Skip to content

Commit

Permalink
Merge pull request #683 from pabuhler/remove-gcm-8-byte-tag
Browse files Browse the repository at this point in the history
remove support for gcm_x_8
  • Loading branch information
pabuhler authored Jan 15, 2024
2 parents 1742c3d + c997bf0 commit 24da558
Show file tree
Hide file tree
Showing 7 changed files with 38 additions and 201 deletions.
8 changes: 0 additions & 8 deletions fuzzer/fuzzer.h
Original file line number Diff line number Diff line change
Expand Up @@ -150,16 +150,8 @@ const struct fuzz_srtp_crypto_policy_func_ext fuzz_srtp_crypto_policies[] = {
"srtp_crypto_policy_set_aes_cm_192_null_auth" },
{ srtp_crypto_policy_set_aes_gcm_128_16_auth,
"srtp_crypto_policy_set_aes_gcm_128_16_auth" },
{ srtp_crypto_policy_set_aes_gcm_128_8_auth,
"srtp_crypto_policy_set_aes_gcm_128_8_auth" },
{ srtp_crypto_policy_set_aes_gcm_128_8_only_auth,
"srtp_crypto_policy_set_aes_gcm_128_8_only_auth" },
{ srtp_crypto_policy_set_aes_gcm_256_16_auth,
"srtp_crypto_policy_set_aes_gcm_256_16_auth" },
{ srtp_crypto_policy_set_aes_gcm_256_8_auth,
"srtp_crypto_policy_set_aes_gcm_256_8_auth" },
{ srtp_crypto_policy_set_aes_gcm_256_8_only_auth,
"srtp_crypto_policy_set_aes_gcm_256_8_only_auth" },
#endif
};

Expand Down
92 changes: 0 additions & 92 deletions include/srtp.h
Original file line number Diff line number Diff line change
Expand Up @@ -1022,98 +1022,6 @@ void srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32(srtp_crypto_policy_t *p);
*/
void srtp_crypto_policy_set_aes_cm_192_null_auth(srtp_crypto_policy_t *p);

/**
* @brief srtp_crypto_policy_set_aes_gcm_128_8_auth() sets a crypto
* policy structure to an AEAD encryption policy.
*
* @param p is a pointer to the policy structure to be set
*
* The function call srtp_crypto_policy_set_aes_gcm_128_8_auth(&p) sets
* the srtp_crypto_policy_t at location p to use the SRTP default cipher
* (AES-128 Galois Counter Mode) with 8 octet auth tag. This
* policy applies confidentiality and authentication to both the
* RTP and RTCP packets.
*
* This function is a convenience that helps to avoid dealing directly
* with the policy data structure. You are encouraged to initialize
* policy elements with this function call. Doing so may allow your
* code to be forward compatible with later versions of libSRTP that
* include more elements in the srtp_crypto_policy_t datatype.
*
* @return void.
*
*/
void srtp_crypto_policy_set_aes_gcm_128_8_auth(srtp_crypto_policy_t *p);

/**
* @brief srtp_crypto_policy_set_aes_gcm_256_8_auth() sets a crypto
* policy structure to an AEAD encryption policy
*
* @param p is a pointer to the policy structure to be set
*
* The function call srtp_crypto_policy_set_aes_gcm_256_8_auth(&p) sets
* the srtp_crypto_policy_t at location p to use the SRTP default cipher
* (AES-256 Galois Counter Mode) with 8 octet auth tag. This
* policy applies confidentiality and authentication to both the
* RTP and RTCP packets.
*
* This function is a convenience that helps to avoid dealing directly
* with the policy data structure. You are encouraged to initialize
* policy elements with this function call. Doing so may allow your
* code to be forward compatible with later versions of libSRTP that
* include more elements in the srtp_crypto_policy_t datatype.
*
* @return void.
*
*/
void srtp_crypto_policy_set_aes_gcm_256_8_auth(srtp_crypto_policy_t *p);

/**
* @brief srtp_crypto_policy_set_aes_gcm_128_8_only_auth() sets a crypto
* policy structure to an AEAD authentication-only policy
*
* @param p is a pointer to the policy structure to be set
*
* The function call srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&p) sets
* the srtp_crypto_policy_t at location p to use the SRTP default cipher
* (AES-128 Galois Counter Mode) with 8 octet auth tag. This policy
* applies confidentiality and authentication to the RTP packets,
* but only authentication to the RTCP packets.
*
* This function is a convenience that helps to avoid dealing directly
* with the policy data structure. You are encouraged to initialize
* policy elements with this function call. Doing so may allow your
* code to be forward compatible with later versions of libSRTP that
* include more elements in the srtp_crypto_policy_t datatype.
*
* @return void.
*
*/
void srtp_crypto_policy_set_aes_gcm_128_8_only_auth(srtp_crypto_policy_t *p);

/**
* @brief srtp_crypto_policy_set_aes_gcm_256_8_only_auth() sets a crypto
* policy structure to an AEAD authentication-only policy
*
* @param p is a pointer to the policy structure to be set
*
* The function call srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&p) sets
* the srtp_crypto_policy_t at location p to use the SRTP default cipher
* (AES-256 Galois Counter Mode) with 8 octet auth tag. This policy
* applies confidentiality and authentication to the RTP packets,
* but only authentication to the RTCP packets.
*
* This function is a convenience that helps to avoid dealing directly
* with the policy data structure. You are encouraged to initialize
* policy elements with this function call. Doing so may allow your
* code to be forward compatible with later versions of libSRTP that
* include more elements in the srtp_crypto_policy_t datatype.
*
* @return void.
*
*/
void srtp_crypto_policy_set_aes_gcm_256_8_only_auth(srtp_crypto_policy_t *p);

/**
* @brief srtp_crypto_policy_set_aes_gcm_128_16_auth() sets a crypto
* policy structure to an AEAD encryption policy.
Expand Down
4 changes: 0 additions & 4 deletions srtp.def
Original file line number Diff line number Diff line change
Expand Up @@ -23,10 +23,6 @@ srtp_crypto_policy_set_aes_cm_192_null_auth
srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80
srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32
srtp_crypto_policy_set_aes_cm_256_null_auth
srtp_crypto_policy_set_aes_gcm_128_8_auth
srtp_crypto_policy_set_aes_gcm_256_8_auth
srtp_crypto_policy_set_aes_gcm_128_8_only_auth
srtp_crypto_policy_set_aes_gcm_256_8_only_auth
srtp_crypto_policy_set_aes_gcm_128_16_auth
srtp_crypto_policy_set_aes_gcm_256_16_auth
srtp_dealloc
Expand Down
52 changes: 0 additions & 52 deletions srtp/srtp.c
Original file line number Diff line number Diff line change
Expand Up @@ -3452,58 +3452,6 @@ void srtp_crypto_policy_set_aes_cm_192_null_auth(srtp_crypto_policy_t *p)
p->sec_serv = sec_serv_conf;
}

/*
* AES-128 GCM mode with 8 octet auth tag.
*/
void srtp_crypto_policy_set_aes_gcm_128_8_auth(srtp_crypto_policy_t *p)
{
p->cipher_type = SRTP_AES_GCM_128;
p->cipher_key_len = SRTP_AES_GCM_128_KEY_LEN_WSALT;
p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */
p->auth_key_len = 0;
p->auth_tag_len = 8; /* 8 octet tag length */
p->sec_serv = sec_serv_conf_and_auth;
}

/*
* AES-256 GCM mode with 8 octet auth tag.
*/
void srtp_crypto_policy_set_aes_gcm_256_8_auth(srtp_crypto_policy_t *p)
{
p->cipher_type = SRTP_AES_GCM_256;
p->cipher_key_len = SRTP_AES_GCM_256_KEY_LEN_WSALT;
p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */
p->auth_key_len = 0;
p->auth_tag_len = 8; /* 8 octet tag length */
p->sec_serv = sec_serv_conf_and_auth;
}

/*
* AES-128 GCM mode with 8 octet auth tag, no RTCP encryption.
*/
void srtp_crypto_policy_set_aes_gcm_128_8_only_auth(srtp_crypto_policy_t *p)
{
p->cipher_type = SRTP_AES_GCM_128;
p->cipher_key_len = SRTP_AES_GCM_128_KEY_LEN_WSALT;
p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */
p->auth_key_len = 0;
p->auth_tag_len = 8; /* 8 octet tag length */
p->sec_serv = sec_serv_auth; /* This only applies to RTCP */
}

/*
* AES-256 GCM mode with 8 octet auth tag, no RTCP encryption.
*/
void srtp_crypto_policy_set_aes_gcm_256_8_only_auth(srtp_crypto_policy_t *p)
{
p->cipher_type = SRTP_AES_GCM_256;
p->cipher_key_len = SRTP_AES_GCM_256_KEY_LEN_WSALT;
p->auth_type = SRTP_NULL_AUTH; /* GCM handles the auth for us */
p->auth_key_len = 0;
p->auth_tag_len = 8; /* 8 octet tag length */
p->sec_serv = sec_serv_auth; /* This only applies to RTCP */
}

/*
* AES-128 GCM mode with 16 octet auth tag.
*/
Expand Down
39 changes: 14 additions & 25 deletions test/rtp_decoder.c
Original file line number Diff line number Diff line change
Expand Up @@ -320,9 +320,8 @@ int main(int argc, char *argv[])
}
}

if (gcm_on && scs.tag_size != 8 && scs.tag_size != 16) {
fprintf(stderr, "error: GCM tag size must be 8 or 16 (%d)\n",
scs.tag_size);
if (gcm_on && scs.tag_size != 16) {
fprintf(stderr, "error: GCM tag size must be 16 (%d)\n", scs.tag_size);
exit(1);
}

Expand Down Expand Up @@ -379,24 +378,12 @@ int main(int argc, char *argv[])
#ifdef OPENSSL
switch (scs.key_size) {
case 128:
if (scs.tag_size == 16) {
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_16_auth(
&policy.rtcp);
} else {
srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp);
}
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp);
break;
case 256:
if (scs.tag_size == 16) {
srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_256_16_auth(
&policy.rtcp);
} else {
srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtcp);
}
srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy.rtcp);
break;
}
#else
Expand Down Expand Up @@ -495,14 +482,16 @@ int main(int argc, char *argv[])
#ifdef OPENSSL
switch (scs.key_size) {
case 128:
srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_8_only_auth(
&policy.rtcp);
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);
policy.rtp.sec_serv = sec_serv_auth;
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp);
policy.rtcp.sec_serv = sec_serv_auth;
break;
case 256:
srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_256_8_only_auth(
&policy.rtcp);
srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy.rtp);
policy.rtp.sec_serv = sec_serv_auth;
srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy.rtcp);
policy.rtcp.sec_serv = sec_serv_auth;
break;
}
#else
Expand Down
22 changes: 12 additions & 10 deletions test/rtpw.c
Original file line number Diff line number Diff line change
Expand Up @@ -378,12 +378,12 @@ int main(int argc, char *argv[])
#ifdef GCM
switch (key_size) {
case 128:
srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp);
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp);
break;
case 256:
srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_256_8_auth(&policy.rtcp);
srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy.rtcp);
break;
}
#else
Expand Down Expand Up @@ -427,14 +427,16 @@ int main(int argc, char *argv[])
#ifdef GCM
switch (key_size) {
case 128:
srtp_crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_8_only_auth(
&policy.rtcp);
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);
policy.rtp.sec_serv = sec_serv_auth;
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp);
policy.rtcp.sec_serv = sec_serv_auth;
break;
case 256:
srtp_crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_256_8_only_auth(
&policy.rtcp);
srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy.rtp);
policy.rtp.sec_serv = sec_serv_auth;
srtp_crypto_policy_set_aes_gcm_256_16_auth(&policy.rtcp);
policy.rtcp.sec_serv = sec_serv_auth;
break;
}
#else
Expand Down
22 changes: 12 additions & 10 deletions test/srtp_driver.c
Original file line number Diff line number Diff line change
Expand Up @@ -2373,25 +2373,27 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm(void)
0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab
};
uint8_t srtp_plaintext[64] = {
uint8_t srtp_plaintext[72] = {
0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
0x17, 0x41, 0x42, 0x73, 0xA4, 0x75, 0x26, 0x27,
0x48, 0x22, 0x00, 0x00, 0xC8, 0x30, 0x8E, 0x46,
0x55, 0x99, 0x63, 0x86, 0xB3, 0x95, 0xFB, 0x00,
0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
};
uint8_t srtp_ciphertext[64] = {
uint8_t srtp_ciphertext[72] = {
0x90, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
0xca, 0xfe, 0xba, 0xbe, 0xBE, 0xDE, 0x00, 0x06,
0x17, 0x12, 0xe0, 0x20, 0x5b, 0xfa, 0x94, 0x9b,
0x1C, 0x22, 0x00, 0x00, 0xC8, 0x30, 0xbb, 0x46,
0x73, 0x27, 0x78, 0xd9, 0x92, 0x9a, 0xab, 0x00,
0x0e, 0xca, 0x0c, 0xf9, 0x5e, 0xe9, 0x55, 0xb2,
0x6c, 0xd3, 0xd2, 0x88, 0xb4, 0x9f, 0x6c, 0xa9,
0xf4, 0xb1, 0xb7, 0x59, 0x71, 0x9e, 0xb5, 0xbc
0xf4, 0xb1, 0xb7, 0x59, 0x71, 0x9e, 0xb5, 0xbc,
0x11, 0x3b, 0x9f, 0xf1, 0xd4, 0x0c, 0xd2, 0x5a
};
// clang-format on

Expand All @@ -2406,8 +2408,8 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm(void)
* policy and with the SSRC value 0xcafebabe
*/
memset(&policy, 0, sizeof(policy));
srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp);
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp);
policy.ssrc.type = ssrc_specific;
policy.ssrc.value = 0xcafebabe;
policy.key = test_key_ext_headers;
Expand All @@ -2429,9 +2431,9 @@ srtp_err_status_t srtp_validate_encrypted_extensions_headers_gcm(void)
if (status || (len != sizeof(srtp_plaintext)))
return srtp_err_status_fail;

debug_print(mod_driver, "ciphertext:\n %s",
debug_print(mod_driver, " ? ciphertext:\n %s",
srtp_octet_string_hex_string(srtp_plaintext, len));
debug_print(mod_driver, "ciphertext reference:\n %s",
debug_print(mod_driver, " ? ciphertext reference:\n %s",
srtp_octet_string_hex_string(srtp_ciphertext, len));

if (srtp_octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len))
Expand Down Expand Up @@ -2723,8 +2725,8 @@ srtp_err_status_t srtp_test_empty_payload_gcm(void)
* policy and with the SSRC value 0xcafebabe
*/
memset(&policy, 0, sizeof(policy));
srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp);
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtp);
srtp_crypto_policy_set_aes_gcm_128_16_auth(&policy.rtcp);
policy.ssrc.type = ssrc_specific;
policy.ssrc.value = 0xcafebabe;
policy.key = test_key;
Expand All @@ -2745,7 +2747,7 @@ srtp_err_status_t srtp_test_empty_payload_gcm(void)
status = srtp_protect(srtp_snd, mesg, &len);
if (status) {
return status;
} else if (len != 12 + 8) {
} else if (len != 12 + 16) {
return srtp_err_status_fail;
}

Expand Down

0 comments on commit 24da558

Please sign in to comment.