ismacryplib.c

完整的RTP RTSP代码库

/*
 * The contents of this file are subject to the Mozilla Public
 * License Version 1.1 (the "License"); you may not use this file
 * except in compliance with the License. You may obtain a copy of
 * the License at http://www.mozilla.org/MPL/
 * 
 * Software distributed under the License is distributed on an "AS
 * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
 * implied. See the License for the specific language governing
 * rights and limitations under the License.
 * 
 * The Initial Developer of the Original Code is Cisco Systems Inc.
 * Portions created by Cisco Systems Inc. are
 * Copyright (C) Cisco Systems Inc. 2003, 2004.  All Rights Reserved.
 * 
 * Contributor(s): 
 *              Alex Vanzella           alexv@cisco.com
 *              Will Clark              will_clark@cisco.com
 */

// define this for debug output
//#define ISMACRYP_ENC_DEBUG 1
//#define ISMACRYP_DEC_DEBUG 1

#include "ismacryplib_priv.h"

static ismacryp_session_id_t session_g = ISMACRYP_MIN_SESSION_ID;
static ismacryp_session_t *sessionList = NULL;

char ismacryp_keytypeStr[3][25] = { "KeyTypeOther", "KeyTypeVideo", "KeyTypeAudio" };


static uint32_t FOUR_CHAR_CODE (char *code)
{
  return code[0]<<24 | code[1]<<16 | code[2]<<8 | code[3];
}

#ifdef HAVE_SRTP
static uint8_t
local_nibble_to_hex_char(uint8_t nibble) {
  char buf[16] = {'0', '1', '2', '3', '4', '5', '6', '7',
		  '8', '9', 'a', 'b', 'c', 'd', 'e', 'f' };
  return buf[nibble & 0xF];
}

static char *
v64_hex_string(const v64_t *x) {
  int i, j;
  char bit_string[1024];

  for (i=j=0; i < 8; i++) {
    bit_string[j++]  = local_nibble_to_hex_char(x->v8[i] >> 4);
    bit_string[j++]  = local_nibble_to_hex_char(x->v8[i] & 0xF);
  }
  
  bit_string[j] = 0; 
  return strdup(bit_string);
}
#endif

static void addToSessionList (ismacryp_session_t *sp) {

  ismacryp_session_t *temp;

  // critical section
  if (sessionList == NULL) {
     sessionList = sp;
     return;
     // end critical section 
  }

  temp = sessionList;
  while (temp->next != NULL)
     temp = temp->next;
  temp->next=sp;
  sp->prev = temp; 
  // end critical section

}

static ismacryp_rc_t removeFromSessionList (ismacryp_session_id_t sid) {

  ismacryp_session_t *temp1, *temp2;

  // critical section
  if (sessionList == NULL ) {
     fprintf(stdout, "Error. Try to remove session from empty list.\n");
     // end critical section
     return ismacryp_rc_sessid_error;
  }

  temp1=sessionList;

  // item to be removed is first in list
  if (temp1->sessid == sid ) { 
     if ( temp1->next == NULL ) {
         sessionList = NULL;
         // end critical section
         if (temp1->kms_uri)
            free(temp1->kms_uri);
         free(temp1);
         return ismacryp_rc_ok;
     }

     sessionList = sessionList->next;
     sessionList->prev = NULL;
     // end critical section
     if (temp1->kms_uri)
        free(temp1->kms_uri);
     free(temp1);
     return ismacryp_rc_ok;
    
  }

  // item to be removed is not first in list
  while(temp1->next != NULL) {
     temp2 = temp1->next;
     if(temp2->sessid == sid ) {
          if (temp2->next != NULL )
             temp2->next->prev = temp1;
          temp1->next = temp2->next;
          // end critical section
          if (temp2->kms_uri)
              free(temp2->kms_uri);
          free(temp2); 
          return ismacryp_rc_ok;
     }
     temp1 = temp1->next;
  }
  // end critical section


  fprintf(stdout, "Error. Try to remove non -existent session: %d\n", sid);
  // end critical section
  return ismacryp_rc_sessid_error;

}

static ismacryp_rc_t findInSessionList (ismacryp_session_id_t sid, ismacryp_session_t **s) {

  ismacryp_session_t *temp = sessionList;

  if (sessionList == NULL) {
     *s=NULL;
     fprintf(stdout, "Error. Try to find session in empty list.\n");
     return ismacryp_rc_sessid_error;
  }

  if (temp->sessid == sid) {
     *s = temp;
     return ismacryp_rc_ok;
  }

  while(temp->next != NULL) {
     temp=temp->next;  
     if(temp->sessid == sid) { 
        *s = temp;
         return ismacryp_rc_ok;
     }
  }

  fprintf(stdout, "Error. Try to find unknown session in list. sid: %d\n", sid);
  *s = NULL;
  return ismacryp_rc_sessid_error;
}

#ifdef HAVE_SRTP
static void printSessionList (void) {
  ismacryp_session_t *temp;
  int i = 0;

  fprintf(stdout, "Session List:\n");

  if (sessionList == NULL) {
     fprintf(stdout, " -- EMPTY --\n");
     return;
  }

  temp=sessionList;
  while(temp != NULL) {
     i++;
     fprintf(stdout, " -- Session #%d: session id: %d \n", i, temp->sessid );
     fprintf(stdout, "                 key l: %d salt l: %d ctr l: %d iv l: %d key t: %c\n",
                                       AES_KEY_LEN, AES_SALT_LEN, AES_COUNTER_LEN, 
                                       temp->IV_len, 
                                       ismacryp_keytypeStr[temp->key_type][7]);
     fprintf(stdout, "                 key : %s", 
#ifdef HAVE_SRTP
                octet_string_hex_string(temp->kk.ksc.key, AES_KEY_LEN)
#else
                "n/a"
#endif
                );
     fprintf(stdout, "\n");
     fprintf(stdout, "                 salt: %s", 
#ifdef HAVE_SRTP
                octet_string_hex_string(temp->kk.ksc.salt, AES_SALT_LEN)
#else
                "n/a"
#endif
                );
     fprintf(stdout, "\n");
     fprintf(stdout, "                 ctr : %s", 
#ifdef HAVE_SRTP
                octet_string_hex_string(temp->kk.ksc.counter, AES_COUNTER_LEN)
#else
                "n/a"
#endif
                );
     fprintf(stdout, "\n");
     temp=temp->next;
  }

}
#endif
//
// load key from file
// allocate and init aes_icm cipher and key
//
static ismacryp_rc_t loadKeyFromFile (ismacryp_session_t *sp,
                               ismacryp_keytype_t keytype,
                               const char *kmsfile)
{

#ifdef HAVE_SRTP
  FILE *fp;
  int i;
  char kms_data_file[KMS_DATA_FILE_FILENAME_MAX_LEN];
  char kms_data[KMS_DATA_FILE_MAX_LINE_LEN+1];
  char temp[25];
  size_t pathlen;
  size_t filenamelen;
  int foundKey = FALSE;
  int len;
#endif

#ifdef HAVE_SRTP
  // get the key material
  // NULL case, key and salt have been memset to 0, nothing breaks.

  strncpy(kms_data_file,getenv("HOME"),KMS_DATA_FILE_FILENAME_MAX_LEN);
  pathlen = strlen(kms_data_file);
  filenamelen = strlen(KMS_DATA_FILE);
  if ( (pathlen + filenamelen + 1) > KMS_DATA_FILE_FILENAME_MAX_LEN ) { // +1 for '/'
     fprintf(stdout,"key file name too long\n");
     return ismacryp_rc_keyfilename_error;
  }
  kms_data_file[pathlen+1] = kms_data_file[pathlen];
  kms_data_file[pathlen] = '/';
  strncpy(&kms_data_file[pathlen+1], KMS_DATA_FILE, filenamelen );

  // explicit override default kms file
  if (kmsfile)
  {
	// trim max length absent stdlib min()
	len = strlen(kmsfile);
	len = (len > KMS_DATA_FILE_FILENAME_MAX_LEN) ? KMS_DATA_FILE_FILENAME_MAX_LEN : len;
  	strncpy(kms_data_file, kmsfile, len);
	kms_data_file[len] = 0;
  }

  switch( keytype) {
  case KeyTypeVideo:
    strcpy(temp,KMS_DATA_VIDEOKEY_STR);
    break;
  case KeyTypeAudio:
    strcpy(temp,KMS_DATA_AUDIOKEY_STR);
    break;
  case KeyTypeOther:
  default:
    fprintf(stdout,"Unsupported key type: %d\n",keytype);
    return ismacryp_rc_keytype_error;
  }

  if ( !(fp=fopen(kms_data_file,"r")) ) {
     fprintf(stdout,"Can't open kms file: %s\n",kms_data_file);
     return(ismacryp_rc_keyfile_error);
  }

  i = 0;
  while ( fgets(kms_data,KMS_DATA_FILE_MAX_LINE_LEN,fp))  {
     len = strlen(kms_data);
     kms_data[len-1] = kms_data[len]; // get rid of newline
     i++;

     if ( !strncmp(kms_data, temp, strlen(KMS_DATA_AUDIOKEY_STR)) ) {
       for (i=0;i<AES_KEY_SALT_LEN;i++) {
	 uint temp;
	 fscanf(fp, "%x", &temp);
	 sp->kk.aes_overlay[i] = temp;
       }
       foundKey = TRUE;
       break;
     }
  }
  if ( !foundKey ) {
     fprintf(stdout, "Can't find %s\n", temp);
     fclose(fp);
     return ismacryp_rc_key_error;
  }

  fclose(fp);

#endif
  return ismacryp_rc_ok;


}

//
// allocate aes_icm cipher and  initialize aes icm 
// crypto context.
//
// invoked using session ID making it universal
// for internal and external use.
//
ismacryp_rc_t initSessionData (ismacryp_session_id_t session) 
{
#ifdef HAVE_SRTP
  err_status_t rc;
#endif
  ismacryp_rc_t irc;
  ismacryp_session_t *sp;

  // get sp by session ID
  irc = findInSessionList (session, &sp); 
  if (irc != ismacryp_rc_ok)
	return irc;
 
  if (sp == NULL) {
    fprintf(stdout, "Error. Try to init NULL session.\n");
    return ismacryp_rc_sessid_error;
  }

#ifdef HAVE_SRTP
  rc = err_status_ok;

  // Allocate cipher.
  //fprintf(stdout," - allocate cipher for session %d\n", session);
  rc=aes_icm_alloc_ismacryp(&(sp->cp), AES_KEY_SALT_LEN, 1);
  if ( rc != err_status_ok ) {
      fprintf(stdout," - allocate cipher for session %d FAILED  rc = %d\n", 
	session, rc );
      return ismacryp_rc_cipheralloc_error;
  }

  // Init cipher.
  rc=aes_icm_context_init(sp->cp->state, sp->kk.aes_overlay);
  if ( rc != err_status_ok ) {
      fprintf(stdout," - init cipher for session %d FAILED  rc = %d\n", session,
                                     rc );
      return ismacryp_rc_cipherinit_error;
  }
#endif

  #if defined(ISMACRYP_ENC_DEBUG) || defined(ISMACRYP_DEC_DEBUG)
  // diagnostic
  printSessionList();
  #endif // ISMACRYP_ENC_DEBUG || ISMACRYP_DEC_DEBUG

  return ismacryp_rc_ok;
}


//
// dealloc aes_icm cipher
//
// invoked using session ID making it universal
// for internal and external use.
//
ismacryp_rc_t unInitSessionData (ismacryp_session_id_t session) 
{
#ifdef HAVE_SRTP