diff --git a/srtp/srtp.c b/srtp/srtp.c index d72d8dc89..0189fae94 100644 --- a/srtp/srtp.c +++ b/srtp/srtp.c @@ -1744,11 +1744,9 @@ srtp_err_status_t srtp_get_session_keys_for_packet( srtp_stream_ctx_t *stream, const uint8_t *hdr, size_t pkt_octet_len, - size_t *mki_size, srtp_session_keys_t **session_keys) { if (!stream->use_mki) { - *mki_size = 0; *session_keys = &stream->session_keys[0]; return srtp_err_status_ok; } @@ -1765,7 +1763,6 @@ srtp_err_status_t srtp_get_session_keys_for_packet( } if (tag_len > mki_start_location) { - *mki_size = 0; return srtp_err_status_bad_mki; } @@ -1780,13 +1777,11 @@ srtp_err_status_t srtp_get_session_keys_for_packet( for (size_t i = 0; i < stream->num_master_keys; i++) { if (memcmp(hdr + mki_start_location, stream->session_keys[i].mki_id, stream->mki_size) == 0) { - *mki_size = stream->mki_size; *session_keys = &stream->session_keys[i]; return srtp_err_status_ok; } } - *mki_size = 0; return srtp_err_status_bad_mki; } @@ -1855,7 +1850,6 @@ static srtp_err_status_t srtp_protect_aead(srtp_ctx_t *ctx, size_t tag_len; v128_t iv; size_t aad_len; - size_t mki_size = 0; debug_print0(mod_srtp, "function srtp_protect_aead"); @@ -1980,16 +1974,15 @@ static srtp_err_status_t srtp_protect_aead(srtp_ctx_t *ctx, } if (stream->use_mki) { - uint8_t *mki_location = rtp_hdr + *pkt_octet_len + tag_len; - srtp_inject_mki(mki_location, session_keys, stream->mki_size); - mki_size = stream->mki_size; + srtp_inject_mki(rtp_hdr + *pkt_octet_len + tag_len, session_keys, + stream->mki_size); } /* increase the packet length by the length of the auth tag */ *pkt_octet_len += tag_len; /* increase the packet length by the length of the mki_size */ - *pkt_octet_len += mki_size; + *pkt_octet_len += stream->mki_size; return srtp_err_status_ok; } @@ -2008,7 +2001,6 @@ static srtp_err_status_t srtp_unprotect_aead(srtp_ctx_t *ctx, uint8_t *srtp_hdr, size_t *pkt_octet_len, srtp_session_keys_t *session_keys, - size_t mki_size, bool advance_packet_index) { srtp_hdr_t *hdr = (srtp_hdr_t *)srtp_hdr; @@ -2053,14 +2045,15 @@ static srtp_err_status_t srtp_unprotect_aead(srtp_ctx_t *ctx, if (hdr->x == 1) { enc_start += srtp_get_rtp_xtn_hdr_len(hdr, srtp_hdr); } - if (!(enc_start <= srtp_hdr + (*pkt_octet_len - tag_len - mki_size))) { + if (!(enc_start <= + srtp_hdr + (*pkt_octet_len - tag_len - stream->mki_size))) { return srtp_err_status_parse_err; } /* * We pass the tag down to the cipher when doing GCM mode */ - enc_octet_len = *pkt_octet_len - mki_size - (enc_start - srtp_hdr); + enc_octet_len = *pkt_octet_len - stream->mki_size - (enc_start - srtp_hdr); /* * Sanity check the encrypted payload length against @@ -2185,7 +2178,7 @@ static srtp_err_status_t srtp_unprotect_aead(srtp_ctx_t *ctx, *pkt_octet_len -= tag_len; /* decrease the packet length by the length of the mki_size */ - *pkt_octet_len -= mki_size; + *pkt_octet_len -= stream->mki_size; return srtp_err_status_ok; } @@ -2206,7 +2199,6 @@ srtp_err_status_t srtp_protect(srtp_ctx_t *ctx, size_t tag_len; srtp_stream_ctx_t *stream; size_t prefix_len; - size_t mki_size = 0; srtp_session_keys_t *session_keys = NULL; debug_print0(mod_srtp, "function srtp_protect"); @@ -2334,9 +2326,8 @@ srtp_err_status_t srtp_protect(srtp_ctx_t *ctx, } if (stream->use_mki) { - uint8_t *mki_location = rtp_hdr + *pkt_octet_len; - srtp_inject_mki(mki_location, session_keys, stream->mki_size); - mki_size = stream->mki_size; + srtp_inject_mki(rtp_hdr + *pkt_octet_len, session_keys, + stream->mki_size); } /* @@ -2346,7 +2337,7 @@ srtp_err_status_t srtp_protect(srtp_ctx_t *ctx, */ if (stream->rtp_services & sec_serv_auth) { auth_start = rtp_hdr; - auth_tag = rtp_hdr + *pkt_octet_len + mki_size; + auth_tag = rtp_hdr + *pkt_octet_len + stream->mki_size; } else { auth_start = NULL; auth_tag = NULL; @@ -2488,7 +2479,7 @@ srtp_err_status_t srtp_protect(srtp_ctx_t *ctx, } /* increate the packet length by the mki size if used */ - *pkt_octet_len += mki_size; + *pkt_octet_len += stream->mki_size; return srtp_err_status_ok; } @@ -2509,7 +2500,6 @@ srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx, srtp_stream_ctx_t *stream; uint8_t tmp_tag[SRTP_MAX_TAG_LEN]; size_t tag_len, prefix_len; - size_t mki_size = 0; srtp_session_keys_t *session_keys = NULL; bool advance_packet_index = false; uint32_t roc_to_set = 0; @@ -2581,7 +2571,7 @@ srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx, /* Determine if MKI is being used and what session keys should be used */ status = srtp_get_session_keys_for_packet(stream, srtp_hdr, *pkt_octet_len, - &mki_size, &session_keys); + &session_keys); if (status) { return status; } @@ -2593,7 +2583,7 @@ srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx, if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { return srtp_unprotect_aead(ctx, stream, delta, est, srtp_hdr, - pkt_octet_len, session_keys, mki_size, + pkt_octet_len, session_keys, advance_packet_index); } @@ -2648,12 +2638,13 @@ srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx, if (hdr->x == 1) { enc_start += srtp_get_rtp_xtn_hdr_len(hdr, srtp_hdr); } - if (!(enc_start <= srtp_hdr + (*pkt_octet_len - tag_len - mki_size))) { + if (!(enc_start <= + srtp_hdr + (*pkt_octet_len - tag_len - stream->mki_size))) { return srtp_err_status_parse_err; } - enc_octet_len = - *pkt_octet_len - tag_len - mki_size - (enc_start - srtp_hdr); + enc_octet_len = *pkt_octet_len - tag_len - stream->mki_size - + (enc_start - srtp_hdr); } else { enc_start = NULL; } @@ -2702,7 +2693,7 @@ srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx, /* now compute auth function over packet */ status = srtp_auth_update(session_keys->rtp_auth, auth_start, - *pkt_octet_len - tag_len - mki_size); + *pkt_octet_len - tag_len - stream->mki_size); if (status) { return status; } @@ -2826,7 +2817,7 @@ srtp_err_status_t srtp_unprotect(srtp_ctx_t *ctx, *pkt_octet_len -= tag_len; /* decrease the packet length by the mki size */ - *pkt_octet_len -= mki_size; + *pkt_octet_len -= stream->mki_size; return srtp_err_status_ok; } @@ -3614,7 +3605,6 @@ static srtp_err_status_t srtp_protect_rtcp_aead( uint32_t seq_num; v128_t iv; uint32_t tseq; - size_t mki_size = 0; /* get tag length from stream context */ tag_len = srtp_auth_get_tag_length(session_keys->rtcp_auth); @@ -3644,7 +3634,6 @@ static srtp_err_status_t srtp_protect_rtcp_aead( srtp_inject_mki(rtcp_hdr + *pkt_octet_len + tag_len + sizeof(srtcp_trailer_t), session_keys, stream->mki_size); - mki_size = stream->mki_size; } /* @@ -3758,7 +3747,7 @@ static srtp_err_status_t srtp_protect_rtcp_aead( *pkt_octet_len += (tag_len + sizeof(srtcp_trailer_t)); /* increase the packet by the mki_size */ - *pkt_octet_len += mki_size; + *pkt_octet_len += stream->mki_size; return srtp_err_status_ok; } @@ -3774,8 +3763,7 @@ static srtp_err_status_t srtp_unprotect_rtcp_aead( srtp_stream_ctx_t *stream, uint8_t *srtcp_hdr, size_t *pkt_octet_len, - srtp_session_keys_t *session_keys, - size_t mki_size) + srtp_session_keys_t *session_keys) { srtcp_hdr_t *hdr = (srtcp_hdr_t *)srtcp_hdr; uint8_t *enc_start; /* pointer to start of encrypted portion */ @@ -3801,15 +3789,17 @@ static srtp_err_status_t srtp_unprotect_rtcp_aead( */ /* This should point trailer to the word past the end of the normal data. */ /* This would need to be modified for optional mikey data */ - trailer_p = srtcp_hdr + *pkt_octet_len - sizeof(srtcp_trailer_t) - mki_size; + trailer_p = + srtcp_hdr + *pkt_octet_len - sizeof(srtcp_trailer_t) - stream->mki_size; memcpy(&trailer, trailer_p, sizeof(trailer)); /* * We pass the tag down to the cipher when doing GCM mode */ - enc_octet_len = *pkt_octet_len - (octets_in_rtcp_header + - sizeof(srtcp_trailer_t) + mki_size); - auth_tag = srtcp_hdr + *pkt_octet_len - tag_len - mki_size - + enc_octet_len = + *pkt_octet_len - + (octets_in_rtcp_header + sizeof(srtcp_trailer_t) + stream->mki_size); + auth_tag = srtcp_hdr + *pkt_octet_len - tag_len - stream->mki_size - sizeof(srtcp_trailer_t); if (*trailer_p & SRTCP_E_BYTE_BIT) { @@ -3862,9 +3852,10 @@ static srtp_err_status_t srtp_unprotect_rtcp_aead( * the entire packet as described in RFC 7714 (Section 9.3. Data * Types in Unencrypted SRTCP Compound Packets) */ - status = srtp_cipher_set_aad( - session_keys->rtcp_cipher, srtcp_hdr, - (*pkt_octet_len - tag_len - sizeof(srtcp_trailer_t) - mki_size)); + status = + srtp_cipher_set_aad(session_keys->rtcp_cipher, srtcp_hdr, + (*pkt_octet_len - tag_len - + sizeof(srtcp_trailer_t) - stream->mki_size)); if (status) { return (srtp_err_status_cipher_fail); } @@ -3900,7 +3891,7 @@ static srtp_err_status_t srtp_unprotect_rtcp_aead( } /* decrease the packet length by the length of the auth tag and seq_num*/ - *pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t) + mki_size); + *pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t) + stream->mki_size); /* * verify that stream is for received traffic - this check will @@ -3975,7 +3966,6 @@ srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, srtp_stream_ctx_t *stream; size_t prefix_len; uint32_t seq_num; - size_t mki_size = 0; srtp_session_keys_t *session_keys = NULL; /* check the packet length - it must at least contain a full header */ @@ -4075,7 +4065,6 @@ srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, if (stream->use_mki) { srtp_inject_mki(rtcp_hdr + *pkt_octet_len + sizeof(srtcp_trailer_t), session_keys, stream->mki_size); - mki_size = stream->mki_size; } /* @@ -4084,7 +4073,8 @@ srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, */ /* Note: This would need to change for optional mikey data */ auth_start = rtcp_hdr; - auth_tag = rtcp_hdr + *pkt_octet_len + sizeof(srtcp_trailer_t) + mki_size; + auth_tag = + rtcp_hdr + *pkt_octet_len + sizeof(srtcp_trailer_t) + stream->mki_size; /* * check sequence number for overruns, and copy it into the packet @@ -4182,7 +4172,7 @@ srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, *pkt_octet_len += (tag_len + sizeof(srtcp_trailer_t)); /* increase the packet by the mki_size */ - *pkt_octet_len += mki_size; + *pkt_octet_len += stream->mki_size; return srtp_err_status_ok; } @@ -4207,7 +4197,6 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, uint32_t seq_num; bool e_bit_in_packet; /* E-bit was found in the packet */ bool sec_serv_confidentiality; /* whether confidentiality was requested */ - size_t mki_size = 0; srtp_session_keys_t *session_keys = NULL; /* @@ -4244,7 +4233,7 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, * Determine if MKI is being used and what session keys should be used */ status = srtp_get_session_keys_for_packet(stream, srtcp_hdr, *pkt_octet_len, - &mki_size, &session_keys); + &session_keys); if (status) { return status; } @@ -4255,8 +4244,8 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, /* check the packet length - it must contain at least a full RTCP header, an auth tag (if applicable), and the SRTCP encrypted flag and 31-bit index value */ - if (*pkt_octet_len < - octets_in_rtcp_header + tag_len + mki_size + sizeof(srtcp_trailer_t)) { + if (*pkt_octet_len < octets_in_rtcp_header + tag_len + stream->mki_size + + sizeof(srtcp_trailer_t)) { return srtp_err_status_bad_param; } @@ -4267,7 +4256,7 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, if (session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_128 || session_keys->rtp_cipher->algorithm == SRTP_AES_GCM_256) { return srtp_unprotect_rtcp_aead(ctx, stream, srtcp_hdr, pkt_octet_len, - session_keys, mki_size); + session_keys); } sec_serv_confidentiality = stream->rtcp_services == sec_serv_conf || @@ -4276,8 +4265,9 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, /* * set encryption start, encryption length, and trailer */ - enc_octet_len = *pkt_octet_len - (octets_in_rtcp_header + tag_len + - mki_size + sizeof(srtcp_trailer_t)); + enc_octet_len = + *pkt_octet_len - (octets_in_rtcp_header + tag_len + stream->mki_size + + sizeof(srtcp_trailer_t)); /* *index & E (encryption) bit follow normal data. hdr->len is the number of * words (32-bit) in the normal packet minus 1 @@ -4285,7 +4275,7 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, /* This should point trailer to the word past the end of the normal data. */ /* This would need to be modified for optional mikey data */ trailer_p = srtcp_hdr + *pkt_octet_len - - (tag_len + mki_size + sizeof(srtcp_trailer_t)); + (tag_len + stream->mki_size + sizeof(srtcp_trailer_t)); memcpy(&trailer, trailer_p, sizeof(trailer)); e_bit_in_packet = (*(trailer_p)&SRTCP_E_BYTE_BIT) == SRTCP_E_BYTE_BIT; @@ -4310,8 +4300,8 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, * could be present. The data needed to calculate the Auth tag * must not include the MKI */ - auth_len = *pkt_octet_len - tag_len - mki_size; - auth_tag = srtcp_hdr + auth_len + mki_size; + auth_len = *pkt_octet_len - tag_len - stream->mki_size; + auth_tag = srtcp_hdr + auth_len + stream->mki_size; /* * check the sequence number for replays @@ -4404,7 +4394,7 @@ srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, *pkt_octet_len -= (tag_len + sizeof(srtcp_trailer_t)); /* decrease the packet length by the length of the mki_size */ - *pkt_octet_len -= mki_size; + *pkt_octet_len -= stream->mki_size; /* * verify that stream is for received traffic - this check will