From 3130fa51a5d6f3fd5dc08df7649d902d0eea382e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Storsj=C3=B6?= Date: Tue, 15 Jan 2013 13:05:12 +0200 Subject: [PATCH 1/3] lavu: Add a fate test for the HMAC API MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Martin Storsjö --- libavutil/Makefile | 1 + libavutil/hmac.c | 48 ++++++++++++++++++++++++++++++++++++++++ tests/fate/libavutil.mak | 4 ++++ tests/ref/fate/hmac | 6 +++++ 4 files changed, 59 insertions(+) create mode 100644 tests/ref/fate/hmac diff --git a/libavutil/Makefile b/libavutil/Makefile index 79e67b50dd..465b2fc207 100644 --- a/libavutil/Makefile +++ b/libavutil/Makefile @@ -108,6 +108,7 @@ TESTPROGS = adler32 \ des \ eval \ fifo \ + hmac \ lfg \ lls \ md5 \ diff --git a/libavutil/hmac.c b/libavutil/hmac.c index 3308f1bb58..f82b5a3d77 100644 --- a/libavutil/hmac.c +++ b/libavutil/hmac.c @@ -136,3 +136,51 @@ int av_hmac_calc(AVHMAC *c, const uint8_t *data, unsigned int len, av_hmac_update(c, data, len); return av_hmac_final(c, out, outlen); } + +#ifdef TEST +#include + +static void test(AVHMAC *hmac, const uint8_t *key, int keylen, + const uint8_t *data, int datalen) +{ + uint8_t buf[MAX_HASHLEN]; + int out, i; + // Some of the test vectors are strings, where sizeof() includes the + // trailing null byte - remove that. + if (!key[keylen - 1]) + keylen--; + if (!data[datalen - 1]) + datalen--; + out = av_hmac_calc(hmac, data, datalen, key, keylen, buf, sizeof(buf)); + for (i = 0; i < out; i++) + printf("%02x", buf[i]); + printf("\n"); +} + +int main(void) +{ + uint8_t key1[16], key3[16], data3[50], key4[63], key5[64], key6[65]; + const uint8_t key2[] = "Jefe"; + const uint8_t data1[] = "Hi There"; + const uint8_t data2[] = "what do ya want for nothing?"; + AVHMAC *hmac = av_hmac_alloc(AV_HMAC_MD5); + if (!hmac) + return 1; + memset(key1, 0x0b, sizeof(key1)); + memset(key3, 0xaa, sizeof(key3)); + memset(key4, 0x44, sizeof(key4)); + memset(key5, 0x55, sizeof(key5)); + memset(key6, 0x66, sizeof(key6)); + memset(data3, 0xdd, sizeof(data3)); + // RFC 2104 test vectors + test(hmac, key1, sizeof(key1), data1, sizeof(data1)); + test(hmac, key2, sizeof(key2), data2, sizeof(data2)); + test(hmac, key3, sizeof(key3), data3, sizeof(data3)); + // Additional tests, to test cases where the key is too long + test(hmac, key4, sizeof(key4), data1, sizeof(data1)); + test(hmac, key5, sizeof(key5), data2, sizeof(data2)); + test(hmac, key6, sizeof(key6), data3, sizeof(data3)); + av_hmac_free(hmac); + return 0; +} +#endif /* TEST */ diff --git a/tests/fate/libavutil.mak b/tests/fate/libavutil.mak index 9e5716200c..5befcce7df 100644 --- a/tests/fate/libavutil.mak +++ b/tests/fate/libavutil.mak @@ -37,6 +37,10 @@ FATE_LIBAVUTIL += fate-fifo fate-fifo: libavutil/fifo-test$(EXESUF) fate-fifo: CMD = run libavutil/fifo-test +FATE_LIBAVUTIL += fate-hmac +fate-hmac: libavutil/hmac-test$(EXESUF) +fate-hmac: CMD = run libavutil/hmac-test + FATE_LIBAVUTIL += fate-md5 fate-md5: libavutil/md5-test$(EXESUF) fate-md5: CMD = run libavutil/md5-test diff --git a/tests/ref/fate/hmac b/tests/ref/fate/hmac new file mode 100644 index 0000000000..7d2a437c69 --- /dev/null +++ b/tests/ref/fate/hmac @@ -0,0 +1,6 @@ +9294727a3638bb1c13f48ef8158bfc9d +750c783e6ab0b503eaa86e310a5db738 +56be34521d144c88dbb8c733f0e8b3f6 +467cb2560355d7fa3ab2d6b939e6e47c +5a6ffd741d3e23b12f78b1baee9e609a +8b4b9d11c9e186c58f2a53b08ddfa436 From c2603aa25b75318df94d400eb60557123fa42a75 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Storsj=C3=B6?= Date: Tue, 15 Jan 2013 15:07:44 +0200 Subject: [PATCH 2/3] lavf: Add a fate test for the SRTP functions MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Martin Storsjö --- libavformat/Makefile | 1 + libavformat/srtp.c | 129 +++++++++++++++++++++++++++++++++++++ tests/fate/libavformat.mak | 4 ++ tests/ref/fate/srtp | 8 +++ 4 files changed, 142 insertions(+) create mode 100644 tests/ref/fate/srtp diff --git a/libavformat/Makefile b/libavformat/Makefile index 1f008a9255..111380a021 100644 --- a/libavformat/Makefile +++ b/libavformat/Makefile @@ -379,6 +379,7 @@ EXAMPLES = metadata \ output \ TESTPROGS = seek \ + srtp \ url \ TOOLS = aviocat \ diff --git a/libavformat/srtp.c b/libavformat/srtp.c index 6c589b0354..de48c1461a 100644 --- a/libavformat/srtp.c +++ b/libavformat/srtp.c @@ -291,3 +291,132 @@ int ff_srtp_encrypt(struct SRTPContext *s, const uint8_t *in, int len, len += s->hmac_size; return buf + len - out; } + +#ifdef TEST +#include + +static const char *aes128_80_key = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmn"; + +static const uint8_t rtp_aes128_80[] = { + // RTP header + 0x80, 0xe0, 0x12, 0x34, + 0x12, 0x34, 0x56, 0x78, + 0x12, 0x34, 0x56, 0x78, + // encrypted payload + 0x62, 0x69, 0x76, 0xca, 0xc5, + // HMAC + 0xa1, 0xac, 0x1b, 0xb4, 0xa0, 0x1c, 0xd5, 0x49, 0x28, 0x99, +}; + +static const uint8_t rtcp_aes128_80[] = { + // RTCP header + 0x81, 0xc9, 0x00, 0x07, + 0x12, 0x34, 0x56, 0x78, + // encrypted payload + 0x8a, 0xac, 0xdc, 0xa5, + 0x4c, 0xf6, 0x78, 0xa6, + 0x62, 0x8f, 0x24, 0xda, + 0x6c, 0x09, 0x3f, 0xa9, + 0x28, 0x7a, 0xb5, 0x7f, + 0x1f, 0x0f, 0xc9, 0x35, + // RTCP index + 0x80, 0x00, 0x00, 0x03, + // HMAC + 0xe9, 0x3b, 0xc0, 0x5c, 0x0c, 0x06, 0x9f, 0xab, 0xc0, 0xde, +}; + +static const char *aes128_32_key = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmn"; + +static const uint8_t rtp_aes128_32[] = { + // RTP header + 0x80, 0xe0, 0x12, 0x34, + 0x12, 0x34, 0x56, 0x78, + 0x12, 0x34, 0x56, 0x78, + // encrypted payload + 0x62, 0x69, 0x76, 0xca, 0xc5, + // HMAC + 0xa1, 0xac, 0x1b, 0xb4, +}; + +static const uint8_t rtcp_aes128_32[] = { + // RTCP header + 0x81, 0xc9, 0x00, 0x07, + 0x12, 0x34, 0x56, 0x78, + // encrypted payload + 0x35, 0xe9, 0xb5, 0xff, + 0x0d, 0xd1, 0xde, 0x70, + 0x74, 0x10, 0xaa, 0x1b, + 0xb2, 0x8d, 0xf0, 0x20, + 0x02, 0x99, 0x6b, 0x1b, + 0x0b, 0xd0, 0x47, 0x34, + // RTCP index + 0x80, 0x00, 0x00, 0x04, + // HMAC + 0x5b, 0xd2, 0xa9, 0x9d, +}; + +static void print_data(const uint8_t *buf, int len) +{ + int i; + for (i = 0; i < len; i++) + printf("%02x", buf[i]); + printf("\n"); +} + +static int test_decrypt(struct SRTPContext *srtp, const uint8_t *in, int len, + uint8_t *out) +{ + memcpy(out, in, len); + if (!ff_srtp_decrypt(srtp, out, &len)) { + print_data(out, len); + return len; + } else + return -1; +} + +static void test_encrypt(const uint8_t *data, int in_len, const char *suite, + const char *key) +{ + struct SRTPContext enc = { 0 }, dec = { 0 }; + int len; + char buf[1500]; + ff_srtp_set_crypto(&enc, suite, key); + ff_srtp_set_crypto(&dec, suite, key); + len = ff_srtp_encrypt(&enc, data, in_len, buf, sizeof(buf)); + if (!ff_srtp_decrypt(&dec, buf, &len)) { + if (len == in_len && !memcmp(buf, data, len)) + printf("Decrypted content matches input\n"); + else + printf("Decrypted content doesn't match input\n"); + } else { + printf("Decryption failed\n"); + } + ff_srtp_free(&enc); + ff_srtp_free(&dec); +} + +int main(void) +{ + static const char *aes128_80_suite = "AES_CM_128_HMAC_SHA1_80"; + static const char *aes128_32_suite = "AES_CM_128_HMAC_SHA1_32"; + static const char *test_key = "abcdefghijklmnopqrstuvwxyz1234567890ABCD"; + uint8_t buf[1500]; + struct SRTPContext srtp = { 0 }; + int len; + ff_srtp_set_crypto(&srtp, aes128_80_suite, aes128_80_key); + len = test_decrypt(&srtp, rtp_aes128_80, sizeof(rtp_aes128_80), buf); + test_encrypt(buf, len, aes128_80_suite, test_key); + test_encrypt(buf, len, aes128_32_suite, test_key); + test_decrypt(&srtp, rtcp_aes128_80, sizeof(rtcp_aes128_80), buf); + test_encrypt(buf, len, aes128_80_suite, test_key); + test_encrypt(buf, len, aes128_32_suite, test_key); + ff_srtp_free(&srtp); + + memset(&srtp, 0, sizeof(srtp)); // Clear the context + ff_srtp_set_crypto(&srtp, aes128_32_suite, aes128_32_key); + test_decrypt(&srtp, rtp_aes128_32, sizeof(rtp_aes128_32), buf); + test_decrypt(&srtp, rtcp_aes128_32, sizeof(rtcp_aes128_32), buf); + ff_srtp_free(&srtp); + return 0; +} +#endif /* TEST */ diff --git a/tests/fate/libavformat.mak b/tests/fate/libavformat.mak index b6eda42a63..20bc31999f 100644 --- a/tests/fate/libavformat.mak +++ b/tests/fate/libavformat.mak @@ -1,3 +1,7 @@ +FATE_LIBAVFORMAT += fate-srtp +fate-srtp: libavformat/srtp-test$(EXESUF) +fate-srtp: CMD = run libavformat/srtp-test + FATE_LIBAVFORMAT += fate-url fate-url: libavformat/url-test$(EXESUF) fate-url: CMD = run libavformat/url-test diff --git a/tests/ref/fate/srtp b/tests/ref/fate/srtp new file mode 100644 index 0000000000..091d3f3a0d --- /dev/null +++ b/tests/ref/fate/srtp @@ -0,0 +1,8 @@ +80e0123412345678123456780102030405 +Decrypted content matches input +Decrypted content matches input +81c90007123456788765432100000000000012340000069ec73069ba000001fd +Decrypted content matches input +Decrypted content matches input +80e0123412345678123456780102030405 +81c90007123456788765432100000000000012340000069ec73069ba000001fd From 0eecafc948b74c247ebbc59f18f508db5d590d0b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Martin=20Storsj=C3=B6?= Date: Tue, 15 Jan 2013 14:21:48 +0200 Subject: [PATCH 3/3] configure: Make the new srtp protocol depend on the rtp protocol MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Martin Storsjö --- configure | 1 + 1 file changed, 1 insertion(+) diff --git a/configure b/configure index 375865e74e..879c36d178 100755 --- a/configure +++ b/configure @@ -1750,6 +1750,7 @@ rtmpts_protocol_select="ffrtmphttp_protocol https_protocol" rtp_protocol_select="udp_protocol" sctp_protocol_deps="struct_sctp_event_subscribe" sctp_protocol_select="network" +srtp_protocol_select="rtp_protocol" tcp_protocol_select="network" tls_protocol_deps_any="openssl gnutls" tls_protocol_select="tcp_protocol"