diff -r 000000000000 -r 307788aac0a8 rtp/srtpstack/inc/srtpcryptohandlersrtp.h --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/rtp/srtpstack/inc/srtpcryptohandlersrtp.h Tue Feb 02 01:03:15 2010 +0200 @@ -0,0 +1,255 @@ +/* +* Copyright (c) 2004 Nokia Corporation and/or its subsidiary(-ies). +* All rights reserved. +* This component and the accompanying materials are made available +* under the terms of "Eclipse Public License v1.0" +* which accompanies this distribution, and is available +* at the URL "http://www.eclipse.org/legal/epl-v10.html". +* +* Initial Contributors: +* Nokia Corporation - initial contribution. +* +* Contributors: +* +* Description: Contains an SRTP specific cryptographic context. +* +*/ + + + + +#ifndef __SRTP_CRYPTOHANDLER_SRTP_H__ +#define __SRTP_CRYPTOHANDLER_SRTP_H__ + +// INCLUDES +#include +#include "srtpcryptocontext.h" +#include "srtpcryptohandler.h" +#include "msrtpcryptohandlercontextrtp.h" + + +// FORWARD DECLARATIONS +class CSRTPStream; + +/** +* Contains RTP specific handling of cryptographic context. +*/ +class CSRTPCryptoHandlerSRTP : public CSRTPCryptoHandler, + public MSRTPCryptoHandlerContextRTP + { + public: // Construction + /** + * Two-phased constructor. + * @param aStream aStream for this cryptohandler. + * @leave KErrNone if success, system-wide error code otherwise + */ + static CSRTPCryptoHandlerSRTP* NewL( CSRTPStream& aStream ); + /** + * Two-phased constructor. + * @param aStream aStream for this cryptohandler. + * @leave KErrNone if success, system-wide error code otherwise + */ + static CSRTPCryptoHandlerSRTP* NewLC( CSRTPStream& aStream); + + + + /** + * Calculate authentication tag for an RTP packet. + * Authentication is based on the current + * TSRTPAuthAlg algorithm setting in CryptoContext + * If the operation fails, the function leaves + * with a system error code. + * @leave KErrNone if success, system-wide error code otherwise, + */ + HBufC8* CalculateAuthTagL(); + + ~CSRTPCryptoHandlerSRTP( ); + + + private: // from MSRTPCryptoHandlerContext + /* + * Initialize plain packet class (CSRTPPacketRTP) + * @param aPacket RTP packet. + * @leave KErrNone if success, system-wide error code otherwise + * @return void + */ + void InitializePlainPacketL(const TDesC8& aPacket); + + /* + * Initialize encrypted packet class (CSRTPPacketSRTP) + * @param aPacket SRTP packet. + * @leave KErrNone if success, system-wide error code otherwise + * @return void + */ + void InitializeEncryptedPacketL(const TDesC8& aPacket); + + /* + * Derive session encryption, salting and authentication keys + * for RTP + * @return void + */ + void DeriveSessionKeysL(); + + /* + * Encrypt plain RTP packet + * @leave KErrNone if success, system-wide error code otherwise + * @return encrypted packet + */ + HBufC8* EncryptL(); + + /* + * Decrypt ciphered SRTP packet + * @leave KErrNone if success, system-wide error code otherwise + * @return plain packet + */ + HBufC8* DecryptL(); + + /* + * Check that crypto context MKI and + * packet MKI match. + * @leave KErrNone if success, system-wide error code otherwise + * @return void + */ + void CheckMasterKeyIdentifierL(); + + /* + * Perform the authentication step + * @leave KErrNone if success, system-wide error code otherwise + * @return void + */ + void AuthenticateL(); + + /* + * Perform the replay protection step + * @leave KErrNone if success, system-wide error code otherwise + * @return void + */ + void ReplayProtectionL(); + + /* + * function for querying whether master key or salt has been updated + * @return master keys update status + */ + TBool MasterKeysUpdated(); + + /* + * function for updating Replay index after ReplayProtection Check + * @return void + */ + void AddReplayIndex() ; + + + private: // from MSRTPCryptoHandlerContextRTP + /* + * Determines the index i + * of an SRTP packet with given sequence number SEQ on sender's side. + * @return void + */ + void CountSenderPacketIndexL(); + + /* + * Implements pseudocode on RFC 3711 Appendix A + * for determining the index i of an SRTP packet with given sequence number SEQ + * and current s_l value in receiver side + * @leave KErrNone if success, system-wide error code otherwise + * @return void + */ + void CountReceiverPacketIndexL(); + + /* + * Assign receiver counter s_l to the value of first sequence number. + * @return void + */ + void SetReceiver_s_l(); + + /* + * Conditionally update ROC in sender's side: + * Each time SEQ wraps MOD 2^16, the sender side must + * increment ROC by one MOD 2^32. + * @return void + */ + void UpdateROC(); + + /* + * Conditionally update s_l and ROC based on v value. + * See RFC 3711 section 3.3.1 for more information + * @leave KErrNone if success, system-wide error code otherwise + * @return void + */ + void Update_s_l_and_RocL(); + + /* + * Add auth tag to the given packet. + * @param aSrtpPacketPtr packet pointer + * @leave KErrNone if success, system-wide error code otherwise, + * @return void + */ + void AddAuthTagToPacketL(TUint8* aSrtpPacketPtr); + + /* + * Check if packets is carrying Roll-Over Counter + * @return TBool return True if it should carry, otherwise return False. + */ + TBool CarryROC(); + + /* + * Call AuthenticateL in MSRTPAuthentication -interface + * to get authentication tag based on algorithm + * that is currently set in crypto context + * @param aAuthenticatedArea portion of data to be authenticated + * @param aRoc Roll-Over counter + * @leave KErrNone if success, system-wide error code otherwise, + * @return authentication tag + */ + HBufC8* DoAuthenticationL(const TDesC8& aAuthenticatedArea, + const TDesC8& aRoc); + private: // methods + + /* + * Count IV and transform payload + * @return HBufC8*, transformed encrypted / decrypted paylod + */ + HBufC8* CountIV_And_TransformL(); + + /* + * Add MKI to the given packet. + * Common for RTP and RTCP. + * @param aSrtpPacketPtr packet pointer + * @return void + */ + void AddMKIToPacket(TUint8* aSrtpPacketPtr); + + + /* + * Count sender packet index when receiving the packet under RCC mode 1 + * based on the attached sender ROC + * @return TUint64 sender packet index. + */ + TInt64 CountSndIndxbySndROC(); + + void ConstructL(); + + void ReKeyCheck(); + + TBool CSRTPCryptoHandlerSRTP::IfAddAuthTag(); + + CSRTPCryptoHandlerSRTP( CSRTPStream& aStream ); + + + private: // data + TUint32 iROC; // //only using when RCC mode as sender Roc + TUint16 iS_L; // s_l, highest received SEQ + TUint16 iCurrentSeq; // current sequence number + TUint64 iPktIndex; //packet index + TInt32 iV; // local v value + TInt iReplayIndexDelta; + TUint64 iSRTPMasterKeyLifeTime; + private: + #ifdef EUNIT_TESTING + friend class UT_CSRTPCryptoHandlerSRTP; + friend class UT_CSRTPCryptoHandler; + #endif + + }; + +#endif // __SRTP_CRYPTOHANDLER_SRTP_H__