Merge 'origin/main'

.github/workflows/meson.yml

@@ -13,7 +13,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        os: [ubuntu-latest, macos-12, windows-latest]
+        os: [ubuntu-latest, macos-latest, windows-latest]
         crypto: [internal, openssl, openssl3, wolfssl, nss, mbedtls]
         exclude:
           - os: windows-latest
@@ -55,7 +55,7 @@ jobs:
         sudo apt-get install meson
 
     - name: Setup macOS Meson
-      if: matrix.os == 'macos-12'
+      if: matrix.os == 'macos-latest'
       run: |
         brew install meson
 
@@ -88,17 +88,17 @@ jobs:
       run: sudo apt-get install libmbedtls-dev
 
     - name: Setup macOS OpenSSL
-      if: matrix.os == 'macos-12' && matrix.crypto == 'openssl'
+      if: matrix.os == 'macos-latest' && matrix.crypto == 'openssl'
       run: echo "pkgconfig-crypto-dir=PKG_CONFIG_PATH=$(brew --prefix openssl@1.1)/lib/pkgconfig" >> $GITHUB_ENV
 
     - name: Setup macOS OpenSSL3
-      if: matrix.os == 'macos-12' && matrix.crypto == 'openssl3'
+      if: matrix.os == 'macos-latest' && matrix.crypto == 'openssl3'
       run: |
         brew install openssl@3
         echo "pkgconfig-crypto-dir=PKG_CONFIG_PATH=$(brew --prefix openssl@3)/lib/pkgconfig" >> $GITHUB_ENV
 
     - name: Setup macOS wolfSSL
-      if: matrix.os == 'macos-12' && matrix.crypto == 'wolfssl'
+      if: matrix.os == 'macos-latest' && matrix.crypto == 'wolfssl'
       run: |
         brew install autoconf automake libtool
         git clone https://github.com/wolfSSL/wolfssl
@@ -116,11 +116,11 @@ jobs:
         cd ..
 
     - name: Setup macOS NSS
-      if:  matrix.os == 'macos-12' && matrix.crypto == 'nss'
+      if:  matrix.os == 'macos-latest' && matrix.crypto == 'nss'
       run: brew install nss
 
     - name: Setup macOS MbedTLS
-      if:  matrix.os == 'macos-12' && matrix.crypto == 'mbedtls'
+      if:  matrix.os == 'macos-latest' && matrix.crypto == 'mbedtls'
       run: brew install mbedtls
 
     - uses: actions/checkout@v2

Makefile.in

@@ -60,8 +60,8 @@ endif
 
 runtest-valgrind: test
 	@echo "running libsrtp3 test applications... (valgrind)"
-	valgrind --error-exitcode=1 --leak-check=full test/test_srtp$(EXE) -v >/dev/null
-	valgrind --error-exitcode=1 --leak-check=full test/srtp_driver$(EXE) -v >/dev/null
+	valgrind --error-exitcode=1 --leak-check=full --suppressions=./valgrind.supp test/test_srtp$(EXE) -v >/dev/null
+	valgrind --error-exitcode=1 --leak-check=full --suppressions=./valgrind.supp test/srtp_driver$(EXE) -v >/dev/null
 	@echo "libsrtp3 test applications passed. (valgrind)"
 
 # makefile variables

README.md

@@ -261,7 +261,8 @@ described in [RFC 7714](https://tools.ietf.org/html/rfc7714)
     forward to that number at its first invocation. An earlier
     version of this library used initial sequence numbers that are
     less than 32,768; this trick is no longer required as the
-    `rdbx_estimate_index(...)` function has been made smarter.
+    `rdbx_estimate_index(...)` function has been made smarter as of
+    version 1.0.1.
 
   * The replay window for (S)RTCP is hardcoded to 128 bits in length.
 

cmake/FindwolfSSL.cmake

@@ -1,6 +1,10 @@
-find_path(WOLFSSL_INCLUDE_DIR wolfssl/ssl.h)
+if (WOLFSSL_ROOT_DIR)
+    set(_WOLFSSL_ROOT_HINTS_AND_PATHS HINTS ${WOLFSSL_ROOT_DIR} PATH_SUFFIXES include lib NO_DEFAULT_PATH)
+endif()
+
+find_path(WOLFSSL_INCLUDE_DIR wolfssl/ssl.h ${_WOLFSSL_ROOT_HINTS_AND_PATHS})
 
-find_library(WOLFSSL_LIBRARY wolfssl)
+find_library(WOLFSSL_LIBRARY wolfssl ${_WOLFSSL_ROOT_HINTS_AND_PATHS})
 
 include(FindPackageHandleStandardArgs)
 find_package_handle_standard_args(wolfSSL DEFAULT_MSG

crypto/cipher/aes_gcm_ossl.c

@@ -197,14 +197,14 @@ static srtp_err_status_t srtp_aes_gcm_openssl_context_init(void *cv,
     EVP_CIPHER_CTX_reset(c->ctx);
 
     if (!EVP_CipherInit_ex(c->ctx, evp, NULL, key, NULL, 0)) {
-        return (srtp_err_status_init_fail);
+        return srtp_err_status_init_fail;
     }
 
     if (!EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_IVLEN, 12, 0)) {
-        return (srtp_err_status_init_fail);
+        return srtp_err_status_init_fail;
     }
 
-    return (srtp_err_status_ok);
+    return srtp_err_status_ok;
 }
 
 /*
@@ -227,12 +227,17 @@ static srtp_err_status_t srtp_aes_gcm_openssl_set_iv(
     debug_print(srtp_mod_aes_gcm, "setting iv: %s",
                 srtp_octet_string_hex_string(iv, 12));
 
-    if (!EVP_CipherInit_ex(c->ctx, NULL, NULL, NULL, iv,
-                           (c->dir == srtp_direction_encrypt ? 1 : 0))) {
-        return (srtp_err_status_init_fail);
+    if (c->dir == srtp_direction_encrypt) {
+        if (EVP_EncryptInit_ex(c->ctx, NULL, NULL, NULL, iv) != 1) {
+            return srtp_err_status_init_fail;
+        }
+    } else {
+        if (EVP_DecryptInit_ex(c->ctx, NULL, NULL, NULL, iv) != 1) {
+            return srtp_err_status_init_fail;
+        }
     }
 
-    return (srtp_err_status_ok);
+    return srtp_err_status_ok;
 }
 
 /*
@@ -248,40 +253,26 @@ static srtp_err_status_t srtp_aes_gcm_openssl_set_aad(void *cv,
                                                       size_t aad_len)
 {
     srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
-    int rv;
+    int len = 0;
 
     debug_print(srtp_mod_aes_gcm, "setting AAD: %s",
                 srtp_octet_string_hex_string(aad, aad_len));
 
-    /*
-     * EVP_CTRL_GCM_SET_TAG can only be used when decrypting
-     */
-    if (c->dir == srtp_direction_decrypt) {
-        /*
-         * Set dummy tag, OpenSSL requires the Tag to be set before
-         * processing AAD
-         */
-
-        /*
-         * OpenSSL never write to address pointed by the last parameter of
-         * EVP_CIPHER_CTX_ctrl while EVP_CTRL_GCM_SET_TAG (in reality,
-         * OpenSSL copy its content to the context), so we can make
-         * aad read-only in this function and all its wrappers.
-         */
-        uint8_t dummy_tag[GCM_AUTH_TAG_LEN];
-        memset(dummy_tag, 0x0, GCM_AUTH_TAG_LEN);
-        if (!EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len,
-                                 &dummy_tag)) {
-            return (srtp_err_status_algo_fail);
+    if (c->dir == srtp_direction_encrypt) {
+        if (EVP_EncryptUpdate(c->ctx, NULL, &len, aad, aad_len) != 1) {
+            return srtp_err_status_algo_fail;
+        }
+    } else {
+        if (EVP_DecryptUpdate(c->ctx, NULL, &len, aad, aad_len) != 1) {
+            return srtp_err_status_algo_fail;
         }
     }
 
-    rv = EVP_Cipher(c->ctx, NULL, aad, aad_len);
-    if (rv < 0 || (uint32_t)rv != aad_len) {
-        return (srtp_err_status_algo_fail);
-    } else {
-        return (srtp_err_status_ok);
+    if (len != (int)aad_len) {
+        return srtp_err_status_algo_fail;
     }
+
+    return srtp_err_status_ok;
 }
 
 /*
@@ -299,6 +290,7 @@ static srtp_err_status_t srtp_aes_gcm_openssl_encrypt(void *cv,
                                                       size_t *dst_len)
 {
     srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
+    int len = 0;
 
     if (c->dir != srtp_direction_encrypt) {
         return srtp_err_status_bad_param;
@@ -311,24 +303,29 @@ static srtp_err_status_t srtp_aes_gcm_openssl_encrypt(void *cv,
     /*
      * Encrypt the data
      */
-    EVP_Cipher(c->ctx, dst, src, src_len);
+    if (EVP_EncryptUpdate(c->ctx, dst, &len, src, src_len) != 1) {
+        return srtp_err_status_algo_fail;
+    }
+    *dst_len = len;
 
     /*
      * Calculate the tag
      */
-    EVP_Cipher(c->ctx, NULL, NULL, 0);
+    if (EVP_EncryptFinal_ex(c->ctx, dst + len, &len) != 1) {
+        return srtp_err_status_algo_fail;
+    }
+    *dst_len += len;
 
     /*
      * Retrieve the tag
      */
-    if (!EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_GET_TAG, c->tag_len,
-                             dst + src_len)) {
+    if (EVP_CIPHER_CTX_ctrl(c->ctx, EVP_CTRL_GCM_GET_TAG, c->tag_len,
+                            dst + *dst_len) != 1) {
         return srtp_err_status_algo_fail;
     }
+    *dst_len += c->tag_len;
 
-    *dst_len = src_len + c->tag_len;
-
-    return (srtp_err_status_ok);
+    return srtp_err_status_ok;
 }
 
 /*
@@ -346,6 +343,7 @@ static srtp_err_status_t srtp_aes_gcm_openssl_decrypt(void *cv,
                                                       size_t *dst_len)
 {
     srtp_aes_gcm_ctx_t *c = (srtp_aes_gcm_ctx_t *)cv;
+    int len = 0;
 
     if (c->dir != srtp_direction_decrypt) {
         return srtp_err_status_bad_param;
@@ -359,32 +357,34 @@ static srtp_err_status_t srtp_aes_gcm_openssl_decrypt(void *cv,
         return srtp_err_status_buffer_small;
     }
 
+    /*
+     * Decrypt the data
+     */
+    if (EVP_DecryptUpdate(c->ctx, dst, &len, src, src_len - c->tag_len) != 1) {
+        return srtp_err_status_algo_fail;
+    }
+    *dst_len = len;
+
     /*
      * Set the tag before decrypting
      *
      * explicitly cast away const of src
      */
-    if (!EVP_CIPHER_CTX_ctrl(
+    if (EVP_CIPHER_CTX_ctrl(
             c->ctx, EVP_CTRL_GCM_SET_TAG, c->tag_len,
-            (void *)(uintptr_t)(src + (src_len - c->tag_len)))) {
-        return srtp_err_status_auth_fail;
+            (void *)(uintptr_t)(src + (src_len - c->tag_len))) != 1) {
+        return srtp_err_status_algo_fail;
     }
-    EVP_Cipher(c->ctx, dst, src, src_len - c->tag_len);
 
     /*
      * Check the tag
      */
-    if (EVP_Cipher(c->ctx, NULL, NULL, 0)) {
+    if (EVP_DecryptFinal_ex(c->ctx, dst + *dst_len, &len) != 1) {
         return srtp_err_status_auth_fail;
     }
+    *dst_len += len;
 
-    /*
-     * Reduce the buffer size by the tag length since the tag
-     * is not part of the original payload
-     */
-    *dst_len = src_len -= c->tag_len;
-
-    return (srtp_err_status_ok);
+    return srtp_err_status_ok;
 }
 
 /*

format.sh

@@ -20,7 +20,7 @@ done
 m=`git ls-files -m`
 if [ -n "$m" ]; then
     v=`$CLANG_FORMAT -version`
-    echo "Fromatting required when checking with $v"
+    echo "Formatting required when checking with $v"
     echo
     echo "The following files required formatting:"
     for f in $m; do