int main (int argc, char *argv[]) { extern char *optarg; int q; int do_validation = 0; err_status_t status; if (argc == 1) usage(argv[0]); /* initialize kernel - we need to do this before anything else */ status = crypto_kernel_init(); if (status) { printf("error: crypto_kernel init failed\n"); exit(1); } printf("crypto_kernel successfully initalized\n"); /* process input arguments */ while (1) { q = getopt(argc, argv, "vd:"); if (q == -1) break; switch (q) { case 'v': do_validation = 1; break; case 'd': status = crypto_kernel_set_debug_module(optarg, 1); if (status) { printf("error: set debug module (%s) failed\n", optarg); exit(1); } break; default: usage(argv[0]); } } if (do_validation) { printf("checking crypto_kernel status...\n"); status = crypto_kernel_status(); if (status) { printf("failed\n"); exit(1); } printf("crypto_kernel passed self-tests\n"); } status = crypto_kernel_shutdown(); if (status) { printf("error: crypto_kernel shutdown failed\n"); exit(1); } printf("crypto_kernel successfully shut down\n"); return 0; }
int main(int argc, char *argv[]) { unsigned do_list_mods = 0; char q; err_status_t err; printf("dtls_srtp_driver\n"); /* initialize srtp library */ err = srtp_init(); if (err) { printf("error: srtp init failed with error code %d\n", err); exit(1); } /* process input arguments */ while (1) { q = getopt_s(argc, argv, "ld:"); if (q == -1) break; switch (q) { case 'l': do_list_mods = 1; break; case 'd': err = crypto_kernel_set_debug_module(optarg_s, 1); if (err) { printf("error: set debug module (%s) failed\n", optarg_s); exit(1); } break; default: usage(argv[0]); } } if (do_list_mods) { err = crypto_kernel_list_debug_modules(); if (err) { printf("error: list of debug modules failed\n"); exit(1); } } printf("testing dtls_srtp..."); err = test_dtls_srtp(); if (err) { printf("\nerror (code %d)\n", err); exit(1); } printf("passed\n"); return 0; }
// int main(int argc, char *argv[]) { int rand_gen(unsigned num_octets, unsigned do_debug) { unsigned do_list_mods = 0; err_status_t status; /* initialize kernel - we need to do this before anything else */ status = crypto_kernel_init(0); if (status) { printf("error: crypto_kernel init failed\n"); return(1); } if (do_debug) { status = crypto_kernel_set_debug_module(optarg, 1); if (status) { printf("error: set debug module (%s) failed\n", optarg); return(1); } } if (do_list_mods) { status = crypto_kernel_list_debug_modules(); if (status) { printf("error: list of debug modules failed\n"); return(1); } } if (num_octets > 0) { uint8_t buffer[BUF_LEN]; status = crypto_get_random(buffer, num_octets); if (status) { printf("error: failure in random source\n"); } else { printf("%s\n", octet_string_hex_string(buffer, num_octets)); } } status = crypto_kernel_shutdown(); if (status) { printf("error: crypto_kernel shutdown failed\n"); return(1); } return 0; }
// int main(int argc, char *argv[]) { int kernel_driver(unsigned do_validation, unsigned do_debug) { extern char *optarg; err_status_t status; /* initialize kernel - we need to do this before anything else */ status = crypto_kernel_init(0); if (status) { printf("error: crypto_kernel init failed\n"); return(1); } printf("crypto_kernel successfully initalized\n"); if (do_debug) { status = crypto_kernel_set_debug_module(optarg, 1); if (status) { printf("error: set debug module (%s) failed\n", optarg); return(1); } } if (do_validation) { printf("checking crypto_kernel status...\n"); status = crypto_kernel_status(); if (status) { printf("failed\n"); return(1); } printf("crypto_kernel passed self-tests\n"); } status = crypto_kernel_shutdown(); if (status) { printf("error: crypto_kernel shutdown failed\n"); return(1); } printf("crypto_kernel successfully shut down\n"); return 0; }
int main (int argc, char *argv[]) { char *dictfile = DICT_FILE; FILE *dict; char word[MAX_WORD_LEN]; int sock, ret; struct in_addr rcvr_addr; struct sockaddr_in name; struct ip_mreq mreq; #if BEW struct sockaddr_in local; #endif program_type prog_type = unknown; sec_serv_t sec_servs = sec_serv_none; unsigned char ttl = 5; int c; int key_size = 128; int tag_size = 8; int gcm_on = 0; char *input_key = NULL; char *address = NULL; char key[MAX_KEY_LEN]; unsigned short port = 0; rtp_sender_t snd; srtp_policy_t policy; err_status_t status; int len; int do_list_mods = 0; uint32_t ssrc = 0xdeadbeef; /* ssrc value hardcoded for now */ #ifdef RTPW_USE_WINSOCK2 WORD wVersionRequested = MAKEWORD(2, 0); WSADATA wsaData; ret = WSAStartup(wVersionRequested, &wsaData); if (ret != 0) { fprintf(stderr, "error: WSAStartup() failed: %d\n", ret); exit(1); } #endif if (setup_signal_handler(argv[0]) != 0) { exit(1); } /* initialize srtp library */ status = srtp_init(); if (status) { printf("error: srtp initialization failed with error code %d\n", status); exit(1); } /* check args */ while (1) { c = getopt_s(argc, argv, "k:rsgt:ae:ld:"); if (c == -1) { break; } switch (c) { case 'k': input_key = optarg_s; break; case 'e': key_size = atoi(optarg_s); if (key_size != 128 && key_size != 256) { printf("error: encryption key size must be 128 or 256 (%d)\n", key_size); exit(1); } sec_servs |= sec_serv_conf; break; case 't': tag_size = atoi(optarg_s); if (tag_size != 8 && tag_size != 16) { printf("error: GCM tag size must be 8 or 16 (%d)\n", tag_size); exit(1); } break; case 'a': sec_servs |= sec_serv_auth; break; case 'g': gcm_on = 1; sec_servs |= sec_serv_auth; break; case 'r': prog_type = receiver; break; case 's': prog_type = sender; break; case 'd': status = crypto_kernel_set_debug_module(optarg_s, 1); if (status) { printf("error: set debug module (%s) failed\n", optarg_s); exit(1); } break; case 'l': do_list_mods = 1; break; default: usage(argv[0]); } } if (prog_type == unknown) { if (do_list_mods) { status = crypto_kernel_list_debug_modules(); if (status) { printf("error: list of debug modules failed\n"); exit(1); } return 0; } else { printf("error: neither sender [-s] nor receiver [-r] specified\n"); usage(argv[0]); } } if ((sec_servs && !input_key) || (!sec_servs && input_key)) { /* * a key must be provided if and only if security services have * been requested */ usage(argv[0]); } if (argc != optind_s + 2) { /* wrong number of arguments */ usage(argv[0]); } /* get address from arg */ address = argv[optind_s++]; /* get port from arg */ port = atoi(argv[optind_s++]); /* set address */ #ifdef HAVE_INET_ATON if (0 == inet_aton(address, &rcvr_addr)) { fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], address); exit(1); } if (rcvr_addr.s_addr == INADDR_NONE) { fprintf(stderr, "%s: address error", argv[0]); exit(1); } #else rcvr_addr.s_addr = inet_addr(address); if (0xffffffff == rcvr_addr.s_addr) { fprintf(stderr, "%s: cannot parse IP v4 address %s\n", argv[0], address); exit(1); } #endif /* open socket */ sock = socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP); if (sock < 0) { int err; #ifdef RTPW_USE_WINSOCK2 err = WSAGetLastError(); #else err = errno; #endif fprintf(stderr, "%s: couldn't open socket: %d\n", argv[0], err); exit(1); } name.sin_addr = rcvr_addr; name.sin_family = PF_INET; name.sin_port = htons(port); if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { if (prog_type == sender) { ret = setsockopt(sock, IPPROTO_IP, IP_MULTICAST_TTL, &ttl, sizeof(ttl)); if (ret < 0) { fprintf(stderr, "%s: Failed to set TTL for multicast group", argv[0]); perror(""); exit(1); } } mreq.imr_multiaddr.s_addr = rcvr_addr.s_addr; mreq.imr_interface.s_addr = htonl(INADDR_ANY); ret = setsockopt(sock, IPPROTO_IP, IP_ADD_MEMBERSHIP, (void*)&mreq, sizeof(mreq)); if (ret < 0) { fprintf(stderr, "%s: Failed to join multicast group", argv[0]); perror(""); exit(1); } } /* report security services selected on the command line */ printf("security services: "); if (sec_servs & sec_serv_conf) printf("confidentiality "); if (sec_servs & sec_serv_auth) printf("message authentication"); if (sec_servs == sec_serv_none) printf("none"); printf("\n"); /* set up the srtp policy and master key */ if (sec_servs) { /* * create policy structure, using the default mechanisms but * with only the security services requested on the command line, * using the right SSRC value */ switch (sec_servs) { case sec_serv_conf_and_auth: if (gcm_on) { #ifdef OPENSSL switch (key_size) { case 128: crypto_policy_set_aes_gcm_128_8_auth(&policy.rtp); crypto_policy_set_aes_gcm_128_8_auth(&policy.rtcp); break; case 256: crypto_policy_set_aes_gcm_256_8_auth(&policy.rtp); crypto_policy_set_aes_gcm_256_8_auth(&policy.rtcp); break; } #else printf("error: GCM mode only supported when using the OpenSSL crypto engine.\n"); return 0; #endif } else { switch (key_size) { case 128: crypto_policy_set_rtp_default(&policy.rtp); crypto_policy_set_rtcp_default(&policy.rtcp); break; case 256: crypto_policy_set_aes_cm_256_hmac_sha1_80(&policy.rtp); crypto_policy_set_rtcp_default(&policy.rtcp); break; } } break; case sec_serv_conf: if (gcm_on) { printf("error: GCM mode must always be used with auth enabled\n"); return -1; } else { switch (key_size) { case 128: crypto_policy_set_aes_cm_128_null_auth(&policy.rtp); crypto_policy_set_rtcp_default(&policy.rtcp); break; case 256: crypto_policy_set_aes_cm_256_null_auth(&policy.rtp); crypto_policy_set_rtcp_default(&policy.rtcp); break; } } break; case sec_serv_auth: if (gcm_on) { #ifdef OPENSSL switch (key_size) { case 128: crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtp); crypto_policy_set_aes_gcm_128_8_only_auth(&policy.rtcp); break; case 256: crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtp); crypto_policy_set_aes_gcm_256_8_only_auth(&policy.rtcp); break; } #else printf("error: GCM mode only supported when using the OpenSSL crypto engine.\n"); return 0; #endif } else { crypto_policy_set_null_cipher_hmac_sha1_80(&policy.rtp); crypto_policy_set_rtcp_default(&policy.rtcp); } break; default: printf("error: unknown security service requested\n"); return -1; } policy.ssrc.type = ssrc_specific; policy.ssrc.value = ssrc; policy.key = (uint8_t *) key; policy.ekt = NULL; policy.next = NULL; policy.window_size = 128; policy.allow_repeat_tx = 0; policy.rtp.sec_serv = sec_servs; policy.rtcp.sec_serv = sec_serv_none; /* we don't do RTCP anyway */ if (gcm_on && tag_size != 8) { policy.rtp.auth_tag_len = tag_size; } /* * read key from hexadecimal on command line into an octet string */ len = hex_string_to_octet_string(key, input_key, policy.rtp.cipher_key_len*2); /* check that hex string is the right length */ if (len < policy.rtp.cipher_key_len*2) { fprintf(stderr, "error: too few digits in key/salt " "(should be %d hexadecimal digits, found %d)\n", policy.rtp.cipher_key_len*2, len); exit(1); } if (strlen(input_key) > policy.rtp.cipher_key_len*2) { fprintf(stderr, "error: too many digits in key/salt " "(should be %d hexadecimal digits, found %u)\n", policy.rtp.cipher_key_len*2, (unsigned)strlen(input_key)); exit(1); } printf("set master key/salt to %s/", octet_string_hex_string(key, 16)); printf("%s\n", octet_string_hex_string(key+16, 14)); } else { /* * we're not providing security services, so set the policy to the * null policy * * Note that this policy does not conform to the SRTP * specification, since RTCP authentication is required. However, * the effect of this policy is to turn off SRTP, so that this * application is now a vanilla-flavored RTP application. */ policy.key = (uint8_t *)key; policy.ssrc.type = ssrc_specific; policy.ssrc.value = ssrc; policy.rtp.cipher_type = NULL_CIPHER; policy.rtp.cipher_key_len = 0; policy.rtp.auth_type = NULL_AUTH; policy.rtp.auth_key_len = 0; policy.rtp.auth_tag_len = 0; policy.rtp.sec_serv = sec_serv_none; policy.rtcp.cipher_type = NULL_CIPHER; policy.rtcp.cipher_key_len = 0; policy.rtcp.auth_type = NULL_AUTH; policy.rtcp.auth_key_len = 0; policy.rtcp.auth_tag_len = 0; policy.rtcp.sec_serv = sec_serv_none; policy.window_size = 0; policy.allow_repeat_tx = 0; policy.ekt = NULL; policy.next = NULL; } if (prog_type == sender) { #if BEW /* bind to local socket (to match crypto policy, if need be) */ memset(&local, 0, sizeof(struct sockaddr_in)); local.sin_addr.s_addr = htonl(INADDR_ANY); local.sin_port = htons(port); ret = bind(sock, (struct sockaddr *) &local, sizeof(struct sockaddr_in)); if (ret < 0) { fprintf(stderr, "%s: bind failed\n", argv[0]); perror(""); exit(1); } #endif /* BEW */ /* initialize sender's rtp and srtp contexts */ snd = rtp_sender_alloc(); if (snd == NULL) { fprintf(stderr, "error: malloc() failed\n"); exit(1); } rtp_sender_init(snd, sock, name, ssrc); status = rtp_sender_init_srtp(snd, &policy); if (status) { fprintf(stderr, "error: srtp_create() failed with code %d\n", status); exit(1); } /* open dictionary */ dict = fopen (dictfile, "r"); if (dict == NULL) { fprintf(stderr, "%s: couldn't open file %s\n", argv[0], dictfile); if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { leave_group(sock, mreq, argv[0]); } exit(1); } /* read words from dictionary, then send them off */ while (!interrupted && fgets(word, MAX_WORD_LEN, dict) != NULL) { len = strlen(word) + 1; /* plus one for null */ if (len > MAX_WORD_LEN) printf("error: word %s too large to send\n", word); else { rtp_sendto(snd, word, len); printf("sending word: %s", word); } usleep(USEC_RATE); } rtp_sender_deinit_srtp(snd); rtp_sender_dealloc(snd); fclose(dict); } else { /* prog_type == receiver */ rtp_receiver_t rcvr; if (bind(sock, (struct sockaddr *)&name, sizeof(name)) < 0) { close(sock); fprintf(stderr, "%s: socket bind error\n", argv[0]); perror(NULL); if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { leave_group(sock, mreq, argv[0]); } exit(1); } rcvr = rtp_receiver_alloc(); if (rcvr == NULL) { fprintf(stderr, "error: malloc() failed\n"); exit(1); } rtp_receiver_init(rcvr, sock, name, ssrc); status = rtp_receiver_init_srtp(rcvr, &policy); if (status) { fprintf(stderr, "error: srtp_create() failed with code %d\n", status); exit(1); } /* get next word and loop */ while (!interrupted) { len = MAX_WORD_LEN; if (rtp_recvfrom(rcvr, word, &len) > -1) printf("\tword: %s\n", word); } rtp_receiver_deinit_srtp(rcvr); rtp_receiver_dealloc(rcvr); } if (ADDR_IS_MULTICAST(rcvr_addr.s_addr)) { leave_group(sock, mreq, argv[0]); } #ifdef RTPW_USE_WINSOCK2 ret = closesocket(sock); #else ret = close(sock); #endif if (ret < 0) { fprintf(stderr, "%s: Failed to close socket", argv[0]); perror(""); } status = srtp_shutdown(); if (status) { printf("error: srtp shutdown failed with error code %d\n", status); exit(1); } #ifdef RTPW_USE_WINSOCK2 WSACleanup(); #endif return 0; }
int main (int argc, char *argv[]) { extern char *optarg; int q; int num_octets = 0; unsigned do_list_mods = 0; err_status_t status; if (argc == 1) usage(argv[0]); /* initialize kernel - we need to do this before anything else */ status = crypto_kernel_init(); if (status) { printf("error: crypto_kernel init failed\n"); exit(1); } /* process input arguments */ while (1) { q = getopt(argc, argv, "ld:n:"); if (q == -1) break; switch (q) { case 'd': status = crypto_kernel_set_debug_module(optarg, 1); if (status) { printf("error: set debug module (%s) failed\n", optarg); exit(1); } break; case 'l': do_list_mods = 1; break; case 'n': num_octets = atoi(optarg); if (num_octets < 0 || num_octets > BUF_LEN) usage(argv[0]); break; default: usage(argv[0]); } } if (do_list_mods) { status = crypto_kernel_list_debug_modules(); if (status) { printf("error: list of debug modules failed\n"); exit(1); } } if (num_octets > 0) { uint8_t buffer[BUF_LEN]; status = crypto_get_random(buffer, num_octets); if (status) { printf("error: failure in random source\n"); } else { printf("%s\n", octet_string_hex_string(buffer, num_octets)); } } status = crypto_kernel_shutdown(); if (status) { printf("error: crypto_kernel shutdown failed\n"); exit(1); } return 0; }
int main (int argc, char *argv[]) { char q; unsigned do_timing_test = 0; unsigned do_rejection_test = 0; unsigned do_codec_timing = 0; unsigned do_validation = 0; unsigned do_list_mods = 0; err_status_t status; /* * verify that the compiler has interpreted the header data * structure srtp_hdr_t correctly */ if (sizeof(srtp_hdr_t) != 12) { printf("error: srtp_hdr_t has incorrect size\n"); exit(1); } /* initialize srtp library */ status = srtp_init(); if (status) { printf("error: srtp init failed with error code %d\n", status); exit(1); } /* load srtp_driver debug module */ status = crypto_kernel_load_debug_module(&mod_driver); if (status) { printf("error: load of srtp_driver debug module failed " "with error code %d\n", status); exit(1); } /* process input arguments */ while (1) { q = getopt(argc, argv, "trcvld:"); if (q == -1) break; switch (q) { case 't': do_timing_test = 1; break; case 'r': do_rejection_test = 1; break; case 'c': do_codec_timing = 1; break; case 'v': do_validation = 1; break; case 'l': do_list_mods = 1; break; case 'd': status = crypto_kernel_set_debug_module(optarg, 1); if (status) { printf("error: set debug module (%s) failed\n", optarg); exit(1); } break; default: usage(argv[0]); } } if (!do_validation && !do_timing_test && !do_codec_timing && !do_list_mods && !do_rejection_test) usage(argv[0]); if (do_list_mods) { status = crypto_kernel_list_debug_modules(); if (status) { printf("error: list of debug modules failed\n"); exit(1); } } if (do_validation) { const srtp_policy_t **policy = policy_array; srtp_policy_t *big_policy; /* loop over policy array, testing srtp and srtcp for each policy */ while (*policy != NULL) { printf("testing srtp_protect and srtp_unprotect\n"); if (srtp_test(*policy) == err_status_ok) printf("passed\n\n"); else { printf("failed\n"); exit(1); } printf("testing srtp_protect_rtcp and srtp_unprotect_rtcp\n"); if (srtcp_test(*policy) == err_status_ok) printf("passed\n\n"); else { printf("failed\n"); exit(1); } policy++; } /* create a big policy list and run tests on it */ status = srtp_create_big_policy(&big_policy); if (status) { printf("unexpected failure with error code %d\n", status); exit(1); } printf("testing srtp_protect and srtp_unprotect with big policy\n"); if (srtp_test(big_policy) == err_status_ok) printf("passed\n\n"); else { printf("failed\n"); exit(1); } /* run test on wildcard policy */ printf("testing srtp_protect and srtp_unprotect on " "wildcard ssrc policy\n"); if (srtp_test(&wildcard_policy) == err_status_ok) printf("passed\n\n"); else { printf("failed\n"); exit(1); } /* * run validation test against the reference packets - note * that this test only covers the default policy */ printf("testing srtp_protect and srtp_unprotect against " "reference packets\n"); if (srtp_validate() == err_status_ok) printf("passed\n\n"); else { printf("failed\n"); exit(1); } /* * test the function srtp_remove_stream() */ printf("testing srtp_remove_stream()..."); if (srtp_test_remove_stream() == err_status_ok) printf("passed\n"); else { printf("failed\n"); exit(1); } } if (do_timing_test) { const srtp_policy_t **policy = policy_array; /* loop over policies, run timing test for each */ while (*policy != NULL) { srtp_print_policy(*policy); srtp_do_timing(*policy); policy++; } } if (do_rejection_test) { const srtp_policy_t **policy = policy_array; /* loop over policies, run rejection timing test for each */ while (*policy != NULL) { srtp_print_policy(*policy); srtp_do_rejection_timing(*policy); policy++; } } if (do_codec_timing) { srtp_policy_t policy; int ignore; double mips = mips_estimate(1000000000, &ignore); crypto_policy_set_rtp_default(&policy.rtp); crypto_policy_set_rtcp_default(&policy.rtcp); policy.ssrc.type = ssrc_specific; policy.ssrc.value = 0xdecafbad; policy.key = test_key; policy.next = NULL; printf("mips estimate: %e\n", mips); printf("testing srtp processing time for voice codecs:\n"); printf("codec\t\tlength (octets)\t\tsrtp instructions/second\n"); printf("G.711\t\t%d\t\t\t%e\n", 80, (double) mips * (80 * 8) / srtp_bits_per_second(80, &policy) / .01 ); printf("G.711\t\t%d\t\t\t%e\n", 160, (double) mips * (160 * 8) / srtp_bits_per_second(160, &policy) / .02); printf("G.726-32\t%d\t\t\t%e\n", 40, (double) mips * (40 * 8) / srtp_bits_per_second(40, &policy) / .01 ); printf("G.726-32\t%d\t\t\t%e\n", 80, (double) mips * (80 * 8) / srtp_bits_per_second(80, &policy) / .02); printf("G.729\t\t%d\t\t\t%e\n", 10, (double) mips * (10 * 8) / srtp_bits_per_second(10, &policy) / .01 ); printf("G.729\t\t%d\t\t\t%e\n", 20, (double) mips * (20 * 8) / srtp_bits_per_second(20, &policy) / .02 ); } return 0; }