srtp_err_status_t srtp_crypto_kernel_do_load_auth_type( const srtp_auth_type_t *new_at, srtp_auth_type_id_t id, int replace) { srtp_kernel_auth_type_t *atype, *new_atype; srtp_err_status_t status; /* defensive coding */ if (new_at == NULL) { return srtp_err_status_bad_param; } if (new_at->id != id) { return srtp_err_status_bad_param; } /* check auth type by running self-test */ status = srtp_auth_type_self_test(new_at); if (status) { return status; } /* walk down list, checking if this type is in the list already */ atype = crypto_kernel.auth_type_list; while (atype != NULL) { if (id == atype->id) { if (!replace) { return srtp_err_status_bad_param; } status = srtp_auth_type_test(new_at, atype->auth_type->test_data); if (status) { return status; } new_atype = atype; break; } else if (new_at == atype->auth_type) { return srtp_err_status_bad_param; } atype = atype->next; } /* if not found, put new_at at the head of the list */ if (atype == NULL) { /* allocate memory */ new_atype = (srtp_kernel_auth_type_t *)srtp_crypto_alloc( sizeof(srtp_kernel_auth_type_t)); if (new_atype == NULL) { return srtp_err_status_alloc_fail; } new_atype->next = crypto_kernel.auth_type_list; /* set head of list to new auth type */ crypto_kernel.auth_type_list = new_atype; } /* set fields */ new_atype->auth_type = new_at; new_atype->id = id; return srtp_err_status_ok; }
/* * This function allocates a new instance of this crypto engine. * The key_len parameter should be one of 30, 38, or 46 for * AES-128, AES-192, and AES-256 respectively. Note, this key_len * value is inflated, as it also accounts for the 112 bit salt * value. The tlen argument is for the AEAD tag length, which * isn't used in counter mode. */ static srtp_err_status_t srtp_aes_icm_openssl_alloc (srtp_cipher_t **c, int key_len, int tlen) { srtp_aes_icm_ctx_t *icm; debug_print(srtp_mod_aes_icm, "allocating cipher with key length %d", key_len); /* * Verify the key_len is valid for one of: AES-128/192/256 */ if (key_len != SRTP_AES_128_KEYSIZE_WSALT && key_len != SRTP_AES_192_KEYSIZE_WSALT && key_len != SRTP_AES_256_KEYSIZE_WSALT) { return srtp_err_status_bad_param; } if (key_len != SRTP_AES_128_KEYSIZE_WSALT && #ifndef SRTP_NO_AES192 key_len != SRTP_AES_192_KEYSIZE_WSALT && #endif key_len != SRTP_AES_256_KEYSIZE_WSALT) { return srtp_err_status_bad_param; } /* allocate memory a cipher of type aes_icm */ *c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t)); if (*c == NULL) { return srtp_err_status_alloc_fail; } memset(*c, 0x0, sizeof(srtp_cipher_t)); icm = (srtp_aes_icm_ctx_t *)srtp_crypto_alloc(sizeof(srtp_aes_icm_ctx_t)); if (icm == NULL) { srtp_crypto_free(*c); *c = NULL; return srtp_err_status_alloc_fail; } memset(icm, 0x0, sizeof(srtp_aes_icm_ctx_t)); /* set pointers */ (*c)->state = icm; /* setup cipher parameters */ switch (key_len) { case SRTP_AES_128_KEYSIZE_WSALT: (*c)->algorithm = SRTP_AES_128_ICM; (*c)->type = &srtp_aes_icm; icm->key_size = SRTP_AES_128_KEYSIZE; break; #ifndef SRTP_NO_AES192 case SRTP_AES_192_KEYSIZE_WSALT: (*c)->algorithm = SRTP_AES_192_ICM; (*c)->type = &srtp_aes_icm_192; icm->key_size = SRTP_AES_192_KEYSIZE; break; #endif case SRTP_AES_256_KEYSIZE_WSALT: (*c)->algorithm = SRTP_AES_256_ICM; (*c)->type = &srtp_aes_icm_256; icm->key_size = SRTP_AES_256_KEYSIZE; break; } /* set key size */ (*c)->key_len = key_len; EVP_CIPHER_CTX_init(&icm->ctx); return srtp_err_status_ok; }