Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package libsrtp2 for openSUSE:Factory
checked in at 2021-09-13 16:24:23
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/libsrtp2 (Old)
and /work/SRC/openSUSE:Factory/.libsrtp2.new.1899 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "libsrtp2"
Mon Sep 13 16:24:23 2021 rev:7 rq:917828 version:2.4.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/libsrtp2/libsrtp2.changes 2021-08-16
10:14:08.558913679 +0200
+++ /work/SRC/openSUSE:Factory/.libsrtp2.new.1899/libsrtp2.changes
2021-09-13 16:24:54.702771108 +0200
@@ -1,0 +2,6 @@
+Thu Sep 9 21:37:57 UTC 2021 - Jan Engelhardt <jeng...@inai.de>
+
+- Update to release 2.4.1
+ * Use a full-length key even with null ciphers
+
+-------------------------------------------------------------------
Old:
----
v2.4.0.tar.gz
New:
----
v2.4.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ libsrtp2.spec ++++++
--- /var/tmp/diff_new_pack.gRj4y2/_old 2021-09-13 16:24:55.430771950 +0200
+++ /var/tmp/diff_new_pack.gRj4y2/_new 2021-09-13 16:24:55.430771950 +0200
@@ -18,7 +18,7 @@
Name: libsrtp2
%define lname libsrtp2-1
-Version: 2.4.0
+Version: 2.4.1
Release: 0
Summary: Secure Real-Time Transport Protocol (SRTP) library v2
License: BSD-3-Clause
++++++ v2.4.0.tar.gz -> v2.4.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libsrtp-2.4.0/CHANGES new/libsrtp-2.4.1/CHANGES
--- old/libsrtp-2.4.0/CHANGES 2021-08-13 20:55:40.000000000 +0200
+++ new/libsrtp-2.4.1/CHANGES 2021-09-09 17:30:52.000000000 +0200
@@ -1,5 +1,11 @@
Changelog
+2.4.1
+
+Major changes
+
+#560 - Merge PR 559, Use a full-length key even with null ciphers
+
2.4.0
Major changes
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libsrtp-2.4.0/CMakeLists.txt
new/libsrtp-2.4.1/CMakeLists.txt
--- old/libsrtp-2.4.0/CMakeLists.txt 2021-08-13 20:55:40.000000000 +0200
+++ new/libsrtp-2.4.1/CMakeLists.txt 2021-09-09 17:30:52.000000000 +0200
@@ -1,6 +1,6 @@
cmake_minimum_required(VERSION 3.12)
-project(libsrtp2 VERSION 2.4.0 LANGUAGES C)
+project(libsrtp2 VERSION 2.4.1 LANGUAGES C)
set(PACKAGE_VERSION ${CMAKE_PROJECT_VERSION})
set(PACKAGE_STRING "${CMAKE_PROJECT_NAME} ${CMAKE_PROJECT_VERSION}")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libsrtp-2.4.0/configure new/libsrtp-2.4.1/configure
--- old/libsrtp-2.4.0/configure 2021-08-13 20:55:40.000000000 +0200
+++ new/libsrtp-2.4.1/configure 2021-09-09 17:30:52.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for libsrtp2 2.4.0.
+# Generated by GNU Autoconf 2.69 for libsrtp2 2.4.1.
#
# Report bugs to <https://github.com/cisco/libsrtp/issues>.
#
@@ -580,8 +580,8 @@
# Identity of this package.
PACKAGE_NAME='libsrtp2'
PACKAGE_TARNAME='libsrtp2'
-PACKAGE_VERSION='2.4.0'
-PACKAGE_STRING='libsrtp2 2.4.0'
+PACKAGE_VERSION='2.4.1'
+PACKAGE_STRING='libsrtp2 2.4.1'
PACKAGE_BUGREPORT='https://github.com/cisco/libsrtp/issues'
PACKAGE_URL=''
@@ -685,6 +685,7 @@
docdir
oldincludedir
includedir
+runstatedir
localstatedir
sharedstatedir
sysconfdir
@@ -775,6 +776,7 @@
sysconfdir='${prefix}/etc'
sharedstatedir='${prefix}/com'
localstatedir='${prefix}/var'
+runstatedir='${localstatedir}/run'
includedir='${prefix}/include'
oldincludedir='/usr/include'
docdir='${datarootdir}/doc/${PACKAGE_TARNAME}'
@@ -1027,6 +1029,15 @@
| -silent | --silent | --silen | --sile | --sil)
silent=yes ;;
+ -runstatedir | --runstatedir | --runstatedi | --runstated \
+ | --runstate | --runstat | --runsta | --runst | --runs \
+ | --run | --ru | --r)
+ ac_prev=runstatedir ;;
+ -runstatedir=* | --runstatedir=* | --runstatedi=* | --runstated=* \
+ | --runstate=* | --runstat=* | --runsta=* | --runst=* | --runs=* \
+ | --run=* | --ru=* | --r=*)
+ runstatedir=$ac_optarg ;;
+
-sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
ac_prev=sbindir ;;
-sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
@@ -1164,7 +1175,7 @@
for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \
datadir sysconfdir sharedstatedir localstatedir includedir \
oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
- libdir localedir mandir
+ libdir localedir mandir runstatedir
do
eval ac_val=\$$ac_var
# Remove trailing slashes.
@@ -1277,7 +1288,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures libsrtp2 2.4.0 to adapt to many kinds of systems.
+\`configure' configures libsrtp2 2.4.1 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1317,6 +1328,7 @@
--sysconfdir=DIR read-only single-machine data [PREFIX/etc]
--sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com]
--localstatedir=DIR modifiable single-machine data [PREFIX/var]
+ --runstatedir=DIR modifiable per-process data [LOCALSTATEDIR/run]
--libdir=DIR object code libraries [EPREFIX/lib]
--includedir=DIR C header files [PREFIX/include]
--oldincludedir=DIR C header files for non-gcc [/usr/include]
@@ -1342,7 +1354,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of libsrtp2 2.4.0:";;
+ short | recursive ) echo "Configuration of libsrtp2 2.4.1:";;
esac
cat <<\_ACEOF
@@ -1455,7 +1467,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-libsrtp2 configure 2.4.0
+libsrtp2 configure 2.4.1
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -2008,7 +2020,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by libsrtp2 $as_me 2.4.0, which was
+It was created by libsrtp2 $as_me 2.4.1, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -3546,8 +3558,37 @@
ac_compiler_gnu=$ac_cv_c_compiler_gnu
-# expand $ac_aux_dir to an absolute path
-am_aux_dir=`cd $ac_aux_dir && pwd`
+ac_aux_dir=
+for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do
+ if test -f "$ac_dir/install-sh"; then
+ ac_aux_dir=$ac_dir
+ ac_install_sh="$ac_aux_dir/install-sh -c"
+ break
+ elif test -f "$ac_dir/install.sh"; then
+ ac_aux_dir=$ac_dir
+ ac_install_sh="$ac_aux_dir/install.sh -c"
+ break
+ elif test -f "$ac_dir/shtool"; then
+ ac_aux_dir=$ac_dir
+ ac_install_sh="$ac_aux_dir/shtool install -c"
+ break
+ fi
+done
+if test -z "$ac_aux_dir"; then
+ as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\"
\"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5
+fi
+
+# These three variables are undocumented and unsupported,
+# and are intended to be withdrawn in a future Autoconf release.
+# They can cause serious problems if a builder's source tree is in a directory
+# whose full name contains unusual characters.
+ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var.
+ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var.
+ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var.
+
+
+# Expand $ac_aux_dir to an absolute path.
+am_aux_dir=`cd "$ac_aux_dir" && pwd`
if test -n "$ac_tool_prefix"; then
@@ -3657,7 +3698,13 @@
if ${am_cv_ar_interface+:} false; then :
$as_echo_n "(cached) " >&6
else
- am_cv_ar_interface=ar
+ ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext
$LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+ am_cv_ar_interface=ar
cat confdefs.h - <<_ACEOF >conftest.$ac_ext
/* end confdefs.h. */
int some_variable = 0;
@@ -3688,6 +3735,11 @@
fi
rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext
$LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
fi
{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_ar_interface" >&5
@@ -3802,35 +3854,6 @@
RANLIB="$ac_cv_prog_RANLIB"
fi
-ac_aux_dir=
-for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do
- if test -f "$ac_dir/install-sh"; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/install-sh -c"
- break
- elif test -f "$ac_dir/install.sh"; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/install.sh -c"
- break
- elif test -f "$ac_dir/shtool"; then
- ac_aux_dir=$ac_dir
- ac_install_sh="$ac_aux_dir/shtool install -c"
- break
- fi
-done
-if test -z "$ac_aux_dir"; then
- as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\"
\"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5
-fi
-
-# These three variables are undocumented and unsupported,
-# and are intended to be withdrawn in a future Autoconf release.
-# They can cause serious problems if a builder's source tree is in a directory
-# whose full name contains unusual characters.
-ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var.
-ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var.
-ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var.
-
-
# Find a good install program. We prefer a C program (faster),
# so one script is as good as another. But avoid the broken or
# incompatible versions:
@@ -7136,7 +7159,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by libsrtp2 $as_me 2.4.0, which was
+This file was extended by libsrtp2 $as_me 2.4.1, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -7198,7 +7221,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-libsrtp2 config.status 2.4.0
+libsrtp2 config.status 2.4.1
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libsrtp-2.4.0/configure.ac
new/libsrtp-2.4.1/configure.ac
--- old/libsrtp-2.4.0/configure.ac 2021-08-13 20:55:40.000000000 +0200
+++ new/libsrtp-2.4.1/configure.ac 2021-09-09 17:30:52.000000000 +0200
@@ -1,5 +1,5 @@
dnl Process this file with autoconf to produce a configure script.
-AC_INIT([libsrtp2], [2.4.0], [https://github.com/cisco/libsrtp/issues])
+AC_INIT([libsrtp2], [2.4.1], [https://github.com/cisco/libsrtp/issues])
dnl Must come before AC_PROG_CC
EMPTY_CFLAGS="no"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libsrtp-2.4.0/meson.build
new/libsrtp-2.4.1/meson.build
--- old/libsrtp-2.4.0/meson.build 2021-08-13 20:55:40.000000000 +0200
+++ new/libsrtp-2.4.1/meson.build 2021-09-09 17:30:52.000000000 +0200
@@ -1,4 +1,4 @@
-project('libsrtp2', 'c', version: '2.4.0',
+project('libsrtp2', 'c', version: '2.4.1',
meson_version: '>= 0.52.0',
default_options: ['buildtype=debugoptimized'])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libsrtp-2.4.0/srtp/srtp.c
new/libsrtp-2.4.1/srtp/srtp.c
--- old/libsrtp-2.4.0/srtp/srtp.c 2021-08-13 20:55:40.000000000 +0200
+++ new/libsrtp-2.4.1/srtp/srtp.c 2021-09-09 17:30:52.000000000 +0200
@@ -757,22 +757,40 @@
int key_length)
{
switch (cipher->id) {
+ case SRTP_NULL_CIPHER:
+ return 0;
case SRTP_AES_ICM_128:
case SRTP_AES_ICM_192:
case SRTP_AES_ICM_256:
/* The legacy modes are derived from
* the configured key length on the policy */
return key_length - SRTP_SALT_LEN;
- break;
case SRTP_AES_GCM_128:
return key_length - SRTP_AEAD_SALT_LEN;
- break;
case SRTP_AES_GCM_256:
return key_length - SRTP_AEAD_SALT_LEN;
- break;
default:
return key_length;
- break;
+ }
+}
+
+/* Get the key length that the application should supply for the given cipher
*/
+static inline int full_key_length(const srtp_cipher_type_t *cipher)
+{
+ switch (cipher->id) {
+ case SRTP_NULL_CIPHER:
+ case SRTP_AES_ICM_128:
+ return SRTP_AES_ICM_128_KEY_LEN_WSALT;
+ case SRTP_AES_ICM_192:
+ return SRTP_AES_ICM_192_KEY_LEN_WSALT;
+ case SRTP_AES_ICM_256:
+ return SRTP_AES_ICM_256_KEY_LEN_WSALT;
+ case SRTP_AES_GCM_128:
+ return SRTP_AES_GCM_128_KEY_LEN_WSALT;
+ case SRTP_AES_GCM_256:
+ return SRTP_AES_ICM_256_KEY_LEN_WSALT;
+ default:
+ return 0;
}
}
@@ -870,6 +888,7 @@
srtp_err_status_t stat;
srtp_kdf_t kdf;
uint8_t tmp_key[MAX_SRTP_KEY_LEN];
+ int input_keylen, input_keylen_rtcp;
int kdf_keylen = 30, rtp_keylen, rtcp_keylen;
int rtp_base_key_len, rtp_salt_len;
int rtcp_base_key_len, rtcp_salt_len;
@@ -906,6 +925,12 @@
session_keys->mki_size = master_key->mki_size;
+ input_keylen = full_key_length(session_keys->rtp_cipher->type);
+ input_keylen_rtcp = full_key_length(session_keys->rtcp_cipher->type);
+ if (input_keylen_rtcp > input_keylen) {
+ input_keylen = input_keylen_rtcp;
+ }
+
rtp_keylen = srtp_cipher_get_key_length(session_keys->rtp_cipher);
rtcp_keylen = srtp_cipher_get_key_length(session_keys->rtcp_cipher);
rtp_base_key_len =
@@ -920,6 +945,11 @@
kdf_keylen = 46; /* AES-CTR mode is always used for KDF */
}
+ if (input_keylen > kdf_keylen) {
+ kdf_keylen = 46; /* AES-CTR mode is always used for KDF */
+ }
+
+ debug_print(mod_srtp, "input key len: %d", input_keylen);
debug_print(mod_srtp, "srtp key len: %d", rtp_keylen);
debug_print(mod_srtp, "srtcp key len: %d", rtcp_keylen);
debug_print(mod_srtp, "base key len: %d", rtp_base_key_len);
@@ -932,7 +962,7 @@
* the legacy CTR mode KDF, which uses a 112 bit master SALT.
*/
memset(tmp_key, 0x0, MAX_SRTP_KEY_LEN);
- memcpy(tmp_key, key, (rtp_base_key_len + rtp_salt_len));
+ memcpy(tmp_key, key, input_keylen);
/* initialize KDF state */
#if defined(OPENSSL) && defined(OPENSSL_KDF)
@@ -3232,7 +3262,7 @@
*/
p->cipher_type = SRTP_NULL_CIPHER;
- p->cipher_key_len = 0;
+ p->cipher_key_len = 16;
p->auth_type = SRTP_HMAC_SHA1;
p->auth_key_len = 20;
p->auth_tag_len = 10;
@@ -3246,7 +3276,7 @@
*/
p->cipher_type = SRTP_NULL_CIPHER;
- p->cipher_key_len = 0;
+ p->cipher_key_len = 16;
p->auth_type = SRTP_NULL_AUTH;
p->auth_key_len = 0;
p->auth_tag_len = 0;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/libsrtp-2.4.0/test/srtp_driver.c
new/libsrtp-2.4.1/test/srtp_driver.c
--- old/libsrtp-2.4.0/test/srtp_driver.c 2021-08-13 20:55:40.000000000
+0200
+++ new/libsrtp-2.4.1/test/srtp_driver.c 2021-09-09 17:30:52.000000000
+0200
@@ -61,6 +61,8 @@
srtp_err_status_t srtp_validate(void);
+srtp_err_status_t srtp_validate_null(void);
+
#ifdef GCM
srtp_err_status_t srtp_validate_gcm(void);
#endif
@@ -439,6 +441,15 @@
exit(1);
}
+ printf("testing srtp_protect and srtp_unprotect against "
+ "reference packet using null cipher and HMAC\n");
+ if (srtp_validate_null() == srtp_err_status_ok) {
+ printf("passed\n\n");
+ } else {
+ printf("failed\n");
+ exit(1);
+ }
+
#ifdef GCM
printf("testing srtp_protect and srtp_unprotect against "
"reference packet using GCM\n");
@@ -1698,6 +1709,166 @@
policy.ssrc.type = ssrc_specific;
policy.ssrc.value = 0xcafebabe;
policy.key = test_key;
+ policy.deprecated_ekt = NULL;
+ policy.window_size = 128;
+ policy.allow_repeat_tx = 0;
+ policy.next = NULL;
+
+ status = srtp_create(&srtp_snd, &policy);
+ if (status) {
+ return status;
+ }
+
+ /*
+ * protect plaintext, then compare with ciphertext
+ */
+ len = 28;
+ status = srtp_protect(srtp_snd, srtp_plaintext, &len);
+ if (status || (len != 38)) {
+ return srtp_err_status_fail;
+ }
+
+ debug_print(mod_driver, "ciphertext:\n %s",
+ octet_string_hex_string(srtp_plaintext, len));
+ debug_print(mod_driver, "ciphertext reference:\n %s",
+ octet_string_hex_string(srtp_ciphertext, len));
+
+ if (srtp_octet_string_is_eq(srtp_plaintext, srtp_ciphertext, len)) {
+ return srtp_err_status_fail;
+ }
+
+ /*
+ * protect plaintext rtcp, then compare with srtcp ciphertext
+ */
+ len = 24;
+ status = srtp_protect_rtcp(srtp_snd, rtcp_plaintext, &len);
+ if (status || (len != 38)) {
+ return srtp_err_status_fail;
+ }
+
+ debug_print(mod_driver, "srtcp ciphertext:\n %s",
+ octet_string_hex_string(rtcp_plaintext, len));
+ debug_print(mod_driver, "srtcp ciphertext reference:\n %s",
+ octet_string_hex_string(srtcp_ciphertext, len));
+
+ if (srtp_octet_string_is_eq(rtcp_plaintext, srtcp_ciphertext, len)) {
+ return srtp_err_status_fail;
+ }
+
+ /*
+ * create a receiver session context comparable to the one created
+ * above - we need to do this so that the replay checking doesn't
+ * complain
+ */
+ status = srtp_create(&srtp_recv, &policy);
+ if (status) {
+ return status;
+ }
+
+ /*
+ * unprotect ciphertext, then compare with plaintext
+ */
+ status = srtp_unprotect(srtp_recv, srtp_ciphertext, &len);
+ if (status || (len != 28)) {
+ return status;
+ }
+
+ if (srtp_octet_string_is_eq(srtp_ciphertext, srtp_plaintext_ref, len)) {
+ return srtp_err_status_fail;
+ }
+
+ /*
+ * unprotect srtcp ciphertext, then compare with rtcp plaintext
+ */
+ len = 38;
+ status = srtp_unprotect_rtcp(srtp_recv, srtcp_ciphertext, &len);
+ if (status || (len != 24)) {
+ return status;
+ }
+
+ if (srtp_octet_string_is_eq(srtcp_ciphertext, rtcp_plaintext_ref, len)) {
+ return srtp_err_status_fail;
+ }
+
+ status = srtp_dealloc(srtp_snd);
+ if (status) {
+ return status;
+ }
+
+ status = srtp_dealloc(srtp_recv);
+ if (status) {
+ return status;
+ }
+
+ return srtp_err_status_ok;
+}
+
+/*
+ * srtp_validate_null() verifies the correctness of libsrtp by comparing
+ * some computed packets against some pre-computed reference values.
+ * These packets were made with a policy that applies null encryption
+ * and HMAC authentication.
+ */
+
+srtp_err_status_t srtp_validate_null()
+{
+ // clang-format off
+ uint8_t srtp_plaintext_ref[28] = {
+ 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
+ 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab
+ };
+ uint8_t srtp_plaintext[38] = {
+ 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
+ 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ };
+ uint8_t srtp_ciphertext[38] = {
+ 0x80, 0x0f, 0x12, 0x34, 0xde, 0xca, 0xfb, 0xad,
+ 0xca, 0xfe, 0xba, 0xbe, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab, 0xab, 0xa1, 0x36, 0x27,
+ 0x0b, 0x67, 0x91, 0x34, 0xce, 0x9b
+ };
+ uint8_t rtcp_plaintext_ref[24] = {
+ 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
+ 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
+ };
+ uint8_t rtcp_plaintext[38] = {
+ 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
+ 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+ 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
+ };
+ uint8_t srtcp_ciphertext[38] = {
+ 0x81, 0xc8, 0x00, 0x0b, 0xca, 0xfe, 0xba, 0xbe,
+ 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
+ 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab, 0xab,
+ 0x00, 0x00, 0x00, 0x01, 0xfe, 0x88, 0xc7, 0xfd,
+ 0xfd, 0x37, 0xeb, 0xce, 0x61, 0x5d,
+ };
+ // clang-format on
+
+ srtp_t srtp_snd, srtp_recv;
+ srtp_err_status_t status;
+ int len;
+ srtp_policy_t policy;
+
+ /*
+ * create a session with a single stream using the default srtp
+ * policy and with the SSRC value 0xcafebabe
+ */
+ memset(&policy, 0, sizeof(policy));
+ srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&policy.rtp);
+ srtp_crypto_policy_set_null_cipher_hmac_sha1_80(&policy.rtcp);
+ policy.ssrc.type = ssrc_specific;
+ policy.ssrc.value = 0xcafebabe;
+ policy.key = test_key;
policy.deprecated_ekt = NULL;
policy.window_size = 128;
policy.allow_repeat_tx = 0;
