Skip to content

Commit 4478244

Browse files
author
yngrtc
committed
Revert "add AeadAes256Gcm support"
This reverts commit ffaee7f. # Conflicts: # srtp/src/cipher/cipher_aes_cm_hmac_sha1/ctrcipher.rs # srtp/src/cipher/cipher_aes_cm_hmac_sha1/opensslcipher.rs
1 parent 3a252d8 commit 4478244

File tree

12 files changed

+78
-144
lines changed

12 files changed

+78
-144
lines changed

srtp/src/cipher/cipher_aead_aes_gcm.rs

Lines changed: 8 additions & 22 deletions
Original file line numberDiff line numberDiff line change
@@ -8,35 +8,22 @@ use util::marshal::*;
88
use super::Cipher;
99
use crate::error::{Error, Result};
1010
use crate::key_derivation::*;
11-
use crate::protection_profile::ProtectionProfile;
1211

1312
pub const CIPHER_AEAD_AES_GCM_AUTH_TAG_LEN: usize = 16;
1413

1514
const RTCP_ENCRYPTION_FLAG: u8 = 0x80;
1615

1716
/// AEAD Cipher based on AES.
1817
pub(crate) struct CipherAeadAesGcm {
19-
profile: ProtectionProfile,
2018
srtp_cipher: aes_gcm::Aes128Gcm,
2119
srtcp_cipher: aes_gcm::Aes128Gcm,
2220
srtp_session_salt: Vec<u8>,
2321
srtcp_session_salt: Vec<u8>,
2422
}
2523

2624
impl Cipher for CipherAeadAesGcm {
27-
/// Get RTP authenticated tag length.
28-
fn rtp_auth_tag_len(&self) -> usize {
29-
self.profile.rtp_auth_tag_len()
30-
}
31-
32-
/// Get RTCP authenticated tag length.
33-
fn rtcp_auth_tag_len(&self) -> usize {
34-
self.profile.rtcp_auth_tag_len()
35-
}
36-
37-
/// Get AEAD auth key length of the cipher.
38-
fn aead_auth_tag_len(&self) -> usize {
39-
self.profile.aead_auth_tag_len()
25+
fn auth_tag_len(&self) -> usize {
26+
CIPHER_AEAD_AES_GCM_AUTH_TAG_LEN
4027
}
4128

4229
fn encrypt_rtp(
@@ -47,7 +34,7 @@ impl Cipher for CipherAeadAesGcm {
4734
) -> Result<Bytes> {
4835
// Grow the given buffer to fit the output.
4936
let header_len = header.marshal_size();
50-
let mut writer = BytesMut::with_capacity(payload.len() + self.aead_auth_tag_len());
37+
let mut writer = BytesMut::with_capacity(payload.len() + self.auth_tag_len());
5138

5239
// Copy header unencrypted.
5340
writer.extend_from_slice(&payload[..header_len]);
@@ -72,7 +59,7 @@ impl Cipher for CipherAeadAesGcm {
7259
header: &rtp::header::Header,
7360
roc: u32,
7461
) -> Result<Bytes> {
75-
if ciphertext.len() < self.aead_auth_tag_len() {
62+
if ciphertext.len() < self.auth_tag_len() {
7663
return Err(Error::ErrFailedToVerifyAuthTag);
7764
}
7865

@@ -114,7 +101,7 @@ impl Cipher for CipherAeadAesGcm {
114101
}
115102

116103
fn decrypt_rtcp(&mut self, encrypted: &[u8], srtcp_index: usize, ssrc: u32) -> Result<Bytes> {
117-
if encrypted.len() < self.aead_auth_tag_len() + SRTCP_INDEX_SIZE {
104+
if encrypted.len() < self.auth_tag_len() + SRTCP_INDEX_SIZE {
118105
return Err(Error::ErrFailedToVerifyAuthTag);
119106
}
120107

@@ -146,7 +133,7 @@ impl Cipher for CipherAeadAesGcm {
146133

147134
impl CipherAeadAesGcm {
148135
/// Create a new AEAD instance.
149-
pub(crate) fn new(profile: ProtectionProfile, master_key: &[u8], master_salt: &[u8]) -> Result<CipherAeadAesGcm> {
136+
pub(crate) fn new(master_key: &[u8], master_salt: &[u8]) -> Result<CipherAeadAesGcm> {
150137
let srtp_session_key = aes_cm_key_derivation(
151138
LABEL_SRTP_ENCRYPTION,
152139
master_key,
@@ -176,19 +163,18 @@ impl CipherAeadAesGcm {
176163
master_key,
177164
master_salt,
178165
0,
179-
master_salt.len(),
166+
master_key.len(),
180167
)?;
181168

182169
let srtcp_session_salt = aes_cm_key_derivation(
183170
LABEL_SRTCP_SALT,
184171
master_key,
185172
master_salt,
186173
0,
187-
master_salt.len(),
174+
master_key.len(),
188175
)?;
189176

190177
Ok(CipherAeadAesGcm {
191-
profile,
192178
srtp_cipher,
193179
srtcp_cipher,
194180
srtp_session_salt,

srtp/src/cipher/cipher_aes_cm_hmac_sha1/ctrcipher.rs

Lines changed: 22 additions & 34 deletions
Original file line numberDiff line numberDiff line change
@@ -8,7 +8,6 @@ use util::marshal::*;
88
use super::{Cipher, CipherInner};
99
use crate::error::{Error, Result};
1010
use crate::key_derivation::*;
11-
use crate::protection_profile::ProtectionProfile;
1211

1312
type Aes128Ctr = ctr::Ctr128BE<aes::Aes128>;
1413

@@ -19,8 +18,8 @@ pub(crate) struct CipherAesCmHmacSha1 {
1918
}
2019

2120
impl CipherAesCmHmacSha1 {
22-
pub fn new(profile: ProtectionProfile, master_key: &[u8], master_salt: &[u8]) -> Result<Self> {
23-
let inner = CipherInner::new(profile, master_key, master_salt)?;
21+
pub fn new(master_key: &[u8], master_salt: &[u8]) -> Result<Self> {
22+
let inner = CipherInner::new(master_key, master_salt)?;
2423

2524
let srtp_session_key = aes_cm_key_derivation(
2625
LABEL_SRTP_ENCRYPTION,
@@ -46,19 +45,8 @@ impl CipherAesCmHmacSha1 {
4645
}
4746

4847
impl Cipher for CipherAesCmHmacSha1 {
49-
/// Get RTP authenticated tag length.
50-
fn rtp_auth_tag_len(&self) -> usize {
51-
self.inner.profile.rtp_auth_tag_len()
52-
}
53-
54-
/// Get RTCP authenticated tag length.
55-
fn rtcp_auth_tag_len(&self) -> usize {
56-
self.inner.profile.rtcp_auth_tag_len()
57-
}
58-
59-
/// Get AEAD auth key length of the cipher.
60-
fn aead_auth_tag_len(&self) -> usize {
61-
self.inner.profile.aead_auth_tag_len()
48+
fn auth_tag_len(&self) -> usize {
49+
self.inner.auth_tag_len()
6250
}
6351

6452
fn get_rtcp_index(&self, input: &[u8]) -> usize {
@@ -71,7 +59,7 @@ impl Cipher for CipherAesCmHmacSha1 {
7159
header: &rtp::header::Header,
7260
roc: u32,
7361
) -> Result<Bytes> {
74-
let mut writer = Vec::with_capacity(plaintext.len() + self.rtp_auth_tag_len());
62+
let mut writer = Vec::with_capacity(plaintext.len() + self.auth_tag_len());
7563

7664
// Write the plaintext to the destination buffer.
7765
writer.extend_from_slice(plaintext);
@@ -89,7 +77,7 @@ impl Cipher for CipherAesCmHmacSha1 {
8977
stream.apply_keystream(&mut writer[header.marshal_size()..]);
9078

9179
// Generate the auth tag.
92-
let auth_tag = &self.inner.generate_srtp_auth_tag(&writer, roc)[..self.rtp_auth_tag_len()];
80+
let auth_tag = &self.inner.generate_srtp_auth_tag(&writer, roc)[..self.auth_tag_len()];
9381
writer.extend(auth_tag);
9482

9583
Ok(Bytes::from(writer))
@@ -102,19 +90,19 @@ impl Cipher for CipherAesCmHmacSha1 {
10290
roc: u32,
10391
) -> Result<Bytes> {
10492
let encrypted_len = encrypted.len();
105-
if encrypted_len < self.rtp_auth_tag_len() {
106-
return Err(Error::SrtpTooSmall(encrypted_len, self.rtp_auth_tag_len()));
93+
if encrypted_len < self.auth_tag_len() {
94+
return Err(Error::SrtpTooSmall(encrypted_len, self.auth_tag_len()));
10795
}
10896

109-
let mut writer = Vec::with_capacity(encrypted_len - self.rtp_auth_tag_len());
97+
let mut writer = Vec::with_capacity(encrypted_len - self.auth_tag_len());
11098

11199
// Split the auth tag and the cipher text into two parts.
112-
let actual_tag = &encrypted[encrypted_len - self.rtp_auth_tag_len()..];
113-
let cipher_text = &encrypted[..encrypted_len - self.rtp_auth_tag_len()];
100+
let actual_tag = &encrypted[encrypted_len - self.auth_tag_len()..];
101+
let cipher_text = &encrypted[..encrypted_len - self.auth_tag_len()];
114102

115103
// Generate the auth tag we expect to see from the ciphertext.
116104
let expected_tag =
117-
&self.inner.generate_srtp_auth_tag(cipher_text, roc)[..self.rtp_auth_tag_len()];
105+
&self.inner.generate_srtp_auth_tag(cipher_text, roc)[..self.auth_tag_len()];
118106

119107
// See if the auth tag actually matches.
120108
// We use a constant time comparison to prevent timing attacks.
@@ -144,7 +132,7 @@ impl Cipher for CipherAesCmHmacSha1 {
144132

145133
fn encrypt_rtcp(&mut self, decrypted: &[u8], srtcp_index: usize, ssrc: u32) -> Result<Bytes> {
146134
let mut writer =
147-
Vec::with_capacity(decrypted.len() + SRTCP_INDEX_SIZE + self.rtcp_auth_tag_len());
135+
Vec::with_capacity(decrypted.len() + SRTCP_INDEX_SIZE + self.auth_tag_len());
148136

149137
// Write the decrypted to the destination buffer.
150138
writer.extend_from_slice(decrypted);
@@ -167,22 +155,22 @@ impl Cipher for CipherAesCmHmacSha1 {
167155
writer.put_u32(srtcp_index as u32 | (1u32 << 31));
168156

169157
// Generate the auth tag.
170-
let auth_tag = &self.inner.generate_srtcp_auth_tag(&writer)[..self.rtcp_auth_tag_len()];
158+
let auth_tag = &self.inner.generate_srtcp_auth_tag(&writer)[..self.auth_tag_len()];
171159
writer.extend(auth_tag);
172160

173161
Ok(Bytes::from(writer))
174162
}
175163

176164
fn decrypt_rtcp(&mut self, encrypted: &[u8], srtcp_index: usize, ssrc: u32) -> Result<Bytes> {
177165
let encrypted_len = encrypted.len();
178-
if encrypted_len < self.rtcp_auth_tag_len() + SRTCP_INDEX_SIZE {
166+
if encrypted_len < self.auth_tag_len() + SRTCP_INDEX_SIZE {
179167
return Err(Error::SrtcpTooSmall(
180168
encrypted_len,
181-
self.rtcp_auth_tag_len() + SRTCP_INDEX_SIZE,
169+
self.auth_tag_len() + SRTCP_INDEX_SIZE,
182170
));
183171
}
184172

185-
let tail_offset = encrypted_len - (self.rtcp_auth_tag_len() + SRTCP_INDEX_SIZE);
173+
let tail_offset = encrypted_len - (self.auth_tag_len() + SRTCP_INDEX_SIZE);
186174
if tail_offset < 8 {
187175
return Err(Error::ErrTooShortRtcp);
188176
}
@@ -197,18 +185,18 @@ impl Cipher for CipherAesCmHmacSha1 {
197185
}
198186

199187
// Split the auth tag and the cipher text into two parts.
200-
let actual_tag = &encrypted[encrypted_len - self.rtcp_auth_tag_len()..];
201-
if actual_tag.len() != self.rtcp_auth_tag_len() {
188+
let actual_tag = &encrypted[encrypted_len - self.auth_tag_len()..];
189+
if actual_tag.len() != self.auth_tag_len() {
202190
return Err(Error::RtcpInvalidLengthAuthTag(
203191
actual_tag.len(),
204-
self.rtcp_auth_tag_len(),
192+
self.auth_tag_len(),
205193
));
206194
}
207195

208-
let cipher_text = &encrypted[..encrypted_len - self.rtcp_auth_tag_len()];
196+
let cipher_text = &encrypted[..encrypted_len - self.auth_tag_len()];
209197

210198
// Generate the auth tag we expect to see from the ciphertext.
211-
let expected_tag = &self.inner.generate_srtcp_auth_tag(cipher_text)[..self.rtcp_auth_tag_len()];
199+
let expected_tag = &self.inner.generate_srtcp_auth_tag(cipher_text)[..self.auth_tag_len()];
212200

213201
// See if the auth tag actually matches.
214202
// We use a constant time comparison to prevent timing attacks.

srtp/src/cipher/cipher_aes_cm_hmac_sha1/mod.rs

Lines changed: 6 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -24,15 +24,14 @@ type HmacSha1 = Hmac<Sha1>;
2424
pub const CIPHER_AES_CM_HMAC_SHA1AUTH_TAG_LEN: usize = 10;
2525

2626
pub(crate) struct CipherInner {
27-
profile: ProtectionProfile,
2827
srtp_session_salt: Vec<u8>,
2928
srtp_session_auth: HmacSha1,
3029
srtcp_session_salt: Vec<u8>,
3130
srtcp_session_auth: HmacSha1,
3231
}
3332

3433
impl CipherInner {
35-
pub fn new(profile: ProtectionProfile, master_key: &[u8], master_salt: &[u8]) -> Result<Self> {
34+
pub fn new(master_key: &[u8], master_salt: &[u8]) -> Result<Self> {
3635
let srtp_session_salt = aes_cm_key_derivation(
3736
LABEL_SRTP_SALT,
3837
master_key,
@@ -71,7 +70,6 @@ impl CipherInner {
7170
.map_err(|e| Error::Other(e.to_string()))?;
7271

7372
Ok(Self {
74-
profile,
7573
srtp_session_salt,
7674
srtp_session_auth,
7775
srtcp_session_salt,
@@ -123,8 +121,12 @@ impl CipherInner {
123121
signer.finalize().into_bytes().into()
124122
}
125123

124+
fn auth_tag_len(&self) -> usize {
125+
CIPHER_AES_CM_HMAC_SHA1AUTH_TAG_LEN
126+
}
127+
126128
fn get_rtcp_index(&self, input: &[u8]) -> usize {
127-
let tail_offset = input.len() - (self.profile.rtcp_auth_tag_len() + SRTCP_INDEX_SIZE);
129+
let tail_offset = input.len() - (self.auth_tag_len() + SRTCP_INDEX_SIZE);
128130
(BigEndian::read_u32(&input[tail_offset..tail_offset + SRTCP_INDEX_SIZE]) & !(1 << 31))
129131
as usize
130132
}

0 commit comments

Comments
 (0)