|
1 /* |
|
2 * Copyright (c) 2007 Nokia Corporation and/or its subsidiary(-ies). |
|
3 * All rights reserved. |
|
4 * This component and the accompanying materials are made available |
|
5 * under the terms of "Eclipse Public License v1.0" |
|
6 * which accompanies this distribution, and is available |
|
7 * at the URL "http://www.eclipse.org/legal/epl-v10.html". |
|
8 * |
|
9 * Initial Contributors: |
|
10 * Nokia Corporation - initial contribution. |
|
11 * |
|
12 * Contributors: |
|
13 * |
|
14 * Description: Provides services for SDP Security Descriptions. |
|
15 * |
|
16 */ |
|
17 |
|
18 |
|
19 |
|
20 |
|
21 |
|
22 #ifndef CMCESECUREDESSTREAM_H |
|
23 #define CMCESECUREDESSTREAM_H |
|
24 |
|
25 // INCLUDES |
|
26 #include <e32base.h> |
|
27 #include <stringpool.h> |
|
28 #include <mmccsrtpcryptoparams.h> |
|
29 //#include <mmccsecureinterface.h> |
|
30 #include "mcesecuremediasession.h" |
|
31 #include "mcesecurecryptoinfo.h" |
|
32 #include "mcesrvstream.h" |
|
33 |
|
34 // FORWARD DECLARATIONS |
|
35 class CSdpDocument; |
|
36 class CSdpMediaField; |
|
37 class CMceComSession; |
|
38 class CMceComMediaStream; |
|
39 class CSdpAttributeField; |
|
40 class CSdpFmtAttributeField; |
|
41 class CMccSecureInterface; |
|
42 class TMccSrtpCryptoParams; |
|
43 class TMceSecureCryptoInfo; |
|
44 // INCLUDES |
|
45 |
|
46 |
|
47 // CONSTANTS |
|
48 _LIT8( KInline, "inline:" ); |
|
49 _LIT8( KSeparator, "|" ); |
|
50 _LIT8( KInvolute, "^" ); |
|
51 _LIT8( KColon, ":" ); |
|
52 _LIT8( KSemiColon, ";" ); |
|
53 _LIT8( KAES_SHA1_80, "AES_CM_128_HMAC_SHA1_80" ); |
|
54 _LIT8( KAES_SHA1_32, "AES_CM_128_HMAC_SHA1_32" ); |
|
55 _LIT8( KCrypto, "crypto" ); |
|
56 _LIT8( KCryptoCount, "1" ); |
|
57 _LIT8( KDefaultMasterKeyLifetime, "2^20" ); |
|
58 _LIT8( KDefaultMKI, "1:4 " ); |
|
59 _LIT8( KSpace, " " ); |
|
60 _LIT8( KCryptoCount2, "2" ); |
|
61 _LIT8( KProtocolSAVP, "RTP/SAVP" ); |
|
62 _LIT8( KProtocolSAVPF, "RTP/SAVPF" ); |
|
63 _LIT8( KProtocolAVP, "RTP/AVP" ); |
|
64 |
|
65 const TInt KInlineLength = 7; |
|
66 const TInt KRandomStringCount = 64; |
|
67 const TInt KProtocolMaxLength = 20; |
|
68 const TInt KCryptoLineMaxLength = 120; |
|
69 const TInt KCryptoAttributeValueMinLength = 69; //when F8_128_HMAC_SHA1_80 |
|
70 const TUint KEncrKeyLengthDefault = 0x80; |
|
71 const TUint KAuthKeyLengthDefault = 0xa0; |
|
72 const TUint KDerivRateDefault = 0x00; |
|
73 |
|
74 |
|
75 const TUint KAuthTagLengthTypeCount = 2; |
|
76 const TUint KMKILength = 4; |
|
77 |
|
78 const TUint KSeparatorLen = 1; |
|
79 const TUint KMkiValueLen = 3; |
|
80 const TUint KMaxMKILen = 10; |
|
81 const TUint64 KMasterKeyLifeTime = 0x100000; |
|
82 const TInt KCryptoAnswerCount = 1; |
|
83 const TInt KTotalCryptoAnswerCount = 2; |
|
84 const TInt KCryptoGranularity = 4; |
|
85 |
|
86 static const TInt KBase64Chars[ 64 ] = |
|
87 { |
|
88 '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', |
|
89 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', |
|
90 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', |
|
91 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', |
|
92 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '+', '/' |
|
93 }; |
|
94 |
|
95 static const TInt KRandomChars[ 64 ] = |
|
96 { |
|
97 '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', |
|
98 'D', 'E', 'F', 'G', 'H', 'I', 'J', 'K', 'L', 'M', 'N', 'O', 'P', |
|
99 'Q', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z', 'a', 'b', 'c', |
|
100 'd', 'e', 'f', 'g', 'h', 'i', 'j', 'k', 'l', 'm', 'n', 'o', 'p', |
|
101 'q', 'r', 's', 't', 'u', 'v', 'w', 'x', 'y', 'z', '_', '-' |
|
102 }; |
|
103 |
|
104 static const TInt KNumbers[ 10 ] = |
|
105 { |
|
106 '0', '1', '2', '3', '4', '5', '6', '7', '8', '9' |
|
107 }; |
|
108 |
|
109 // |
|
110 /** |
|
111 * Class for encoding and decoding media lines and creating server streams |
|
112 * |
|
113 */ |
|
114 class CMceSecureDesStream : public CBase |
|
115 { |
|
116 |
|
117 public: |
|
118 |
|
119 /** |
|
120 * Two-phased constructor. |
|
121 * @param aSecureSession secure media session |
|
122 * @param aMediaField secure description stream uses |
|
123 * @param aSecureInterface |
|
124 * @param aMediaStream media stream |
|
125 */ |
|
126 static CMceSecureDesStream* NewL( CMceSecureMediaSession& aSecureSession, |
|
127 CSdpMediaField& aMediaField, |
|
128 CMccSecureInterface& aSecureInterface, |
|
129 CMceComMediaStream& aMediaStream); |
|
130 |
|
131 /** |
|
132 * Destructor. |
|
133 */ |
|
134 ~CMceSecureDesStream(); |
|
135 |
|
136 |
|
137 |
|
138 public: |
|
139 |
|
140 /** |
|
141 * Encodes a media line to Secure Offer/Answer. |
|
142 * @param aMediaField, one of mediafield in sdp document |
|
143 * @param aIsAnswer if it is answer or offer/update types |
|
144 * @leave system wide error only if Sdp document is not valid |
|
145 */ |
|
146 void EncodeSecureSdpL( CSdpMediaField& aMediaField, |
|
147 TBool aIsAnswer ) ; |
|
148 |
|
149 |
|
150 /** |
|
151 * Decodes media offer/update |
|
152 * @param aMediaField, one of mediafield in sdp document |
|
153 * @return system KErrNotFound or KErrArgument |
|
154 * @leave system wide error only if Sdp document is not valid |
|
155 */ |
|
156 void DecodeSecureSdpL( CSdpMediaField& aMediaField ) ; |
|
157 |
|
158 |
|
159 /** |
|
160 * Decodes media answer |
|
161 * @param aMediaField, one of mediafield in sdp document |
|
162 * @param aMode Security stream mode based on sdp document offer, |
|
163 * update, answer, refresh |
|
164 * @return system KErrNotFound or KErrArgument |
|
165 * @leave system wide error only if Sdp document is not valid |
|
166 */ |
|
167 void DecodeSecureSdpAnswerL( CSdpMediaField& aMediaField ); |
|
168 |
|
169 |
|
170 /** |
|
171 * Remove Crypto line from sdp document |
|
172 * @param aMediaField, one of mediafield in sdp document |
|
173 * @return void |
|
174 */ |
|
175 void RemvoeSecureSdp( CSdpMediaField& aMediaField ) ; |
|
176 |
|
177 |
|
178 |
|
179 /** |
|
180 * Return this Media Field |
|
181 * @return CSdpMediaField for this security stream |
|
182 */ |
|
183 CSdpMediaField& MediaField(); |
|
184 |
|
185 /** |
|
186 * Return this related Codec |
|
187 * @return CMceComCodec for this security stream |
|
188 */ |
|
189 CMceComMediaStream& MediaStream() const; |
|
190 |
|
191 |
|
192 /** |
|
193 * Compare if the context Id is in this secure stream |
|
194 * @return ETrue if there is one context Id match |
|
195 */ |
|
196 TBool CompareContextId( TUint32 aContextId ); |
|
197 |
|
198 |
|
199 /** |
|
200 * BindCrypto to MCC |
|
201 * @param aStream SeverStream |
|
202 * @return KErrNone if successful |
|
203 */ |
|
204 TInt BindCrypto( CMceSrvStream& aStream ); |
|
205 |
|
206 /** |
|
207 * Copy Stream CryptoInfo to new Security Description Stream |
|
208 * while updating Offer |
|
209 * @param aCopyFrom SecureStream to be copied |
|
210 * @return void |
|
211 */ |
|
212 void CopyStreamCryptoL( CMceSecureDesStream& aCopyFrom ); |
|
213 |
|
214 private: |
|
215 /** |
|
216 * Set Crypto Context to MCC after Encode/Decode SDP are done |
|
217 * @return void |
|
218 */ |
|
219 void SetCryptoContextL( ); |
|
220 |
|
221 |
|
222 /** |
|
223 * Base64 encoding |
|
224 * @since Series 60 3.0 |
|
225 * @param aData,the data to encode into Base 64 |
|
226 * @param aEncoded, encoded result |
|
227 * @return None |
|
228 */ |
|
229 void Base64Encode( const TDesC8& aData, TDes8& aEncoded ); |
|
230 |
|
231 /** |
|
232 * Base64 decoding |
|
233 * @since Series 60 3.0 |
|
234 * @param aData,the data to encode into Base 64 |
|
235 * @param aDecoded, decoded result |
|
236 * @return None |
|
237 */ |
|
238 void Base64Decode( const TDesC8& aData, TDes8& aDecoded ); |
|
239 |
|
240 /** |
|
241 * Validation of security descriptions |
|
242 * @since Series 60 3.0 |
|
243 * @param aData, data to be checked |
|
244 * @return ETrue, if valid |
|
245 */ |
|
246 TBool ValidateSecurityDescriptions( TDesC8& aData ); |
|
247 |
|
248 /** |
|
249 * Generate cryptoline for crypto -attribute |
|
250 * @since Series 60 3.0 |
|
251 * @param aResult is the cryptoline |
|
252 * @param aCryptoCount =1 or 2.... |
|
253 * @param aAnswer if is an Answer or offer/update |
|
254 * @return None |
|
255 */ |
|
256 void GenerateCryptoLineL( TDes8& aResult, |
|
257 TInt aCryptoCount, |
|
258 TBool aAnswer ); |
|
259 |
|
260 /** |
|
261 * Generate cryptoline for crypto -attribute |
|
262 * @since Series 60 3.0 |
|
263 * @param aResult is the cryptoline |
|
264 * @param aCrypto secure crypto info |
|
265 * @return void |
|
266 */ |
|
267 void GenerateCryptoSuiteLineL( TDes8& aResult, |
|
268 TMceSecureCryptoInfo& aCrypto); |
|
269 /** |
|
270 * Generates random string |
|
271 * @since Series 60 3.0 |
|
272 * @param aRandom is the created random string |
|
273 * @return None |
|
274 */ |
|
275 void RandomString( TDes8& aRandom ); |
|
276 |
|
277 /** |
|
278 * Generates random string |
|
279 * @since Series 60 3.0 |
|
280 * @param aCrypto secure crypto info |
|
281 * @return None |
|
282 */ |
|
283 void GenerateRandomKeys(TMceSecureCryptoInfo& aCrypto); |
|
284 |
|
285 /** |
|
286 * Store the exchanged keys |
|
287 * @since Series 60 3.0 |
|
288 * @param aData sdp key inforamtion |
|
289 * @return None |
|
290 */ |
|
291 void StoreKeys(TDesC8& aData); |
|
292 |
|
293 /** |
|
294 * Sets crypto context to MCC |
|
295 * @param aType to set crypto context |
|
296 * @return KErrNone, if successful |
|
297 */ |
|
298 void CreateCryptoContextL(TMceSecureCryptoInfo& aCrypto); |
|
299 |
|
300 /** |
|
301 * Update crypto context to MCC |
|
302 * @param aType to set crypto context |
|
303 * @return KErrNone, if successful |
|
304 */ |
|
305 void UpdateCryptoContextL( TMceSecureCryptoInfo& aCrypto ); |
|
306 |
|
307 /** |
|
308 * Decode MKI life time information |
|
309 * @param aSecDec security inforamtion in SDP |
|
310 * @param aCrypto aCryptoContext used in incoming offer |
|
311 * @return KErrNone, if successful |
|
312 */ |
|
313 void DecodeMKLifeTimeL(const TDesC8& aSecDec, |
|
314 TMceSecureCryptoInfo& aCrypto); |
|
315 |
|
316 /** |
|
317 * Decode MKI value information |
|
318 * @param aSecDec security inforamtion in SDP |
|
319 * @param aIsAnswer if it is answer type or offer/update type |
|
320 * @param aCrypto aCryptoContext used in incoming offer |
|
321 * @return void |
|
322 */ |
|
323 void DecodeMKIValueL( const TDesC8& aSecDec, |
|
324 TBool aIsAnswer, |
|
325 TMceSecureCryptoInfo& aCrypto ); |
|
326 |
|
327 |
|
328 |
|
329 CSdpAttributeField* MediaFieldAttrMatch( CSdpMediaField& aMediaField, |
|
330 const TDesC8& aMatchString ); |
|
331 |
|
332 TBool ValidateMediaProfile( CSdpMediaField& aMediaField ); |
|
333 |
|
334 TInt SetMediaProfile( CSdpMediaField& aMediaField ); |
|
335 |
|
336 void AppendCryptoAttributeL( TDesC8& aCryptoLine, |
|
337 CSdpMediaField& aMediaField ); |
|
338 |
|
339 void ValidateAnswerByOfferL( const TDesC8& aSecDec); |
|
340 |
|
341 void ValidateOfferByAnswerL( const TDesC8& aSecDec ); |
|
342 |
|
343 void SetSecureProtocolL(CSdpMediaField& aMediaField); |
|
344 |
|
345 void SetPreferedCryptoL(); |
|
346 |
|
347 void SetClientCryptoL(TInt aCryptoCount); |
|
348 |
|
349 TInt ClientCrytoCount(); |
|
350 |
|
351 void IfMatchLocalCryptoL(const TDesC8& aSecDec); |
|
352 |
|
353 TInt SearchAndSetCrypto(TMceSecureCryptoInfo& aCrypto); |
|
354 |
|
355 |
|
356 void FormMKIL(TMceSecureCryptoInfo& aCrypto); |
|
357 |
|
358 void StoreCryptoInFromOfferL(const TDesC8& aSecDec, |
|
359 TMceSecureCryptoInfo& aCrypto); |
|
360 |
|
361 TInt CompareCryptosForAnswer(); |
|
362 |
|
363 void RemoveClientCrypto(); |
|
364 |
|
365 void SetClientCryptoL(TMceSecureCryptoInfo& aCrypto); |
|
366 |
|
367 TInt CountCryptoInOffer(CSdpMediaField& aMediaField); |
|
368 |
|
369 void SetMultipleClientCryptoL( CArrayFixFlat< TMceSecureCryptoInfo >& aArray ); |
|
370 |
|
371 CMceComSession& Session(); |
|
372 |
|
373 TInt SearchChar( TDesC8& aSearchLine, TChar& aChar, |
|
374 TInt aSearchFrom ); |
|
375 void AppendEmptyCryptoL( CArrayFixFlat<TMceSecureCryptoInfo>& aCryptos, |
|
376 TInt aCount ); |
|
377 |
|
378 void SetSHA132( TMceSecureCryptoInfo& aCrypto, TInt aTag ); |
|
379 |
|
380 void SetSHA180( TMceSecureCryptoInfo& aCrypto, TInt aTag ); |
|
381 |
|
382 void SetDefaultCryptoL( |
|
383 CArrayFixFlat<TMceSecureCryptoInfo>& aCryptos ); |
|
384 void SetCryptoByClientL( |
|
385 CArrayFixFlat<TMceSecureCryptoInfo>& aCryptos ); |
|
386 |
|
387 private: |
|
388 |
|
389 |
|
390 CMceSecureDesStream( CMceSecureMediaSession& aSecureSession, |
|
391 CMccSecureInterface& aSecureInterface, |
|
392 CMceComMediaStream& aMediaStream); |
|
393 |
|
394 void ConstructL(CSdpMediaField& aMediaField); |
|
395 |
|
396 |
|
397 public: //Data |
|
398 |
|
399 TBool iCryptoUpdateNeeded; |
|
400 TMceSecureCryptoInfo iCryptoOut; |
|
401 TMceSecureCryptoInfo iCryptoIn; |
|
402 TBool iGnoreSdpMsg; |
|
403 |
|
404 private://data |
|
405 |
|
406 RStringPool iStringPool; |
|
407 |
|
408 const TStringTable* iStringTable; |
|
409 |
|
410 CMceSecureMediaSession& iSecureSession; |
|
411 |
|
412 CArrayFixFlat<TMceSecureCryptoInfo>* iCryptoOuts; |
|
413 |
|
414 CArrayFixFlat<TMceSecureCryptoInfo>* iCryptoIns; |
|
415 |
|
416 CMccSecureInterface& iSecInf; |
|
417 |
|
418 CMceComMediaStream& iMediaStream; |
|
419 |
|
420 CSdpMediaField* iMediaField; |
|
421 |
|
422 TBool iIsSAVP; |
|
423 |
|
424 TBool iWaitingBinding; |
|
425 |
|
426 TUint32 iCryptoContextOutId; |
|
427 |
|
428 TUint32 iCryptoContextInId; |
|
429 |
|
430 HBufC8* iMKIBuf; |
|
431 |
|
432 TUint iOldLocalMediaPort; |
|
433 |
|
434 friend class UT_CMceMediaManager; |
|
435 friend class UT_CMceSecureMediaSession; |
|
436 friend class UT_CMceSecureDesStream; |
|
437 |
|
438 |
|
439 }; |
|
440 |
|
441 #endif // CMCESECUREDESSTREAM_H |
|
442 |
|
443 // End of File |