2 * Secure RTP with libgcrypt
3 * Copyright (C) 2007 RĂ©mi Denis-Courmont <rdenis # simphalempin , com>
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
38 static const uint8_t key
[16] =
39 "\x12\x34\x56\x78\x9A\xBC\xDE\xF0"
40 "\x12\x34\x56\x78\x9A\xBC\xDE\xF0";
41 static const uint8_t salt
[14] =
42 "\x12\x34\x56\x78\x90" "\x12\x34\x56\x78\x90" "\x12\x34\x56\x78";
44 srtp_session_t
*sd
, *se
;
46 /* Too big tag length */
47 se
= srtp_create (SRTP_ENCR_AES_CM
, SRTP_AUTH_HMAC_SHA1
, 21,
51 /* Too short tag length */
52 se
= srtp_create (SRTP_ENCR_AES_CM
, SRTP_AUTH_HMAC_SHA1
, 3,
53 SRTP_PRF_AES_CM
, SRTP_RCC_MODE1
);
56 /* Initializes encryption and decryption contexts */
57 se
= srtp_create (SRTP_ENCR_AES_CM
, SRTP_AUTH_HMAC_SHA1
, 20,
58 SRTP_PRF_AES_CM
, SRTP_RCC_MODE1
);
61 sd
= srtp_create (SRTP_ENCR_AES_CM
, SRTP_AUTH_HMAC_SHA1
, 20,
62 SRTP_PRF_AES_CM
, SRTP_RCC_MODE1
);
65 srtp_setrcc_rate (se
, 1);
66 srtp_setrcc_rate (sd
, 1);
68 val
= srtp_setkey (se
, key
, 16, salt
, 14);
70 val
= srtp_setkey (sd
, key
, 16, salt
, 14);
73 uint8_t buf
[1500], buf2
[1500];
76 /* Invalid SRTP packet */
79 val
= srtp_send (se
, buf
, &len
, sizeof (buf
));
80 assert (val
== EINVAL
);
84 srtp_recv (sd
, buf
, &len
);
85 assert (val
== EINVAL
);
87 /* Too short packet */
90 val
= srtp_send (se
, buf
, &len
, sizeof (buf
));
91 assert (val
== EINVAL
);
94 val
= srtp_recv (sd
, buf
, &len
);
95 assert (val
== EINVAL
);
97 /* Too short when taking tag into account */
99 val
= srtp_recv (sd
, buf
, &len
);
100 assert (val
== EINVAL
);
102 /* Too short when taking RTP extensions into account */
105 val
= srtp_send (se
, buf
, &len
, sizeof (buf
));
106 assert (val
== EINVAL
);
111 val
= srtp_send (se
, buf
, &len
, sizeof (buf
));
112 assert (val
== EINVAL
);
114 /* Too small buffer (seq=1) */
116 memset (buf
, 0, len
);
119 val
= srtp_send (se
, buf
, &len
, 39);
120 assert (val
== ENOSPC
);
124 val
= srtp_recv (sd
, buf
, &len
);
125 assert (val
== EINVAL
);
130 for (unsigned i
= 0; i
< 256; i
++)
133 val
= srtp_send (se
, buf
, &len
, 0x120);
135 assert (len
== 0x120);
137 memcpy (buf2
, buf
, len
);
138 val
= srtp_recv (sd
, buf2
, &len
);
140 assert (len
== 0x10c);
141 assert (!memcmp (buf2
, "\x80\x00\x00\x03" "\x00\x00\x00\x00"
142 "\x00\x00\x00\x00", 12));
143 for (unsigned i
= 0; i
< 256; i
++)
144 assert (buf2
[i
+ 12] == i
); // test actual decryption
146 /* Replay attack (seq=3) */
148 val
= srtp_recv (sd
, buf
, &len
);
149 assert (val
== EACCES
);
150 assert (len
== 0x10c);
152 /* OK but late (seq=2) */
155 val
= srtp_send (se
, buf
, &len
, 0x120);
157 assert (len
== 0x120);
159 memcpy (buf2
, buf
, len
);
160 val
= srtp_recv (sd
, buf2
, &len
);
162 assert (len
== 0x10c);
164 /* Late replay attack (seq=3) */
166 val
= srtp_recv (sd
, buf
, &len
);
167 assert (val
== EACCES
);
168 assert (len
== 0x10c);