ust_param.x

srtp-1.3.20 security RTP source

/*
 * ust.x
 *
 * xdr constructs for ust signaling
 * (these definitions are currently experimental)
 *
 * David A. McGrew
 * Cisco Systems, Inc.
 *
 */


/* ust definitions */

enum cipher_id {
  null_cipher = 0,
  aes_cm      = 1,
  aes_f8      = 2
};


enum hash_type {
  null_hash = 0,
  tmmh      = 1,
  mph       = 2
};

/*
 * cipher_spec defines a particular choice of parameters for a
 * particular cipher
 */

struct cipher_spec {
  cipher_id type;
  unsigned int key_length;
};

/*
 * auth_params contains a particular choice of parameters for
 * authentication
 */

struct auth_params {
   unsigned int key_length;
   unsigned int output_length;
   unsigned int replay_window_size; 
};

/*
 *  an auth_spec specifies a choice of parameters for providing
 *  message authentication
 */

union auth_spec switch (hash_type type) {
 case null_hash:
   void;
 default:
   auth_params auth;
};

enum enc_options {
  no_encryption                = 0,
  encryption                   = 1,
  encrypt_with_forward_secrecy = 2
};

/*
 * an ust_spec specifies a choice of ust parameters
 */

struct ust_spec {
  cipher_spec cipher;   /* the keystream generator                       */
  auth_spec   auth;     /* if null, don't provide message authentication */
  enc_options enc_opt;  /* encryption is optional                        */
};


/*
 * a cipher_definition or hash_definition defines the interface to and
 * the metadata associated with a particular cipher or hash function
 */

struct cipher_definition {
  cipher_id type;               /* type identifier                       */
  string key_length<16>;        /* valid key lengths in octets           */
  unsigned int index_length;    /* the index length in octets            */
  unsigned int segment_length;  /* max. keystream segment len. in octets */ 
  string description<256>;      /* human-readable description            */
};

struct hash_definition {
  hash_type type;               /* type identifier                       */
  string key_length<16>;        /* valid key lengths in octets           */
  string output_length<16>;     /* valid output lengths in octets        */
  unsigned int input_length;    /* maximum input length in octets        */ 
  string description<256>;      /* human-readable description            */
};


/*
 * ust provides the following service options:
 *
 * confidentiality
 * (uses a keystream generator)
 *
 * confidentiality and message authentication
 * (uses a keystream generator and universal hash)
 *
 * confidentiality, message authentication, and replay protection
 * (uses a keystream generator and universal hash)
 *
 * (confidentiality optionally provides forward secrecy)
 * 
 */