diff options
-rw-r--r-- | CMakeLists.txt | 1 | ||||
-rw-r--r-- | crypto-vala/CMakeLists.txt | 41 | ||||
-rw-r--r-- | crypto-vala/src/cipher.vala (renamed from plugins/crypto-vala/src/cipher.vala) | 0 | ||||
-rw-r--r-- | crypto-vala/src/cipher_converter.vala (renamed from plugins/crypto-vala/src/cipher_converter.vala) | 0 | ||||
-rw-r--r-- | crypto-vala/src/error.vala (renamed from plugins/crypto-vala/src/error.vala) | 0 | ||||
-rw-r--r-- | crypto-vala/src/random.vala (renamed from plugins/crypto-vala/src/random.vala) | 0 | ||||
-rw-r--r-- | crypto-vala/src/srtp.vala | 122 | ||||
-rw-r--r-- | crypto-vala/vapi/gcrypt.vapi (renamed from plugins/crypto-vala/vapi/gcrypt.vapi) | 0 | ||||
-rw-r--r-- | crypto-vala/vapi/libsrtp2.vapi (renamed from plugins/crypto-vala/vapi/libsrtp2.vapi) | 0 | ||||
-rw-r--r-- | plugins/CMakeLists.txt | 1 | ||||
-rw-r--r-- | plugins/crypto-vala/CMakeLists.txt | 32 | ||||
-rw-r--r-- | plugins/crypto-vala/src/srtp.vala | 122 |
12 files changed, 164 insertions, 155 deletions
diff --git a/CMakeLists.txt b/CMakeLists.txt index b3bd35cc..5516dbdb 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -203,6 +203,7 @@ add_subdirectory(qlite) add_subdirectory(xmpp-vala) add_subdirectory(libdino) add_subdirectory(main) +add_subdirectory(crypto-vala) add_subdirectory(plugins) # uninstall target diff --git a/crypto-vala/CMakeLists.txt b/crypto-vala/CMakeLists.txt new file mode 100644 index 00000000..f1f3f9d7 --- /dev/null +++ b/crypto-vala/CMakeLists.txt @@ -0,0 +1,41 @@ +find_package(GCrypt REQUIRED) +find_package(Srtp2 REQUIRED) +find_packages(CRYPTO_VALA_PACKAGES REQUIRED + GLib + GObject + GIO +) + +vala_precompile(CRYPTO_VALA_C +SOURCES + "src/cipher.vala" + "src/cipher_converter.vala" + "src/error.vala" + "src/random.vala" + "src/srtp.vala" +CUSTOM_VAPIS + "${CMAKE_CURRENT_SOURCE_DIR}/vapi/gcrypt.vapi" + "${CMAKE_CURRENT_SOURCE_DIR}/vapi/libsrtp2.vapi" +PACKAGES + ${CRYPTO_VALA_PACKAGES} +GENERATE_VAPI + crypto-vala +GENERATE_HEADER + crypto-vala +) + +add_custom_target(crypto-vala-vapi +DEPENDS + ${CMAKE_BINARY_DIR}/exports/crypto-vala.vapi + ${CMAKE_BINARY_DIR}/exports/crypto-vala.deps +) + +add_definitions(${VALA_CFLAGS} -DG_LOG_DOMAIN="crypto-vala") +add_library(crypto-vala SHARED ${CRYPTO_VALA_C}) +add_dependencies(crypto-vala crypto-vala-vapi) +target_link_libraries(crypto-vala ${CRYPTO_VALA_PACKAGES} gcrypt libsrtp2) +set_target_properties(crypto-vala PROPERTIES VERSION 0.0 SOVERSION 0) + +install(TARGETS crypto-vala ${TARGET_INSTALL}) +install(FILES ${CMAKE_BINARY_DIR}/exports/crypto-vala.vapi ${CMAKE_BINARY_DIR}/exports/crypto-vala.deps DESTINATION ${VAPI_INSTALL_DIR}) +install(FILES ${CMAKE_BINARY_DIR}/exports/crypto-vala.h DESTINATION ${INCLUDE_INSTALL_DIR}) diff --git a/plugins/crypto-vala/src/cipher.vala b/crypto-vala/src/cipher.vala index 306dafa8..306dafa8 100644 --- a/plugins/crypto-vala/src/cipher.vala +++ b/crypto-vala/src/cipher.vala diff --git a/plugins/crypto-vala/src/cipher_converter.vala b/crypto-vala/src/cipher_converter.vala index b2b52c5a..b2b52c5a 100644 --- a/plugins/crypto-vala/src/cipher_converter.vala +++ b/crypto-vala/src/cipher_converter.vala diff --git a/plugins/crypto-vala/src/error.vala b/crypto-vala/src/error.vala index 5007d725..5007d725 100644 --- a/plugins/crypto-vala/src/error.vala +++ b/crypto-vala/src/error.vala diff --git a/plugins/crypto-vala/src/random.vala b/crypto-vala/src/random.vala index 3f5d3ba9..3f5d3ba9 100644 --- a/plugins/crypto-vala/src/random.vala +++ b/crypto-vala/src/random.vala diff --git a/crypto-vala/src/srtp.vala b/crypto-vala/src/srtp.vala new file mode 100644 index 00000000..c7f45da3 --- /dev/null +++ b/crypto-vala/src/srtp.vala @@ -0,0 +1,122 @@ +using Srtp; + +namespace Crypto.Srtp { +public const string AES_CM_128_HMAC_SHA1_80 = "AES_CM_128_HMAC_SHA1_80"; +public const string AES_CM_128_HMAC_SHA1_32 = "AES_CM_128_HMAC_SHA1_32"; +public const string F8_128_HMAC_SHA1_80 = "F8_128_HMAC_SHA1_80"; + +public class Session { + public bool has_encrypt { get; private set; default = false; } + public bool has_decrypt { get; private set; default = false; } + + private Context encrypt_context; + private Context decrypt_context; + + static construct { + init(); + install_log_handler(log); + } + + private static void log(LogLevel level, string msg) { + print(@"SRTP[$level]: $msg\n"); + } + + public Session() { + Context.create(out encrypt_context, null); + Context.create(out decrypt_context, null); + } + + public uint8[] encrypt_rtp(uint8[] data) throws Error { + uint8[] buf = new uint8[data.length + MAX_TRAILER_LEN]; + Memory.copy(buf, data, data.length); + int buf_use = data.length; + ErrorStatus res = encrypt_context.protect(buf, ref buf_use); + if (res != ErrorStatus.ok) { + throw new Error.UNKNOWN(@"SRTP encrypt failed: $res"); + } + uint8[] ret = new uint8[buf_use]; + GLib.Memory.copy(ret, buf, buf_use); + return ret; + } + + public uint8[] decrypt_rtp(uint8[] data) throws Error { + uint8[] buf = new uint8[data.length]; + Memory.copy(buf, data, data.length); + int buf_use = data.length; + ErrorStatus res = decrypt_context.unprotect(buf, ref buf_use); + switch (res) { + case ErrorStatus.auth_fail: + throw new Error.AUTHENTICATION_FAILED("SRTP packet failed the message authentication check"); + case ErrorStatus.ok: + break; + default: + throw new Error.UNKNOWN(@"SRTP decrypt failed: $res"); + } + uint8[] ret = new uint8[buf_use]; + GLib.Memory.copy(ret, buf, buf_use); + return ret; + } + + public uint8[] encrypt_rtcp(uint8[] data) throws Error { + uint8[] buf = new uint8[data.length + MAX_TRAILER_LEN + 4]; + Memory.copy(buf, data, data.length); + int buf_use = data.length; + ErrorStatus res = encrypt_context.protect_rtcp(buf, ref buf_use); + if (res != ErrorStatus.ok) { + throw new Error.UNKNOWN(@"SRTCP encrypt failed: $res"); + } + uint8[] ret = new uint8[buf_use]; + GLib.Memory.copy(ret, buf, buf_use); + return ret; + } + + public uint8[] decrypt_rtcp(uint8[] data) throws Error { + uint8[] buf = new uint8[data.length]; + Memory.copy(buf, data, data.length); + int buf_use = data.length; + ErrorStatus res = decrypt_context.unprotect_rtcp(buf, ref buf_use); + switch (res) { + case ErrorStatus.auth_fail: + throw new Error.AUTHENTICATION_FAILED("SRTCP packet failed the message authentication check"); + case ErrorStatus.ok: + break; + default: + throw new Error.UNKNOWN(@"SRTP decrypt failed: $res"); + } + uint8[] ret = new uint8[buf_use]; + GLib.Memory.copy(ret, buf, buf_use); + return ret; + } + + private Policy create_policy(string profile) { + Policy policy = Policy(); + switch (profile) { + case AES_CM_128_HMAC_SHA1_80: + policy.rtp.set_aes_cm_128_hmac_sha1_80(); + policy.rtcp.set_aes_cm_128_hmac_sha1_80(); + break; + } + return policy; + } + + public void set_encryption_key(string profile, uint8[] key, uint8[] salt) { + Policy policy = create_policy(profile); + policy.ssrc.type = SsrcType.any_outbound; + policy.key = new uint8[key.length + salt.length]; + Memory.copy(policy.key, key, key.length); + Memory.copy(((uint8*)policy.key) + key.length, salt, salt.length); + encrypt_context.add_stream(ref policy); + has_encrypt = true; + } + + public void set_decryption_key(string profile, uint8[] key, uint8[] salt) { + Policy policy = create_policy(profile); + policy.ssrc.type = SsrcType.any_inbound; + policy.key = new uint8[key.length + salt.length]; + Memory.copy(policy.key, key, key.length); + Memory.copy(((uint8*)policy.key) + key.length, salt, salt.length); + decrypt_context.add_stream(ref policy); + has_decrypt = true; + } +} +}
\ No newline at end of file diff --git a/plugins/crypto-vala/vapi/gcrypt.vapi b/crypto-vala/vapi/gcrypt.vapi index 0fa69a02..0fa69a02 100644 --- a/plugins/crypto-vala/vapi/gcrypt.vapi +++ b/crypto-vala/vapi/gcrypt.vapi diff --git a/plugins/crypto-vala/vapi/libsrtp2.vapi b/crypto-vala/vapi/libsrtp2.vapi index 5ceedced..5ceedced 100644 --- a/plugins/crypto-vala/vapi/libsrtp2.vapi +++ b/crypto-vala/vapi/libsrtp2.vapi diff --git a/plugins/CMakeLists.txt b/plugins/CMakeLists.txt index 00bb6509..8ff9e16f 100644 --- a/plugins/CMakeLists.txt +++ b/plugins/CMakeLists.txt @@ -16,7 +16,6 @@ if(DINO_PLUGIN_ENABLED_openpgp) endif(DINO_PLUGIN_ENABLED_openpgp) if(DINO_PLUGIN_ENABLED_omemo) - add_subdirectory(crypto-vala) add_subdirectory(omemo) add_subdirectory(signal-protocol) endif(DINO_PLUGIN_ENABLED_omemo) diff --git a/plugins/crypto-vala/CMakeLists.txt b/plugins/crypto-vala/CMakeLists.txt deleted file mode 100644 index f615854c..00000000 --- a/plugins/crypto-vala/CMakeLists.txt +++ /dev/null @@ -1,32 +0,0 @@ -find_package(GCrypt REQUIRED) -find_package(Srtp2 REQUIRED) -find_packages(CRYPTO_VALA_PACKAGES REQUIRED - GLib - GObject - GIO -) - -vala_precompile(CRYPTO_VALA_C -SOURCES - "src/cipher.vala" - "src/cipher_converter.vala" - "src/error.vala" - "src/random.vala" - "src/srtp.vala" -CUSTOM_VAPIS - "${CMAKE_CURRENT_SOURCE_DIR}/vapi/gcrypt.vapi" - "${CMAKE_CURRENT_SOURCE_DIR}/vapi/libsrtp2.vapi" -PACKAGES - ${CRYPTO_VALA_PACKAGES} -GENERATE_VAPI - crypto-vala -GENERATE_HEADER - crypto-vala -) - -set(CFLAGS ${VALA_CFLAGS}) -add_definitions(${CFLAGS}) -add_library(crypto-vala STATIC ${CRYPTO_VALA_C}) -target_link_libraries(crypto-vala ${CRYPTO_VALA_PACKAGES} gcrypt libsrtp2) -set_property(TARGET crypto-vala PROPERTY POSITION_INDEPENDENT_CODE ON) - diff --git a/plugins/crypto-vala/src/srtp.vala b/plugins/crypto-vala/src/srtp.vala deleted file mode 100644 index 493afdb0..00000000 --- a/plugins/crypto-vala/src/srtp.vala +++ /dev/null @@ -1,122 +0,0 @@ -using Srtp; - -public class Crypto.Srtp { - public const string AES_CM_128_HMAC_SHA1_80 = "AES_CM_128_HMAC_SHA1_80"; - public const string AES_CM_128_HMAC_SHA1_32 = "AES_CM_128_HMAC_SHA1_32"; - public const string F8_128_HMAC_SHA1_80 = "F8_128_HMAC_SHA1_80"; - - public class Session { - public bool has_encrypt { get; private set; default = false; } - public bool has_decrypt { get; private set; default = false; } - - private Context encrypt_context; - private Context decrypt_context; - - static construct { - init(); - install_log_handler(log); - } - - private static void log(LogLevel level, string msg) { - print(@"SRTP[$level]: $msg\n"); - } - - public Session() { - Context.create(out encrypt_context, null); - Context.create(out decrypt_context, null); - } - - public uint8[] encrypt_rtp(uint8[] data) throws Error { - uint8[] buf = new uint8[data.length + MAX_TRAILER_LEN]; - Memory.copy(buf, data, data.length); - int buf_use = data.length; - ErrorStatus res = encrypt_context.protect(buf, ref buf_use); - if (res != ErrorStatus.ok) { - throw new Error.UNKNOWN(@"SRTP encrypt failed: $res"); - } - uint8[] ret = new uint8[buf_use]; - GLib.Memory.copy(ret, buf, buf_use); - return ret; - } - - public uint8[] decrypt_rtp(uint8[] data) throws Error { - uint8[] buf = new uint8[data.length]; - Memory.copy(buf, data, data.length); - int buf_use = data.length; - ErrorStatus res = decrypt_context.unprotect(buf, ref buf_use); - switch (res) { - case ErrorStatus.auth_fail: - throw new Error.AUTHENTICATION_FAILED("SRTP packet failed the message authentication check"); - case ErrorStatus.ok: - break; - default: - throw new Error.UNKNOWN(@"SRTP decrypt failed: $res"); - } - uint8[] ret = new uint8[buf_use]; - GLib.Memory.copy(ret, buf, buf_use); - return ret; - } - - public uint8[] encrypt_rtcp(uint8[] data) throws Error { - uint8[] buf = new uint8[data.length + MAX_TRAILER_LEN + 4]; - Memory.copy(buf, data, data.length); - int buf_use = data.length; - ErrorStatus res = encrypt_context.protect_rtcp(buf, ref buf_use); - if (res != ErrorStatus.ok) { - throw new Error.UNKNOWN(@"SRTCP encrypt failed: $res"); - } - uint8[] ret = new uint8[buf_use]; - GLib.Memory.copy(ret, buf, buf_use); - return ret; - } - - public uint8[] decrypt_rtcp(uint8[] data) throws Error { - uint8[] buf = new uint8[data.length]; - Memory.copy(buf, data, data.length); - int buf_use = data.length; - ErrorStatus res = decrypt_context.unprotect_rtcp(buf, ref buf_use); - switch (res) { - case ErrorStatus.auth_fail: - throw new Error.AUTHENTICATION_FAILED("SRTCP packet failed the message authentication check"); - case ErrorStatus.ok: - break; - default: - throw new Error.UNKNOWN(@"SRTP decrypt failed: $res"); - } - uint8[] ret = new uint8[buf_use]; - GLib.Memory.copy(ret, buf, buf_use); - return ret; - } - - private Policy create_policy(string profile) { - Policy policy = Policy(); - switch (profile) { - case AES_CM_128_HMAC_SHA1_80: - policy.rtp.set_aes_cm_128_hmac_sha1_80(); - policy.rtcp.set_aes_cm_128_hmac_sha1_80(); - break; - } - return policy; - } - - public void set_encryption_key(string profile, uint8[] key, uint8[] salt) { - Policy policy = create_policy(profile); - policy.ssrc.type = SsrcType.any_outbound; - policy.key = new uint8[key.length + salt.length]; - Memory.copy(policy.key, key, key.length); - Memory.copy(((uint8*)policy.key) + key.length, salt, salt.length); - encrypt_context.add_stream(ref policy); - has_encrypt = true; - } - - public void set_decryption_key(string profile, uint8[] key, uint8[] salt) { - Policy policy = create_policy(profile); - policy.ssrc.type = SsrcType.any_inbound; - policy.key = new uint8[key.length + salt.length]; - Memory.copy(policy.key, key, key.length); - Memory.copy(((uint8*)policy.key) + key.length, salt, salt.length); - decrypt_context.add_stream(ref policy); - has_decrypt = true; - } - } -}
\ No newline at end of file |