2 * Secure RTP with libgcrypt
3 * Copyright (C) 2007 RĂ©mi Denis-Courmont <rdenis # simphalempin , com>
5 * This library is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU Lesser General Public
7 * License as published by the Free Software Foundation; either
8 * version 2.1 of the License, or (at your option) any later version.
10 * This library is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 * Lesser General Public License for more details.
15 * You should have received a copy of the GNU Lesser General Public
16 * License along with this library; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
38 static const uint8_t key[16] =
39 "\x12\x34\x56\x78\x9A\xBC\xDE\xF0"
40 "\x12\x34\x56\x78\x9A\xBC\xDE\xF0";
41 static const uint8_t salt[14] =
42 "\x12\x34\x56\x78\x90" "\x12\x34\x56\x78\x90" "\x12\x34\x56\x78";
44 srtp_session_t *sd, *se;
46 /* Too big tag length */
47 se = srtp_create (SRTP_ENCR_AES_CM, SRTP_AUTH_HMAC_SHA1, 21,
51 /* Too short tag length */
52 se = srtp_create (SRTP_ENCR_AES_CM, SRTP_AUTH_HMAC_SHA1, 3,
53 SRTP_PRF_AES_CM, SRTP_RCC_MODE1);
56 /* Initializes encryption and decryption contexts */
57 se = srtp_create (SRTP_ENCR_AES_CM, SRTP_AUTH_HMAC_SHA1, 20,
58 SRTP_PRF_AES_CM, SRTP_RCC_MODE1);
61 sd = srtp_create (SRTP_ENCR_AES_CM, SRTP_AUTH_HMAC_SHA1, 20,
62 SRTP_PRF_AES_CM, SRTP_RCC_MODE1);
65 srtp_setrcc_rate (se, 1);
66 srtp_setrcc_rate (sd, 1);
68 val = srtp_setkey (se, key, 16, salt, 14);
70 val = srtp_setkey (sd, key, 16, salt, 14);
73 uint8_t buf[1500], buf2[1500];
76 /* Invalid SRTP packet */
79 val = srtp_send (se, buf, &len, sizeof (buf));
80 assert (val == EINVAL);
84 srtp_recv (sd, buf, &len);
85 assert (val == EINVAL);
87 /* Too short packet */
90 val = srtp_send (se, buf, &len, sizeof (buf));
91 assert (val == EINVAL);
94 val = srtp_recv (sd, buf, &len);
95 assert (val == EINVAL);
97 /* Too short when taking tag into account */
99 val = srtp_recv (sd, buf, &len);
100 assert (val == EINVAL);
102 /* Too short when taking RTP extensions into account */
105 val = srtp_send (se, buf, &len, sizeof (buf));
106 assert (val == EINVAL);
111 val = srtp_send (se, buf, &len, sizeof (buf));
112 assert (val == EINVAL);
114 /* Too small buffer (seq=1) */
116 memset (buf, 0, len);
119 val = srtp_send (se, buf, &len, 39);
120 assert (val == ENOSPC);
124 val = srtp_recv (sd, buf, &len);
125 assert (val == EINVAL);
130 for (unsigned i = 0; i < 256; i++)
133 val = srtp_send (se, buf, &len, 0x120);
135 assert (len == 0x120);
137 memcpy (buf2, buf, len);
138 val = srtp_recv (sd, buf2, &len);
140 assert (len == 0x10c);
141 assert (!memcmp (buf2, "\x80\x00\x00\x03" "\x00\x00\x00\x00"
142 "\x00\x00\x00\x00", 12));
143 for (unsigned i = 0; i < 256; i++)
144 assert (buf2[i + 12] == i); // test actual decryption
146 /* Replay attack (seq=3) */
148 val = srtp_recv (sd, buf, &len);
149 assert (val == EACCES);
150 assert (len == 0x10c);
152 /* OK but late (seq=2) */
155 val = srtp_send (se, buf, &len, 0x120);
157 assert (len == 0x120);
159 memcpy (buf2, buf, len);
160 val = srtp_recv (sd, buf2, &len);
162 assert (len == 0x10c);
164 /* Late replay attack (seq=3) */
166 val = srtp_recv (sd, buf, &len);
167 assert (val == EACCES);
168 assert (len == 0x10c);