|
1 /* |
|
2 * Copyright (c) 2004 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Contains an SRTCP specific cryptographic context. |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 #ifndef __SRTP_CRYPTOHANDLER_SRTCP_H__ |
|
22 #define __SRTP_CRYPTOHANDLER_SRTCP_H__ |
|
23 |
|
24 // INCLUDES |
|
25 #include <e32base.h> |
|
26 #include "srtpcryptocontext.h" |
|
27 #include "srtpcryptohandler.h" |
|
28 #include "msrtpcryptohandlercontextrtcp.h" |
|
29 |
|
30 // FORWARD DECLARATIONS |
|
31 class CSRTPStream; |
|
32 |
|
33 /** |
|
34 * Contains RTCP specific handling of cryptographic context. |
|
35 */ |
|
36 class CSRTPCryptoHandlerSRTCP : public CSRTPCryptoHandler, |
|
37 public MSRTPCryptoHandlerContextRTCP |
|
38 { |
|
39 public: // Construction |
|
40 /** |
|
41 * Two-phased constructor. |
|
42 * @param aStream RTCP stream |
|
43 * @returns CSRTPCryptoHandlerSRTCP |
|
44 */ |
|
45 static CSRTPCryptoHandlerSRTCP* NewL( CSRTPStream& aStream); |
|
46 |
|
47 /** |
|
48 * Two-phased constructor. |
|
49 * @param aStream RTCP stream |
|
50 * @returns CSRTPCryptoHandlerSRTCP |
|
51 */ |
|
52 static CSRTPCryptoHandlerSRTCP* NewLC( CSRTPStream& aStream ); |
|
53 |
|
54 |
|
55 ~CSRTPCryptoHandlerSRTCP( ); |
|
56 |
|
57 /** |
|
58 * Calculate authentication tag for an RTP packet. |
|
59 * Authentication is based on the current |
|
60 * TSRTPAuthAlg algorithm setting in CryptoContext |
|
61 * If the operation fails, the function leaves |
|
62 * with a system error code. |
|
63 * @leave KErrNone if success, system-wide error code otherwise, |
|
64 * KErrNotFound means that authentication tags dont match |
|
65 */ |
|
66 HBufC8* CalculateAuthTagL(); |
|
67 |
|
68 |
|
69 private: // from MSRTPCryptoHandlerContext |
|
70 |
|
71 /* |
|
72 * Initialize plain packet class (CSRTPPacketRTCP) |
|
73 * @param aPacket RTCP packet. |
|
74 * @leave KErrNone if success, system-wide error code otherwise |
|
75 * @return void |
|
76 */ |
|
77 void InitializePlainPacketL(const TDesC8& aPacket); |
|
78 |
|
79 /* |
|
80 * Initialize encrypted packet class (CSRTPPacketSRTCP) |
|
81 * @param aPacket SRTCP packet. |
|
82 * @leave KErrNone if success, system-wide error code otherwise |
|
83 * @return void |
|
84 */ |
|
85 void InitializeEncryptedPacketL(const TDesC8& aPacket); |
|
86 |
|
87 /* |
|
88 * Encrypt plain RTCP packet |
|
89 * @leave KErrNone if success, system-wide error code otherwise |
|
90 * @return encrypted packet |
|
91 */ |
|
92 HBufC8* EncryptL(); |
|
93 |
|
94 /* |
|
95 * Decrypt ciphered SRTCP packet |
|
96 * @leave KErrNone if success, system-wide error code otherwise |
|
97 * @return plain packet |
|
98 */ |
|
99 HBufC8* DecryptL(); |
|
100 |
|
101 /* |
|
102 * Check that crypto context MKI and |
|
103 * packet MKI match. |
|
104 * @leave KErrNone if success, system-wide error code otherwise |
|
105 * @return void |
|
106 */ |
|
107 void CheckMasterKeyIdentifierL(); |
|
108 |
|
109 /* |
|
110 * Derive session encryption, salting and authentication keys |
|
111 * for RTCP |
|
112 * @return void |
|
113 */ |
|
114 void DeriveSessionKeysL(); |
|
115 |
|
116 /* |
|
117 * Perform the authentication step |
|
118 * @leave KErrNone if success, system-wide error code otherwise |
|
119 * @return void |
|
120 */ |
|
121 void AuthenticateL(); |
|
122 |
|
123 /* |
|
124 * Perform the replay protection step |
|
125 * @leave KErrNone if success, system-wide error code otherwise |
|
126 * @return void |
|
127 */ |
|
128 void ReplayProtectionL(); |
|
129 |
|
130 /* |
|
131 * function for querying whether master key or salt has been updated |
|
132 * @return master keys update status |
|
133 */ |
|
134 TBool MasterKeysUpdated(); |
|
135 |
|
136 /* |
|
137 * function for updating Replay index after ReplayProtection Check |
|
138 * @return void |
|
139 */ |
|
140 void AddReplayIndex() ; |
|
141 |
|
142 private: // from MSRTPCryptoHandlerContextRTCP |
|
143 |
|
144 /* |
|
145 * Determines the index i |
|
146 * of an SRTCP packet by incrementing one on sender's side. |
|
147 * @return void |
|
148 */ |
|
149 void CountSenderPacketIndexL(); |
|
150 |
|
151 /* |
|
152 * Initial the index i |
|
153 * of an SRTCP packet with initial packet index on sender's side. |
|
154 * @return void |
|
155 */ |
|
156 void InitialPacketIndex(); |
|
157 |
|
158 /* |
|
159 * Implements pseudocode on RFC 3711 Appendix A |
|
160 * for determining the index i of an SRTP packet with receiving index number |
|
161 * and current s_l value in receiver side |
|
162 * @leave KErrNone if success, system-wide error code otherwise |
|
163 * @return void |
|
164 */ |
|
165 void ReceiverPacketIndexL(); |
|
166 |
|
167 private: // methods |
|
168 |
|
169 void ConstructL(); |
|
170 |
|
171 CSRTPCryptoHandlerSRTCP( CSRTPStream& aStream ); |
|
172 |
|
173 /* |
|
174 * Strip the E flag away from the 32 bit SRTCP index |
|
175 * @return void |
|
176 */ |
|
177 void StripEBit(); |
|
178 |
|
179 /* |
|
180 * Write E flag and Srtcp Index number into Packet |
|
181 * E flag in SRTP always as True |
|
182 * @param aSrtcpPacketPtr SRTCP packet. |
|
183 * @return void |
|
184 */ |
|
185 void AddEflagAndSrtcpIndex(TUint8* aSrtcpPacketPtr); |
|
186 |
|
187 /* |
|
188 * Count IV and transform payload |
|
189 * @return HBufC8*, transformed encrypted / decrypted paylod |
|
190 */ |
|
191 HBufC8* CountIV_And_TransformL(); |
|
192 |
|
193 /* |
|
194 * Add auth tag to the given packet. |
|
195 * @param aSrtpPacketPtr packet pointer |
|
196 * @leave KErrNone if success, system-wide error code otherwise, |
|
197 * @return void |
|
198 */ |
|
199 void AddAuthTagToPacketL(TUint8* aSrtpPacketPtr); |
|
200 |
|
201 /* |
|
202 * Check if Re-Key needed for receving and sending packet index |
|
203 * If Re-Key is needed will call Re-Key interface, and SRTP will reject |
|
204 * any packet if MasterKey is not updated |
|
205 * @return void |
|
206 */ |
|
207 void IndexReKeyCheckL(); |
|
208 |
|
209 /* |
|
210 * Call AuthenticateL in MSRTPAuthentication -interface |
|
211 * to get authentication tag based on algorithm |
|
212 * that is currently set in crypto context |
|
213 * @param aAuthenticatedArea portion of data to be authenticated |
|
214 * @param aRoc Roll-Over counter |
|
215 * @leave KErrNone if success, system-wide error code otherwise, |
|
216 * @return authentication tag |
|
217 */ |
|
218 HBufC8* DoAuthenticationL(const TDesC8& aAuthenticatedArea, |
|
219 const TDesC8& aRoc); |
|
220 |
|
221 /* |
|
222 * Add MKI to the given packet. |
|
223 * Common for RTP and RTCP. |
|
224 * @param aSrtpPacketPtr packet pointer |
|
225 * @return void |
|
226 */ |
|
227 void AddMKIToPacket(TUint8* aSrtpPacketPtr); |
|
228 |
|
229 |
|
230 |
|
231 private: // data |
|
232 TUint64 iPcktsProcessed; // counter for packets processed |
|
233 TUint32 iSRTCPIndex; // SRTCP index |
|
234 TUint32 iSRTCPIndexEStripped; // SRTCP index with "E bit" removed |
|
235 TInt iReplayIndexDelta; |
|
236 TUint64 iReplayPktIndex; //packet index |
|
237 TUint64 iSRTCPMasterKeyLifeTime; |
|
238 |
|
239 #ifdef EUNIT_TESTING |
|
240 friend class UT_CSRTPCryptoHandlerSRTCP; |
|
241 friend class UT_CSRTPCryptoHandlerSRTP; |
|
242 #endif |
|
243 }; |
|
244 |
|
245 #endif // __SRTP_CRYPTOHANDLER_SRTCP_H__ |