libSRTP 2.6.0
srtp.h
1/*
2 * srtp.h
3 *
4 * interface to libsrtp
5 *
6 * David A. McGrew
7 * Cisco Systems, Inc.
8 */
9/*
10 *
11 * Copyright (c) 2001-2017, Cisco Systems, Inc.
12 * All rights reserved.
13 *
14 * Redistribution and use in source and binary forms, with or without
15 * modification, are permitted provided that the following conditions
16 * are met:
17 *
18 * Redistributions of source code must retain the above copyright
19 * notice, this list of conditions and the following disclaimer.
20 *
21 * Redistributions in binary form must reproduce the above
22 * copyright notice, this list of conditions and the following
23 * disclaimer in the documentation and/or other materials provided
24 * with the distribution.
25 *
26 * Neither the name of the Cisco Systems, Inc. nor the names of its
27 * contributors may be used to endorse or promote products derived
28 * from this software without specific prior written permission.
29 *
30 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
31 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
32 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
33 * FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
34 * COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT,
35 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
36 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
37 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
38 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
39 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
40 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
41 * OF THE POSSIBILITY OF SUCH DAMAGE.
42 *
43 */
44
45#ifndef SRTP_SRTP_H
46#define SRTP_SRTP_H
47
48#include <stdint.h>
49
50#ifdef __cplusplus
51extern "C" {
52#endif
53
63/*
64 * SRTP_MASTER_KEY_LEN is the nominal master key length supported by libSRTP
65 */
66
67#define SRTP_MASTER_KEY_LEN 30
68
69/*
70 * SRTP_MAX_KEY_LEN is the maximum key length supported by libSRTP
71 */
72#define SRTP_MAX_KEY_LEN 64
73
74/*
75 * SRTP_MAX_TAG_LEN is the maximum tag length supported by libSRTP
76 */
77
78#define SRTP_MAX_TAG_LEN 16
79
84#define SRTP_MAX_MKI_LEN 128
85
94#define SRTP_MAX_TRAILER_LEN (SRTP_MAX_TAG_LEN + SRTP_MAX_MKI_LEN)
95
100#define SRTP_SRCTP_INDEX_LEN 4
101
110#define SRTP_MAX_SRTCP_TRAILER_LEN \
111 (SRTP_SRCTP_INDEX_LEN + SRTP_MAX_TAG_LEN + SRTP_MAX_MKI_LEN)
112
118#define SRTP_MAX_NUM_MASTER_KEYS 16
119
120#define SRTP_SALT_LEN 14
121
122/*
123 * SRTP_AEAD_SALT_LEN is the length of the SALT values used with
124 * GCM mode. GCM mode requires an IV. The SALT value is used
125 * as part of the IV formation logic applied to each RTP packet.
126 */
127#define SRTP_AEAD_SALT_LEN 12
128
129#define SRTP_AES_128_KEY_LEN 16
130#define SRTP_AES_192_KEY_LEN 24
131#define SRTP_AES_256_KEY_LEN 32
132
133#define SRTP_AES_ICM_128_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_128_KEY_LEN)
134#define SRTP_AES_ICM_192_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_192_KEY_LEN)
135#define SRTP_AES_ICM_256_KEY_LEN_WSALT (SRTP_SALT_LEN + SRTP_AES_256_KEY_LEN)
136
137#define SRTP_AES_GCM_128_KEY_LEN_WSALT \
138 (SRTP_AEAD_SALT_LEN + SRTP_AES_128_KEY_LEN)
139#define SRTP_AES_GCM_192_KEY_LEN_WSALT \
140 (SRTP_AEAD_SALT_LEN + SRTP_AES_192_KEY_LEN)
141#define SRTP_AES_GCM_256_KEY_LEN_WSALT \
142 (SRTP_AEAD_SALT_LEN + SRTP_AES_256_KEY_LEN)
143
156typedef uint32_t srtp_cipher_type_id_t;
157
171typedef uint32_t srtp_auth_type_id_t;
172
217
218typedef struct srtp_ctx_t_ srtp_ctx_t;
219
233
257
274
284typedef struct {
286 unsigned int value;
289
296typedef struct srtp_master_key_t {
297 unsigned char *key;
298 unsigned char *mki_id;
299 unsigned int mki_size;
301
355
368typedef srtp_ctx_t *srtp_t;
369
377
384
425srtp_err_status_t srtp_protect(srtp_t ctx, void *rtp_hdr, int *len_ptr);
426
476 void *rtp_hdr,
477 int *pkt_octet_len,
478 unsigned int use_mki,
479 unsigned int mki_index);
480
521srtp_err_status_t srtp_unprotect(srtp_t ctx, void *srtp_hdr, int *len_ptr);
522
570 void *srtp_hdr,
571 int *len_ptr,
572 unsigned int use_mki);
573
596
612
635
661
684 const srtp_policy_t *policy);
685
705
725
740#define srtp_crypto_policy_set_aes_cm_128_hmac_sha1_80(p) \
741 srtp_crypto_policy_set_rtp_default(p)
742
774
801
827
852
876
908
935
959
991
1018
1041
1064
1087
1110
1133
1156
1173
1174/*
1175 * @brief identifies a particular SRTP profile
1176 *
1177 * An srtp_profile_t enumeration is used to identify a particular SRTP
1178 * profile (that is, a set of algorithms and parameters).
1179 */
1180typedef enum {
1181 srtp_profile_reserved = 0,
1182 srtp_profile_aes128_cm_sha1_80 = 1,
1183 srtp_profile_aes128_cm_sha1_32 = 2,
1184 srtp_profile_null_sha1_80 = 5,
1185 srtp_profile_null_sha1_32 = 6,
1186 srtp_profile_aead_aes_128_gcm = 7,
1187 srtp_profile_aead_aes_256_gcm = 8
1188} srtp_profile_t;
1189
1214 srtp_crypto_policy_t *policy,
1215 srtp_profile_t profile);
1216
1241 srtp_crypto_policy_t *policy,
1242 srtp_profile_t profile);
1243
1247unsigned int srtp_profile_get_master_key_length(srtp_profile_t profile);
1248
1252unsigned int srtp_profile_get_master_salt_length(srtp_profile_t profile);
1253
1265void srtp_append_salt_to_key(unsigned char *key,
1266 unsigned int bytes_in_key,
1267 unsigned char *salt,
1268 unsigned int bytes_in_salt);
1269
1331 void *rtcp_hdr,
1332 int *pkt_octet_len);
1333
1380 void *rtcp_hdr,
1381 int *pkt_octet_len,
1382 unsigned int use_mki,
1383 unsigned int mki_index);
1384
1424 void *srtcp_hdr,
1425 int *pkt_octet_len);
1426
1473 void *srtcp_hdr,
1474 int *pkt_octet_len,
1475 unsigned int use_mki);
1476
1503void srtp_set_user_data(srtp_t ctx, void *data);
1504
1521
1576
1590
1602
1616
1621const char *srtp_get_version_string(void);
1622
1627unsigned int srtp_get_version(void);
1628
1637srtp_err_status_t srtp_set_debug_module(const char *mod_name, int v);
1638
1644
1658
1670 const char *msg,
1671 void *data);
1672
1688 void *data);
1689
1702 uint32_t use_mki,
1703 uint32_t mki_index,
1704 uint32_t *length);
1705
1719 uint32_t use_mki,
1720 uint32_t mki_index,
1721 uint32_t *length);
1722
1733 uint32_t ssrc,
1734 uint32_t roc);
1735
1746 uint32_t ssrc,
1747 uint32_t *roc);
1748
1753/* in host order, so outside the #if */
1754#define SRTCP_E_BIT 0x80000000
1755
1756/* for byte-access */
1757#define SRTCP_E_BYTE_BIT 0x80
1758#define SRTCP_INDEX_MASK 0x7fffffff
1759
1760#ifdef __cplusplus
1761}
1762#endif
1763
1764#endif /* SRTP_SRTP_H */
srtp_err_status_t srtp_protect_rtcp_mki(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len, unsigned int use_mki, unsigned int mki_index)
srtp_protect_rtcp_mki() is the Secure RTCP sender-side packet processing function that can utilize mk...
srtp_err_status_t srtp_unprotect_rtcp(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len)
srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet processing function.
srtp_err_status_t srtp_protect_rtcp(srtp_t ctx, void *rtcp_hdr, int *pkt_octet_len)
srtp_protect_rtcp() is the Secure RTCP sender-side packet processing function.
srtp_err_status_t srtp_unprotect_rtcp_mki(srtp_t ctx, void *srtcp_hdr, int *pkt_octet_len, unsigned int use_mki)
srtp_unprotect_rtcp() is the Secure RTCP receiver-side packet processing function.
void srtp_append_salt_to_key(unsigned char *key, unsigned int bytes_in_key, unsigned char *salt, unsigned int bytes_in_salt)
appends the salt to the key
srtp_err_status_t srtp_update_stream(srtp_t session, const srtp_policy_t *policy)
srtp_update_stream() updates a SRTP stream.
srtp_ctx_t * srtp_t
An srtp_t points to an SRTP session structure.
Definition srtp.h:368
void srtp_crypto_policy_set_rtcp_default(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_rtcp_default() sets a crypto policy structure to the SRTP default policy for R...
srtp_err_status_t srtp_crypto_policy_set_from_profile_for_rtp(srtp_crypto_policy_t *policy, srtp_profile_t profile)
srtp_crypto_policy_set_from_profile_for_rtp() sets a crypto policy structure to the appropriate value...
srtp_err_status_t
srtp_err_status_t defines error codes.
Definition srtp.h:181
void srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_cm_192_hmac_sha1_32() sets a crypto policy structure to a short-authentica...
unsigned int srtp_profile_get_master_salt_length(srtp_profile_t profile)
returns the master salt length for a given SRTP profile
void srtp_crypto_policy_set_aes_gcm_256_16_auth(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_gcm_256_16_auth() sets a crypto policy structure to an AEAD encryption pol...
void srtp_crypto_policy_set_aes_cm_256_null_auth(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_cm_256_null_auth() sets a crypto policy structure to an encryption-only po...
void srtp_crypto_policy_set_aes_gcm_128_8_auth(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_gcm_128_8_auth() sets a crypto policy structure to an AEAD encryption poli...
void srtp_crypto_policy_set_rtp_default(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_rtp_default() sets a crypto policy structure to the SRTP default policy for RT...
srtp_ssrc_type_t
srtp_ssrc_type_t describes the type of an SSRC.
Definition srtp.h:264
void srtp_crypto_policy_set_aes_gcm_256_8_only_auth(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_gcm_256_8_only_auth() sets a crypto policy structure to an AEAD authentica...
void srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_cm_256_hmac_sha1_32() sets a crypto policy structure to a short-authentica...
void srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_cm_128_hmac_sha1_32() sets a crypto policy structure to a short-authentica...
void srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_cm_192_hmac_sha1_80() sets a crypto policy structure to a encryption and a...
void srtp_crypto_policy_set_null_cipher_hmac_sha1_80(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_null_cipher_hmac_sha1_80() sets a crypto policy structure to an authentication...
srtp_err_status_t srtp_crypto_policy_set_from_profile_for_rtcp(srtp_crypto_policy_t *policy, srtp_profile_t profile)
srtp_crypto_policy_set_from_profile_for_rtcp() sets a crypto policy structure to the appropriate valu...
srtp_err_status_t srtp_dealloc(srtp_t s)
srtp_dealloc() deallocates storage for an SRTP session context.
srtp_err_status_t srtp_add_stream(srtp_t session, const srtp_policy_t *policy)
srtp_add_stream() allocates and initializes an SRTP stream within a given SRTP session.
srtp_err_status_t srtp_update(srtp_t session, const srtp_policy_t *policy)
srtp_update() updates all streams in the session.
srtp_sec_serv_t
srtp_sec_serv_t describes a set of security services.
Definition srtp.h:227
srtp_err_status_t srtp_remove_stream(srtp_t session, unsigned int ssrc)
srtp_remove_stream() deallocates an SRTP stream.
srtp_err_status_t srtp_create(srtp_t *session, const srtp_policy_t *policy)
srtp_create() allocates and initializes an SRTP session.
void srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_cm_256_hmac_sha1_80() sets a crypto policy structure to a encryption and a...
srtp_err_status_t srtp_unprotect(srtp_t ctx, void *srtp_hdr, int *len_ptr)
srtp_unprotect() is the Secure RTP receiver-side packet processing function.
uint32_t srtp_cipher_type_id_t
A srtp_cipher_type_id_t is an identifier for a particular cipher type.
Definition srtp.h:156
srtp_err_status_t srtp_shutdown(void)
srtp_shutdown() de-initializes the srtp library.
void srtp_crypto_policy_set_aes_cm_128_null_auth(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_cm_128_null_auth() sets a crypto policy structure to an encryption-only po...
srtp_err_status_t srtp_protect_mki(srtp_ctx_t *ctx, void *rtp_hdr, int *pkt_octet_len, unsigned int use_mki, unsigned int mki_index)
srtp_protect_mki() is the Secure RTP sender-side packet processing function that can utilize MKI.
void srtp_crypto_policy_set_aes_cm_192_null_auth(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_cm_192_null_auth() sets a crypto policy structure to an encryption-only po...
void srtp_crypto_policy_set_aes_gcm_128_16_auth(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_gcm_128_16_auth() sets a crypto policy structure to an AEAD encryption pol...
void srtp_crypto_policy_set_aes_gcm_256_8_auth(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_gcm_256_8_auth() sets a crypto policy structure to an AEAD encryption poli...
uint32_t srtp_auth_type_id_t
An srtp_auth_type_id_t is an identifier for a particular authentication function.
Definition srtp.h:171
void srtp_crypto_policy_set_aes_gcm_128_8_only_auth(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_aes_gcm_128_8_only_auth() sets a crypto policy structure to an AEAD authentica...
srtp_err_status_t srtp_protect(srtp_t ctx, void *rtp_hdr, int *len_ptr)
srtp_protect() is the Secure RTP sender-side packet processing function.
unsigned int srtp_profile_get_master_key_length(srtp_profile_t profile)
returns the master key length for a given SRTP profile
void srtp_crypto_policy_set_null_cipher_hmac_null(srtp_crypto_policy_t *p)
srtp_crypto_policy_set_null_cipher_hmac_null() sets a crypto policy structure to use no encryption or...
srtp_err_status_t srtp_init(void)
srtp_init() initializes the srtp library.
srtp_err_status_t srtp_unprotect_mki(srtp_t ctx, void *srtp_hdr, int *len_ptr, unsigned int use_mki)
srtp_unprotect_mki() is the Secure RTP receiver-side packet processing function that checks for MKI.
@ srtp_err_status_write_fail
Definition srtp.h:205
@ srtp_err_status_parse_err
Definition srtp.h:206
@ srtp_err_status_socket_err
Definition srtp.h:201
@ srtp_err_status_read_fail
Definition srtp.h:204
@ srtp_err_status_bad_mki
Definition srtp.h:210
@ srtp_err_status_pkt_idx_adv
Definition srtp.h:214
@ srtp_err_status_auth_fail
Definition srtp.h:190
@ srtp_err_status_init_fail
Definition srtp.h:187
@ srtp_err_status_encode_err
Definition srtp.h:207
@ srtp_err_status_cant_check
Definition srtp.h:198
@ srtp_err_status_replay_fail
Definition srtp.h:192
@ srtp_err_status_ok
Definition srtp.h:182
@ srtp_err_status_pkt_idx_old
Definition srtp.h:212
@ srtp_err_status_bad_param
Definition srtp.h:184
@ srtp_err_status_signal_err
Definition srtp.h:202
@ srtp_err_status_cipher_fail
Definition srtp.h:191
@ srtp_err_status_terminus
Definition srtp.h:188
@ srtp_err_status_replay_old
Definition srtp.h:193
@ srtp_err_status_fail
Definition srtp.h:183
@ srtp_err_status_semaphore_err
Definition srtp.h:208
@ srtp_err_status_algo_fail
Definition srtp.h:195
@ srtp_err_status_nonce_bad
Definition srtp.h:203
@ srtp_err_status_no_such_op
Definition srtp.h:196
@ srtp_err_status_pfkey_err
Definition srtp.h:209
@ srtp_err_status_no_ctx
Definition srtp.h:197
@ srtp_err_status_dealloc_fail
Definition srtp.h:186
@ srtp_err_status_alloc_fail
Definition srtp.h:185
@ srtp_err_status_key_expired
Definition srtp.h:200
@ ssrc_any_outbound
Definition srtp.h:270
@ ssrc_specific
Definition srtp.h:266
@ ssrc_undefined
Definition srtp.h:265
@ ssrc_any_inbound
Definition srtp.h:267
@ sec_serv_conf_and_auth
Definition srtp.h:231
@ sec_serv_none
Definition srtp.h:228
@ sec_serv_conf
Definition srtp.h:229
@ sec_serv_auth
Definition srtp.h:230
srtp_err_status_t srtp_get_stream_roc(srtp_t session, uint32_t ssrc, uint32_t *roc)
srtp_get_stream_roc(session, ssrc, roc)
srtp_log_level_t
srtp_log_level_t defines log levels.
Definition srtp.h:1652
const char * srtp_get_version_string(void)
Returns the version string of the library.
unsigned int srtp_get_version(void)
Returns the numeric representation of the library version.
srtp_err_status_t srtp_install_log_handler(srtp_log_handler_func_t func, void *data)
sets the log handler to the function supplied by the caller.
srtp_err_status_t srtp_install_event_handler(srtp_event_handler_func_t func)
sets the event handler to the function supplied by the caller.
srtp_err_status_t srtp_list_debug_modules(void)
srtp_list_debug_modules() outputs a list of debugging modules
srtp_err_status_t srtp_set_debug_module(const char *mod_name, int v)
srtp_set_debug_module(mod_name, v)
srtp_err_status_t srtp_get_protect_trailer_length(srtp_t session, uint32_t use_mki, uint32_t mki_index, uint32_t *length)
srtp_get_protect_trailer_length(session, use_mki, mki_index, length)
void() srtp_event_handler_func_t(srtp_event_data_t *data)
srtp_event_handler_func_t is the function prototype for the event handler.
Definition srtp.h:1601
void() srtp_log_handler_func_t(srtp_log_level_t level, const char *msg, void *data)
srtp_log_handler_func_t is the function prototype for the log handler.
Definition srtp.h:1669
srtp_err_status_t srtp_get_protect_rtcp_trailer_length(srtp_t session, uint32_t use_mki, uint32_t mki_index, uint32_t *length)
srtp_get_protect_rtcp_trailer_length(session, use_mki, mki_index, length)
srtp_err_status_t srtp_set_stream_roc(srtp_t session, uint32_t ssrc, uint32_t roc)
srtp_set_stream_roc(session, ssrc, roc)
srtp_event_t
srtp_event_t defines events that need to be handled
Definition srtp.h:1567
@ srtp_log_level_debug
Definition srtp.h:1656
@ srtp_log_level_warning
Definition srtp.h:1654
@ srtp_log_level_error
Definition srtp.h:1653
@ srtp_log_level_info
Definition srtp.h:1655
@ event_ssrc_collision
Definition srtp.h:1568
@ event_key_soft_limit
Definition srtp.h:1569
@ event_packet_index_limit
Definition srtp.h:1573
@ event_key_hard_limit
Definition srtp.h:1571
void srtp_set_user_data(srtp_t ctx, void *data)
srtp_set_user_data() stores the given pointer into the SRTP session for later retrieval.
void * srtp_get_user_data(srtp_t ctx)
srtp_get_user_data() retrieves the pointer to the custom data previously stored with srtp_set_user_da...
srtp_crypto_policy_t describes a particular crypto policy that can be applied to an SRTP stream.
Definition srtp.h:243
srtp_auth_type_id_t auth_type
Definition srtp.h:248
srtp_sec_serv_t sec_serv
Definition srtp.h:254
int auth_tag_len
Definition srtp.h:252
int auth_key_len
Definition srtp.h:250
srtp_cipher_type_id_t cipher_type
Definition srtp.h:244
int cipher_key_len
Definition srtp.h:246
srtp_event_data_t is the structure passed as a callback to the event handler function
Definition srtp.h:1584
srtp_t session
Definition srtp.h:1585
srtp_event_t event
Definition srtp.h:1588
uint32_t ssrc
Definition srtp.h:1586
srtp_master_key_t represents a master key. There will be a Master Key Index and the Master Key associ...
Definition srtp.h:296
represents the policy for an SRTP session.
Definition srtp.h:328
void * deprecated_ekt
Definition srtp.h:339
int * enc_xtn_hdr
Definition srtp.h:350
int enc_xtn_hdr_count
Definition srtp.h:351
unsigned long num_master_keys
Definition srtp.h:338
struct srtp_policy_t * next
Definition srtp.h:353
srtp_crypto_policy_t rtp
Definition srtp.h:333
srtp_crypto_policy_t rtcp
Definition srtp.h:334
unsigned char * key
Definition srtp.h:335
unsigned long window_size
Definition srtp.h:341
srtp_ssrc_t ssrc
Definition srtp.h:329
int allow_repeat_tx
Definition srtp.h:343
An srtp_ssrc_t represents a particular SSRC value, or a ‘wildcard’ SSRC.
Definition srtp.h:284
srtp_ssrc_type_t type
Definition srtp.h:285
unsigned int value
Definition srtp.h:286