Skip to content
Projects
Groups
Snippets
Help
Loading...
Help
Support
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
V
vlc-gpu
Project overview
Project overview
Details
Activity
Releases
Repository
Repository
Files
Commits
Branches
Tags
Contributors
Graph
Compare
Issues
0
Issues
0
List
Boards
Labels
Milestones
Redmine
Redmine
Merge Requests
0
Merge Requests
0
CI / CD
CI / CD
Pipelines
Jobs
Schedules
Operations
Operations
Metrics
Environments
Analytics
Analytics
CI / CD
Repository
Value Stream
Wiki
Wiki
Snippets
Snippets
Members
Members
Collapse sidebar
Close sidebar
Activity
Graph
Create a new issue
Jobs
Commits
Issue Boards
Open sidebar
videolan
vlc-gpu
Commits
67da4884
Commit
67da4884
authored
Mar 10, 2007
by
Rémi Denis-Courmont
Browse files
Options
Browse Files
Download
Email Patches
Plain Diff
SRTP/SRTCP receive window for replay attack protection
parent
0eeb4286
Changes
2
Hide whitespace changes
Inline
Side-by-side
Showing
2 changed files
with
47 additions
and
13 deletions
+47
-13
libs/srtp/recv.c
libs/srtp/recv.c
+9
-4
libs/srtp/srtp.c
libs/srtp/srtp.c
+38
-9
No files found.
libs/srtp/recv.c
View file @
67da4884
...
...
@@ -72,11 +72,16 @@ int main (void)
for
(;;)
{
len
=
read
(
fd
,
buf
,
sizeof
(
buf
));
if
(
srtp_recv
(
s
,
buf
,
&
len
))
fputs
(
"Cannot decrypt!
\n
"
,
stderr
);
int
val
=
srtp_recv
(
s
,
buf
,
&
len
);
if
(
val
)
{
fprintf
(
stderr
,
"Cannot decrypt: %s
\n
"
,
strerror
(
val
));
continue
;
}
puts
((
char
*
)
buf
+
12
);
if
(
srtp_send
(
s
,
buf
,
&
len
,
sizeof
(
buf
))
||
srtp_recv
(
s
,
buf
,
&
len
))
break
;
//
if (srtp_send (s, buf, &len, sizeof (buf)) || srtp_recv (s, buf, &len))
//
break;
puts
((
char
*
)
buf
+
12
);
}
...
...
libs/srtp/srtp.c
View file @
67da4884
...
...
@@ -38,7 +38,6 @@
/* TODO:
* Useful stuff:
* - ROC profile thingy (multicast really needs this)
* - replay protection
*
* Useless stuff (because nothing depends on it):
* - non-nul key derivation rate
...
...
@@ -440,6 +439,7 @@ rtp_digest (srtp_session_t *s, const uint8_t *data, size_t len)
*
* @return 0 on success, in case of error:
* EINVAL malformatted RTP packet
* EACCES replayed packet or out-of-window or sync lost
*/
static
int
srtp_crypt
(
srtp_session_t
*
s
,
uint8_t
*
buf
,
size_t
len
)
{
...
...
@@ -473,11 +473,22 @@ static int srtp_crypt (srtp_session_t *s, uint8_t *buf, size_t len)
memcpy
(
&
ssrc
,
buf
+
8
,
4
);
/* Updates ROC and sequence (it's safe now) */
if
(
roc
>
s
->
rtp_roc
)
int16_t
diff
=
seq
-
s
->
rtp_seq
;
if
(
diff
>
0
)
{
/* Sequence in the future, good */
s
->
rtp
.
window
=
s
->
rtp
.
window
<<
diff
;
s
->
rtp
.
window
|=
1
;
s
->
rtp_seq
=
seq
,
s
->
rtp_roc
=
roc
;
}
else
if
(
seq
>
s
->
rtp_seq
)
s
->
rtp_seq
=
seq
;
{
/* Sequence in the past/present, bad */
diff
=
-
diff
;
if
((
diff
>=
64
)
||
((
s
->
rtp
.
window
>>
diff
)
&
1
))
return
EACCES
;
/* Replay attack */
s
->
rtp
.
window
|=
1
<<
diff
;
}
/* Encrypt/Decrypt */
if
(
s
->
flags
&
SRTP_UNENCRYPTED
)
...
...
@@ -504,6 +515,7 @@ static int srtp_crypt (srtp_session_t *s, uint8_t *buf, size_t len)
* @return 0 on success, in case of error:
* EINVAL malformatted RTP packet or internal error
* ENOSPC bufsize is too small (to add authentication tag)
* EACCES packet would trigger a replay error on receiver
*/
int
srtp_send
(
srtp_session_t
*
s
,
uint8_t
*
buf
,
size_t
*
lenp
,
size_t
bufsize
)
...
...
@@ -543,7 +555,6 @@ int
srtp_recv
(
srtp_session_t
*
s
,
uint8_t
*
buf
,
size_t
*
lenp
)
{
size_t
len
=
*
lenp
;
/* FIXME: anti-replay */
if
(
!
(
s
->
flags
&
SRTP_UNAUTHENTICATED
))
{
...
...
@@ -600,12 +611,31 @@ static int srtcp_crypt (srtp_session_t *s, uint8_t *buf, size_t len)
if
((
len
<
12
)
||
((
buf
[
0
]
>>
6
)
!=
2
))
return
EINVAL
;
/* Updates SRTCP index (safe here) */
uint32_t
index
;
memcpy
(
&
index
,
buf
+
len
,
4
);
index
=
ntohl
(
index
);
if
(((
index
-
s
->
rtcp_index
)
&
0x7fffffff
)
<
0x40000000
)
s
->
rtcp_index
=
index
;
/* Update index */
if
(((
index
>>
31
)
!=
0
)
!=
((
s
->
flags
&
SRTCP_UNENCRYPTED
)
==
0
))
return
EINVAL
;
// E-bit mismatch
index
&=
~
(
1
<<
31
);
// clear E-bit for counter
/* Updates SRTCP index (safe here) */
int32_t
diff
=
index
-
s
->
rtcp_index
;
if
(
diff
>
0
)
{
/* Packet in the future, good */
s
->
rtcp
.
window
=
s
->
rtcp
.
window
<<
diff
;
s
->
rtcp
.
window
|=
1
;
s
->
rtcp_index
=
index
;
}
else
{
/* Packet in the past/present, bad */
diff
=
-
diff
;
if
((
diff
>=
64
)
||
((
s
->
rtcp
.
window
>>
diff
)
&
1
))
return
EACCES
;
// replay attack!
s
->
rtp
.
window
|=
1
<<
diff
;
}
/* Crypts SRTCP */
if
(
s
->
flags
&
SRTCP_UNENCRYPTED
)
...
...
@@ -678,7 +708,6 @@ int
srtcp_recv
(
srtp_session_t
*
s
,
uint8_t
*
buf
,
size_t
*
lenp
)
{
size_t
len
=
*
lenp
;
/* FIXME: anti-replay ?? */
if
(
len
<
(
4u
+
s
->
tag_len
))
return
EINVAL
;
...
...
Write
Preview
Markdown
is supported
0%
Try again
or
attach a new file
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment