1 /* 2 * SRT - Secure, Reliable, Transport 3 * Copyright (c) 2018 Haivision Systems Inc. 4 * 5 * This Source Code Form is subject to the terms of the Mozilla Public 6 * License, v. 2.0. If a copy of the MPL was not distributed with this 7 * file, You can obtain one at http://mozilla.org/MPL/2.0/. 8 * 9 */ 10 11 12 /***************************************************************************** 13 written by 14 Haivision Systems Inc. 15 16 2011-06-23 (jdube) 17 HaiCrypt initial implementation. 18 2014-03-11 (jdube) 19 Adaptation for SRT. 20 *****************************************************************************/ 21 22 #ifndef HCRYPT_MSG_H 23 #define HCRYPT_MSG_H 24 25 /* 26 * HaiCrypt Transport Message Header info 27 */ 28 29 30 #ifndef HCRYPT_DSP 31 #include <sys/types.h> 32 33 typedef uint32_t hcrypt_Pki; 34 #endif /* HCRYPT_DSP */ 35 36 37 #define HCRYPT_MSG_VERSION 1 /* Current HaiCrypt version */ 38 39 #define HCRYPT_MSG_SIGN (('H'-'@')<<10 | ('A'-'@')<<5 | ('I'-'@')) /* Haivision PnP Mfr ID 'HAI' */ 40 41 #define HCRYPT_PKI_SZ 4 /* Packet Index size (CTR mode cipher) */ 42 43 #define HCRYPT_MSG_PT_MS 1 /* Media stream */ 44 #define HCRYPT_MSG_PT_KM 2 /* Keying Material */ 45 #define HCRYPT_MSG_PT_RESV7 7 /* Reserved to dicriminate MPEG-TS packet (SyncByte=0x47) */ 46 47 48 #define HCRYPT_MSG_F_eSEK 0x01 /* Even Stream Encrypting Key */ 49 #define HCRYPT_MSG_F_oSEK 0x02 /* Odd Stream Encrypting Key */ 50 #define HCRYPT_MSG_F_xSEK 0x03 /* Both Stream Encrypting Keys */ 51 52 typedef struct { 53 int hdr_len; // data and control common prefix portion 54 int pfx_len; // Message Prefix len. Also payload offset 55 unsigned (*getKeyFlags)(unsigned char *msg); 56 hcrypt_Pki (*getPki)(unsigned char *msg, int nwko); 57 void (*setPki)(unsigned char *msg, hcrypt_Pki); 58 void (*resetCache)(unsigned char *pfx_cache, unsigned pkt_type, unsigned flags); 59 void (*indexMsg)(unsigned char *msg, unsigned char *pfx_cache); 60 int (*parseMsg)(unsigned char *msg); 61 }hcrypt_MsgInfo; 62 63 64 #define hcryptMsg_GetKeyIndex(mi,msg) ((mi)->getKeyFlags(msg)>>1) 65 #define hcryptMsg_GetPki(mi,msg,nwko) ((mi)->getPki(msg,nwko)) 66 #define hcryptMsg_SetPki(mi,msg,pki) (mi)->setPki(msg, pki) 67 68 #define hcryptMsg_HasEvenSek(mi,msg) ((mi)->getKeyFlags(msg) & HCRYPT_MSG_F_eSEK) 69 #define hcryptMsg_HasOddSek(mi,msg) ((mi)->getKeyFlags(msg) & HCRYPT_MSG_F_oSEK) 70 #define hcryptMsg_HasBothSek(mi,msg) (HCRYPT_MSG_F_xSEK == ((mi)->getKeyFlags(msg) & HCRYPT_MSG_F_xSEK)) 71 #define hcryptMsg_HasNoSek(mi,msg) (0 == ((mi)->getKeyFlags(msg) & HCRYPT_MSG_F_xSEK)) 72 73 #define hcryptMsg_PaddedLen(len, fact) ((((len)+(fact)-1)/(fact))*(fact)) 74 75 76 /* 77 * HaiCrypt KMmsg (Keying Material): 78 * 79 * 0 1 2 3 80 * 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 81 * +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+ 82 *+0x00 |0|Vers | PT | Sign | resv |KF | 83 * +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+ 84 *+0x04 | KEKI | 85 * +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+ 86 *+0x08 | Cipher | Auth | SE | Resv1 | 87 * +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+ 88 *+0x0C | Resv2 | Slen/4 | Klen/4 | 89 * +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+ 90 *+0x10 | Salt | 91 * | ... | 92 * +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+ 93 * | Wrap | 94 * | ... | 95 * +-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-|-+-+-+-+-+-+-+-+ 96 */ 97 98 99 100 #define HCRYPT_MSG_KM_OFS_VERSION 0 101 #define HCRYPT_MSG_KM_OFS_PT 0 102 #define HCRYPT_MSG_KM_OFS_SIGN 1 103 #define HCRYPT_MSG_KM_OFS_KFLGS 3 104 #define HCRYPT_MSG_KM_RSH_KFLGS 0 /* Right shift (in byte) */ 105 106 #define HCRYPT_MSG_KM_OFS_KEKI 4 107 #define HCRYPT_MSG_KM_OFS_CIPHER 8 108 #define HCRYPT_MSG_KM_OFS_AUTH 9 109 #define HCRYPT_MSG_KM_OFS_SE 10 110 #define HCRYPT_MSG_KM_OFS_RESV2 12 111 #define HCRYPT_MSG_KM_OFS_SLEN 14 112 #define HCRYPT_MSG_KM_OFS_KLEN 15 113 #define HCRYPT_MSG_KM_OFS_SALT 16 114 115 #define HCRYPT_MSG_KM_MAX_SZ (0 \ 116 + HCRYPT_MSG_KM_OFS_SALT \ 117 + HAICRYPT_SALT_SZ \ 118 + (HAICRYPT_KEY_MAX_SZ * 2) \ 119 + HAICRYPT_WRAPKEY_SIGN_SZ) 120 121 #define HCRYPT_CIPHER_NONE 0 122 #define HCRYPT_CIPHER_AES_ECB 1 123 #define HCRYPT_CIPHER_AES_CTR 2 124 #define HCRYPT_CIPHER_AES_CBC 3 125 126 #define HCRYPT_AUTH_NONE 0 127 128 #define HCRYPT_SE_TSUDP 1 129 hcrypt_MsgInfo * hcryptMsg_STA_MsgInfo(void); 130 #define HCRYPT_SE_TSSRT 2 131 hcrypt_MsgInfo * hcryptMsg_SRT_MsgInfo(void); 132 133 #define hcryptMsg_KM_GetVersion(msg) (((msg)[HCRYPT_MSG_KM_OFS_VERSION]>>4)& 0xF) 134 #define hcryptMsg_KM_GetPktType(msg) (((msg)[HCRYPT_MSG_KM_OFS_PT]) & 0xF) 135 #define hcryptMsg_KM_GetSign(msg) (((msg)[HCRYPT_MSG_KM_OFS_SIGN]<<8) | (msg)[HCRYPT_MSG_KM_OFS_SIGN+1]) 136 137 #define hcryptMsg_KM_GetKeyIndex(msg) (((msg)[HCRYPT_MSG_KM_OFS_KFLGS] & HCRYPT_MSG_F_xSEK)>>1) 138 139 #define hcryptMsg_KM_HasEvenSek(msg) ((msg)[HCRYPT_MSG_KM_OFS_KFLGS] & HCRYPT_MSG_F_eSEK) 140 #define hcryptMsg_KM_HasOddSek(msg) ((msg)[HCRYPT_MSG_KM_OFS_KFLGS] & HCRYPT_MSG_F_oSEK) 141 #define hcryptMsg_KM_HasBothSek(msg) (HCRYPT_MSG_F_xSEK == ((msg)[HCRYPT_MSG_KM_OFS_KFLGS] & HCRYPT_MSG_F_xSEK)) 142 #define hcryptMsg_KM_HasNoSek(msg) (0 == ((msg)[HCRYPT_MSG_KM_OFS_KFLGS] & HCRYPT_MSG_F_xSEK)) 143 144 #define hcryptMsg_KM_GetCipher(msg) ((msg)[HCRYPT_MSG_KM_OFS_CIPHER]) 145 #define hcryptMsg_KM_GetAuth(msg) ((msg)[HCRYPT_MSG_KM_OFS_AUTH]) 146 #define hcryptMsg_KM_GetSE(msg) ((msg)[HCRYPT_MSG_KM_OFS_SE]) 147 148 #define hcryptMsg_KM_GetSaltLen(msg) (size_t)((msg)[HCRYPT_MSG_KM_OFS_SLEN] * 4) 149 #define hcryptMsg_KM_GetSekLen(msg) (size_t)((msg)[HCRYPT_MSG_KM_OFS_KLEN] * 4) 150 151 #define hcryptMsg_KM_SetSaltLen(msg,len)do {(msg)[HCRYPT_MSG_KM_OFS_SLEN] = (len)/4;} while(0) 152 #define hcryptMsg_KM_SetSekLen(msg,len) do {(msg)[HCRYPT_MSG_KM_OFS_KLEN] = (len)/4;} while(0) 153 154 155 #endif /* HCRYPT_MSG_H */ 156