diff --git a/daemon/crypto.c b/daemon/crypto.c index 6bf6cd955..f3922178a 100644 --- a/daemon/crypto.c +++ b/daemon/crypto.c @@ -47,7 +47,7 @@ const struct crypto_suite crypto_suites[] = { .session_salt_len = 14, .srtp_lifetime = 1ULL << 48, .srtcp_lifetime = 1ULL << 31, - .kernel_cipher = REC_AES_CM, + .kernel_cipher = REC_AES_CM_128, .kernel_hmac = REH_HMAC_SHA1, .srtp_auth_tag = 10, .srtcp_auth_tag = 10, @@ -71,7 +71,7 @@ const struct crypto_suite crypto_suites[] = { .session_salt_len = 14, .srtp_lifetime = 1ULL << 48, .srtcp_lifetime = 1ULL << 31, - .kernel_cipher = REC_AES_CM, + .kernel_cipher = REC_AES_CM_128, .kernel_hmac = REH_HMAC_SHA1, .srtp_auth_tag = 4, .srtcp_auth_tag = 10, @@ -95,8 +95,8 @@ const struct crypto_suite crypto_suites[] = { .session_salt_len = 14, .srtp_lifetime = 1ULL << 48, .srtcp_lifetime = 1ULL << 31, - //.kernel_cipher = REC_AES_CM, - //.kernel_hmac = REH_HMAC_SHA1, + .kernel_cipher = REC_AES_CM_192, + .kernel_hmac = REH_HMAC_SHA1, .srtp_auth_tag = 10, .srtcp_auth_tag = 10, .srtp_auth_key_len = 20, @@ -119,8 +119,8 @@ const struct crypto_suite crypto_suites[] = { .session_salt_len = 14, .srtp_lifetime = 1ULL << 48, .srtcp_lifetime = 1ULL << 31, - //.kernel_cipher = REC_AES_CM, - //.kernel_hmac = REH_HMAC_SHA1, + .kernel_cipher = REC_AES_CM_192, + .kernel_hmac = REH_HMAC_SHA1, .srtp_auth_tag = 4, .srtcp_auth_tag = 10, .srtp_auth_key_len = 20, @@ -143,8 +143,8 @@ const struct crypto_suite crypto_suites[] = { .session_salt_len = 14, .srtp_lifetime = 1ULL << 48, .srtcp_lifetime = 1ULL << 31, - //.kernel_cipher = REC_AES_CM, - //.kernel_hmac = REH_HMAC_SHA1, + .kernel_cipher = REC_AES_CM_256, + .kernel_hmac = REH_HMAC_SHA1, .srtp_auth_tag = 10, .srtcp_auth_tag = 10, .srtp_auth_key_len = 20, @@ -167,8 +167,8 @@ const struct crypto_suite crypto_suites[] = { .session_salt_len = 14, .srtp_lifetime = 1ULL << 48, .srtcp_lifetime = 1ULL << 31, - //.kernel_cipher = REC_AES_CM, - //.kernel_hmac = REH_HMAC_SHA1, + .kernel_cipher = REC_AES_CM_256, + .kernel_hmac = REH_HMAC_SHA1, .srtp_auth_tag = 4, .srtcp_auth_tag = 10, .srtp_auth_key_len = 20, diff --git a/daemon/media_socket.c b/daemon/media_socket.c index afafd5210..62c06adf9 100644 --- a/daemon/media_socket.c +++ b/daemon/media_socket.c @@ -826,6 +826,8 @@ static int __k_srtp_crypt(struct rtpengine_srtp *s, struct crypto_context *c) { if (c->params.mki_len) memcpy(s->mki, c->params.mki, c->params.mki_len); memcpy(s->master_key, c->params.master_key, c->params.crypto_suite->master_key_len); + s->master_key_len = c->params.crypto_suite->master_key_len; + s->session_key_len = c->params.crypto_suite->session_key_len; memcpy(s->master_salt, c->params.master_salt, c->params.crypto_suite->master_salt_len); if (c->params.session_params.unencrypted_srtp) diff --git a/kernel-module/xt_RTPENGINE.c b/kernel-module/xt_RTPENGINE.c index 2108a1efa..a237ad234 100644 --- a/kernel-module/xt_RTPENGINE.c +++ b/kernel-module/xt_RTPENGINE.c @@ -231,7 +231,7 @@ static inline int bitfield_clear(unsigned long *bf, unsigned int i); struct re_crypto_context { spinlock_t lock; /* protects roc and last_index */ - unsigned char session_key[16]; + unsigned char session_key[32]; unsigned char session_salt[14]; unsigned char session_auth_key[20]; u_int32_t roc; @@ -501,9 +501,9 @@ static const struct re_cipher re_ciphers[] = { .id = REC_NULL, .name = "NULL", }, - [REC_AES_CM] = { - .id = REC_AES_CM, - .name = "AES-CM", + [REC_AES_CM_128] = { + .id = REC_AES_CM_128, + .name = "AES-CM-128", .tfm_name = "aes", .decrypt = srtp_encrypt_aes_cm, .encrypt = srtp_encrypt_aes_cm, @@ -516,6 +516,20 @@ static const struct re_cipher re_ciphers[] = { .encrypt = srtp_encrypt_aes_f8, .session_key_init = aes_f8_session_key_init, }, + [REC_AES_CM_192] = { + .id = REC_AES_CM_192, + .name = "AES-CM-192", + .tfm_name = "aes", + .decrypt = srtp_encrypt_aes_cm, + .encrypt = srtp_encrypt_aes_cm, + }, + [REC_AES_CM_256] = { + .id = REC_AES_CM_256, + .name = "AES-CM-256", + .tfm_name = "aes", + .decrypt = srtp_encrypt_aes_cm, + .encrypt = srtp_encrypt_aes_cm, + }, }; static const struct re_hmac re_hmacs[] = { @@ -1700,7 +1714,7 @@ static void aes_f8(unsigned char *in_out, int in_len, u_int32_t *xu; crypto_cipher_encrypt_one(iv_tfm, ivx, iv); - + pi = (void *) in_out; ki = (void *) key_block; lki = (void *) last_key_block; @@ -1747,7 +1761,7 @@ done: } static int aes_ctr_128_no_ctx(unsigned char *out, const char *in, int in_len, - const unsigned char *key, const unsigned char *iv) + const unsigned char *key, unsigned int key_len, const unsigned char *iv) { struct crypto_cipher *tfm; @@ -1755,14 +1769,14 @@ static int aes_ctr_128_no_ctx(unsigned char *out, const char *in, int in_len, if (IS_ERR(tfm)) return PTR_ERR(tfm); - crypto_cipher_setkey(tfm, key, 16); + crypto_cipher_setkey(tfm, key, key_len); aes_ctr_128(out, in, in_len, tfm, iv); crypto_free_cipher(tfm); return 0; } -static int prf_n(unsigned char *out, int len, const unsigned char *key, const unsigned char *x) { +static int prf_n(unsigned char *out, int len, const unsigned char *key, unsigned int key_len, const unsigned char *x) { unsigned char iv[16]; unsigned char o[32]; unsigned char in[32]; @@ -1773,7 +1787,7 @@ static int prf_n(unsigned char *out, int len, const unsigned char *key, const un in_len = len > 16 ? 32 : 16; memset(in, 0, in_len); - ret = aes_ctr_128_no_ctx(o, in, in_len, key, iv); + ret = aes_ctr_128_no_ctx(o, in, in_len, key, key_len, iv); if (ret) return ret; @@ -1795,7 +1809,7 @@ static int gen_session_key(unsigned char *out, int len, struct rtpengine_srtp *s for (i = 13 - 6; i < 14; i++) x[i] = key_id[i - (13 - 6)] ^ x[i]; - ret = prf_n(out, len, s->master_key, x); + ret = prf_n(out, len, s->master_key, s->master_key_len, x); if (ret) return ret; return 0; @@ -1836,7 +1850,7 @@ static int gen_session_keys(struct re_crypto_context *c, struct rtpengine_srtp * if (s->cipher == REC_NULL && s->hmac == REH_NULL) return 0; err = "failed to generate session key"; - ret = gen_session_key(c->session_key, 16, s, 0x00); + ret = gen_session_key(c->session_key, s->session_key_len, s, 0x00); if (ret) goto error; ret = gen_session_key(c->session_auth_key, 20, s, 0x01); @@ -1854,7 +1868,7 @@ static int gen_session_keys(struct re_crypto_context *c, struct rtpengine_srtp * c->tfm[0] = NULL; goto error; } - crypto_cipher_setkey(c->tfm[0], c->session_key, 16); + crypto_cipher_setkey(c->tfm[0], c->session_key, s->session_key_len); } if (c->cipher->session_key_init) { @@ -1874,21 +1888,69 @@ static int gen_session_keys(struct re_crypto_context *c, struct rtpengine_srtp * crypto_shash_setkey(c->shash, c->session_auth_key, 20); } - DBG("master key %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", + switch(s->master_key_len) { + case 16: + DBG("master key %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", s->master_key[0], s->master_key[1], s->master_key[2], s->master_key[3], s->master_key[4], s->master_key[5], s->master_key[6], s->master_key[7], s->master_key[8], s->master_key[9], s->master_key[10], s->master_key[11], s->master_key[12], s->master_key[13], s->master_key[14], s->master_key[15]); + break; + case 24: + DBG("master key %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", + s->master_key[0], s->master_key[1], s->master_key[2], s->master_key[3], + s->master_key[4], s->master_key[5], s->master_key[6], s->master_key[7], + s->master_key[8], s->master_key[9], s->master_key[10], s->master_key[11], + s->master_key[12], s->master_key[13], s->master_key[14], s->master_key[15], + s->master_key[16], s->master_key[17], s->master_key[18], s->master_key[19], + s->master_key[20], s->master_key[21], s->master_key[22], s->master_key[23]); + break; + case 32: + DBG("master key %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", + s->master_key[0], s->master_key[1], s->master_key[2], s->master_key[3], + s->master_key[4], s->master_key[5], s->master_key[6], s->master_key[7], + s->master_key[8], s->master_key[9], s->master_key[10], s->master_key[11], + s->master_key[12], s->master_key[13], s->master_key[14], s->master_key[15], + s->master_key[16], s->master_key[17], s->master_key[18], s->master_key[19], + s->master_key[20], s->master_key[21], s->master_key[22], s->master_key[23], + s->master_key[24], s->master_key[25], s->master_key[26], s->master_key[27], + s->master_key[28], s->master_key[29], s->master_key[30], s->master_key[21]); + break; + } DBG("master salt %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", s->master_salt[0], s->master_salt[1], s->master_salt[2], s->master_salt[3], s->master_salt[4], s->master_salt[5], s->master_salt[6], s->master_salt[7], s->master_salt[8], s->master_salt[9], s->master_salt[10], s->master_salt[11], s->master_salt[12], s->master_salt[13]); - DBG("session key %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", + switch(s->session_key_len) { + case 16: + DBG("session key %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", c->session_key[0], c->session_key[1], c->session_key[2], c->session_key[3], c->session_key[4], c->session_key[5], c->session_key[6], c->session_key[7], c->session_key[8], c->session_key[9], c->session_key[10], c->session_key[11], c->session_key[12], c->session_key[13], c->session_key[14], c->session_key[15]); + break; + case 24: + DBG("session key %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", + c->session_key[0], c->session_key[1], c->session_key[2], c->session_key[3], + c->session_key[4], c->session_key[5], c->session_key[6], c->session_key[7], + c->session_key[8], c->session_key[9], c->session_key[10], c->session_key[11], + c->session_key[12], c->session_key[13], c->session_key[14], c->session_key[15], + c->session_key[16], c->session_key[17], c->session_key[18], c->session_key[19], + c->session_key[20], c->session_key[21], c->session_key[22], c->session_key[23]); + break; + case 32: + DBG("session key %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", + c->session_key[0], c->session_key[1], c->session_key[2], c->session_key[3], + c->session_key[4], c->session_key[5], c->session_key[6], c->session_key[7], + c->session_key[8], c->session_key[9], c->session_key[10], c->session_key[11], + c->session_key[12], c->session_key[13], c->session_key[14], c->session_key[15], + c->session_key[16], c->session_key[17], c->session_key[18], c->session_key[19], + c->session_key[20], c->session_key[21], c->session_key[22], c->session_key[23], + c->session_key[24], c->session_key[25], c->session_key[26], c->session_key[27], + c->session_key[28], c->session_key[29], c->session_key[30], c->session_key[21]); + break; + } DBG("session salt %02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x%02x\n", c->session_salt[0], c->session_salt[1], c->session_salt[2], c->session_salt[3], c->session_salt[4], c->session_salt[5], c->session_salt[6], c->session_salt[7], @@ -2014,7 +2076,7 @@ retry: kfree(rda); goto retry; } - + t->dest_addr_hash.addrs[rh_it] = rda; re_bitfield_set(&t->dest_addr_hash.addrs_bf, rh_it); diff --git a/kernel-module/xt_RTPENGINE.h b/kernel-module/xt_RTPENGINE.h index 08d6964ac..812432b03 100644 --- a/kernel-module/xt_RTPENGINE.h +++ b/kernel-module/xt_RTPENGINE.h @@ -41,8 +41,10 @@ struct re_address { enum rtpengine_cipher { REC_INVALID = 0, REC_NULL, - REC_AES_CM, + REC_AES_CM_128, REC_AES_F8, + REC_AES_CM_192, + REC_AES_CM_256, __REC_LAST }; @@ -59,8 +61,10 @@ enum rtpengine_hmac { struct rtpengine_srtp { enum rtpengine_cipher cipher; enum rtpengine_hmac hmac; - unsigned char master_key[16]; + unsigned char master_key[32]; + unsigned int master_key_len; unsigned char master_salt[14]; + unsigned int session_key_len; unsigned char mki[256]; /* XXX uses too much memory? */ u_int64_t last_index; unsigned int auth_tag_len; /* in bytes */