Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
V
vlc-1.1
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Redmine
Redmine
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Metrics
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
videolan
vlc-1.1
Commits
54a46387
Commit
54a46387
authored
Mar 10, 2007
by
Rémi Denis-Courmont
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
Fix SRTP Roll-Over-Counter handling
parent
a7c26dab
Changes
1
Show whitespace changes
Inline
Side-by-side
Showing
1 changed file
with
53 additions
and
26 deletions
+53
-26
libs/srtp/srtp.c
libs/srtp/srtp.c
+53
-26
No files found.
libs/srtp/srtp.c
View file @
54a46387
...
@@ -387,13 +387,45 @@ rtp_crypt (gcry_cipher_hd_t hd, uint32_t ssrc, uint32_t roc, uint16_t seq,
...
@@ -387,13 +387,45 @@ rtp_crypt (gcry_cipher_hd_t hd, uint32_t ssrc, uint32_t roc, uint16_t seq,
}
}
/** Determines SRTP Roll-Over-Counter (in host-byte order) */
static
uint32_t
srtp_compute_roc
(
const
srtp_session_t
*
s
,
uint16_t
seq
)
{
uint32_t
roc
=
s
->
rtp_roc
;
if
(((
seq
-
s
->
rtp_seq
)
&
0xffff
)
<
0x8000
)
{
/* Sequence is ahead, good */
if
(
seq
<
s
->
rtp_seq
)
roc
++
;
/* Sequence number wrap */
}
else
{
/* Sequence is late, bad */
if
(
seq
>
s
->
rtp_seq
)
roc
--
;
/* Wrap back */
}
return
roc
;
}
/** Returns RTP sequence (in host-byte order) */
static
inline
uint16_t
rtp_seq
(
const
uint8_t
*
buf
)
{
return
(
buf
[
2
]
<<
8
)
|
buf
[
3
];
}
/** Message Authentication and Integrity for RTP */
/** Message Authentication and Integrity for RTP */
static
const
uint8_t
*
static
const
uint8_t
*
rtp_digest
(
gcry_md_hd_t
md
,
const
void
*
data
,
size_t
len
,
uint32_t
roc
)
rtp_digest
(
srtp_session_t
*
s
,
const
uint8_t
*
data
,
size_t
len
)
{
{
const
gcry_md_hd_t
md
=
s
->
rtp
.
mac
;
uint32_t
roc
=
htonl
(
srtp_compute_roc
(
s
,
rtp_seq
(
data
)));
gcry_md_reset
(
md
);
gcry_md_reset
(
md
);
gcry_md_write
(
md
,
data
,
len
);
gcry_md_write
(
md
,
data
,
len
);
gcry_md_write
(
md
,
&
(
uint32_t
){
htonl
(
roc
)
}
,
4
);
gcry_md_write
(
md
,
&
roc
,
4
);
return
gcry_md_read
(
md
,
0
);
return
gcry_md_read
(
md
,
0
);
}
}
...
@@ -436,27 +468,22 @@ static int srtp_crypt (srtp_session_t *s, uint8_t *buf, size_t len)
...
@@ -436,27 +468,22 @@ static int srtp_crypt (srtp_session_t *s, uint8_t *buf, size_t len)
return
EINVAL
;
return
EINVAL
;
/* Determines RTP 48-bits counter and SSRC */
/* Determines RTP 48-bits counter and SSRC */
uint32_t
ssrc
;
uint16_t
seq
=
rtp_seq
(
buf
);
uint32_t
roc
=
srtp_compute_roc
(
s
,
seq
),
ssrc
;
memcpy
(
&
ssrc
,
buf
+
8
,
4
);
memcpy
(
&
ssrc
,
buf
+
8
,
4
);
uint16_t
seq
=
(
buf
[
2
]
<<
8
)
|
buf
[
3
];
/* Updates ROC and sequence (it's safe now) */
if
(((
seq
-
s
->
rtp_seq
)
&
0xffff
)
<
32768
)
if
(
roc
>
s
->
rtp_roc
)
{
s
->
rtp_seq
=
seq
,
s
->
rtp_roc
=
roc
;
if
(
seq
<
s
->
rtp_seq
)
s
->
rtp_roc
++
;
/* Sequence number wrap */
}
else
else
{
if
(
seq
>
s
->
rtp_seq
)
if
(
seq
>
s
->
rtp_seq
)
s
->
rtp_roc
--
;
}
s
->
rtp_seq
=
seq
;
s
->
rtp_seq
=
seq
;
/* Encrypt/Decrypt */
if
(
s
->
flags
&
SRTP_UNENCRYPTED
)
if
(
s
->
flags
&
SRTP_UNENCRYPTED
)
return
0
;
return
0
;
if
(
rtp_crypt
(
s
->
rtp
.
cipher
,
ssrc
,
s
->
rtp_
roc
,
seq
,
s
->
rtp
.
salt
,
if
(
rtp_crypt
(
s
->
rtp
.
cipher
,
ssrc
,
roc
,
seq
,
s
->
rtp
.
salt
,
buf
+
offset
,
len
-
offset
))
buf
+
offset
,
len
-
offset
))
return
EINVAL
;
return
EINVAL
;
...
@@ -486,15 +513,15 @@ srtp_send (srtp_session_t *s, uint8_t *buf, size_t *lenp, size_t bufsize)
...
@@ -486,15 +513,15 @@ srtp_send (srtp_session_t *s, uint8_t *buf, size_t *lenp, size_t bufsize)
if
(
val
)
if
(
val
)
return
val
;
return
val
;
if
(
s
->
flags
&
SRTP_UNAUTHENTICATED
)
if
(
!
(
s
->
flags
&
SRTP_UNAUTHENTICATED
))
return
0
;
{
if
(
bufsize
<
(
len
+
s
->
tag_len
))
if
(
bufsize
<
(
len
+
s
->
tag_len
))
return
ENOSPC
;
return
ENOSPC
;
const
uint8_t
*
tag
=
rtp_digest
(
s
->
rtp
.
mac
,
buf
,
len
,
s
->
rtp_roc
);
const
uint8_t
*
tag
=
rtp_digest
(
s
,
buf
,
len
);
memcpy
(
buf
+
len
,
tag
,
s
->
tag_len
);
memcpy
(
buf
+
len
,
tag
,
s
->
tag_len
);
*
lenp
=
len
+
s
->
tag_len
;
*
lenp
=
len
+
s
->
tag_len
;
}
return
0
;
return
0
;
}
}
...
@@ -520,11 +547,11 @@ srtp_recv (srtp_session_t *s, uint8_t *buf, size_t *lenp)
...
@@ -520,11 +547,11 @@ srtp_recv (srtp_session_t *s, uint8_t *buf, size_t *lenp)
if
(
!
(
s
->
flags
&
SRTP_UNAUTHENTICATED
))
if
(
!
(
s
->
flags
&
SRTP_UNAUTHENTICATED
))
{
{
if
(
len
<
s
->
tag_len
)
if
(
len
<
(
12u
+
s
->
tag_len
)
)
return
EINVAL
;
return
EINVAL
;
len
-=
s
->
tag_len
;
len
-=
s
->
tag_len
;
const
uint8_t
*
tag
=
rtp_digest
(
s
->
rtp
.
mac
,
buf
,
len
,
s
->
rtp_roc
);
const
uint8_t
*
tag
=
rtp_digest
(
s
,
buf
,
len
);
if
(
memcmp
(
buf
+
len
,
tag
,
s
->
tag_len
))
if
(
memcmp
(
buf
+
len
,
tag
,
s
->
tag_len
))
return
EACCES
;
return
EACCES
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment