len = *pkt_octet_len - stream->mki_size - (enc_start - srtp_hdr);

/*
* Sanity check the encrypted payload length against
Expand Down Expand Up @@ -2092,7 +2085,7 @@ static srtp_err_status_t srtp_unprotect_aead(srtp_ctx_t *ctx,
*pkt_octet_len -= tag_len;

/* decrease the packet length by the length of the mki_size */
*pkt_octet_len -= mki_size;
*pkt_octet_len -= stream->mki_size;

return srtp_err_status_ok;
}
Expand Down Expand Up @@ -2128,7 +2121,6 @@ srtp_err_status_t srtp_protect(srtp_ctx_t *ctx,
size_t tag_len;
srtp_stream_ctx_t *stream;
size_t prefix_len;
size_t mki_size = 0;
srtp_session_keys_t *session_keys = NULL;

debug_print0(mod_srtp, "function srtp_protect");
Expand Down Expand Up @@ -2256,9 +2248,8 @@ srtp_err_status_t srtp_protect(srtp_ctx_t *ctx,
}

if (stream->use_mki) {
uint8_t *mki_location = rtp_hdr + *pkt_octet_len;
srtp_inject_mki(mki_location, session_keys, stream->mki_size);
mki_size = stream->mki_size;
srtp_inject_mki(rtp_hdr + *pkt_octet_len, session_keys,
stream->mki_size);
}

/*
Expand All @@ -2268,7 +2259,7 @@ srtp_err_status_t srtp_protect(srtp_ctx_t *ctx,
*/
if (stream->rtp_services & sec_serv_auth) {
auth_start = rtp_hdr;
auth_tag = rtp_hdr + *pkt_octet_len + mki_size;
auth_tag = rtp_hdr + *pkt_octet_len + stream->mki_size;
} else {
auth_start = NULL;
auth_tag = NULL;
Expand Down Expand Up @@ -2410,7 +2401,7 @@ srtp_err_status_t srtp_protect(srtp_ctx_t *ctx,
}

/* increate the packet length by the mki size if used */
*pkt_octet_len += mki_size;
*pkt_octet_len += stream->mki_size;

return srtp_err_status_ok;
}
Expand Down Expand Up @@ -2446,7 +2437,6 @@ srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx,
srtp_stream_ctx_t *stream;
uint8_t tmp_tag[SRTP_MAX_TAG_LEN];
size_t tag_len, prefix_len;
size_t mki_size = 0;
srtp_session_keys_t *session_keys = NULL;
bool advance_packet_index = false;
uint32_t roc_to_set = 0;
Expand Down Expand Up @@ -2518,7 +2508,7 @@ srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx,

/* Determine if MKI is being used and what session keys should be used */
status = srtp_get_session_keys_for_packet(stream, srtp_hdr, *pkt_octet_len,
&mki_size, &session_keys);
&session_keys);
if (status) {
return status;
}
Expand All @@ -2530,7 +2520,7 @@ srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx,
if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 ||
session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) {
return srtp_unprotect_aead(ctx, stream, delta, est, srtp_hdr,
pkt_octet_len, session_keys, mki_size,
pkt_octet_len, session_keys,
advance_packet_index);
}

Expand Down Expand Up @@ -2585,12 +2575,13 @@ srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx,
if (hdr->x == 1) {
enc_start += srtp_get_rtp_xtn_hdr_len(hdr, srtp_hdr);
}
if (!(enc_start <= srtp_hdr + (*pkt_octet_len - tag_len - mki_size))) {
if (!(enc_start <=
srtp_hdr + (*pkt_octet_len - tag_len - stream->mki_size))) {
return srtp_err_status_parse_err;
}

enc_octet_len =
*pkt_octet_len - tag_len - mki_size - (enc_start - srtp_hdr);
enc_octet_len = *pkt_octet_len - tag_len - stream->mki_size -
(enc_start - srtp_hdr);
} else {
enc_start = NULL;
}
Expand Down Expand Up @@ -2639,7 +2630,7 @@ srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx,

/* now compute auth function over packet */
status = srtp_auth_update(session_keys->rtp_auth, auth_start,
*pkt_octet_len - tag_len - mki_size);
*pkt_octet_len - tag_len - stream->mki_size);
if (status) {
return status;
}
Expand Down Expand Up @@ -2763,7 +2754,7 @@ srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx,
*pkt_octet_len -= tag_len;

/* decrease the packet length by the mki size */
*pkt_octet_len -= mki_size;
*pkt_octet_len -= stream->mki_size;

return srtp_err_status_ok;
}
Expand Down Expand Up @@ -3551,7 +3542,6 @@ static srtp_err_status_t srtp_protect_rtcp_aead(
uint32_t seq_num;
v128_t iv;
uint32_t tseq;
size_t mki_size = 0;

/* get tag length from stream context */
tag_len = srtp_auth_get_tag_length(session_keys->rtcp_auth);
Expand Down Expand Up @@ -3581,7 +3571,6 @@ static srtp_err_status_t srtp_protect_rtcp_aead(
srtp_inject_mki(rtcp_hdr + *pkt_octet_len + tag_len +
sizeof(srtcp_trailer_t),
session_keys, stream->mki_size);
mki_size = stream->mki_size;
}

/*
Expand Down Expand Up @@ -3696,7 +3685,7 @@ static srtp_err_status_t srtp_protect_rtcp_aead(
*pkt_octet_len += (tag_len + sizeof(srtcp_trailer_t));

/* increase the packet by the mki_size */
*pkt_octet_len += mki_size;
*pkt_octet_len += stream->mki_size;

return srtp_err_status_ok;
}
Expand All @@ -3712,8 +3701,7 @@ static srtp_err_status_t srtp_unprotect_rtcp_aead(
srtp_stream_ctx_t *stream,
uint8_t *srtcp_hdr,
size_t *pkt_octet_len,
srtp_session_keys_t *session_keys,
size_t mki_size)
srtp_session_keys_t *session_keys)
{
srtcp_hdr_t *hdr = (srtcp_hdr_t *)srtcp_hdr;
uint8_t *enc_start; /* pointer to start of encrypted portion */
Expand All @@ -3739,15 +3727,17 @@ static srtp_err_status_t srtp_unprotect_rtcp_aead(
*/
/* This should point trailer to the word past the end of the normal data. */
/* This would need to be modified for optional mikey data */
trailer_p = srtcp_hdr + *pkt_octet_len - sizeof(srtcp_trailer_t) - mki_size;
trailer_p =
srtcp_hdr + *pkt_octet_len - sizeof(srtcp_trailer_t) - stream->mki_size;
memcpy(&trailer, trailer_p, sizeof(trailer));

/*
* We pass the tag down to the cipher when doing GCM mode
*/
enc_octet_len = *pkt_octet_len - (octets_in_rtcp_header +
sizeof(srtcp_trailer_t) + mki_size);
auth_tag = srtcp_hdr + *pkt_octet_len - tag_len - mki_size -
enc_octet_len =
*pkt_octet_len -
(octets_in_rtcp_header + sizeof(srtcp_trailer_t) + stream->mki_size);
auth_tag = srtcp_hdr + *pkt_octet_len - tag_len - stream->mki_size -
sizeof(srtcp_trailer_t);

if (*trailer_p & SRTCP_E_BYTE_BIT) {
Expand Down Expand Up @@ -3800,9 +3790,10 @@ static srtp_err_status_t srtp_unprotect_rtcp_aead(
* the entire packet as described in RFC 7714 (Section 9.3. Data
* Types in Unencrypted SRTCP Compound Packets)
*/
status = srtp_cipher_set_aad(
session_keys->rtcp_cipher, srtcp_hdr,
(*pkt_octet_len - tag_len - sizeof(srtcp_trailer_t) - mki_size));
status =
srtp_cipher_set_aad(session_keys->rtcp_cipher, srtcp_hdr,
(*pkt_octet_len - tag_len -
sizeof(srtcp_trailer_t) - stream->mki_size));
if (status) {
return (srtp_err_status_cipher_fail);
}
Expand Down Expand Up @@ -3838,7 +3829,7 @@ static srtp_err_status_t srtp_unprotect_rtcp_aead(
}

/* decrease the packet length by the length of the auth tag and seq_num*/
*pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t) + mki_size);
*pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t) + stream->mki_size);

/*
* verify that stream is for received traffic - this check will
Expand Down Expand Up @@ -3928,7 +3919,6 @@ srtp_err_status_t srtp_protect_rtcp(srtp_t ctx,
srtp_stream_ctx_t *stream;
size_t prefix_len;
uint32_t seq_num;
size_t mki_size = 0;
srtp_session_keys_t *session_keys = NULL;

/* check the packet length - it must at least contain a full header */
Expand Down Expand Up @@ -4028,7 +4018,6 @@ srtp_err_status_t srtp_protect_rtcp(srtp_t ctx,
if (stream->use_mki) {
srtp_inject_mki(rtcp_hdr + *pkt_octet_len + sizeof(srtcp_trailer_t),
session_keys, stream->mki_size);
mki_size = stream->mki_size;
}

/*
Expand All @@ -4037,7 +4026,8 @@ srtp_err_status_t srtp_protect_rtcp(srtp_t ctx,
*/
/* Note: This would need to change for optional mikey data */
auth_start = rtcp_hdr;
auth_tag = rtcp_hdr + *pkt_octet_len + sizeof(srtcp_trailer_t) + mki_size;
auth_tag =
rtcp_hdr + *pkt_octet_len + sizeof(srtcp_trailer_t) + stream->mki_size;

/*
* check sequence number for overruns, and copy it into the packet
Expand Down Expand Up @@ -4135,7 +4125,7 @@ srtp_err_status_t srtp_protect_rtcp(srtp_t ctx,
*pkt_octet_len += (tag_len + sizeof(srtcp_trailer_t));

/* increase the packet by the mki_size */
*pkt_octet_len += mki_size;
*pkt_octet_len += stream->mki_size;

return srtp_err_status_ok;
}
Expand Down Expand Up @@ -4175,7 +4165,6 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx,
uint32_t seq_num;
bool e_bit_in_packet; /* E-bit was found in the packet */
bool sec_serv_confidentiality; /* whether confidentiality was requested */
size_t mki_size = 0;
srtp_session_keys_t *session_keys = NULL;

/*
Expand Down Expand Up @@ -4212,7 +4201,7 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx,
* Determine if MKI is being used and what session keys should be used
*/
status = srtp_get_session_keys_for_packet(stream, srtcp_hdr, *pkt_octet_len,
&mki_size, &session_keys);
&session_keys);
if (status) {
return status;
}
Expand All @@ -4223,8 +4212,8 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx,
/* check the packet length - it must contain at least a full RTCP
header, an auth tag (if applicable), and the SRTCP encrypted flag
and 31-bit index value */
if (*pkt_octet_len <
octets_in_rtcp_header + tag_len + mki_size + sizeof(srtcp_trailer_t)) {
if (*pkt_octet_len < octets_in_rtcp_header + tag_len + stream->mki_size +
sizeof(srtcp_trailer_t)) {
return srtp_err_status_bad_param;
}

Expand All @@ -4235,7 +4224,7 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx,
if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 ||
session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) {
return srtp_unprotect_rtcp_aead(ctx, stream, srtcp_hdr, pkt_octet_len,
session_keys, mki_size);
session_keys);
}

sec_serv_confidentiality = stream->rtcp_services == sec_serv_conf ||
Expand All @@ -4244,16 +4233,17 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx,
/*
* set encryption start, encryption length, and trailer
*/
enc_octet_len = *pkt_octet_len - (octets_in_rtcp_header + tag_len +
mki_size + sizeof(srtcp_trailer_t));
enc_octet_len =
*pkt_octet_len - (octets_in_rtcp_header + tag_len + stream->mki_size +
sizeof(srtcp_trailer_t));
/*
*index & E (encryption) bit follow normal data. hdr->len is the number of
* words (32-bit) in the normal packet minus 1
*/
/* This should point trailer to the word past the end of the normal data. */
/* This would need to be modified for optional mikey data */
trailer_p = srtcp_hdr + *pkt_octet_len -
(tag_len + mki_size + sizeof(srtcp_trailer_t));
(tag_len + stream->mki_size + sizeof(srtcp_trailer_t));
memcpy(&trailer, trailer_p, sizeof(trailer));

e_bit_in_packet = (*(trailer_p)&SRTCP_E_BYTE_BIT) == SRTCP_E_BYTE_BIT;
Expand All @@ -4278,8 +4268,8 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx,
* could be present. The data needed to calculate the Auth tag
* must not include the MKI
*/
auth_len = *pkt_octet_len - tag_len - mki_size;
auth_tag = srtcp_hdr + auth_len + mki_size;
auth_len = *pkt_octet_len - tag_len - stream->mki_size;
auth_tag = srtcp_hdr + auth_len + stream->mki_size;

/*
* check the sequence number for replays
Expand Down Expand Up @@ -4372,7 +4362,7 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx,
*pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t));

/* decrease the packet length by the length of the mki_size */
*pkt_octet_len -= mki_size;
*pkt_octet_len -= stream->mki_size;

/*
* verify that stream is for received traffic - this check will
Expand Down

0 comments on commit ec35cfd

Please sign in to comment.