srtp_err_status_t srtp_crypto_kernel_do_load_auth_type(
const srtp_auth_type_t *new_at,
srtp_auth_type_id_t id,
int replace)
{
srtp_kernel_auth_type_t *atype, *new_atype;
srtp_err_status_t status;
/* defensive coding */
if (new_at == NULL) {
return srtp_err_status_bad_param;
}
if (new_at->id != id) {
return srtp_err_status_bad_param;
}
/* check auth type by running self-test */
status = srtp_auth_type_self_test(new_at);
if (status) {
return status;
}
/* walk down list, checking if this type is in the list already */
atype = crypto_kernel.auth_type_list;
while (atype != NULL) {
if (id == atype->id) {
if (!replace) {
return srtp_err_status_bad_param;
}
status = srtp_auth_type_test(new_at, atype->auth_type->test_data);
if (status) {
return status;
}
new_atype = atype;
break;
} else if (new_at == atype->auth_type) {
return srtp_err_status_bad_param;
}
atype = atype->next;
}
/* if not found, put new_at at the head of the list */
if (atype == NULL) {
/* allocate memory */
new_atype = (srtp_kernel_auth_type_t *)srtp_crypto_alloc(
sizeof(srtp_kernel_auth_type_t));
if (new_atype == NULL) {
return srtp_err_status_alloc_fail;
}
new_atype->next = crypto_kernel.auth_type_list;
/* set head of list to new auth type */
crypto_kernel.auth_type_list = new_atype;
}
/* set fields */
new_atype->auth_type = new_at;
new_atype->id = id;
return srtp_err_status_ok;
}
/*
* This function allocates a new instance of this crypto engine.
* The key_len parameter should be one of 30, 38, or 46 for
* AES-128, AES-192, and AES-256 respectively. Note, this key_len
* value is inflated, as it also accounts for the 112 bit salt
* value. The tlen argument is for the AEAD tag length, which
* isn't used in counter mode.
*/
static srtp_err_status_t srtp_aes_icm_openssl_alloc (srtp_cipher_t **c, int key_len, int tlen)
{
srtp_aes_icm_ctx_t *icm;
debug_print(srtp_mod_aes_icm, "allocating cipher with key length %d", key_len);
/*
* Verify the key_len is valid for one of: AES-128/192/256
*/
if (key_len != SRTP_AES_128_KEYSIZE_WSALT && key_len != SRTP_AES_192_KEYSIZE_WSALT &&
key_len != SRTP_AES_256_KEYSIZE_WSALT) {
return srtp_err_status_bad_param;
}
if (key_len != SRTP_AES_128_KEYSIZE_WSALT &&
#ifndef SRTP_NO_AES192
key_len != SRTP_AES_192_KEYSIZE_WSALT &&
#endif
key_len != SRTP_AES_256_KEYSIZE_WSALT) {
return srtp_err_status_bad_param;
}
/* allocate memory a cipher of type aes_icm */
*c = (srtp_cipher_t *)srtp_crypto_alloc(sizeof(srtp_cipher_t));
if (*c == NULL) {
return srtp_err_status_alloc_fail;
}
memset(*c, 0x0, sizeof(srtp_cipher_t));
icm = (srtp_aes_icm_ctx_t *)srtp_crypto_alloc(sizeof(srtp_aes_icm_ctx_t));
if (icm == NULL) {
srtp_crypto_free(*c);
*c = NULL;
return srtp_err_status_alloc_fail;
}
memset(icm, 0x0, sizeof(srtp_aes_icm_ctx_t));
/* set pointers */
(*c)->state = icm;
/* setup cipher parameters */
switch (key_len) {
case SRTP_AES_128_KEYSIZE_WSALT:
(*c)->algorithm = SRTP_AES_128_ICM;
(*c)->type = &srtp_aes_icm;
icm->key_size = SRTP_AES_128_KEYSIZE;
break;
#ifndef SRTP_NO_AES192
case SRTP_AES_192_KEYSIZE_WSALT:
(*c)->algorithm = SRTP_AES_192_ICM;
(*c)->type = &srtp_aes_icm_192;
icm->key_size = SRTP_AES_192_KEYSIZE;
break;
#endif
case SRTP_AES_256_KEYSIZE_WSALT:
(*c)->algorithm = SRTP_AES_256_ICM;
(*c)->type = &srtp_aes_icm_256;
icm->key_size = SRTP_AES_256_KEYSIZE;
break;
}
/* set key size */
(*c)->key_len = key_len;
EVP_CIPHER_CTX_init(&icm->ctx);
return srtp_err_status_ok;
}
