OLD | NEW |
1 /* | 1 /* |
2 * srtp_driver.c | 2 * srtp_driver.c |
3 * | 3 * |
4 * a test driver for libSRTP | 4 * a test driver for libSRTP |
5 * | 5 * |
6 * David A. McGrew | 6 * David A. McGrew |
7 * Cisco Systems, Inc. | 7 * Cisco Systems, Inc. |
8 */ | 8 */ |
9 /* | 9 /* |
10 * | 10 * |
(...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
97 | 97 |
98 err_status_t | 98 err_status_t |
99 srtp_print_policy(const srtp_policy_t *policy); | 99 srtp_print_policy(const srtp_policy_t *policy); |
100 | 100 |
101 char * | 101 char * |
102 srtp_packet_to_string(srtp_hdr_t *hdr, int packet_len); | 102 srtp_packet_to_string(srtp_hdr_t *hdr, int packet_len); |
103 | 103 |
104 double | 104 double |
105 mips_estimate(int num_trials, int *ignore); | 105 mips_estimate(int num_trials, int *ignore); |
106 | 106 |
107 extern uint8_t test_key[30]; | 107 extern uint8_t test_key[46]; |
108 | 108 |
109 void | 109 void |
110 usage(char *prog_name) { | 110 usage(char *prog_name) { |
111 printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n" | 111 printf("usage: %s [ -t ][ -c ][ -v ][-d <debug_module> ]* [ -l ]\n" |
112 " -t run timing test\n" | 112 " -t run timing test\n" |
113 " -r run rejection timing test\n" | 113 " -r run rejection timing test\n" |
114 " -c run codec timing test\n" | 114 " -c run codec timing test\n" |
115 " -v run validation tests\n" | 115 " -v run validation tests\n" |
116 " -d <mod> turn on debugging module <mod>\n" | 116 " -d <mod> turn on debugging module <mod>\n" |
117 " -l list debugging modules\n", prog_name); | 117 " -l list debugging modules\n", prog_name); |
(...skipping 163 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
281 */ | 281 */ |
282 printf("testing srtp_protect and srtp_unprotect against " | 282 printf("testing srtp_protect and srtp_unprotect against " |
283 "reference packets\n"); | 283 "reference packets\n"); |
284 if (srtp_validate() == err_status_ok) | 284 if (srtp_validate() == err_status_ok) |
285 printf("passed\n\n"); | 285 printf("passed\n\n"); |
286 else { | 286 else { |
287 printf("failed\n"); | 287 printf("failed\n"); |
288 exit(1); | 288 exit(1); |
289 } | 289 } |
290 | 290 |
| 291 //FIXME: need to get this working with the OpenSSL AES module |
| 292 #ifndef OPENSSL |
291 /* | 293 /* |
292 * run validation test against the reference packets for | 294 * run validation test against the reference packets for |
293 * AES-256 | 295 * AES-256 |
294 */ | 296 */ |
295 printf("testing srtp_protect and srtp_unprotect against " | 297 printf("testing srtp_protect and srtp_unprotect against " |
296 "reference packets (AES-256)\n"); | 298 "reference packets (AES-256)\n"); |
297 if (srtp_validate_aes_256() == err_status_ok) | 299 if (srtp_validate_aes_256() == err_status_ok) |
298 printf("passed\n\n"); | 300 printf("passed\n\n"); |
299 else { | 301 else { |
300 printf("failed\n"); | 302 printf("failed\n"); |
301 exit(1); | 303 exit(1); |
302 } | 304 } |
| 305 #endif |
303 | 306 |
304 /* | 307 /* |
305 * test the function srtp_remove_stream() | 308 * test the function srtp_remove_stream() |
306 */ | 309 */ |
307 printf("testing srtp_remove_stream()..."); | 310 printf("testing srtp_remove_stream()..."); |
308 if (srtp_test_remove_stream() == err_status_ok) | 311 if (srtp_test_remove_stream() == err_status_ok) |
309 printf("passed\n"); | 312 printf("passed\n"); |
310 else { | 313 else { |
311 printf("failed\n"); | 314 printf("failed\n"); |
312 exit(1); | 315 exit(1); |
(...skipping 18 matching lines...) Expand all Loading... |
331 while (*policy != NULL) { | 334 while (*policy != NULL) { |
332 srtp_print_policy(*policy); | 335 srtp_print_policy(*policy); |
333 srtp_do_rejection_timing(*policy); | 336 srtp_do_rejection_timing(*policy); |
334 policy++; | 337 policy++; |
335 } | 338 } |
336 } | 339 } |
337 | 340 |
338 if (do_codec_timing) { | 341 if (do_codec_timing) { |
339 srtp_policy_t policy; | 342 srtp_policy_t policy; |
340 int ignore; | 343 int ignore; |
341 double mips_value = mips_estimate(1000000000, &ignore); | 344 double mips = mips_estimate(1000000000, &ignore); |
342 | 345 |
343 crypto_policy_set_rtp_default(&policy.rtp); | 346 crypto_policy_set_rtp_default(&policy.rtp); |
344 crypto_policy_set_rtcp_default(&policy.rtcp); | 347 crypto_policy_set_rtcp_default(&policy.rtcp); |
345 policy.ssrc.type = ssrc_specific; | 348 policy.ssrc.type = ssrc_specific; |
346 policy.ssrc.value = 0xdecafbad; | 349 policy.ssrc.value = 0xdecafbad; |
347 policy.key = test_key; | 350 policy.key = test_key; |
348 policy.ekt = NULL; | 351 policy.ekt = NULL; |
349 policy.window_size = 128; | 352 policy.window_size = 128; |
350 policy.allow_repeat_tx = 0; | 353 policy.allow_repeat_tx = 0; |
351 policy.next = NULL; | 354 policy.next = NULL; |
352 | 355 |
353 printf("mips estimate: %e\n", mips_value); | 356 printf("mips estimate: %e\n", mips); |
354 | 357 |
355 printf("testing srtp processing time for voice codecs:\n"); | 358 printf("testing srtp processing time for voice codecs:\n"); |
356 printf("codec\t\tlength (octets)\t\tsrtp instructions/second\n"); | 359 printf("codec\t\tlength (octets)\t\tsrtp instructions/second\n"); |
357 printf("G.711\t\t%d\t\t\t%e\n", 80, | 360 printf("G.711\t\t%d\t\t\t%e\n", 80, |
358 (double) mips_value * (80 * 8) / | 361 (double) mips * (80 * 8) / |
359 srtp_bits_per_second(80, &policy) / .01 ); | 362 srtp_bits_per_second(80, &policy) / .01 ); |
360 printf("G.711\t\t%d\t\t\t%e\n", 160, | 363 printf("G.711\t\t%d\t\t\t%e\n", 160, |
361 (double) mips_value * (160 * 8) / | 364 (double) mips * (160 * 8) / |
362 srtp_bits_per_second(160, &policy) / .02); | 365 srtp_bits_per_second(160, &policy) / .02); |
363 printf("G.726-32\t%d\t\t\t%e\n", 40, | 366 printf("G.726-32\t%d\t\t\t%e\n", 40, |
364 (double) mips_value * (40 * 8) / | 367 (double) mips * (40 * 8) / |
365 srtp_bits_per_second(40, &policy) / .01 ); | 368 srtp_bits_per_second(40, &policy) / .01 ); |
366 printf("G.726-32\t%d\t\t\t%e\n", 80, | 369 printf("G.726-32\t%d\t\t\t%e\n", 80, |
367 (double) mips_value * (80 * 8) / | 370 (double) mips * (80 * 8) / |
368 srtp_bits_per_second(80, &policy) / .02); | 371 srtp_bits_per_second(80, &policy) / .02); |
369 printf("G.729\t\t%d\t\t\t%e\n", 10, | 372 printf("G.729\t\t%d\t\t\t%e\n", 10, |
370 (double) mips_value * (10 * 8) / | 373 (double) mips * (10 * 8) / |
371 srtp_bits_per_second(10, &policy) / .01 ); | 374 srtp_bits_per_second(10, &policy) / .01 ); |
372 printf("G.729\t\t%d\t\t\t%e\n", 20, | 375 printf("G.729\t\t%d\t\t\t%e\n", 20, |
373 (double) mips_value * (20 * 8) / | 376 (double) mips * (20 * 8) / |
374 srtp_bits_per_second(20, &policy) / .02 ); | 377 srtp_bits_per_second(20, &policy) / .02 ); |
375 printf("Wideband\t%d\t\t\t%e\n", 320, | 378 printf("Wideband\t%d\t\t\t%e\n", 320, |
376 (double) mips_value * (320 * 8) / | 379 (double) mips * (320 * 8) / |
377 srtp_bits_per_second(320, &policy) / .01 ); | 380 srtp_bits_per_second(320, &policy) / .01 ); |
378 printf("Wideband\t%d\t\t\t%e\n", 640, | 381 printf("Wideband\t%d\t\t\t%e\n", 640, |
379 (double) mips_value * (640 * 8) / | 382 (double) mips * (640 * 8) / |
380 srtp_bits_per_second(640, &policy) / .02 ); | 383 srtp_bits_per_second(640, &policy) / .02 ); |
381 } | 384 } |
382 | 385 |
383 status = srtp_shutdown(); | 386 status = srtp_shutdown(); |
384 if (status) { | 387 if (status) { |
385 printf("error: srtp shutdown failed with error code %d\n", status); | 388 printf("error: srtp shutdown failed with error code %d\n", status); |
386 exit(1); | 389 exit(1); |
387 } | 390 } |
388 | 391 |
389 return 0; | 392 return 0; |
(...skipping 1130 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1520 if (status != err_status_ok) | 1523 if (status != err_status_ok) |
1521 return status; | 1524 return status; |
1522 | 1525 |
1523 return err_status_ok; | 1526 return err_status_ok; |
1524 } | 1527 } |
1525 | 1528 |
1526 /* | 1529 /* |
1527 * srtp policy definitions - these definitions are used above | 1530 * srtp policy definitions - these definitions are used above |
1528 */ | 1531 */ |
1529 | 1532 |
1530 unsigned char test_key[30] = { | 1533 unsigned char test_key[46] = { |
1531 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, | 1534 0xe1, 0xf9, 0x7a, 0x0d, 0x3e, 0x01, 0x8b, 0xe0, |
1532 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, | 1535 0xd6, 0x4f, 0xa3, 0x2c, 0x06, 0xde, 0x41, 0x39, |
1533 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb, | 1536 0x0e, 0xc6, 0x75, 0xad, 0x49, 0x8a, 0xfe, 0xeb, |
| 1537 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6, 0xc1, 0x73, |
| 1538 0xc3, 0x17, 0xf2, 0xda, 0xbe, 0x35, 0x77, 0x93, |
1534 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6 | 1539 0xb6, 0x96, 0x0b, 0x3a, 0xab, 0xe6 |
1535 }; | 1540 }; |
1536 | 1541 |
1537 | 1542 |
1538 const srtp_policy_t default_policy = { | 1543 const srtp_policy_t default_policy = { |
1539 { ssrc_any_outbound, 0 }, /* SSRC */ | 1544 { ssrc_any_outbound, 0 }, /* SSRC */ |
1540 { /* SRTP policy */ | 1545 { /* SRTP policy */ |
1541 AES_128_ICM, /* cipher type */ | 1546 AES_128_ICM, /* cipher type */ |
1542 30, /* cipher key length in octets */ | 1547 30, /* cipher key length in octets */ |
1543 HMAC_SHA1, /* authentication func type */ | 1548 HMAC_SHA1, /* authentication func type */ |
(...skipping 109 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1653 4, /* auth tag length in octets */ | 1658 4, /* auth tag length in octets */ |
1654 sec_serv_auth /* security services flag */ | 1659 sec_serv_auth /* security services flag */ |
1655 }, | 1660 }, |
1656 test_key, | 1661 test_key, |
1657 NULL, /* indicates that EKT is not in use */ | 1662 NULL, /* indicates that EKT is not in use */ |
1658 128, /* replay window size */ | 1663 128, /* replay window size */ |
1659 0, /* retransmission not allowed */ | 1664 0, /* retransmission not allowed */ |
1660 NULL | 1665 NULL |
1661 }; | 1666 }; |
1662 | 1667 |
| 1668 #ifdef OPENSSL |
| 1669 const srtp_policy_t aes128_gcm_8_policy = { |
| 1670 { ssrc_any_outbound, 0 }, /* SSRC */ |
| 1671 { /* SRTP policy */
|
| 1672 AES_128_GCM, /* cipher type */ |
| 1673 AES_128_GCM_KEYSIZE_WSALT, /* cipher key length in octets */ |
| 1674 NULL_AUTH, /* authentication func type */ |
| 1675 0, /* auth key length in octets */ |
| 1676 8, /* auth tag length in octets */ |
| 1677 sec_serv_conf_and_auth /* security services flag */ |
| 1678 }, |
| 1679 { /* SRTCP policy */ |
| 1680 AES_128_GCM, /* cipher type */ |
| 1681 AES_128_GCM_KEYSIZE_WSALT, /* cipher key length in octets */ |
| 1682 NULL_AUTH, /* authentication func type */ |
| 1683 0, /* auth key length in octets */ |
| 1684 8, /* auth tag length in octets */ |
| 1685 sec_serv_conf_and_auth /* security services flag */ |
| 1686 }, |
| 1687 test_key, |
| 1688 NULL, /* indicates that EKT is not in use */ |
| 1689 128, /* replay window size */ |
| 1690 0, /* retransmission not allowed */ |
| 1691 NULL |
| 1692 }; |
| 1693 |
| 1694 const srtp_policy_t aes128_gcm_8_cauth_policy = { |
| 1695 { ssrc_any_outbound, 0 }, /* SSRC */ |
| 1696 { /* SRTP policy */
|
| 1697 AES_128_GCM, /* cipher type */ |
| 1698 AES_128_GCM_KEYSIZE_WSALT, /* cipher key length in octets */ |
| 1699 NULL_AUTH, /* authentication func type */ |
| 1700 0, /* auth key length in octets */ |
| 1701 8, /* auth tag length in octets */ |
| 1702 sec_serv_conf_and_auth /* security services flag */ |
| 1703 }, |
| 1704 { /* SRTCP policy */ |
| 1705 AES_128_GCM, /* cipher type */ |
| 1706 AES_128_GCM_KEYSIZE_WSALT, /* cipher key length in octets */ |
| 1707 NULL_AUTH, /* authentication func type */ |
| 1708 0, /* auth key length in octets */ |
| 1709 8, /* auth tag length in octets */ |
| 1710 sec_serv_auth /* security services flag */ |
| 1711 }, |
| 1712 test_key, |
| 1713 NULL, /* indicates that EKT is not in use */ |
| 1714 128, /* replay window size */ |
| 1715 0, /* retransmission not allowed */ |
| 1716 NULL |
| 1717 }; |
| 1718 |
| 1719 const srtp_policy_t aes256_gcm_8_policy = { |
| 1720 { ssrc_any_outbound, 0 }, /* SSRC */ |
| 1721 { /* SRTP policy */
|
| 1722 AES_256_GCM, /* cipher type */ |
| 1723 AES_256_GCM_KEYSIZE_WSALT, /* cipher key length in octets */ |
| 1724 NULL_AUTH, /* authentication func type */ |
| 1725 0, /* auth key length in octets */ |
| 1726 8, /* auth tag length in octets */ |
| 1727 sec_serv_conf_and_auth /* security services flag */ |
| 1728 }, |
| 1729 { /* SRTCP policy */ |
| 1730 AES_256_GCM, /* cipher type */ |
| 1731 AES_256_GCM_KEYSIZE_WSALT, /* cipher key length in octets */ |
| 1732 NULL_AUTH, /* authentication func type */ |
| 1733 0, /* auth key length in octets */ |
| 1734 8, /* auth tag length in octets */ |
| 1735 sec_serv_conf_and_auth /* security services flag */ |
| 1736 }, |
| 1737 test_key, |
| 1738 NULL, /* indicates that EKT is not in use */ |
| 1739 128, /* replay window size */ |
| 1740 0, /* retransmission not allowed */ |
| 1741 NULL |
| 1742 }; |
| 1743 |
| 1744 const srtp_policy_t aes256_gcm_8_cauth_policy = { |
| 1745 { ssrc_any_outbound, 0 }, /* SSRC */ |
| 1746 { /* SRTP policy */
|
| 1747 AES_256_GCM, /* cipher type */ |
| 1748 AES_256_GCM_KEYSIZE_WSALT, /* cipher key length in octets */ |
| 1749 NULL_AUTH, /* authentication func type */ |
| 1750 0, /* auth key length in octets */ |
| 1751 8, /* auth tag length in octets */ |
| 1752 sec_serv_conf_and_auth /* security services flag */ |
| 1753 }, |
| 1754 { /* SRTCP policy */ |
| 1755 AES_256_GCM, /* cipher type */ |
| 1756 AES_256_GCM_KEYSIZE_WSALT, /* cipher key length in octets */ |
| 1757 NULL_AUTH, /* authentication func type */ |
| 1758 0, /* auth key length in octets */ |
| 1759 8, /* auth tag length in octets */ |
| 1760 sec_serv_auth /* security services flag */ |
| 1761 }, |
| 1762 test_key, |
| 1763 NULL, /* indicates that EKT is not in use */ |
| 1764 128, /* replay window size */ |
| 1765 0, /* retransmission not allowed */ |
| 1766 NULL |
| 1767 }; |
| 1768 #endif |
| 1769 |
1663 const srtp_policy_t null_policy = { | 1770 const srtp_policy_t null_policy = { |
1664 { ssrc_any_outbound, 0 }, /* SSRC */ | 1771 { ssrc_any_outbound, 0 }, /* SSRC */ |
1665 { | 1772 { |
1666 NULL_CIPHER, /* cipher type */ | 1773 NULL_CIPHER, /* cipher type */ |
1667 0, /* cipher key length in octets */ | 1774 0, /* cipher key length in octets */ |
1668 NULL_AUTH, /* authentication func type */ | 1775 NULL_AUTH, /* authentication func type */ |
1669 0, /* auth key length in octets */ | 1776 0, /* auth key length in octets */ |
1670 0, /* auth tag length in octets */ | 1777 0, /* auth tag length in octets */ |
1671 sec_serv_none /* security services flag */ | 1778 sec_serv_none /* security services flag */ |
1672 }, | 1779 }, |
(...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
1776 policy_array[] = { | 1883 policy_array[] = { |
1777 &hmac_only_policy, | 1884 &hmac_only_policy, |
1778 #if USE_TMMH | 1885 #if USE_TMMH |
1779 &tmmh_only_policy, | 1886 &tmmh_only_policy, |
1780 #endif | 1887 #endif |
1781 &aes_only_policy, | 1888 &aes_only_policy, |
1782 #if USE_TMMH | 1889 #if USE_TMMH |
1783 &aes_tmmh_policy, | 1890 &aes_tmmh_policy, |
1784 #endif | 1891 #endif |
1785 &default_policy, | 1892 &default_policy, |
| 1893 #ifdef OPENSSL |
| 1894 &aes128_gcm_8_policy, |
| 1895 &aes128_gcm_8_cauth_policy, |
| 1896 &aes256_gcm_8_policy, |
| 1897 &aes256_gcm_8_cauth_policy, |
| 1898 #endif |
1786 &null_policy, | 1899 &null_policy, |
1787 &aes_256_hmac_policy, | 1900 &aes_256_hmac_policy, |
1788 &hmac_only_with_ekt_policy, | 1901 &hmac_only_with_ekt_policy, |
1789 NULL | 1902 NULL |
1790 }; | 1903 }; |
1791 | 1904 |
1792 const srtp_policy_t wildcard_policy = { | 1905 const srtp_policy_t wildcard_policy = { |
1793 { ssrc_any_outbound, 0 }, /* SSRC */ | 1906 { ssrc_any_outbound, 0 }, /* SSRC */ |
1794 { /* SRTP policy */ | 1907 { /* SRTP policy */ |
1795 AES_128_ICM, /* cipher type */ | 1908 AES_128_ICM, /* cipher type */ |
(...skipping 10 matching lines...) Expand all Loading... |
1806 16, /* auth key length in octets */ | 1919 16, /* auth key length in octets */ |
1807 10, /* auth tag length in octets */ | 1920 10, /* auth tag length in octets */ |
1808 sec_serv_conf_and_auth /* security services flag */ | 1921 sec_serv_conf_and_auth /* security services flag */ |
1809 }, | 1922 }, |
1810 test_key, | 1923 test_key, |
1811 NULL, | 1924 NULL, |
1812 128, /* replay window size */ | 1925 128, /* replay window size */ |
1813 0, /* retransmission not allowed */ | 1926 0, /* retransmission not allowed */ |
1814 NULL | 1927 NULL |
1815 }; | 1928 }; |
OLD | NEW |